1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * NVMe over Fabrics TCP target.
4 * Copyright (c) 2018 Lightbits Labs. All rights reserved.
5 */
6 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
7 #include <linux/module.h>
8 #include <linux/init.h>
9 #include <linux/slab.h>
10 #include <linux/err.h>
11 #include <linux/key.h>
12 #include <linux/nvme-tcp.h>
13 #include <linux/nvme-keyring.h>
14 #include <net/sock.h>
15 #include <net/tcp.h>
16 #include <net/tls.h>
17 #include <net/tls_prot.h>
18 #include <net/handshake.h>
19 #include <linux/inet.h>
20 #include <linux/llist.h>
21 #include <crypto/hash.h>
22 #include <trace/events/sock.h>
23
24 #include "nvmet.h"
25
26 #define NVMET_TCP_DEF_INLINE_DATA_SIZE (4 * PAGE_SIZE)
27 #define NVMET_TCP_MAXH2CDATA 0x400000 /* 16M arbitrary limit */
28 #define NVMET_TCP_BACKLOG 128
29
param_store_val(const char * str,int * val,int min,int max)30 static int param_store_val(const char *str, int *val, int min, int max)
31 {
32 int ret, new_val;
33
34 ret = kstrtoint(str, 10, &new_val);
35 if (ret)
36 return -EINVAL;
37
38 if (new_val < min || new_val > max)
39 return -EINVAL;
40
41 *val = new_val;
42 return 0;
43 }
44
set_params(const char * str,const struct kernel_param * kp)45 static int set_params(const char *str, const struct kernel_param *kp)
46 {
47 return param_store_val(str, kp->arg, 0, INT_MAX);
48 }
49
50 static const struct kernel_param_ops set_param_ops = {
51 .set = set_params,
52 .get = param_get_int,
53 };
54
55 /* Define the socket priority to use for connections were it is desirable
56 * that the NIC consider performing optimized packet processing or filtering.
57 * A non-zero value being sufficient to indicate general consideration of any
58 * possible optimization. Making it a module param allows for alternative
59 * values that may be unique for some NIC implementations.
60 */
61 static int so_priority;
62 device_param_cb(so_priority, &set_param_ops, &so_priority, 0644);
63 MODULE_PARM_DESC(so_priority, "nvmet tcp socket optimize priority: Default 0");
64
65 /* Define a time period (in usecs) that io_work() shall sample an activated
66 * queue before determining it to be idle. This optional module behavior
67 * can enable NIC solutions that support socket optimized packet processing
68 * using advanced interrupt moderation techniques.
69 */
70 static int idle_poll_period_usecs;
71 device_param_cb(idle_poll_period_usecs, &set_param_ops,
72 &idle_poll_period_usecs, 0644);
73 MODULE_PARM_DESC(idle_poll_period_usecs,
74 "nvmet tcp io_work poll till idle time period in usecs: Default 0");
75
76 #ifdef CONFIG_NVME_TARGET_TCP_TLS
77 /*
78 * TLS handshake timeout
79 */
80 static int tls_handshake_timeout = 10;
81 module_param(tls_handshake_timeout, int, 0644);
82 MODULE_PARM_DESC(tls_handshake_timeout,
83 "nvme TLS handshake timeout in seconds (default 10)");
84 #endif
85
86 #define NVMET_TCP_RECV_BUDGET 8
87 #define NVMET_TCP_SEND_BUDGET 8
88 #define NVMET_TCP_IO_WORK_BUDGET 64
89
90 enum nvmet_tcp_send_state {
91 NVMET_TCP_SEND_DATA_PDU,
92 NVMET_TCP_SEND_DATA,
93 NVMET_TCP_SEND_R2T,
94 NVMET_TCP_SEND_DDGST,
95 NVMET_TCP_SEND_RESPONSE
96 };
97
98 enum nvmet_tcp_recv_state {
99 NVMET_TCP_RECV_PDU,
100 NVMET_TCP_RECV_DATA,
101 NVMET_TCP_RECV_DDGST,
102 NVMET_TCP_RECV_ERR,
103 };
104
105 enum {
106 NVMET_TCP_F_INIT_FAILED = (1 << 0),
107 };
108
109 struct nvmet_tcp_cmd {
110 struct nvmet_tcp_queue *queue;
111 struct nvmet_req req;
112
113 struct nvme_tcp_cmd_pdu *cmd_pdu;
114 struct nvme_tcp_rsp_pdu *rsp_pdu;
115 struct nvme_tcp_data_pdu *data_pdu;
116 struct nvme_tcp_r2t_pdu *r2t_pdu;
117
118 u32 rbytes_done;
119 u32 wbytes_done;
120
121 u32 pdu_len;
122 u32 pdu_recv;
123 int sg_idx;
124 char recv_cbuf[CMSG_LEN(sizeof(char))];
125 struct msghdr recv_msg;
126 struct bio_vec *iov;
127 u32 flags;
128
129 struct list_head entry;
130 struct llist_node lentry;
131
132 /* send state */
133 u32 offset;
134 struct scatterlist *cur_sg;
135 enum nvmet_tcp_send_state state;
136
137 __le32 exp_ddgst;
138 __le32 recv_ddgst;
139 };
140
141 enum nvmet_tcp_queue_state {
142 NVMET_TCP_Q_CONNECTING,
143 NVMET_TCP_Q_TLS_HANDSHAKE,
144 NVMET_TCP_Q_LIVE,
145 NVMET_TCP_Q_DISCONNECTING,
146 NVMET_TCP_Q_FAILED,
147 };
148
149 struct nvmet_tcp_queue {
150 struct socket *sock;
151 struct nvmet_tcp_port *port;
152 struct work_struct io_work;
153 struct nvmet_cq nvme_cq;
154 struct nvmet_sq nvme_sq;
155 struct kref kref;
156
157 /* send state */
158 struct nvmet_tcp_cmd *cmds;
159 unsigned int nr_cmds;
160 struct list_head free_list;
161 struct llist_head resp_list;
162 struct list_head resp_send_list;
163 int send_list_len;
164 struct nvmet_tcp_cmd *snd_cmd;
165
166 /* recv state */
167 int offset;
168 int left;
169 enum nvmet_tcp_recv_state rcv_state;
170 struct nvmet_tcp_cmd *cmd;
171 union nvme_tcp_pdu pdu;
172
173 /* digest state */
174 bool hdr_digest;
175 bool data_digest;
176 struct ahash_request *snd_hash;
177 struct ahash_request *rcv_hash;
178
179 /* TLS state */
180 key_serial_t tls_pskid;
181 struct delayed_work tls_handshake_tmo_work;
182
183 unsigned long poll_end;
184
185 spinlock_t state_lock;
186 enum nvmet_tcp_queue_state state;
187
188 struct sockaddr_storage sockaddr;
189 struct sockaddr_storage sockaddr_peer;
190 struct work_struct release_work;
191
192 int idx;
193 struct list_head queue_list;
194
195 struct nvmet_tcp_cmd connect;
196
197 struct page_frag_cache pf_cache;
198
199 void (*data_ready)(struct sock *);
200 void (*state_change)(struct sock *);
201 void (*write_space)(struct sock *);
202 };
203
204 struct nvmet_tcp_port {
205 struct socket *sock;
206 struct work_struct accept_work;
207 struct nvmet_port *nport;
208 struct sockaddr_storage addr;
209 void (*data_ready)(struct sock *);
210 };
211
212 static DEFINE_IDA(nvmet_tcp_queue_ida);
213 static LIST_HEAD(nvmet_tcp_queue_list);
214 static DEFINE_MUTEX(nvmet_tcp_queue_mutex);
215
216 static struct workqueue_struct *nvmet_tcp_wq;
217 static const struct nvmet_fabrics_ops nvmet_tcp_ops;
218 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c);
219 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd);
220
nvmet_tcp_cmd_tag(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * cmd)221 static inline u16 nvmet_tcp_cmd_tag(struct nvmet_tcp_queue *queue,
222 struct nvmet_tcp_cmd *cmd)
223 {
224 if (unlikely(!queue->nr_cmds)) {
225 /* We didn't allocate cmds yet, send 0xffff */
226 return USHRT_MAX;
227 }
228
229 return cmd - queue->cmds;
230 }
231
nvmet_tcp_has_data_in(struct nvmet_tcp_cmd * cmd)232 static inline bool nvmet_tcp_has_data_in(struct nvmet_tcp_cmd *cmd)
233 {
234 return nvme_is_write(cmd->req.cmd) &&
235 cmd->rbytes_done < cmd->req.transfer_len;
236 }
237
nvmet_tcp_need_data_in(struct nvmet_tcp_cmd * cmd)238 static inline bool nvmet_tcp_need_data_in(struct nvmet_tcp_cmd *cmd)
239 {
240 return nvmet_tcp_has_data_in(cmd) && !cmd->req.cqe->status;
241 }
242
nvmet_tcp_need_data_out(struct nvmet_tcp_cmd * cmd)243 static inline bool nvmet_tcp_need_data_out(struct nvmet_tcp_cmd *cmd)
244 {
245 return !nvme_is_write(cmd->req.cmd) &&
246 cmd->req.transfer_len > 0 &&
247 !cmd->req.cqe->status;
248 }
249
nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd * cmd)250 static inline bool nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd *cmd)
251 {
252 return nvme_is_write(cmd->req.cmd) && cmd->pdu_len &&
253 !cmd->rbytes_done;
254 }
255
256 static inline struct nvmet_tcp_cmd *
nvmet_tcp_get_cmd(struct nvmet_tcp_queue * queue)257 nvmet_tcp_get_cmd(struct nvmet_tcp_queue *queue)
258 {
259 struct nvmet_tcp_cmd *cmd;
260
261 cmd = list_first_entry_or_null(&queue->free_list,
262 struct nvmet_tcp_cmd, entry);
263 if (!cmd)
264 return NULL;
265 list_del_init(&cmd->entry);
266
267 cmd->rbytes_done = cmd->wbytes_done = 0;
268 cmd->pdu_len = 0;
269 cmd->pdu_recv = 0;
270 cmd->iov = NULL;
271 cmd->flags = 0;
272 return cmd;
273 }
274
nvmet_tcp_put_cmd(struct nvmet_tcp_cmd * cmd)275 static inline void nvmet_tcp_put_cmd(struct nvmet_tcp_cmd *cmd)
276 {
277 if (unlikely(cmd == &cmd->queue->connect))
278 return;
279
280 list_add_tail(&cmd->entry, &cmd->queue->free_list);
281 }
282
queue_cpu(struct nvmet_tcp_queue * queue)283 static inline int queue_cpu(struct nvmet_tcp_queue *queue)
284 {
285 return queue->sock->sk->sk_incoming_cpu;
286 }
287
nvmet_tcp_hdgst_len(struct nvmet_tcp_queue * queue)288 static inline u8 nvmet_tcp_hdgst_len(struct nvmet_tcp_queue *queue)
289 {
290 return queue->hdr_digest ? NVME_TCP_DIGEST_LENGTH : 0;
291 }
292
nvmet_tcp_ddgst_len(struct nvmet_tcp_queue * queue)293 static inline u8 nvmet_tcp_ddgst_len(struct nvmet_tcp_queue *queue)
294 {
295 return queue->data_digest ? NVME_TCP_DIGEST_LENGTH : 0;
296 }
297
nvmet_tcp_hdgst(struct ahash_request * hash,void * pdu,size_t len)298 static inline void nvmet_tcp_hdgst(struct ahash_request *hash,
299 void *pdu, size_t len)
300 {
301 struct scatterlist sg;
302
303 sg_init_one(&sg, pdu, len);
304 ahash_request_set_crypt(hash, &sg, pdu + len, len);
305 crypto_ahash_digest(hash);
306 }
307
nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue * queue,void * pdu,size_t len)308 static int nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue *queue,
309 void *pdu, size_t len)
310 {
311 struct nvme_tcp_hdr *hdr = pdu;
312 __le32 recv_digest;
313 __le32 exp_digest;
314
315 if (unlikely(!(hdr->flags & NVME_TCP_F_HDGST))) {
316 pr_err("queue %d: header digest enabled but no header digest\n",
317 queue->idx);
318 return -EPROTO;
319 }
320
321 recv_digest = *(__le32 *)(pdu + hdr->hlen);
322 nvmet_tcp_hdgst(queue->rcv_hash, pdu, len);
323 exp_digest = *(__le32 *)(pdu + hdr->hlen);
324 if (recv_digest != exp_digest) {
325 pr_err("queue %d: header digest error: recv %#x expected %#x\n",
326 queue->idx, le32_to_cpu(recv_digest),
327 le32_to_cpu(exp_digest));
328 return -EPROTO;
329 }
330
331 return 0;
332 }
333
nvmet_tcp_check_ddgst(struct nvmet_tcp_queue * queue,void * pdu)334 static int nvmet_tcp_check_ddgst(struct nvmet_tcp_queue *queue, void *pdu)
335 {
336 struct nvme_tcp_hdr *hdr = pdu;
337 u8 digest_len = nvmet_tcp_hdgst_len(queue);
338 u32 len;
339
340 len = le32_to_cpu(hdr->plen) - hdr->hlen -
341 (hdr->flags & NVME_TCP_F_HDGST ? digest_len : 0);
342
343 if (unlikely(len && !(hdr->flags & NVME_TCP_F_DDGST))) {
344 pr_err("queue %d: data digest flag is cleared\n", queue->idx);
345 return -EPROTO;
346 }
347
348 return 0;
349 }
350
351 /* If cmd buffers are NULL, no operation is performed */
nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd * cmd)352 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd)
353 {
354 kfree(cmd->iov);
355 sgl_free(cmd->req.sg);
356 cmd->iov = NULL;
357 cmd->req.sg = NULL;
358 }
359
nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd * cmd)360 static void nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd *cmd)
361 {
362 struct bio_vec *iov = cmd->iov;
363 struct scatterlist *sg;
364 u32 length, offset, sg_offset;
365 int nr_pages;
366
367 length = cmd->pdu_len;
368 nr_pages = DIV_ROUND_UP(length, PAGE_SIZE);
369 offset = cmd->rbytes_done;
370 cmd->sg_idx = offset / PAGE_SIZE;
371 sg_offset = offset % PAGE_SIZE;
372 sg = &cmd->req.sg[cmd->sg_idx];
373
374 while (length) {
375 u32 iov_len = min_t(u32, length, sg->length - sg_offset);
376
377 bvec_set_page(iov, sg_page(sg), iov_len,
378 sg->offset + sg_offset);
379
380 length -= iov_len;
381 sg = sg_next(sg);
382 iov++;
383 sg_offset = 0;
384 }
385
386 iov_iter_bvec(&cmd->recv_msg.msg_iter, ITER_DEST, cmd->iov,
387 nr_pages, cmd->pdu_len);
388 }
389
nvmet_tcp_fatal_error(struct nvmet_tcp_queue * queue)390 static void nvmet_tcp_fatal_error(struct nvmet_tcp_queue *queue)
391 {
392 queue->rcv_state = NVMET_TCP_RECV_ERR;
393 if (queue->nvme_sq.ctrl)
394 nvmet_ctrl_fatal_error(queue->nvme_sq.ctrl);
395 else
396 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
397 }
398
nvmet_tcp_socket_error(struct nvmet_tcp_queue * queue,int status)399 static void nvmet_tcp_socket_error(struct nvmet_tcp_queue *queue, int status)
400 {
401 queue->rcv_state = NVMET_TCP_RECV_ERR;
402 if (status == -EPIPE || status == -ECONNRESET)
403 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
404 else
405 nvmet_tcp_fatal_error(queue);
406 }
407
nvmet_tcp_map_data(struct nvmet_tcp_cmd * cmd)408 static int nvmet_tcp_map_data(struct nvmet_tcp_cmd *cmd)
409 {
410 struct nvme_sgl_desc *sgl = &cmd->req.cmd->common.dptr.sgl;
411 u32 len = le32_to_cpu(sgl->length);
412
413 if (!len)
414 return 0;
415
416 if (sgl->type == ((NVME_SGL_FMT_DATA_DESC << 4) |
417 NVME_SGL_FMT_OFFSET)) {
418 if (!nvme_is_write(cmd->req.cmd))
419 return NVME_SC_INVALID_FIELD | NVME_STATUS_DNR;
420
421 if (len > cmd->req.port->inline_data_size)
422 return NVME_SC_SGL_INVALID_OFFSET | NVME_STATUS_DNR;
423 cmd->pdu_len = len;
424 }
425 cmd->req.transfer_len += len;
426
427 cmd->req.sg = sgl_alloc(len, GFP_KERNEL, &cmd->req.sg_cnt);
428 if (!cmd->req.sg)
429 return NVME_SC_INTERNAL;
430 cmd->cur_sg = cmd->req.sg;
431
432 if (nvmet_tcp_has_data_in(cmd)) {
433 cmd->iov = kmalloc_array(cmd->req.sg_cnt,
434 sizeof(*cmd->iov), GFP_KERNEL);
435 if (!cmd->iov)
436 goto err;
437 }
438
439 return 0;
440 err:
441 nvmet_tcp_free_cmd_buffers(cmd);
442 return NVME_SC_INTERNAL;
443 }
444
nvmet_tcp_calc_ddgst(struct ahash_request * hash,struct nvmet_tcp_cmd * cmd)445 static void nvmet_tcp_calc_ddgst(struct ahash_request *hash,
446 struct nvmet_tcp_cmd *cmd)
447 {
448 ahash_request_set_crypt(hash, cmd->req.sg,
449 (void *)&cmd->exp_ddgst, cmd->req.transfer_len);
450 crypto_ahash_digest(hash);
451 }
452
nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd * cmd)453 static void nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd *cmd)
454 {
455 struct nvme_tcp_data_pdu *pdu = cmd->data_pdu;
456 struct nvmet_tcp_queue *queue = cmd->queue;
457 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
458 u8 ddgst = nvmet_tcp_ddgst_len(cmd->queue);
459
460 cmd->offset = 0;
461 cmd->state = NVMET_TCP_SEND_DATA_PDU;
462
463 pdu->hdr.type = nvme_tcp_c2h_data;
464 pdu->hdr.flags = NVME_TCP_F_DATA_LAST | (queue->nvme_sq.sqhd_disabled ?
465 NVME_TCP_F_DATA_SUCCESS : 0);
466 pdu->hdr.hlen = sizeof(*pdu);
467 pdu->hdr.pdo = pdu->hdr.hlen + hdgst;
468 pdu->hdr.plen =
469 cpu_to_le32(pdu->hdr.hlen + hdgst +
470 cmd->req.transfer_len + ddgst);
471 pdu->command_id = cmd->req.cqe->command_id;
472 pdu->data_length = cpu_to_le32(cmd->req.transfer_len);
473 pdu->data_offset = cpu_to_le32(cmd->wbytes_done);
474
475 if (queue->data_digest) {
476 pdu->hdr.flags |= NVME_TCP_F_DDGST;
477 nvmet_tcp_calc_ddgst(queue->snd_hash, cmd);
478 }
479
480 if (cmd->queue->hdr_digest) {
481 pdu->hdr.flags |= NVME_TCP_F_HDGST;
482 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu));
483 }
484 }
485
nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd * cmd)486 static void nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd *cmd)
487 {
488 struct nvme_tcp_r2t_pdu *pdu = cmd->r2t_pdu;
489 struct nvmet_tcp_queue *queue = cmd->queue;
490 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
491
492 cmd->offset = 0;
493 cmd->state = NVMET_TCP_SEND_R2T;
494
495 pdu->hdr.type = nvme_tcp_r2t;
496 pdu->hdr.flags = 0;
497 pdu->hdr.hlen = sizeof(*pdu);
498 pdu->hdr.pdo = 0;
499 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst);
500
501 pdu->command_id = cmd->req.cmd->common.command_id;
502 pdu->ttag = nvmet_tcp_cmd_tag(cmd->queue, cmd);
503 pdu->r2t_length = cpu_to_le32(cmd->req.transfer_len - cmd->rbytes_done);
504 pdu->r2t_offset = cpu_to_le32(cmd->rbytes_done);
505 if (cmd->queue->hdr_digest) {
506 pdu->hdr.flags |= NVME_TCP_F_HDGST;
507 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu));
508 }
509 }
510
nvmet_setup_response_pdu(struct nvmet_tcp_cmd * cmd)511 static void nvmet_setup_response_pdu(struct nvmet_tcp_cmd *cmd)
512 {
513 struct nvme_tcp_rsp_pdu *pdu = cmd->rsp_pdu;
514 struct nvmet_tcp_queue *queue = cmd->queue;
515 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
516
517 cmd->offset = 0;
518 cmd->state = NVMET_TCP_SEND_RESPONSE;
519
520 pdu->hdr.type = nvme_tcp_rsp;
521 pdu->hdr.flags = 0;
522 pdu->hdr.hlen = sizeof(*pdu);
523 pdu->hdr.pdo = 0;
524 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst);
525 if (cmd->queue->hdr_digest) {
526 pdu->hdr.flags |= NVME_TCP_F_HDGST;
527 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu));
528 }
529 }
530
nvmet_tcp_process_resp_list(struct nvmet_tcp_queue * queue)531 static void nvmet_tcp_process_resp_list(struct nvmet_tcp_queue *queue)
532 {
533 struct llist_node *node;
534 struct nvmet_tcp_cmd *cmd;
535
536 for (node = llist_del_all(&queue->resp_list); node; node = node->next) {
537 cmd = llist_entry(node, struct nvmet_tcp_cmd, lentry);
538 list_add(&cmd->entry, &queue->resp_send_list);
539 queue->send_list_len++;
540 }
541 }
542
nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue * queue)543 static struct nvmet_tcp_cmd *nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue *queue)
544 {
545 queue->snd_cmd = list_first_entry_or_null(&queue->resp_send_list,
546 struct nvmet_tcp_cmd, entry);
547 if (!queue->snd_cmd) {
548 nvmet_tcp_process_resp_list(queue);
549 queue->snd_cmd =
550 list_first_entry_or_null(&queue->resp_send_list,
551 struct nvmet_tcp_cmd, entry);
552 if (unlikely(!queue->snd_cmd))
553 return NULL;
554 }
555
556 list_del_init(&queue->snd_cmd->entry);
557 queue->send_list_len--;
558
559 if (nvmet_tcp_need_data_out(queue->snd_cmd))
560 nvmet_setup_c2h_data_pdu(queue->snd_cmd);
561 else if (nvmet_tcp_need_data_in(queue->snd_cmd))
562 nvmet_setup_r2t_pdu(queue->snd_cmd);
563 else
564 nvmet_setup_response_pdu(queue->snd_cmd);
565
566 return queue->snd_cmd;
567 }
568
nvmet_tcp_queue_response(struct nvmet_req * req)569 static void nvmet_tcp_queue_response(struct nvmet_req *req)
570 {
571 struct nvmet_tcp_cmd *cmd =
572 container_of(req, struct nvmet_tcp_cmd, req);
573 struct nvmet_tcp_queue *queue = cmd->queue;
574 enum nvmet_tcp_recv_state queue_state;
575 struct nvmet_tcp_cmd *queue_cmd;
576 struct nvme_sgl_desc *sgl;
577 u32 len;
578
579 /* Pairs with store_release in nvmet_prepare_receive_pdu() */
580 queue_state = smp_load_acquire(&queue->rcv_state);
581 queue_cmd = READ_ONCE(queue->cmd);
582
583 if (unlikely(cmd == queue_cmd)) {
584 sgl = &cmd->req.cmd->common.dptr.sgl;
585 len = le32_to_cpu(sgl->length);
586
587 /*
588 * Wait for inline data before processing the response.
589 * Avoid using helpers, this might happen before
590 * nvmet_req_init is completed.
591 */
592 if (queue_state == NVMET_TCP_RECV_PDU &&
593 len && len <= cmd->req.port->inline_data_size &&
594 nvme_is_write(cmd->req.cmd))
595 return;
596 }
597
598 llist_add(&cmd->lentry, &queue->resp_list);
599 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &cmd->queue->io_work);
600 }
601
nvmet_tcp_execute_request(struct nvmet_tcp_cmd * cmd)602 static void nvmet_tcp_execute_request(struct nvmet_tcp_cmd *cmd)
603 {
604 if (unlikely(cmd->flags & NVMET_TCP_F_INIT_FAILED))
605 nvmet_tcp_queue_response(&cmd->req);
606 else
607 cmd->req.execute(&cmd->req);
608 }
609
nvmet_try_send_data_pdu(struct nvmet_tcp_cmd * cmd)610 static int nvmet_try_send_data_pdu(struct nvmet_tcp_cmd *cmd)
611 {
612 struct msghdr msg = {
613 .msg_flags = MSG_DONTWAIT | MSG_MORE | MSG_SPLICE_PAGES,
614 };
615 struct bio_vec bvec;
616 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
617 int left = sizeof(*cmd->data_pdu) - cmd->offset + hdgst;
618 int ret;
619
620 bvec_set_virt(&bvec, (void *)cmd->data_pdu + cmd->offset, left);
621 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
622 ret = sock_sendmsg(cmd->queue->sock, &msg);
623 if (ret <= 0)
624 return ret;
625
626 cmd->offset += ret;
627 left -= ret;
628
629 if (left)
630 return -EAGAIN;
631
632 cmd->state = NVMET_TCP_SEND_DATA;
633 cmd->offset = 0;
634 return 1;
635 }
636
nvmet_try_send_data(struct nvmet_tcp_cmd * cmd,bool last_in_batch)637 static int nvmet_try_send_data(struct nvmet_tcp_cmd *cmd, bool last_in_batch)
638 {
639 struct nvmet_tcp_queue *queue = cmd->queue;
640 int ret;
641
642 while (cmd->cur_sg) {
643 struct msghdr msg = {
644 .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES,
645 };
646 struct page *page = sg_page(cmd->cur_sg);
647 struct bio_vec bvec;
648 u32 left = cmd->cur_sg->length - cmd->offset;
649
650 if ((!last_in_batch && cmd->queue->send_list_len) ||
651 cmd->wbytes_done + left < cmd->req.transfer_len ||
652 queue->data_digest || !queue->nvme_sq.sqhd_disabled)
653 msg.msg_flags |= MSG_MORE;
654
655 bvec_set_page(&bvec, page, left, cmd->offset);
656 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
657 ret = sock_sendmsg(cmd->queue->sock, &msg);
658 if (ret <= 0)
659 return ret;
660
661 cmd->offset += ret;
662 cmd->wbytes_done += ret;
663
664 /* Done with sg?*/
665 if (cmd->offset == cmd->cur_sg->length) {
666 cmd->cur_sg = sg_next(cmd->cur_sg);
667 cmd->offset = 0;
668 }
669 }
670
671 if (queue->data_digest) {
672 cmd->state = NVMET_TCP_SEND_DDGST;
673 cmd->offset = 0;
674 } else {
675 if (queue->nvme_sq.sqhd_disabled) {
676 cmd->queue->snd_cmd = NULL;
677 nvmet_tcp_put_cmd(cmd);
678 } else {
679 nvmet_setup_response_pdu(cmd);
680 }
681 }
682
683 if (queue->nvme_sq.sqhd_disabled)
684 nvmet_tcp_free_cmd_buffers(cmd);
685
686 return 1;
687
688 }
689
nvmet_try_send_response(struct nvmet_tcp_cmd * cmd,bool last_in_batch)690 static int nvmet_try_send_response(struct nvmet_tcp_cmd *cmd,
691 bool last_in_batch)
692 {
693 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, };
694 struct bio_vec bvec;
695 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
696 int left = sizeof(*cmd->rsp_pdu) - cmd->offset + hdgst;
697 int ret;
698
699 if (!last_in_batch && cmd->queue->send_list_len)
700 msg.msg_flags |= MSG_MORE;
701 else
702 msg.msg_flags |= MSG_EOR;
703
704 bvec_set_virt(&bvec, (void *)cmd->rsp_pdu + cmd->offset, left);
705 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
706 ret = sock_sendmsg(cmd->queue->sock, &msg);
707 if (ret <= 0)
708 return ret;
709 cmd->offset += ret;
710 left -= ret;
711
712 if (left)
713 return -EAGAIN;
714
715 nvmet_tcp_free_cmd_buffers(cmd);
716 cmd->queue->snd_cmd = NULL;
717 nvmet_tcp_put_cmd(cmd);
718 return 1;
719 }
720
nvmet_try_send_r2t(struct nvmet_tcp_cmd * cmd,bool last_in_batch)721 static int nvmet_try_send_r2t(struct nvmet_tcp_cmd *cmd, bool last_in_batch)
722 {
723 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, };
724 struct bio_vec bvec;
725 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
726 int left = sizeof(*cmd->r2t_pdu) - cmd->offset + hdgst;
727 int ret;
728
729 if (!last_in_batch && cmd->queue->send_list_len)
730 msg.msg_flags |= MSG_MORE;
731 else
732 msg.msg_flags |= MSG_EOR;
733
734 bvec_set_virt(&bvec, (void *)cmd->r2t_pdu + cmd->offset, left);
735 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
736 ret = sock_sendmsg(cmd->queue->sock, &msg);
737 if (ret <= 0)
738 return ret;
739 cmd->offset += ret;
740 left -= ret;
741
742 if (left)
743 return -EAGAIN;
744
745 cmd->queue->snd_cmd = NULL;
746 return 1;
747 }
748
nvmet_try_send_ddgst(struct nvmet_tcp_cmd * cmd,bool last_in_batch)749 static int nvmet_try_send_ddgst(struct nvmet_tcp_cmd *cmd, bool last_in_batch)
750 {
751 struct nvmet_tcp_queue *queue = cmd->queue;
752 int left = NVME_TCP_DIGEST_LENGTH - cmd->offset;
753 struct msghdr msg = { .msg_flags = MSG_DONTWAIT };
754 struct kvec iov = {
755 .iov_base = (u8 *)&cmd->exp_ddgst + cmd->offset,
756 .iov_len = left
757 };
758 int ret;
759
760 if (!last_in_batch && cmd->queue->send_list_len)
761 msg.msg_flags |= MSG_MORE;
762 else
763 msg.msg_flags |= MSG_EOR;
764
765 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len);
766 if (unlikely(ret <= 0))
767 return ret;
768
769 cmd->offset += ret;
770 left -= ret;
771
772 if (left)
773 return -EAGAIN;
774
775 if (queue->nvme_sq.sqhd_disabled) {
776 cmd->queue->snd_cmd = NULL;
777 nvmet_tcp_put_cmd(cmd);
778 } else {
779 nvmet_setup_response_pdu(cmd);
780 }
781 return 1;
782 }
783
nvmet_tcp_try_send_one(struct nvmet_tcp_queue * queue,bool last_in_batch)784 static int nvmet_tcp_try_send_one(struct nvmet_tcp_queue *queue,
785 bool last_in_batch)
786 {
787 struct nvmet_tcp_cmd *cmd = queue->snd_cmd;
788 int ret = 0;
789
790 if (!cmd || queue->state == NVMET_TCP_Q_DISCONNECTING) {
791 cmd = nvmet_tcp_fetch_cmd(queue);
792 if (unlikely(!cmd))
793 return 0;
794 }
795
796 if (cmd->state == NVMET_TCP_SEND_DATA_PDU) {
797 ret = nvmet_try_send_data_pdu(cmd);
798 if (ret <= 0)
799 goto done_send;
800 }
801
802 if (cmd->state == NVMET_TCP_SEND_DATA) {
803 ret = nvmet_try_send_data(cmd, last_in_batch);
804 if (ret <= 0)
805 goto done_send;
806 }
807
808 if (cmd->state == NVMET_TCP_SEND_DDGST) {
809 ret = nvmet_try_send_ddgst(cmd, last_in_batch);
810 if (ret <= 0)
811 goto done_send;
812 }
813
814 if (cmd->state == NVMET_TCP_SEND_R2T) {
815 ret = nvmet_try_send_r2t(cmd, last_in_batch);
816 if (ret <= 0)
817 goto done_send;
818 }
819
820 if (cmd->state == NVMET_TCP_SEND_RESPONSE)
821 ret = nvmet_try_send_response(cmd, last_in_batch);
822
823 done_send:
824 if (ret < 0) {
825 if (ret == -EAGAIN)
826 return 0;
827 return ret;
828 }
829
830 return 1;
831 }
832
nvmet_tcp_try_send(struct nvmet_tcp_queue * queue,int budget,int * sends)833 static int nvmet_tcp_try_send(struct nvmet_tcp_queue *queue,
834 int budget, int *sends)
835 {
836 int i, ret = 0;
837
838 for (i = 0; i < budget; i++) {
839 ret = nvmet_tcp_try_send_one(queue, i == budget - 1);
840 if (unlikely(ret < 0)) {
841 nvmet_tcp_socket_error(queue, ret);
842 goto done;
843 } else if (ret == 0) {
844 break;
845 }
846 (*sends)++;
847 }
848 done:
849 return ret;
850 }
851
nvmet_prepare_receive_pdu(struct nvmet_tcp_queue * queue)852 static void nvmet_prepare_receive_pdu(struct nvmet_tcp_queue *queue)
853 {
854 queue->offset = 0;
855 queue->left = sizeof(struct nvme_tcp_hdr);
856 WRITE_ONCE(queue->cmd, NULL);
857 /* Ensure rcv_state is visible only after queue->cmd is set */
858 smp_store_release(&queue->rcv_state, NVMET_TCP_RECV_PDU);
859 }
860
nvmet_tcp_free_crypto(struct nvmet_tcp_queue * queue)861 static void nvmet_tcp_free_crypto(struct nvmet_tcp_queue *queue)
862 {
863 struct crypto_ahash *tfm = crypto_ahash_reqtfm(queue->rcv_hash);
864
865 ahash_request_free(queue->rcv_hash);
866 ahash_request_free(queue->snd_hash);
867 crypto_free_ahash(tfm);
868 }
869
nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue * queue)870 static int nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue *queue)
871 {
872 struct crypto_ahash *tfm;
873
874 tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC);
875 if (IS_ERR(tfm))
876 return PTR_ERR(tfm);
877
878 queue->snd_hash = ahash_request_alloc(tfm, GFP_KERNEL);
879 if (!queue->snd_hash)
880 goto free_tfm;
881 ahash_request_set_callback(queue->snd_hash, 0, NULL, NULL);
882
883 queue->rcv_hash = ahash_request_alloc(tfm, GFP_KERNEL);
884 if (!queue->rcv_hash)
885 goto free_snd_hash;
886 ahash_request_set_callback(queue->rcv_hash, 0, NULL, NULL);
887
888 return 0;
889 free_snd_hash:
890 ahash_request_free(queue->snd_hash);
891 free_tfm:
892 crypto_free_ahash(tfm);
893 return -ENOMEM;
894 }
895
896
nvmet_tcp_handle_icreq(struct nvmet_tcp_queue * queue)897 static int nvmet_tcp_handle_icreq(struct nvmet_tcp_queue *queue)
898 {
899 struct nvme_tcp_icreq_pdu *icreq = &queue->pdu.icreq;
900 struct nvme_tcp_icresp_pdu *icresp = &queue->pdu.icresp;
901 struct msghdr msg = {};
902 struct kvec iov;
903 int ret;
904
905 if (le32_to_cpu(icreq->hdr.plen) != sizeof(struct nvme_tcp_icreq_pdu)) {
906 pr_err("bad nvme-tcp pdu length (%d)\n",
907 le32_to_cpu(icreq->hdr.plen));
908 nvmet_tcp_fatal_error(queue);
909 return -EPROTO;
910 }
911
912 if (icreq->pfv != NVME_TCP_PFV_1_0) {
913 pr_err("queue %d: bad pfv %d\n", queue->idx, icreq->pfv);
914 return -EPROTO;
915 }
916
917 if (icreq->hpda != 0) {
918 pr_err("queue %d: unsupported hpda %d\n", queue->idx,
919 icreq->hpda);
920 return -EPROTO;
921 }
922
923 queue->hdr_digest = !!(icreq->digest & NVME_TCP_HDR_DIGEST_ENABLE);
924 queue->data_digest = !!(icreq->digest & NVME_TCP_DATA_DIGEST_ENABLE);
925 if (queue->hdr_digest || queue->data_digest) {
926 ret = nvmet_tcp_alloc_crypto(queue);
927 if (ret)
928 return ret;
929 }
930
931 memset(icresp, 0, sizeof(*icresp));
932 icresp->hdr.type = nvme_tcp_icresp;
933 icresp->hdr.hlen = sizeof(*icresp);
934 icresp->hdr.pdo = 0;
935 icresp->hdr.plen = cpu_to_le32(icresp->hdr.hlen);
936 icresp->pfv = cpu_to_le16(NVME_TCP_PFV_1_0);
937 icresp->maxdata = cpu_to_le32(NVMET_TCP_MAXH2CDATA);
938 icresp->cpda = 0;
939 if (queue->hdr_digest)
940 icresp->digest |= NVME_TCP_HDR_DIGEST_ENABLE;
941 if (queue->data_digest)
942 icresp->digest |= NVME_TCP_DATA_DIGEST_ENABLE;
943
944 iov.iov_base = icresp;
945 iov.iov_len = sizeof(*icresp);
946 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len);
947 if (ret < 0) {
948 queue->state = NVMET_TCP_Q_FAILED;
949 return ret; /* queue removal will cleanup */
950 }
951
952 queue->state = NVMET_TCP_Q_LIVE;
953 nvmet_prepare_receive_pdu(queue);
954 return 0;
955 }
956
nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * cmd,struct nvmet_req * req)957 static void nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue *queue,
958 struct nvmet_tcp_cmd *cmd, struct nvmet_req *req)
959 {
960 size_t data_len = le32_to_cpu(req->cmd->common.dptr.sgl.length);
961 int ret;
962
963 /*
964 * This command has not been processed yet, hence we are trying to
965 * figure out if there is still pending data left to receive. If
966 * we don't, we can simply prepare for the next pdu and bail out,
967 * otherwise we will need to prepare a buffer and receive the
968 * stale data before continuing forward.
969 */
970 if (!nvme_is_write(cmd->req.cmd) || !data_len ||
971 data_len > cmd->req.port->inline_data_size) {
972 nvmet_prepare_receive_pdu(queue);
973 return;
974 }
975
976 ret = nvmet_tcp_map_data(cmd);
977 if (unlikely(ret)) {
978 pr_err("queue %d: failed to map data\n", queue->idx);
979 nvmet_tcp_fatal_error(queue);
980 return;
981 }
982
983 queue->rcv_state = NVMET_TCP_RECV_DATA;
984 nvmet_tcp_build_pdu_iovec(cmd);
985 cmd->flags |= NVMET_TCP_F_INIT_FAILED;
986 }
987
nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue * queue)988 static int nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue *queue)
989 {
990 struct nvme_tcp_data_pdu *data = &queue->pdu.data;
991 struct nvmet_tcp_cmd *cmd;
992 unsigned int exp_data_len;
993
994 if (likely(queue->nr_cmds)) {
995 if (unlikely(data->ttag >= queue->nr_cmds)) {
996 pr_err("queue %d: received out of bound ttag %u, nr_cmds %u\n",
997 queue->idx, data->ttag, queue->nr_cmds);
998 goto err_proto;
999 }
1000 cmd = &queue->cmds[data->ttag];
1001 } else {
1002 cmd = &queue->connect;
1003 }
1004
1005 if (le32_to_cpu(data->data_offset) != cmd->rbytes_done) {
1006 pr_err("ttag %u unexpected data offset %u (expected %u)\n",
1007 data->ttag, le32_to_cpu(data->data_offset),
1008 cmd->rbytes_done);
1009 goto err_proto;
1010 }
1011
1012 exp_data_len = le32_to_cpu(data->hdr.plen) -
1013 nvmet_tcp_hdgst_len(queue) -
1014 nvmet_tcp_ddgst_len(queue) -
1015 sizeof(*data);
1016
1017 cmd->pdu_len = le32_to_cpu(data->data_length);
1018 if (unlikely(cmd->pdu_len != exp_data_len ||
1019 cmd->pdu_len == 0 ||
1020 cmd->pdu_len > NVMET_TCP_MAXH2CDATA)) {
1021 pr_err("H2CData PDU len %u is invalid\n", cmd->pdu_len);
1022 goto err_proto;
1023 }
1024 cmd->pdu_recv = 0;
1025 nvmet_tcp_build_pdu_iovec(cmd);
1026 queue->cmd = cmd;
1027 queue->rcv_state = NVMET_TCP_RECV_DATA;
1028
1029 return 0;
1030
1031 err_proto:
1032 /* FIXME: use proper transport errors */
1033 nvmet_tcp_fatal_error(queue);
1034 return -EPROTO;
1035 }
1036
nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue * queue)1037 static int nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue *queue)
1038 {
1039 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr;
1040 struct nvme_command *nvme_cmd = &queue->pdu.cmd.cmd;
1041 struct nvmet_req *req;
1042 int ret;
1043
1044 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) {
1045 if (hdr->type != nvme_tcp_icreq) {
1046 pr_err("unexpected pdu type (%d) before icreq\n",
1047 hdr->type);
1048 nvmet_tcp_fatal_error(queue);
1049 return -EPROTO;
1050 }
1051 return nvmet_tcp_handle_icreq(queue);
1052 }
1053
1054 if (unlikely(hdr->type == nvme_tcp_icreq)) {
1055 pr_err("queue %d: received icreq pdu in state %d\n",
1056 queue->idx, queue->state);
1057 nvmet_tcp_fatal_error(queue);
1058 return -EPROTO;
1059 }
1060
1061 if (hdr->type == nvme_tcp_h2c_data) {
1062 ret = nvmet_tcp_handle_h2c_data_pdu(queue);
1063 if (unlikely(ret))
1064 return ret;
1065 return 0;
1066 }
1067
1068 queue->cmd = nvmet_tcp_get_cmd(queue);
1069 if (unlikely(!queue->cmd)) {
1070 /* This should never happen */
1071 pr_err("queue %d: out of commands (%d) send_list_len: %d, opcode: %d",
1072 queue->idx, queue->nr_cmds, queue->send_list_len,
1073 nvme_cmd->common.opcode);
1074 nvmet_tcp_fatal_error(queue);
1075 return -ENOMEM;
1076 }
1077
1078 req = &queue->cmd->req;
1079 memcpy(req->cmd, nvme_cmd, sizeof(*nvme_cmd));
1080
1081 if (unlikely(!nvmet_req_init(req, &queue->nvme_cq,
1082 &queue->nvme_sq, &nvmet_tcp_ops))) {
1083 pr_err("failed cmd %p id %d opcode %d, data_len: %d\n",
1084 req->cmd, req->cmd->common.command_id,
1085 req->cmd->common.opcode,
1086 le32_to_cpu(req->cmd->common.dptr.sgl.length));
1087
1088 nvmet_tcp_handle_req_failure(queue, queue->cmd, req);
1089 return 0;
1090 }
1091
1092 ret = nvmet_tcp_map_data(queue->cmd);
1093 if (unlikely(ret)) {
1094 pr_err("queue %d: failed to map data\n", queue->idx);
1095 if (nvmet_tcp_has_inline_data(queue->cmd))
1096 nvmet_tcp_fatal_error(queue);
1097 else
1098 nvmet_req_complete(req, ret);
1099 ret = -EAGAIN;
1100 goto out;
1101 }
1102
1103 if (nvmet_tcp_need_data_in(queue->cmd)) {
1104 if (nvmet_tcp_has_inline_data(queue->cmd)) {
1105 queue->rcv_state = NVMET_TCP_RECV_DATA;
1106 nvmet_tcp_build_pdu_iovec(queue->cmd);
1107 return 0;
1108 }
1109 /* send back R2T */
1110 nvmet_tcp_queue_response(&queue->cmd->req);
1111 goto out;
1112 }
1113
1114 queue->cmd->req.execute(&queue->cmd->req);
1115 out:
1116 nvmet_prepare_receive_pdu(queue);
1117 return ret;
1118 }
1119
1120 static const u8 nvme_tcp_pdu_sizes[] = {
1121 [nvme_tcp_icreq] = sizeof(struct nvme_tcp_icreq_pdu),
1122 [nvme_tcp_cmd] = sizeof(struct nvme_tcp_cmd_pdu),
1123 [nvme_tcp_h2c_data] = sizeof(struct nvme_tcp_data_pdu),
1124 };
1125
nvmet_tcp_pdu_size(u8 type)1126 static inline u8 nvmet_tcp_pdu_size(u8 type)
1127 {
1128 size_t idx = type;
1129
1130 return (idx < ARRAY_SIZE(nvme_tcp_pdu_sizes) &&
1131 nvme_tcp_pdu_sizes[idx]) ?
1132 nvme_tcp_pdu_sizes[idx] : 0;
1133 }
1134
nvmet_tcp_pdu_valid(u8 type)1135 static inline bool nvmet_tcp_pdu_valid(u8 type)
1136 {
1137 switch (type) {
1138 case nvme_tcp_icreq:
1139 case nvme_tcp_cmd:
1140 case nvme_tcp_h2c_data:
1141 /* fallthru */
1142 return true;
1143 }
1144
1145 return false;
1146 }
1147
nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue * queue,struct msghdr * msg,char * cbuf)1148 static int nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue *queue,
1149 struct msghdr *msg, char *cbuf)
1150 {
1151 struct cmsghdr *cmsg = (struct cmsghdr *)cbuf;
1152 u8 ctype, level, description;
1153 int ret = 0;
1154
1155 ctype = tls_get_record_type(queue->sock->sk, cmsg);
1156 switch (ctype) {
1157 case 0:
1158 break;
1159 case TLS_RECORD_TYPE_DATA:
1160 break;
1161 case TLS_RECORD_TYPE_ALERT:
1162 tls_alert_recv(queue->sock->sk, msg, &level, &description);
1163 if (level == TLS_ALERT_LEVEL_FATAL) {
1164 pr_err("queue %d: TLS Alert desc %u\n",
1165 queue->idx, description);
1166 ret = -ENOTCONN;
1167 } else {
1168 pr_warn("queue %d: TLS Alert desc %u\n",
1169 queue->idx, description);
1170 ret = -EAGAIN;
1171 }
1172 break;
1173 default:
1174 /* discard this record type */
1175 pr_err("queue %d: TLS record %d unhandled\n",
1176 queue->idx, ctype);
1177 ret = -EAGAIN;
1178 break;
1179 }
1180 return ret;
1181 }
1182
nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue * queue)1183 static int nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue *queue)
1184 {
1185 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr;
1186 int len, ret;
1187 struct kvec iov;
1188 char cbuf[CMSG_LEN(sizeof(char))] = {};
1189 struct msghdr msg = { .msg_flags = MSG_DONTWAIT };
1190
1191 recv:
1192 iov.iov_base = (void *)&queue->pdu + queue->offset;
1193 iov.iov_len = queue->left;
1194 if (queue->tls_pskid) {
1195 msg.msg_control = cbuf;
1196 msg.msg_controllen = sizeof(cbuf);
1197 }
1198 len = kernel_recvmsg(queue->sock, &msg, &iov, 1,
1199 iov.iov_len, msg.msg_flags);
1200 if (unlikely(len < 0))
1201 return len;
1202 if (queue->tls_pskid) {
1203 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf);
1204 if (ret < 0)
1205 return ret;
1206 }
1207
1208 queue->offset += len;
1209 queue->left -= len;
1210 if (queue->left)
1211 return -EAGAIN;
1212
1213 if (queue->offset == sizeof(struct nvme_tcp_hdr)) {
1214 u8 hdgst = nvmet_tcp_hdgst_len(queue);
1215
1216 if (unlikely(!nvmet_tcp_pdu_valid(hdr->type))) {
1217 pr_err("unexpected pdu type %d\n", hdr->type);
1218 nvmet_tcp_fatal_error(queue);
1219 return -EIO;
1220 }
1221
1222 if (unlikely(hdr->hlen != nvmet_tcp_pdu_size(hdr->type))) {
1223 pr_err("pdu %d bad hlen %d\n", hdr->type, hdr->hlen);
1224 return -EIO;
1225 }
1226
1227 queue->left = hdr->hlen - queue->offset + hdgst;
1228 goto recv;
1229 }
1230
1231 if (queue->hdr_digest &&
1232 nvmet_tcp_verify_hdgst(queue, &queue->pdu, hdr->hlen)) {
1233 nvmet_tcp_fatal_error(queue); /* fatal */
1234 return -EPROTO;
1235 }
1236
1237 if (queue->data_digest &&
1238 nvmet_tcp_check_ddgst(queue, &queue->pdu)) {
1239 nvmet_tcp_fatal_error(queue); /* fatal */
1240 return -EPROTO;
1241 }
1242
1243 return nvmet_tcp_done_recv_pdu(queue);
1244 }
1245
nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd * cmd)1246 static void nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd *cmd)
1247 {
1248 struct nvmet_tcp_queue *queue = cmd->queue;
1249
1250 nvmet_tcp_calc_ddgst(queue->rcv_hash, cmd);
1251 queue->offset = 0;
1252 queue->left = NVME_TCP_DIGEST_LENGTH;
1253 queue->rcv_state = NVMET_TCP_RECV_DDGST;
1254 }
1255
nvmet_tcp_try_recv_data(struct nvmet_tcp_queue * queue)1256 static int nvmet_tcp_try_recv_data(struct nvmet_tcp_queue *queue)
1257 {
1258 struct nvmet_tcp_cmd *cmd = queue->cmd;
1259 int len, ret;
1260
1261 while (msg_data_left(&cmd->recv_msg)) {
1262 len = sock_recvmsg(cmd->queue->sock, &cmd->recv_msg,
1263 cmd->recv_msg.msg_flags);
1264 if (len <= 0)
1265 return len;
1266 if (queue->tls_pskid) {
1267 ret = nvmet_tcp_tls_record_ok(cmd->queue,
1268 &cmd->recv_msg, cmd->recv_cbuf);
1269 if (ret < 0)
1270 return ret;
1271 }
1272
1273 cmd->pdu_recv += len;
1274 cmd->rbytes_done += len;
1275 }
1276
1277 if (queue->data_digest) {
1278 nvmet_tcp_prep_recv_ddgst(cmd);
1279 return 0;
1280 }
1281
1282 if (cmd->rbytes_done == cmd->req.transfer_len)
1283 nvmet_tcp_execute_request(cmd);
1284
1285 nvmet_prepare_receive_pdu(queue);
1286 return 0;
1287 }
1288
nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue * queue)1289 static int nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue *queue)
1290 {
1291 struct nvmet_tcp_cmd *cmd = queue->cmd;
1292 int ret, len;
1293 char cbuf[CMSG_LEN(sizeof(char))] = {};
1294 struct msghdr msg = { .msg_flags = MSG_DONTWAIT };
1295 struct kvec iov = {
1296 .iov_base = (void *)&cmd->recv_ddgst + queue->offset,
1297 .iov_len = queue->left
1298 };
1299
1300 if (queue->tls_pskid) {
1301 msg.msg_control = cbuf;
1302 msg.msg_controllen = sizeof(cbuf);
1303 }
1304 len = kernel_recvmsg(queue->sock, &msg, &iov, 1,
1305 iov.iov_len, msg.msg_flags);
1306 if (unlikely(len < 0))
1307 return len;
1308 if (queue->tls_pskid) {
1309 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf);
1310 if (ret < 0)
1311 return ret;
1312 }
1313
1314 queue->offset += len;
1315 queue->left -= len;
1316 if (queue->left)
1317 return -EAGAIN;
1318
1319 if (queue->data_digest && cmd->exp_ddgst != cmd->recv_ddgst) {
1320 pr_err("queue %d: cmd %d pdu (%d) data digest error: recv %#x expected %#x\n",
1321 queue->idx, cmd->req.cmd->common.command_id,
1322 queue->pdu.cmd.hdr.type, le32_to_cpu(cmd->recv_ddgst),
1323 le32_to_cpu(cmd->exp_ddgst));
1324 nvmet_req_uninit(&cmd->req);
1325 nvmet_tcp_free_cmd_buffers(cmd);
1326 nvmet_tcp_fatal_error(queue);
1327 ret = -EPROTO;
1328 goto out;
1329 }
1330
1331 if (cmd->rbytes_done == cmd->req.transfer_len)
1332 nvmet_tcp_execute_request(cmd);
1333
1334 ret = 0;
1335 out:
1336 nvmet_prepare_receive_pdu(queue);
1337 return ret;
1338 }
1339
nvmet_tcp_try_recv_one(struct nvmet_tcp_queue * queue)1340 static int nvmet_tcp_try_recv_one(struct nvmet_tcp_queue *queue)
1341 {
1342 int result = 0;
1343
1344 if (unlikely(queue->rcv_state == NVMET_TCP_RECV_ERR))
1345 return 0;
1346
1347 if (queue->rcv_state == NVMET_TCP_RECV_PDU) {
1348 result = nvmet_tcp_try_recv_pdu(queue);
1349 if (result != 0)
1350 goto done_recv;
1351 }
1352
1353 if (queue->rcv_state == NVMET_TCP_RECV_DATA) {
1354 result = nvmet_tcp_try_recv_data(queue);
1355 if (result != 0)
1356 goto done_recv;
1357 }
1358
1359 if (queue->rcv_state == NVMET_TCP_RECV_DDGST) {
1360 result = nvmet_tcp_try_recv_ddgst(queue);
1361 if (result != 0)
1362 goto done_recv;
1363 }
1364
1365 done_recv:
1366 if (result < 0) {
1367 if (result == -EAGAIN)
1368 return 0;
1369 return result;
1370 }
1371 return 1;
1372 }
1373
nvmet_tcp_try_recv(struct nvmet_tcp_queue * queue,int budget,int * recvs)1374 static int nvmet_tcp_try_recv(struct nvmet_tcp_queue *queue,
1375 int budget, int *recvs)
1376 {
1377 int i, ret = 0;
1378
1379 for (i = 0; i < budget; i++) {
1380 ret = nvmet_tcp_try_recv_one(queue);
1381 if (unlikely(ret < 0)) {
1382 nvmet_tcp_socket_error(queue, ret);
1383 goto done;
1384 } else if (ret == 0) {
1385 break;
1386 }
1387 (*recvs)++;
1388 }
1389 done:
1390 return ret;
1391 }
1392
nvmet_tcp_release_queue(struct kref * kref)1393 static void nvmet_tcp_release_queue(struct kref *kref)
1394 {
1395 struct nvmet_tcp_queue *queue =
1396 container_of(kref, struct nvmet_tcp_queue, kref);
1397
1398 WARN_ON(queue->state != NVMET_TCP_Q_DISCONNECTING);
1399 queue_work(nvmet_wq, &queue->release_work);
1400 }
1401
nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue * queue)1402 static void nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue *queue)
1403 {
1404 spin_lock_bh(&queue->state_lock);
1405 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
1406 /* Socket closed during handshake */
1407 tls_handshake_cancel(queue->sock->sk);
1408 }
1409 if (queue->state != NVMET_TCP_Q_DISCONNECTING) {
1410 queue->state = NVMET_TCP_Q_DISCONNECTING;
1411 kref_put(&queue->kref, nvmet_tcp_release_queue);
1412 }
1413 spin_unlock_bh(&queue->state_lock);
1414 }
1415
nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue * queue)1416 static inline void nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue *queue)
1417 {
1418 queue->poll_end = jiffies + usecs_to_jiffies(idle_poll_period_usecs);
1419 }
1420
nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue * queue,int ops)1421 static bool nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue *queue,
1422 int ops)
1423 {
1424 if (!idle_poll_period_usecs)
1425 return false;
1426
1427 if (ops)
1428 nvmet_tcp_arm_queue_deadline(queue);
1429
1430 return !time_after(jiffies, queue->poll_end);
1431 }
1432
nvmet_tcp_io_work(struct work_struct * w)1433 static void nvmet_tcp_io_work(struct work_struct *w)
1434 {
1435 struct nvmet_tcp_queue *queue =
1436 container_of(w, struct nvmet_tcp_queue, io_work);
1437 bool pending;
1438 int ret, ops = 0;
1439
1440 do {
1441 pending = false;
1442
1443 ret = nvmet_tcp_try_recv(queue, NVMET_TCP_RECV_BUDGET, &ops);
1444 if (ret > 0)
1445 pending = true;
1446 else if (ret < 0)
1447 return;
1448
1449 ret = nvmet_tcp_try_send(queue, NVMET_TCP_SEND_BUDGET, &ops);
1450 if (ret > 0)
1451 pending = true;
1452 else if (ret < 0)
1453 return;
1454
1455 } while (pending && ops < NVMET_TCP_IO_WORK_BUDGET);
1456
1457 /*
1458 * Requeue the worker if idle deadline period is in progress or any
1459 * ops activity was recorded during the do-while loop above.
1460 */
1461 if (nvmet_tcp_check_queue_deadline(queue, ops) || pending)
1462 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work);
1463 }
1464
nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * c)1465 static int nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue *queue,
1466 struct nvmet_tcp_cmd *c)
1467 {
1468 u8 hdgst = nvmet_tcp_hdgst_len(queue);
1469
1470 c->queue = queue;
1471 c->req.port = queue->port->nport;
1472
1473 c->cmd_pdu = page_frag_alloc(&queue->pf_cache,
1474 sizeof(*c->cmd_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1475 if (!c->cmd_pdu)
1476 return -ENOMEM;
1477 c->req.cmd = &c->cmd_pdu->cmd;
1478
1479 c->rsp_pdu = page_frag_alloc(&queue->pf_cache,
1480 sizeof(*c->rsp_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1481 if (!c->rsp_pdu)
1482 goto out_free_cmd;
1483 c->req.cqe = &c->rsp_pdu->cqe;
1484
1485 c->data_pdu = page_frag_alloc(&queue->pf_cache,
1486 sizeof(*c->data_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1487 if (!c->data_pdu)
1488 goto out_free_rsp;
1489
1490 c->r2t_pdu = page_frag_alloc(&queue->pf_cache,
1491 sizeof(*c->r2t_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1492 if (!c->r2t_pdu)
1493 goto out_free_data;
1494
1495 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
1496 c->recv_msg.msg_control = c->recv_cbuf;
1497 c->recv_msg.msg_controllen = sizeof(c->recv_cbuf);
1498 }
1499 c->recv_msg.msg_flags = MSG_DONTWAIT | MSG_NOSIGNAL;
1500
1501 list_add_tail(&c->entry, &queue->free_list);
1502
1503 return 0;
1504 out_free_data:
1505 page_frag_free(c->data_pdu);
1506 out_free_rsp:
1507 page_frag_free(c->rsp_pdu);
1508 out_free_cmd:
1509 page_frag_free(c->cmd_pdu);
1510 return -ENOMEM;
1511 }
1512
nvmet_tcp_free_cmd(struct nvmet_tcp_cmd * c)1513 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c)
1514 {
1515 page_frag_free(c->r2t_pdu);
1516 page_frag_free(c->data_pdu);
1517 page_frag_free(c->rsp_pdu);
1518 page_frag_free(c->cmd_pdu);
1519 }
1520
nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue * queue)1521 static int nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue *queue)
1522 {
1523 struct nvmet_tcp_cmd *cmds;
1524 int i, ret = -EINVAL, nr_cmds = queue->nr_cmds;
1525
1526 cmds = kcalloc(nr_cmds, sizeof(struct nvmet_tcp_cmd), GFP_KERNEL);
1527 if (!cmds)
1528 goto out;
1529
1530 for (i = 0; i < nr_cmds; i++) {
1531 ret = nvmet_tcp_alloc_cmd(queue, cmds + i);
1532 if (ret)
1533 goto out_free;
1534 }
1535
1536 queue->cmds = cmds;
1537
1538 return 0;
1539 out_free:
1540 while (--i >= 0)
1541 nvmet_tcp_free_cmd(cmds + i);
1542 kfree(cmds);
1543 out:
1544 return ret;
1545 }
1546
nvmet_tcp_free_cmds(struct nvmet_tcp_queue * queue)1547 static void nvmet_tcp_free_cmds(struct nvmet_tcp_queue *queue)
1548 {
1549 struct nvmet_tcp_cmd *cmds = queue->cmds;
1550 int i;
1551
1552 for (i = 0; i < queue->nr_cmds; i++)
1553 nvmet_tcp_free_cmd(cmds + i);
1554
1555 nvmet_tcp_free_cmd(&queue->connect);
1556 kfree(cmds);
1557 }
1558
nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue * queue)1559 static void nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue *queue)
1560 {
1561 struct socket *sock = queue->sock;
1562
1563 write_lock_bh(&sock->sk->sk_callback_lock);
1564 sock->sk->sk_data_ready = queue->data_ready;
1565 sock->sk->sk_state_change = queue->state_change;
1566 sock->sk->sk_write_space = queue->write_space;
1567 sock->sk->sk_user_data = NULL;
1568 write_unlock_bh(&sock->sk->sk_callback_lock);
1569 }
1570
nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue * queue)1571 static void nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue *queue)
1572 {
1573 struct nvmet_tcp_cmd *cmd = queue->cmds;
1574 int i;
1575
1576 for (i = 0; i < queue->nr_cmds; i++, cmd++) {
1577 if (nvmet_tcp_need_data_in(cmd))
1578 nvmet_req_uninit(&cmd->req);
1579 }
1580
1581 if (!queue->nr_cmds && nvmet_tcp_need_data_in(&queue->connect)) {
1582 /* failed in connect */
1583 nvmet_req_uninit(&queue->connect.req);
1584 }
1585 }
1586
nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue * queue)1587 static void nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue *queue)
1588 {
1589 struct nvmet_tcp_cmd *cmd = queue->cmds;
1590 int i;
1591
1592 for (i = 0; i < queue->nr_cmds; i++, cmd++)
1593 nvmet_tcp_free_cmd_buffers(cmd);
1594 nvmet_tcp_free_cmd_buffers(&queue->connect);
1595 }
1596
nvmet_tcp_release_queue_work(struct work_struct * w)1597 static void nvmet_tcp_release_queue_work(struct work_struct *w)
1598 {
1599 struct nvmet_tcp_queue *queue =
1600 container_of(w, struct nvmet_tcp_queue, release_work);
1601
1602 mutex_lock(&nvmet_tcp_queue_mutex);
1603 list_del_init(&queue->queue_list);
1604 mutex_unlock(&nvmet_tcp_queue_mutex);
1605
1606 nvmet_tcp_restore_socket_callbacks(queue);
1607 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work);
1608 cancel_work_sync(&queue->io_work);
1609 /* stop accepting incoming data */
1610 queue->rcv_state = NVMET_TCP_RECV_ERR;
1611
1612 nvmet_tcp_uninit_data_in_cmds(queue);
1613 nvmet_sq_destroy(&queue->nvme_sq);
1614 cancel_work_sync(&queue->io_work);
1615 nvmet_tcp_free_cmd_data_in_buffers(queue);
1616 /* ->sock will be released by fput() */
1617 fput(queue->sock->file);
1618 nvmet_tcp_free_cmds(queue);
1619 if (queue->hdr_digest || queue->data_digest)
1620 nvmet_tcp_free_crypto(queue);
1621 ida_free(&nvmet_tcp_queue_ida, queue->idx);
1622 page_frag_cache_drain(&queue->pf_cache);
1623 kfree(queue);
1624 }
1625
nvmet_tcp_data_ready(struct sock * sk)1626 static void nvmet_tcp_data_ready(struct sock *sk)
1627 {
1628 struct nvmet_tcp_queue *queue;
1629
1630 trace_sk_data_ready(sk);
1631
1632 read_lock_bh(&sk->sk_callback_lock);
1633 queue = sk->sk_user_data;
1634 if (likely(queue)) {
1635 if (queue->data_ready)
1636 queue->data_ready(sk);
1637 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)
1638 queue_work_on(queue_cpu(queue), nvmet_tcp_wq,
1639 &queue->io_work);
1640 }
1641 read_unlock_bh(&sk->sk_callback_lock);
1642 }
1643
nvmet_tcp_write_space(struct sock * sk)1644 static void nvmet_tcp_write_space(struct sock *sk)
1645 {
1646 struct nvmet_tcp_queue *queue;
1647
1648 read_lock_bh(&sk->sk_callback_lock);
1649 queue = sk->sk_user_data;
1650 if (unlikely(!queue))
1651 goto out;
1652
1653 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) {
1654 queue->write_space(sk);
1655 goto out;
1656 }
1657
1658 if (sk_stream_is_writeable(sk)) {
1659 clear_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1660 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work);
1661 }
1662 out:
1663 read_unlock_bh(&sk->sk_callback_lock);
1664 }
1665
nvmet_tcp_state_change(struct sock * sk)1666 static void nvmet_tcp_state_change(struct sock *sk)
1667 {
1668 struct nvmet_tcp_queue *queue;
1669
1670 read_lock_bh(&sk->sk_callback_lock);
1671 queue = sk->sk_user_data;
1672 if (!queue)
1673 goto done;
1674
1675 switch (sk->sk_state) {
1676 case TCP_FIN_WAIT2:
1677 case TCP_LAST_ACK:
1678 break;
1679 case TCP_FIN_WAIT1:
1680 case TCP_CLOSE_WAIT:
1681 case TCP_CLOSE:
1682 /* FALLTHRU */
1683 nvmet_tcp_schedule_release_queue(queue);
1684 break;
1685 default:
1686 pr_warn("queue %d unhandled state %d\n",
1687 queue->idx, sk->sk_state);
1688 }
1689 done:
1690 read_unlock_bh(&sk->sk_callback_lock);
1691 }
1692
nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue * queue)1693 static int nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue *queue)
1694 {
1695 struct socket *sock = queue->sock;
1696 struct inet_sock *inet = inet_sk(sock->sk);
1697 int ret;
1698
1699 ret = kernel_getsockname(sock,
1700 (struct sockaddr *)&queue->sockaddr);
1701 if (ret < 0)
1702 return ret;
1703
1704 ret = kernel_getpeername(sock,
1705 (struct sockaddr *)&queue->sockaddr_peer);
1706 if (ret < 0)
1707 return ret;
1708
1709 /*
1710 * Cleanup whatever is sitting in the TCP transmit queue on socket
1711 * close. This is done to prevent stale data from being sent should
1712 * the network connection be restored before TCP times out.
1713 */
1714 sock_no_linger(sock->sk);
1715
1716 if (so_priority > 0)
1717 sock_set_priority(sock->sk, so_priority);
1718
1719 /* Set socket type of service */
1720 if (inet->rcv_tos > 0)
1721 ip_sock_set_tos(sock->sk, inet->rcv_tos);
1722
1723 ret = 0;
1724 write_lock_bh(&sock->sk->sk_callback_lock);
1725 if (sock->sk->sk_state != TCP_ESTABLISHED) {
1726 /*
1727 * If the socket is already closing, don't even start
1728 * consuming it
1729 */
1730 ret = -ENOTCONN;
1731 } else {
1732 sock->sk->sk_user_data = queue;
1733 queue->data_ready = sock->sk->sk_data_ready;
1734 sock->sk->sk_data_ready = nvmet_tcp_data_ready;
1735 queue->state_change = sock->sk->sk_state_change;
1736 sock->sk->sk_state_change = nvmet_tcp_state_change;
1737 queue->write_space = sock->sk->sk_write_space;
1738 sock->sk->sk_write_space = nvmet_tcp_write_space;
1739 if (idle_poll_period_usecs)
1740 nvmet_tcp_arm_queue_deadline(queue);
1741 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work);
1742 }
1743 write_unlock_bh(&sock->sk->sk_callback_lock);
1744
1745 return ret;
1746 }
1747
1748 #ifdef CONFIG_NVME_TARGET_TCP_TLS
nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue * queue)1749 static int nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue *queue)
1750 {
1751 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr;
1752 int len, ret;
1753 struct kvec iov = {
1754 .iov_base = (u8 *)&queue->pdu + queue->offset,
1755 .iov_len = sizeof(struct nvme_tcp_hdr),
1756 };
1757 char cbuf[CMSG_LEN(sizeof(char))] = {};
1758 struct msghdr msg = {
1759 .msg_control = cbuf,
1760 .msg_controllen = sizeof(cbuf),
1761 .msg_flags = MSG_PEEK,
1762 };
1763
1764 if (nvmet_port_secure_channel_required(queue->port->nport))
1765 return 0;
1766
1767 len = kernel_recvmsg(queue->sock, &msg, &iov, 1,
1768 iov.iov_len, msg.msg_flags);
1769 if (unlikely(len < 0)) {
1770 pr_debug("queue %d: peek error %d\n",
1771 queue->idx, len);
1772 return len;
1773 }
1774
1775 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf);
1776 if (ret < 0)
1777 return ret;
1778
1779 if (len < sizeof(struct nvme_tcp_hdr)) {
1780 pr_debug("queue %d: short read, %d bytes missing\n",
1781 queue->idx, (int)iov.iov_len - len);
1782 return -EAGAIN;
1783 }
1784 pr_debug("queue %d: hdr type %d hlen %d plen %d size %d\n",
1785 queue->idx, hdr->type, hdr->hlen, hdr->plen,
1786 (int)sizeof(struct nvme_tcp_icreq_pdu));
1787 if (hdr->type == nvme_tcp_icreq &&
1788 hdr->hlen == sizeof(struct nvme_tcp_icreq_pdu) &&
1789 hdr->plen == cpu_to_le32(sizeof(struct nvme_tcp_icreq_pdu))) {
1790 pr_debug("queue %d: icreq detected\n",
1791 queue->idx);
1792 return len;
1793 }
1794 return 0;
1795 }
1796
nvmet_tcp_tls_handshake_done(void * data,int status,key_serial_t peerid)1797 static void nvmet_tcp_tls_handshake_done(void *data, int status,
1798 key_serial_t peerid)
1799 {
1800 struct nvmet_tcp_queue *queue = data;
1801
1802 pr_debug("queue %d: TLS handshake done, key %x, status %d\n",
1803 queue->idx, peerid, status);
1804 spin_lock_bh(&queue->state_lock);
1805 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) {
1806 spin_unlock_bh(&queue->state_lock);
1807 return;
1808 }
1809 if (!status) {
1810 queue->tls_pskid = peerid;
1811 queue->state = NVMET_TCP_Q_CONNECTING;
1812 } else
1813 queue->state = NVMET_TCP_Q_FAILED;
1814 spin_unlock_bh(&queue->state_lock);
1815
1816 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work);
1817 if (status)
1818 nvmet_tcp_schedule_release_queue(queue);
1819 else
1820 nvmet_tcp_set_queue_sock(queue);
1821 kref_put(&queue->kref, nvmet_tcp_release_queue);
1822 }
1823
nvmet_tcp_tls_handshake_timeout(struct work_struct * w)1824 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w)
1825 {
1826 struct nvmet_tcp_queue *queue = container_of(to_delayed_work(w),
1827 struct nvmet_tcp_queue, tls_handshake_tmo_work);
1828
1829 pr_warn("queue %d: TLS handshake timeout\n", queue->idx);
1830 /*
1831 * If tls_handshake_cancel() fails we've lost the race with
1832 * nvmet_tcp_tls_handshake_done() */
1833 if (!tls_handshake_cancel(queue->sock->sk))
1834 return;
1835 spin_lock_bh(&queue->state_lock);
1836 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) {
1837 spin_unlock_bh(&queue->state_lock);
1838 return;
1839 }
1840 queue->state = NVMET_TCP_Q_FAILED;
1841 spin_unlock_bh(&queue->state_lock);
1842 nvmet_tcp_schedule_release_queue(queue);
1843 kref_put(&queue->kref, nvmet_tcp_release_queue);
1844 }
1845
nvmet_tcp_tls_handshake(struct nvmet_tcp_queue * queue)1846 static int nvmet_tcp_tls_handshake(struct nvmet_tcp_queue *queue)
1847 {
1848 int ret = -EOPNOTSUPP;
1849 struct tls_handshake_args args;
1850
1851 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE) {
1852 pr_warn("cannot start TLS in state %d\n", queue->state);
1853 return -EINVAL;
1854 }
1855
1856 kref_get(&queue->kref);
1857 pr_debug("queue %d: TLS ServerHello\n", queue->idx);
1858 memset(&args, 0, sizeof(args));
1859 args.ta_sock = queue->sock;
1860 args.ta_done = nvmet_tcp_tls_handshake_done;
1861 args.ta_data = queue;
1862 args.ta_keyring = key_serial(queue->port->nport->keyring);
1863 args.ta_timeout_ms = tls_handshake_timeout * 1000;
1864
1865 ret = tls_server_hello_psk(&args, GFP_KERNEL);
1866 if (ret) {
1867 kref_put(&queue->kref, nvmet_tcp_release_queue);
1868 pr_err("failed to start TLS, err=%d\n", ret);
1869 } else {
1870 queue_delayed_work(nvmet_wq, &queue->tls_handshake_tmo_work,
1871 tls_handshake_timeout * HZ);
1872 }
1873 return ret;
1874 }
1875 #else
nvmet_tcp_tls_handshake_timeout(struct work_struct * w)1876 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w) {}
1877 #endif
1878
nvmet_tcp_alloc_queue(struct nvmet_tcp_port * port,struct socket * newsock)1879 static void nvmet_tcp_alloc_queue(struct nvmet_tcp_port *port,
1880 struct socket *newsock)
1881 {
1882 struct nvmet_tcp_queue *queue;
1883 struct file *sock_file = NULL;
1884 int ret;
1885
1886 queue = kzalloc(sizeof(*queue), GFP_KERNEL);
1887 if (!queue) {
1888 ret = -ENOMEM;
1889 goto out_release;
1890 }
1891
1892 INIT_WORK(&queue->release_work, nvmet_tcp_release_queue_work);
1893 INIT_WORK(&queue->io_work, nvmet_tcp_io_work);
1894 kref_init(&queue->kref);
1895 queue->sock = newsock;
1896 queue->port = port;
1897 queue->nr_cmds = 0;
1898 spin_lock_init(&queue->state_lock);
1899 if (queue->port->nport->disc_addr.tsas.tcp.sectype ==
1900 NVMF_TCP_SECTYPE_TLS13)
1901 queue->state = NVMET_TCP_Q_TLS_HANDSHAKE;
1902 else
1903 queue->state = NVMET_TCP_Q_CONNECTING;
1904 INIT_LIST_HEAD(&queue->free_list);
1905 init_llist_head(&queue->resp_list);
1906 INIT_LIST_HEAD(&queue->resp_send_list);
1907
1908 sock_file = sock_alloc_file(queue->sock, O_CLOEXEC, NULL);
1909 if (IS_ERR(sock_file)) {
1910 ret = PTR_ERR(sock_file);
1911 goto out_free_queue;
1912 }
1913
1914 queue->idx = ida_alloc(&nvmet_tcp_queue_ida, GFP_KERNEL);
1915 if (queue->idx < 0) {
1916 ret = queue->idx;
1917 goto out_sock;
1918 }
1919
1920 ret = nvmet_tcp_alloc_cmd(queue, &queue->connect);
1921 if (ret)
1922 goto out_ida_remove;
1923
1924 ret = nvmet_sq_init(&queue->nvme_sq);
1925 if (ret)
1926 goto out_free_connect;
1927
1928 nvmet_prepare_receive_pdu(queue);
1929
1930 mutex_lock(&nvmet_tcp_queue_mutex);
1931 list_add_tail(&queue->queue_list, &nvmet_tcp_queue_list);
1932 mutex_unlock(&nvmet_tcp_queue_mutex);
1933
1934 INIT_DELAYED_WORK(&queue->tls_handshake_tmo_work,
1935 nvmet_tcp_tls_handshake_timeout);
1936 #ifdef CONFIG_NVME_TARGET_TCP_TLS
1937 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
1938 struct sock *sk = queue->sock->sk;
1939
1940 /* Restore the default callbacks before starting upcall */
1941 read_lock_bh(&sk->sk_callback_lock);
1942 sk->sk_user_data = NULL;
1943 sk->sk_data_ready = port->data_ready;
1944 read_unlock_bh(&sk->sk_callback_lock);
1945 if (!nvmet_tcp_try_peek_pdu(queue)) {
1946 if (!nvmet_tcp_tls_handshake(queue))
1947 return;
1948 /* TLS handshake failed, terminate the connection */
1949 goto out_destroy_sq;
1950 }
1951 /* Not a TLS connection, continue with normal processing */
1952 queue->state = NVMET_TCP_Q_CONNECTING;
1953 }
1954 #endif
1955
1956 ret = nvmet_tcp_set_queue_sock(queue);
1957 if (ret)
1958 goto out_destroy_sq;
1959
1960 return;
1961 out_destroy_sq:
1962 mutex_lock(&nvmet_tcp_queue_mutex);
1963 list_del_init(&queue->queue_list);
1964 mutex_unlock(&nvmet_tcp_queue_mutex);
1965 nvmet_sq_destroy(&queue->nvme_sq);
1966 out_free_connect:
1967 nvmet_tcp_free_cmd(&queue->connect);
1968 out_ida_remove:
1969 ida_free(&nvmet_tcp_queue_ida, queue->idx);
1970 out_sock:
1971 fput(queue->sock->file);
1972 out_free_queue:
1973 kfree(queue);
1974 out_release:
1975 pr_err("failed to allocate queue, error %d\n", ret);
1976 if (!sock_file)
1977 sock_release(newsock);
1978 }
1979
nvmet_tcp_accept_work(struct work_struct * w)1980 static void nvmet_tcp_accept_work(struct work_struct *w)
1981 {
1982 struct nvmet_tcp_port *port =
1983 container_of(w, struct nvmet_tcp_port, accept_work);
1984 struct socket *newsock;
1985 int ret;
1986
1987 while (true) {
1988 ret = kernel_accept(port->sock, &newsock, O_NONBLOCK);
1989 if (ret < 0) {
1990 if (ret != -EAGAIN)
1991 pr_warn("failed to accept err=%d\n", ret);
1992 return;
1993 }
1994 nvmet_tcp_alloc_queue(port, newsock);
1995 }
1996 }
1997
nvmet_tcp_listen_data_ready(struct sock * sk)1998 static void nvmet_tcp_listen_data_ready(struct sock *sk)
1999 {
2000 struct nvmet_tcp_port *port;
2001
2002 trace_sk_data_ready(sk);
2003
2004 read_lock_bh(&sk->sk_callback_lock);
2005 port = sk->sk_user_data;
2006 if (!port)
2007 goto out;
2008
2009 if (sk->sk_state == TCP_LISTEN)
2010 queue_work(nvmet_wq, &port->accept_work);
2011 out:
2012 read_unlock_bh(&sk->sk_callback_lock);
2013 }
2014
nvmet_tcp_add_port(struct nvmet_port * nport)2015 static int nvmet_tcp_add_port(struct nvmet_port *nport)
2016 {
2017 struct nvmet_tcp_port *port;
2018 __kernel_sa_family_t af;
2019 int ret;
2020
2021 port = kzalloc(sizeof(*port), GFP_KERNEL);
2022 if (!port)
2023 return -ENOMEM;
2024
2025 switch (nport->disc_addr.adrfam) {
2026 case NVMF_ADDR_FAMILY_IP4:
2027 af = AF_INET;
2028 break;
2029 case NVMF_ADDR_FAMILY_IP6:
2030 af = AF_INET6;
2031 break;
2032 default:
2033 pr_err("address family %d not supported\n",
2034 nport->disc_addr.adrfam);
2035 ret = -EINVAL;
2036 goto err_port;
2037 }
2038
2039 ret = inet_pton_with_scope(&init_net, af, nport->disc_addr.traddr,
2040 nport->disc_addr.trsvcid, &port->addr);
2041 if (ret) {
2042 pr_err("malformed ip/port passed: %s:%s\n",
2043 nport->disc_addr.traddr, nport->disc_addr.trsvcid);
2044 goto err_port;
2045 }
2046
2047 port->nport = nport;
2048 INIT_WORK(&port->accept_work, nvmet_tcp_accept_work);
2049 if (port->nport->inline_data_size < 0)
2050 port->nport->inline_data_size = NVMET_TCP_DEF_INLINE_DATA_SIZE;
2051
2052 ret = sock_create(port->addr.ss_family, SOCK_STREAM,
2053 IPPROTO_TCP, &port->sock);
2054 if (ret) {
2055 pr_err("failed to create a socket\n");
2056 goto err_port;
2057 }
2058
2059 port->sock->sk->sk_user_data = port;
2060 port->data_ready = port->sock->sk->sk_data_ready;
2061 port->sock->sk->sk_data_ready = nvmet_tcp_listen_data_ready;
2062 sock_set_reuseaddr(port->sock->sk);
2063 tcp_sock_set_nodelay(port->sock->sk);
2064 if (so_priority > 0)
2065 sock_set_priority(port->sock->sk, so_priority);
2066
2067 ret = kernel_bind(port->sock, (struct sockaddr *)&port->addr,
2068 sizeof(port->addr));
2069 if (ret) {
2070 pr_err("failed to bind port socket %d\n", ret);
2071 goto err_sock;
2072 }
2073
2074 ret = kernel_listen(port->sock, NVMET_TCP_BACKLOG);
2075 if (ret) {
2076 pr_err("failed to listen %d on port sock\n", ret);
2077 goto err_sock;
2078 }
2079
2080 nport->priv = port;
2081 pr_info("enabling port %d (%pISpc)\n",
2082 le16_to_cpu(nport->disc_addr.portid), &port->addr);
2083
2084 return 0;
2085
2086 err_sock:
2087 sock_release(port->sock);
2088 err_port:
2089 kfree(port);
2090 return ret;
2091 }
2092
nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port * port)2093 static void nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port *port)
2094 {
2095 struct nvmet_tcp_queue *queue;
2096
2097 mutex_lock(&nvmet_tcp_queue_mutex);
2098 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list)
2099 if (queue->port == port)
2100 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
2101 mutex_unlock(&nvmet_tcp_queue_mutex);
2102 }
2103
nvmet_tcp_remove_port(struct nvmet_port * nport)2104 static void nvmet_tcp_remove_port(struct nvmet_port *nport)
2105 {
2106 struct nvmet_tcp_port *port = nport->priv;
2107
2108 write_lock_bh(&port->sock->sk->sk_callback_lock);
2109 port->sock->sk->sk_data_ready = port->data_ready;
2110 port->sock->sk->sk_user_data = NULL;
2111 write_unlock_bh(&port->sock->sk->sk_callback_lock);
2112 cancel_work_sync(&port->accept_work);
2113 /*
2114 * Destroy the remaining queues, which are not belong to any
2115 * controller yet.
2116 */
2117 nvmet_tcp_destroy_port_queues(port);
2118
2119 sock_release(port->sock);
2120 kfree(port);
2121 }
2122
nvmet_tcp_delete_ctrl(struct nvmet_ctrl * ctrl)2123 static void nvmet_tcp_delete_ctrl(struct nvmet_ctrl *ctrl)
2124 {
2125 struct nvmet_tcp_queue *queue;
2126
2127 mutex_lock(&nvmet_tcp_queue_mutex);
2128 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list)
2129 if (queue->nvme_sq.ctrl == ctrl)
2130 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
2131 mutex_unlock(&nvmet_tcp_queue_mutex);
2132 }
2133
nvmet_tcp_install_queue(struct nvmet_sq * sq)2134 static u16 nvmet_tcp_install_queue(struct nvmet_sq *sq)
2135 {
2136 struct nvmet_tcp_queue *queue =
2137 container_of(sq, struct nvmet_tcp_queue, nvme_sq);
2138
2139 if (sq->qid == 0) {
2140 struct nvmet_tcp_queue *q;
2141 int pending = 0;
2142
2143 /* Check for pending controller teardown */
2144 mutex_lock(&nvmet_tcp_queue_mutex);
2145 list_for_each_entry(q, &nvmet_tcp_queue_list, queue_list) {
2146 if (q->nvme_sq.ctrl == sq->ctrl &&
2147 q->state == NVMET_TCP_Q_DISCONNECTING)
2148 pending++;
2149 }
2150 mutex_unlock(&nvmet_tcp_queue_mutex);
2151 if (pending > NVMET_TCP_BACKLOG)
2152 return NVME_SC_CONNECT_CTRL_BUSY;
2153 }
2154
2155 queue->nr_cmds = sq->size * 2;
2156 if (nvmet_tcp_alloc_cmds(queue)) {
2157 queue->nr_cmds = 0;
2158 return NVME_SC_INTERNAL;
2159 }
2160 return 0;
2161 }
2162
nvmet_tcp_disc_port_addr(struct nvmet_req * req,struct nvmet_port * nport,char * traddr)2163 static void nvmet_tcp_disc_port_addr(struct nvmet_req *req,
2164 struct nvmet_port *nport, char *traddr)
2165 {
2166 struct nvmet_tcp_port *port = nport->priv;
2167
2168 if (inet_addr_is_any((struct sockaddr *)&port->addr)) {
2169 struct nvmet_tcp_cmd *cmd =
2170 container_of(req, struct nvmet_tcp_cmd, req);
2171 struct nvmet_tcp_queue *queue = cmd->queue;
2172
2173 sprintf(traddr, "%pISc", (struct sockaddr *)&queue->sockaddr);
2174 } else {
2175 memcpy(traddr, nport->disc_addr.traddr, NVMF_TRADDR_SIZE);
2176 }
2177 }
2178
nvmet_tcp_host_port_addr(struct nvmet_ctrl * ctrl,char * traddr,size_t traddr_len)2179 static ssize_t nvmet_tcp_host_port_addr(struct nvmet_ctrl *ctrl,
2180 char *traddr, size_t traddr_len)
2181 {
2182 struct nvmet_sq *sq = ctrl->sqs[0];
2183 struct nvmet_tcp_queue *queue =
2184 container_of(sq, struct nvmet_tcp_queue, nvme_sq);
2185
2186 if (queue->sockaddr_peer.ss_family == AF_UNSPEC)
2187 return -EINVAL;
2188 return snprintf(traddr, traddr_len, "%pISc",
2189 (struct sockaddr *)&queue->sockaddr_peer);
2190 }
2191
2192 static const struct nvmet_fabrics_ops nvmet_tcp_ops = {
2193 .owner = THIS_MODULE,
2194 .type = NVMF_TRTYPE_TCP,
2195 .msdbd = 1,
2196 .add_port = nvmet_tcp_add_port,
2197 .remove_port = nvmet_tcp_remove_port,
2198 .queue_response = nvmet_tcp_queue_response,
2199 .delete_ctrl = nvmet_tcp_delete_ctrl,
2200 .install_queue = nvmet_tcp_install_queue,
2201 .disc_traddr = nvmet_tcp_disc_port_addr,
2202 .host_traddr = nvmet_tcp_host_port_addr,
2203 };
2204
nvmet_tcp_init(void)2205 static int __init nvmet_tcp_init(void)
2206 {
2207 int ret;
2208
2209 nvmet_tcp_wq = alloc_workqueue("nvmet_tcp_wq",
2210 WQ_MEM_RECLAIM | WQ_HIGHPRI, 0);
2211 if (!nvmet_tcp_wq)
2212 return -ENOMEM;
2213
2214 ret = nvmet_register_transport(&nvmet_tcp_ops);
2215 if (ret)
2216 goto err;
2217
2218 return 0;
2219 err:
2220 destroy_workqueue(nvmet_tcp_wq);
2221 return ret;
2222 }
2223
nvmet_tcp_exit(void)2224 static void __exit nvmet_tcp_exit(void)
2225 {
2226 struct nvmet_tcp_queue *queue;
2227
2228 nvmet_unregister_transport(&nvmet_tcp_ops);
2229
2230 flush_workqueue(nvmet_wq);
2231 mutex_lock(&nvmet_tcp_queue_mutex);
2232 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list)
2233 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
2234 mutex_unlock(&nvmet_tcp_queue_mutex);
2235 flush_workqueue(nvmet_wq);
2236
2237 destroy_workqueue(nvmet_tcp_wq);
2238 ida_destroy(&nvmet_tcp_queue_ida);
2239 }
2240
2241 module_init(nvmet_tcp_init);
2242 module_exit(nvmet_tcp_exit);
2243
2244 MODULE_DESCRIPTION("NVMe target TCP transport driver");
2245 MODULE_LICENSE("GPL v2");
2246 MODULE_ALIAS("nvmet-transport-3"); /* 3 == NVMF_TRTYPE_TCP */
2247