1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NVMe over Fabrics TCP target. 4 * Copyright (c) 2018 Lightbits Labs. All rights reserved. 5 */ 6 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7 #include <linux/module.h> 8 #include <linux/init.h> 9 #include <linux/slab.h> 10 #include <linux/err.h> 11 #include <linux/nvme-tcp.h> 12 #include <linux/nvme-keyring.h> 13 #include <net/sock.h> 14 #include <net/tcp.h> 15 #include <net/tls.h> 16 #include <net/tls_prot.h> 17 #include <net/handshake.h> 18 #include <linux/inet.h> 19 #include <linux/llist.h> 20 #include <crypto/hash.h> 21 #include <trace/events/sock.h> 22 23 #include "nvmet.h" 24 25 #define NVMET_TCP_DEF_INLINE_DATA_SIZE (4 * PAGE_SIZE) 26 #define NVMET_TCP_MAXH2CDATA 0x400000 /* 16M arbitrary limit */ 27 #define NVMET_TCP_BACKLOG 128 28 param_store_val(const char * str,int * val,int min,int max)29 static int param_store_val(const char *str, int *val, int min, int max) 30 { 31 int ret, new_val; 32 33 ret = kstrtoint(str, 10, &new_val); 34 if (ret) 35 return -EINVAL; 36 37 if (new_val < min || new_val > max) 38 return -EINVAL; 39 40 *val = new_val; 41 return 0; 42 } 43 set_params(const char * str,const struct kernel_param * kp)44 static int set_params(const char *str, const struct kernel_param *kp) 45 { 46 return param_store_val(str, kp->arg, 0, INT_MAX); 47 } 48 49 static const struct kernel_param_ops set_param_ops = { 50 .set = set_params, 51 .get = param_get_int, 52 }; 53 54 /* Define the socket priority to use for connections were it is desirable 55 * that the NIC consider performing optimized packet processing or filtering. 56 * A non-zero value being sufficient to indicate general consideration of any 57 * possible optimization. Making it a module param allows for alternative 58 * values that may be unique for some NIC implementations. 59 */ 60 static int so_priority; 61 device_param_cb(so_priority, &set_param_ops, &so_priority, 0644); 62 MODULE_PARM_DESC(so_priority, "nvmet tcp socket optimize priority: Default 0"); 63 64 /* Define a time period (in usecs) that io_work() shall sample an activated 65 * queue before determining it to be idle. This optional module behavior 66 * can enable NIC solutions that support socket optimized packet processing 67 * using advanced interrupt moderation techniques. 68 */ 69 static int idle_poll_period_usecs; 70 device_param_cb(idle_poll_period_usecs, &set_param_ops, 71 &idle_poll_period_usecs, 0644); 72 MODULE_PARM_DESC(idle_poll_period_usecs, 73 "nvmet tcp io_work poll till idle time period in usecs: Default 0"); 74 75 #ifdef CONFIG_NVME_TARGET_TCP_TLS 76 /* 77 * TLS handshake timeout 78 */ 79 static int tls_handshake_timeout = 10; 80 module_param(tls_handshake_timeout, int, 0644); 81 MODULE_PARM_DESC(tls_handshake_timeout, 82 "nvme TLS handshake timeout in seconds (default 10)"); 83 #endif 84 85 #define NVMET_TCP_RECV_BUDGET 8 86 #define NVMET_TCP_SEND_BUDGET 8 87 #define NVMET_TCP_IO_WORK_BUDGET 64 88 89 enum nvmet_tcp_send_state { 90 NVMET_TCP_SEND_DATA_PDU, 91 NVMET_TCP_SEND_DATA, 92 NVMET_TCP_SEND_R2T, 93 NVMET_TCP_SEND_DDGST, 94 NVMET_TCP_SEND_RESPONSE 95 }; 96 97 enum nvmet_tcp_recv_state { 98 NVMET_TCP_RECV_PDU, 99 NVMET_TCP_RECV_DATA, 100 NVMET_TCP_RECV_DDGST, 101 NVMET_TCP_RECV_ERR, 102 }; 103 104 enum { 105 NVMET_TCP_F_INIT_FAILED = (1 << 0), 106 }; 107 108 struct nvmet_tcp_cmd { 109 struct nvmet_tcp_queue *queue; 110 struct nvmet_req req; 111 112 struct nvme_tcp_cmd_pdu *cmd_pdu; 113 struct nvme_tcp_rsp_pdu *rsp_pdu; 114 struct nvme_tcp_data_pdu *data_pdu; 115 struct nvme_tcp_r2t_pdu *r2t_pdu; 116 117 u32 rbytes_done; 118 u32 wbytes_done; 119 120 u32 pdu_len; 121 u32 pdu_recv; 122 int sg_idx; 123 char recv_cbuf[CMSG_LEN(sizeof(char))]; 124 struct msghdr recv_msg; 125 struct bio_vec *iov; 126 u32 flags; 127 128 struct list_head entry; 129 struct llist_node lentry; 130 131 /* send state */ 132 u32 offset; 133 struct scatterlist *cur_sg; 134 enum nvmet_tcp_send_state state; 135 136 __le32 exp_ddgst; 137 __le32 recv_ddgst; 138 }; 139 140 enum nvmet_tcp_queue_state { 141 NVMET_TCP_Q_CONNECTING, 142 NVMET_TCP_Q_TLS_HANDSHAKE, 143 NVMET_TCP_Q_LIVE, 144 NVMET_TCP_Q_DISCONNECTING, 145 NVMET_TCP_Q_FAILED, 146 }; 147 148 struct nvmet_tcp_queue { 149 struct socket *sock; 150 struct nvmet_tcp_port *port; 151 struct work_struct io_work; 152 struct nvmet_cq nvme_cq; 153 struct nvmet_sq nvme_sq; 154 struct kref kref; 155 156 /* send state */ 157 struct nvmet_tcp_cmd *cmds; 158 unsigned int nr_cmds; 159 struct list_head free_list; 160 struct llist_head resp_list; 161 struct list_head resp_send_list; 162 int send_list_len; 163 struct nvmet_tcp_cmd *snd_cmd; 164 165 /* recv state */ 166 int offset; 167 int left; 168 enum nvmet_tcp_recv_state rcv_state; 169 struct nvmet_tcp_cmd *cmd; 170 union nvme_tcp_pdu pdu; 171 172 /* digest state */ 173 bool hdr_digest; 174 bool data_digest; 175 struct ahash_request *snd_hash; 176 struct ahash_request *rcv_hash; 177 178 /* TLS state */ 179 key_serial_t tls_pskid; 180 struct delayed_work tls_handshake_tmo_work; 181 182 unsigned long poll_end; 183 184 spinlock_t state_lock; 185 enum nvmet_tcp_queue_state state; 186 187 struct sockaddr_storage sockaddr; 188 struct sockaddr_storage sockaddr_peer; 189 struct work_struct release_work; 190 191 int idx; 192 struct list_head queue_list; 193 194 struct nvmet_tcp_cmd connect; 195 196 struct page_frag_cache pf_cache; 197 198 void (*data_ready)(struct sock *); 199 void (*state_change)(struct sock *); 200 void (*write_space)(struct sock *); 201 }; 202 203 struct nvmet_tcp_port { 204 struct socket *sock; 205 struct work_struct accept_work; 206 struct nvmet_port *nport; 207 struct sockaddr_storage addr; 208 void (*data_ready)(struct sock *); 209 }; 210 211 static DEFINE_IDA(nvmet_tcp_queue_ida); 212 static LIST_HEAD(nvmet_tcp_queue_list); 213 static DEFINE_MUTEX(nvmet_tcp_queue_mutex); 214 215 static struct workqueue_struct *nvmet_tcp_wq; 216 static const struct nvmet_fabrics_ops nvmet_tcp_ops; 217 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c); 218 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd); 219 nvmet_tcp_cmd_tag(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * cmd)220 static inline u16 nvmet_tcp_cmd_tag(struct nvmet_tcp_queue *queue, 221 struct nvmet_tcp_cmd *cmd) 222 { 223 if (unlikely(!queue->nr_cmds)) { 224 /* We didn't allocate cmds yet, send 0xffff */ 225 return USHRT_MAX; 226 } 227 228 return cmd - queue->cmds; 229 } 230 nvmet_tcp_has_data_in(struct nvmet_tcp_cmd * cmd)231 static inline bool nvmet_tcp_has_data_in(struct nvmet_tcp_cmd *cmd) 232 { 233 return nvme_is_write(cmd->req.cmd) && 234 cmd->rbytes_done < cmd->req.transfer_len; 235 } 236 nvmet_tcp_need_data_in(struct nvmet_tcp_cmd * cmd)237 static inline bool nvmet_tcp_need_data_in(struct nvmet_tcp_cmd *cmd) 238 { 239 return nvmet_tcp_has_data_in(cmd) && !cmd->req.cqe->status; 240 } 241 nvmet_tcp_need_data_out(struct nvmet_tcp_cmd * cmd)242 static inline bool nvmet_tcp_need_data_out(struct nvmet_tcp_cmd *cmd) 243 { 244 return !nvme_is_write(cmd->req.cmd) && 245 cmd->req.transfer_len > 0 && 246 !cmd->req.cqe->status; 247 } 248 nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd * cmd)249 static inline bool nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd *cmd) 250 { 251 return nvme_is_write(cmd->req.cmd) && cmd->pdu_len && 252 !cmd->rbytes_done; 253 } 254 255 static inline struct nvmet_tcp_cmd * nvmet_tcp_get_cmd(struct nvmet_tcp_queue * queue)256 nvmet_tcp_get_cmd(struct nvmet_tcp_queue *queue) 257 { 258 struct nvmet_tcp_cmd *cmd; 259 260 cmd = list_first_entry_or_null(&queue->free_list, 261 struct nvmet_tcp_cmd, entry); 262 if (!cmd) 263 return NULL; 264 list_del_init(&cmd->entry); 265 266 cmd->rbytes_done = cmd->wbytes_done = 0; 267 cmd->pdu_len = 0; 268 cmd->pdu_recv = 0; 269 cmd->iov = NULL; 270 cmd->flags = 0; 271 return cmd; 272 } 273 nvmet_tcp_put_cmd(struct nvmet_tcp_cmd * cmd)274 static inline void nvmet_tcp_put_cmd(struct nvmet_tcp_cmd *cmd) 275 { 276 if (unlikely(cmd == &cmd->queue->connect)) 277 return; 278 279 list_add_tail(&cmd->entry, &cmd->queue->free_list); 280 } 281 queue_cpu(struct nvmet_tcp_queue * queue)282 static inline int queue_cpu(struct nvmet_tcp_queue *queue) 283 { 284 return queue->sock->sk->sk_incoming_cpu; 285 } 286 nvmet_tcp_hdgst_len(struct nvmet_tcp_queue * queue)287 static inline u8 nvmet_tcp_hdgst_len(struct nvmet_tcp_queue *queue) 288 { 289 return queue->hdr_digest ? NVME_TCP_DIGEST_LENGTH : 0; 290 } 291 nvmet_tcp_ddgst_len(struct nvmet_tcp_queue * queue)292 static inline u8 nvmet_tcp_ddgst_len(struct nvmet_tcp_queue *queue) 293 { 294 return queue->data_digest ? NVME_TCP_DIGEST_LENGTH : 0; 295 } 296 nvmet_tcp_hdgst(struct ahash_request * hash,void * pdu,size_t len)297 static inline void nvmet_tcp_hdgst(struct ahash_request *hash, 298 void *pdu, size_t len) 299 { 300 struct scatterlist sg; 301 302 sg_init_one(&sg, pdu, len); 303 ahash_request_set_crypt(hash, &sg, pdu + len, len); 304 crypto_ahash_digest(hash); 305 } 306 nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue * queue,void * pdu,size_t len)307 static int nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue *queue, 308 void *pdu, size_t len) 309 { 310 struct nvme_tcp_hdr *hdr = pdu; 311 __le32 recv_digest; 312 __le32 exp_digest; 313 314 if (unlikely(!(hdr->flags & NVME_TCP_F_HDGST))) { 315 pr_err("queue %d: header digest enabled but no header digest\n", 316 queue->idx); 317 return -EPROTO; 318 } 319 320 recv_digest = *(__le32 *)(pdu + hdr->hlen); 321 nvmet_tcp_hdgst(queue->rcv_hash, pdu, len); 322 exp_digest = *(__le32 *)(pdu + hdr->hlen); 323 if (recv_digest != exp_digest) { 324 pr_err("queue %d: header digest error: recv %#x expected %#x\n", 325 queue->idx, le32_to_cpu(recv_digest), 326 le32_to_cpu(exp_digest)); 327 return -EPROTO; 328 } 329 330 return 0; 331 } 332 nvmet_tcp_check_ddgst(struct nvmet_tcp_queue * queue,void * pdu)333 static int nvmet_tcp_check_ddgst(struct nvmet_tcp_queue *queue, void *pdu) 334 { 335 struct nvme_tcp_hdr *hdr = pdu; 336 u8 digest_len = nvmet_tcp_hdgst_len(queue); 337 u32 len; 338 339 len = le32_to_cpu(hdr->plen) - hdr->hlen - 340 (hdr->flags & NVME_TCP_F_HDGST ? digest_len : 0); 341 342 if (unlikely(len && !(hdr->flags & NVME_TCP_F_DDGST))) { 343 pr_err("queue %d: data digest flag is cleared\n", queue->idx); 344 return -EPROTO; 345 } 346 347 return 0; 348 } 349 350 /* If cmd buffers are NULL, no operation is performed */ nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd * cmd)351 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd) 352 { 353 kfree(cmd->iov); 354 sgl_free(cmd->req.sg); 355 cmd->iov = NULL; 356 cmd->req.sg = NULL; 357 } 358 nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd * cmd)359 static void nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd *cmd) 360 { 361 struct bio_vec *iov = cmd->iov; 362 struct scatterlist *sg; 363 u32 length, offset, sg_offset; 364 int nr_pages; 365 366 length = cmd->pdu_len; 367 nr_pages = DIV_ROUND_UP(length, PAGE_SIZE); 368 offset = cmd->rbytes_done; 369 cmd->sg_idx = offset / PAGE_SIZE; 370 sg_offset = offset % PAGE_SIZE; 371 sg = &cmd->req.sg[cmd->sg_idx]; 372 373 while (length) { 374 u32 iov_len = min_t(u32, length, sg->length - sg_offset); 375 376 bvec_set_page(iov, sg_page(sg), iov_len, 377 sg->offset + sg_offset); 378 379 length -= iov_len; 380 sg = sg_next(sg); 381 iov++; 382 sg_offset = 0; 383 } 384 385 iov_iter_bvec(&cmd->recv_msg.msg_iter, ITER_DEST, cmd->iov, 386 nr_pages, cmd->pdu_len); 387 } 388 nvmet_tcp_fatal_error(struct nvmet_tcp_queue * queue)389 static void nvmet_tcp_fatal_error(struct nvmet_tcp_queue *queue) 390 { 391 queue->rcv_state = NVMET_TCP_RECV_ERR; 392 if (queue->nvme_sq.ctrl) 393 nvmet_ctrl_fatal_error(queue->nvme_sq.ctrl); 394 else 395 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 396 } 397 nvmet_tcp_socket_error(struct nvmet_tcp_queue * queue,int status)398 static void nvmet_tcp_socket_error(struct nvmet_tcp_queue *queue, int status) 399 { 400 queue->rcv_state = NVMET_TCP_RECV_ERR; 401 if (status == -EPIPE || status == -ECONNRESET) 402 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 403 else 404 nvmet_tcp_fatal_error(queue); 405 } 406 nvmet_tcp_map_data(struct nvmet_tcp_cmd * cmd)407 static int nvmet_tcp_map_data(struct nvmet_tcp_cmd *cmd) 408 { 409 struct nvme_sgl_desc *sgl = &cmd->req.cmd->common.dptr.sgl; 410 u32 len = le32_to_cpu(sgl->length); 411 412 if (!len) 413 return 0; 414 415 if (sgl->type == ((NVME_SGL_FMT_DATA_DESC << 4) | 416 NVME_SGL_FMT_OFFSET)) { 417 if (!nvme_is_write(cmd->req.cmd)) 418 return NVME_SC_INVALID_FIELD | NVME_STATUS_DNR; 419 420 if (len > cmd->req.port->inline_data_size) 421 return NVME_SC_SGL_INVALID_OFFSET | NVME_STATUS_DNR; 422 cmd->pdu_len = len; 423 } 424 cmd->req.transfer_len += len; 425 426 cmd->req.sg = sgl_alloc(len, GFP_KERNEL, &cmd->req.sg_cnt); 427 if (!cmd->req.sg) 428 return NVME_SC_INTERNAL; 429 cmd->cur_sg = cmd->req.sg; 430 431 if (nvmet_tcp_has_data_in(cmd)) { 432 cmd->iov = kmalloc_array(cmd->req.sg_cnt, 433 sizeof(*cmd->iov), GFP_KERNEL); 434 if (!cmd->iov) 435 goto err; 436 } 437 438 return 0; 439 err: 440 nvmet_tcp_free_cmd_buffers(cmd); 441 return NVME_SC_INTERNAL; 442 } 443 nvmet_tcp_calc_ddgst(struct ahash_request * hash,struct nvmet_tcp_cmd * cmd)444 static void nvmet_tcp_calc_ddgst(struct ahash_request *hash, 445 struct nvmet_tcp_cmd *cmd) 446 { 447 ahash_request_set_crypt(hash, cmd->req.sg, 448 (void *)&cmd->exp_ddgst, cmd->req.transfer_len); 449 crypto_ahash_digest(hash); 450 } 451 nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd * cmd)452 static void nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd *cmd) 453 { 454 struct nvme_tcp_data_pdu *pdu = cmd->data_pdu; 455 struct nvmet_tcp_queue *queue = cmd->queue; 456 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 457 u8 ddgst = nvmet_tcp_ddgst_len(cmd->queue); 458 459 cmd->offset = 0; 460 cmd->state = NVMET_TCP_SEND_DATA_PDU; 461 462 pdu->hdr.type = nvme_tcp_c2h_data; 463 pdu->hdr.flags = NVME_TCP_F_DATA_LAST | (queue->nvme_sq.sqhd_disabled ? 464 NVME_TCP_F_DATA_SUCCESS : 0); 465 pdu->hdr.hlen = sizeof(*pdu); 466 pdu->hdr.pdo = pdu->hdr.hlen + hdgst; 467 pdu->hdr.plen = 468 cpu_to_le32(pdu->hdr.hlen + hdgst + 469 cmd->req.transfer_len + ddgst); 470 pdu->command_id = cmd->req.cqe->command_id; 471 pdu->data_length = cpu_to_le32(cmd->req.transfer_len); 472 pdu->data_offset = cpu_to_le32(cmd->wbytes_done); 473 474 if (queue->data_digest) { 475 pdu->hdr.flags |= NVME_TCP_F_DDGST; 476 nvmet_tcp_calc_ddgst(queue->snd_hash, cmd); 477 } 478 479 if (cmd->queue->hdr_digest) { 480 pdu->hdr.flags |= NVME_TCP_F_HDGST; 481 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu)); 482 } 483 } 484 nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd * cmd)485 static void nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd *cmd) 486 { 487 struct nvme_tcp_r2t_pdu *pdu = cmd->r2t_pdu; 488 struct nvmet_tcp_queue *queue = cmd->queue; 489 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 490 491 cmd->offset = 0; 492 cmd->state = NVMET_TCP_SEND_R2T; 493 494 pdu->hdr.type = nvme_tcp_r2t; 495 pdu->hdr.flags = 0; 496 pdu->hdr.hlen = sizeof(*pdu); 497 pdu->hdr.pdo = 0; 498 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst); 499 500 pdu->command_id = cmd->req.cmd->common.command_id; 501 pdu->ttag = nvmet_tcp_cmd_tag(cmd->queue, cmd); 502 pdu->r2t_length = cpu_to_le32(cmd->req.transfer_len - cmd->rbytes_done); 503 pdu->r2t_offset = cpu_to_le32(cmd->rbytes_done); 504 if (cmd->queue->hdr_digest) { 505 pdu->hdr.flags |= NVME_TCP_F_HDGST; 506 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu)); 507 } 508 } 509 nvmet_setup_response_pdu(struct nvmet_tcp_cmd * cmd)510 static void nvmet_setup_response_pdu(struct nvmet_tcp_cmd *cmd) 511 { 512 struct nvme_tcp_rsp_pdu *pdu = cmd->rsp_pdu; 513 struct nvmet_tcp_queue *queue = cmd->queue; 514 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 515 516 cmd->offset = 0; 517 cmd->state = NVMET_TCP_SEND_RESPONSE; 518 519 pdu->hdr.type = nvme_tcp_rsp; 520 pdu->hdr.flags = 0; 521 pdu->hdr.hlen = sizeof(*pdu); 522 pdu->hdr.pdo = 0; 523 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst); 524 if (cmd->queue->hdr_digest) { 525 pdu->hdr.flags |= NVME_TCP_F_HDGST; 526 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu)); 527 } 528 } 529 nvmet_tcp_process_resp_list(struct nvmet_tcp_queue * queue)530 static void nvmet_tcp_process_resp_list(struct nvmet_tcp_queue *queue) 531 { 532 struct llist_node *node; 533 struct nvmet_tcp_cmd *cmd; 534 535 for (node = llist_del_all(&queue->resp_list); node; node = node->next) { 536 cmd = llist_entry(node, struct nvmet_tcp_cmd, lentry); 537 list_add(&cmd->entry, &queue->resp_send_list); 538 queue->send_list_len++; 539 } 540 } 541 nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue * queue)542 static struct nvmet_tcp_cmd *nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue *queue) 543 { 544 queue->snd_cmd = list_first_entry_or_null(&queue->resp_send_list, 545 struct nvmet_tcp_cmd, entry); 546 if (!queue->snd_cmd) { 547 nvmet_tcp_process_resp_list(queue); 548 queue->snd_cmd = 549 list_first_entry_or_null(&queue->resp_send_list, 550 struct nvmet_tcp_cmd, entry); 551 if (unlikely(!queue->snd_cmd)) 552 return NULL; 553 } 554 555 list_del_init(&queue->snd_cmd->entry); 556 queue->send_list_len--; 557 558 if (nvmet_tcp_need_data_out(queue->snd_cmd)) 559 nvmet_setup_c2h_data_pdu(queue->snd_cmd); 560 else if (nvmet_tcp_need_data_in(queue->snd_cmd)) 561 nvmet_setup_r2t_pdu(queue->snd_cmd); 562 else 563 nvmet_setup_response_pdu(queue->snd_cmd); 564 565 return queue->snd_cmd; 566 } 567 nvmet_tcp_queue_response(struct nvmet_req * req)568 static void nvmet_tcp_queue_response(struct nvmet_req *req) 569 { 570 struct nvmet_tcp_cmd *cmd = 571 container_of(req, struct nvmet_tcp_cmd, req); 572 struct nvmet_tcp_queue *queue = cmd->queue; 573 enum nvmet_tcp_recv_state queue_state; 574 struct nvmet_tcp_cmd *queue_cmd; 575 struct nvme_sgl_desc *sgl; 576 u32 len; 577 578 /* Pairs with store_release in nvmet_prepare_receive_pdu() */ 579 queue_state = smp_load_acquire(&queue->rcv_state); 580 queue_cmd = READ_ONCE(queue->cmd); 581 582 if (unlikely(cmd == queue_cmd)) { 583 sgl = &cmd->req.cmd->common.dptr.sgl; 584 len = le32_to_cpu(sgl->length); 585 586 /* 587 * Wait for inline data before processing the response. 588 * Avoid using helpers, this might happen before 589 * nvmet_req_init is completed. 590 */ 591 if (queue_state == NVMET_TCP_RECV_PDU && 592 len && len <= cmd->req.port->inline_data_size && 593 nvme_is_write(cmd->req.cmd)) 594 return; 595 } 596 597 llist_add(&cmd->lentry, &queue->resp_list); 598 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &cmd->queue->io_work); 599 } 600 nvmet_tcp_execute_request(struct nvmet_tcp_cmd * cmd)601 static void nvmet_tcp_execute_request(struct nvmet_tcp_cmd *cmd) 602 { 603 if (unlikely(cmd->flags & NVMET_TCP_F_INIT_FAILED)) 604 nvmet_tcp_queue_response(&cmd->req); 605 else 606 cmd->req.execute(&cmd->req); 607 } 608 nvmet_try_send_data_pdu(struct nvmet_tcp_cmd * cmd)609 static int nvmet_try_send_data_pdu(struct nvmet_tcp_cmd *cmd) 610 { 611 struct msghdr msg = { 612 .msg_flags = MSG_DONTWAIT | MSG_MORE | MSG_SPLICE_PAGES, 613 }; 614 struct bio_vec bvec; 615 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 616 int left = sizeof(*cmd->data_pdu) - cmd->offset + hdgst; 617 int ret; 618 619 bvec_set_virt(&bvec, (void *)cmd->data_pdu + cmd->offset, left); 620 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 621 ret = sock_sendmsg(cmd->queue->sock, &msg); 622 if (ret <= 0) 623 return ret; 624 625 cmd->offset += ret; 626 left -= ret; 627 628 if (left) 629 return -EAGAIN; 630 631 cmd->state = NVMET_TCP_SEND_DATA; 632 cmd->offset = 0; 633 return 1; 634 } 635 nvmet_try_send_data(struct nvmet_tcp_cmd * cmd,bool last_in_batch)636 static int nvmet_try_send_data(struct nvmet_tcp_cmd *cmd, bool last_in_batch) 637 { 638 struct nvmet_tcp_queue *queue = cmd->queue; 639 int ret; 640 641 while (cmd->cur_sg) { 642 struct msghdr msg = { 643 .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, 644 }; 645 struct page *page = sg_page(cmd->cur_sg); 646 struct bio_vec bvec; 647 u32 left = cmd->cur_sg->length - cmd->offset; 648 649 if ((!last_in_batch && cmd->queue->send_list_len) || 650 cmd->wbytes_done + left < cmd->req.transfer_len || 651 queue->data_digest || !queue->nvme_sq.sqhd_disabled) 652 msg.msg_flags |= MSG_MORE; 653 654 bvec_set_page(&bvec, page, left, cmd->offset); 655 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 656 ret = sock_sendmsg(cmd->queue->sock, &msg); 657 if (ret <= 0) 658 return ret; 659 660 cmd->offset += ret; 661 cmd->wbytes_done += ret; 662 663 /* Done with sg?*/ 664 if (cmd->offset == cmd->cur_sg->length) { 665 cmd->cur_sg = sg_next(cmd->cur_sg); 666 cmd->offset = 0; 667 } 668 } 669 670 if (queue->data_digest) { 671 cmd->state = NVMET_TCP_SEND_DDGST; 672 cmd->offset = 0; 673 } else { 674 if (queue->nvme_sq.sqhd_disabled) { 675 cmd->queue->snd_cmd = NULL; 676 nvmet_tcp_put_cmd(cmd); 677 } else { 678 nvmet_setup_response_pdu(cmd); 679 } 680 } 681 682 if (queue->nvme_sq.sqhd_disabled) 683 nvmet_tcp_free_cmd_buffers(cmd); 684 685 return 1; 686 687 } 688 nvmet_try_send_response(struct nvmet_tcp_cmd * cmd,bool last_in_batch)689 static int nvmet_try_send_response(struct nvmet_tcp_cmd *cmd, 690 bool last_in_batch) 691 { 692 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, }; 693 struct bio_vec bvec; 694 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 695 int left = sizeof(*cmd->rsp_pdu) - cmd->offset + hdgst; 696 int ret; 697 698 if (!last_in_batch && cmd->queue->send_list_len) 699 msg.msg_flags |= MSG_MORE; 700 else 701 msg.msg_flags |= MSG_EOR; 702 703 bvec_set_virt(&bvec, (void *)cmd->rsp_pdu + cmd->offset, left); 704 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 705 ret = sock_sendmsg(cmd->queue->sock, &msg); 706 if (ret <= 0) 707 return ret; 708 cmd->offset += ret; 709 left -= ret; 710 711 if (left) 712 return -EAGAIN; 713 714 nvmet_tcp_free_cmd_buffers(cmd); 715 cmd->queue->snd_cmd = NULL; 716 nvmet_tcp_put_cmd(cmd); 717 return 1; 718 } 719 nvmet_try_send_r2t(struct nvmet_tcp_cmd * cmd,bool last_in_batch)720 static int nvmet_try_send_r2t(struct nvmet_tcp_cmd *cmd, bool last_in_batch) 721 { 722 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, }; 723 struct bio_vec bvec; 724 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 725 int left = sizeof(*cmd->r2t_pdu) - cmd->offset + hdgst; 726 int ret; 727 728 if (!last_in_batch && cmd->queue->send_list_len) 729 msg.msg_flags |= MSG_MORE; 730 else 731 msg.msg_flags |= MSG_EOR; 732 733 bvec_set_virt(&bvec, (void *)cmd->r2t_pdu + cmd->offset, left); 734 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 735 ret = sock_sendmsg(cmd->queue->sock, &msg); 736 if (ret <= 0) 737 return ret; 738 cmd->offset += ret; 739 left -= ret; 740 741 if (left) 742 return -EAGAIN; 743 744 cmd->queue->snd_cmd = NULL; 745 return 1; 746 } 747 nvmet_try_send_ddgst(struct nvmet_tcp_cmd * cmd,bool last_in_batch)748 static int nvmet_try_send_ddgst(struct nvmet_tcp_cmd *cmd, bool last_in_batch) 749 { 750 struct nvmet_tcp_queue *queue = cmd->queue; 751 int left = NVME_TCP_DIGEST_LENGTH - cmd->offset; 752 struct msghdr msg = { .msg_flags = MSG_DONTWAIT }; 753 struct kvec iov = { 754 .iov_base = (u8 *)&cmd->exp_ddgst + cmd->offset, 755 .iov_len = left 756 }; 757 int ret; 758 759 if (!last_in_batch && cmd->queue->send_list_len) 760 msg.msg_flags |= MSG_MORE; 761 else 762 msg.msg_flags |= MSG_EOR; 763 764 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len); 765 if (unlikely(ret <= 0)) 766 return ret; 767 768 cmd->offset += ret; 769 left -= ret; 770 771 if (left) 772 return -EAGAIN; 773 774 if (queue->nvme_sq.sqhd_disabled) { 775 cmd->queue->snd_cmd = NULL; 776 nvmet_tcp_put_cmd(cmd); 777 } else { 778 nvmet_setup_response_pdu(cmd); 779 } 780 return 1; 781 } 782 nvmet_tcp_try_send_one(struct nvmet_tcp_queue * queue,bool last_in_batch)783 static int nvmet_tcp_try_send_one(struct nvmet_tcp_queue *queue, 784 bool last_in_batch) 785 { 786 struct nvmet_tcp_cmd *cmd = queue->snd_cmd; 787 int ret = 0; 788 789 if (!cmd || queue->state == NVMET_TCP_Q_DISCONNECTING) { 790 cmd = nvmet_tcp_fetch_cmd(queue); 791 if (unlikely(!cmd)) 792 return 0; 793 } 794 795 if (cmd->state == NVMET_TCP_SEND_DATA_PDU) { 796 ret = nvmet_try_send_data_pdu(cmd); 797 if (ret <= 0) 798 goto done_send; 799 } 800 801 if (cmd->state == NVMET_TCP_SEND_DATA) { 802 ret = nvmet_try_send_data(cmd, last_in_batch); 803 if (ret <= 0) 804 goto done_send; 805 } 806 807 if (cmd->state == NVMET_TCP_SEND_DDGST) { 808 ret = nvmet_try_send_ddgst(cmd, last_in_batch); 809 if (ret <= 0) 810 goto done_send; 811 } 812 813 if (cmd->state == NVMET_TCP_SEND_R2T) { 814 ret = nvmet_try_send_r2t(cmd, last_in_batch); 815 if (ret <= 0) 816 goto done_send; 817 } 818 819 if (cmd->state == NVMET_TCP_SEND_RESPONSE) 820 ret = nvmet_try_send_response(cmd, last_in_batch); 821 822 done_send: 823 if (ret < 0) { 824 if (ret == -EAGAIN) 825 return 0; 826 return ret; 827 } 828 829 return 1; 830 } 831 nvmet_tcp_try_send(struct nvmet_tcp_queue * queue,int budget,int * sends)832 static int nvmet_tcp_try_send(struct nvmet_tcp_queue *queue, 833 int budget, int *sends) 834 { 835 int i, ret = 0; 836 837 for (i = 0; i < budget; i++) { 838 ret = nvmet_tcp_try_send_one(queue, i == budget - 1); 839 if (unlikely(ret < 0)) { 840 nvmet_tcp_socket_error(queue, ret); 841 goto done; 842 } else if (ret == 0) { 843 break; 844 } 845 (*sends)++; 846 } 847 done: 848 return ret; 849 } 850 nvmet_prepare_receive_pdu(struct nvmet_tcp_queue * queue)851 static void nvmet_prepare_receive_pdu(struct nvmet_tcp_queue *queue) 852 { 853 queue->offset = 0; 854 queue->left = sizeof(struct nvme_tcp_hdr); 855 WRITE_ONCE(queue->cmd, NULL); 856 /* Ensure rcv_state is visible only after queue->cmd is set */ 857 smp_store_release(&queue->rcv_state, NVMET_TCP_RECV_PDU); 858 } 859 nvmet_tcp_free_crypto(struct nvmet_tcp_queue * queue)860 static void nvmet_tcp_free_crypto(struct nvmet_tcp_queue *queue) 861 { 862 struct crypto_ahash *tfm = crypto_ahash_reqtfm(queue->rcv_hash); 863 864 ahash_request_free(queue->rcv_hash); 865 ahash_request_free(queue->snd_hash); 866 crypto_free_ahash(tfm); 867 } 868 nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue * queue)869 static int nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue *queue) 870 { 871 struct crypto_ahash *tfm; 872 873 tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC); 874 if (IS_ERR(tfm)) 875 return PTR_ERR(tfm); 876 877 queue->snd_hash = ahash_request_alloc(tfm, GFP_KERNEL); 878 if (!queue->snd_hash) 879 goto free_tfm; 880 ahash_request_set_callback(queue->snd_hash, 0, NULL, NULL); 881 882 queue->rcv_hash = ahash_request_alloc(tfm, GFP_KERNEL); 883 if (!queue->rcv_hash) 884 goto free_snd_hash; 885 ahash_request_set_callback(queue->rcv_hash, 0, NULL, NULL); 886 887 return 0; 888 free_snd_hash: 889 ahash_request_free(queue->snd_hash); 890 free_tfm: 891 crypto_free_ahash(tfm); 892 return -ENOMEM; 893 } 894 895 nvmet_tcp_handle_icreq(struct nvmet_tcp_queue * queue)896 static int nvmet_tcp_handle_icreq(struct nvmet_tcp_queue *queue) 897 { 898 struct nvme_tcp_icreq_pdu *icreq = &queue->pdu.icreq; 899 struct nvme_tcp_icresp_pdu *icresp = &queue->pdu.icresp; 900 struct msghdr msg = {}; 901 struct kvec iov; 902 int ret; 903 904 if (le32_to_cpu(icreq->hdr.plen) != sizeof(struct nvme_tcp_icreq_pdu)) { 905 pr_err("bad nvme-tcp pdu length (%d)\n", 906 le32_to_cpu(icreq->hdr.plen)); 907 nvmet_tcp_fatal_error(queue); 908 return -EPROTO; 909 } 910 911 if (icreq->pfv != NVME_TCP_PFV_1_0) { 912 pr_err("queue %d: bad pfv %d\n", queue->idx, icreq->pfv); 913 return -EPROTO; 914 } 915 916 if (icreq->hpda != 0) { 917 pr_err("queue %d: unsupported hpda %d\n", queue->idx, 918 icreq->hpda); 919 return -EPROTO; 920 } 921 922 queue->hdr_digest = !!(icreq->digest & NVME_TCP_HDR_DIGEST_ENABLE); 923 queue->data_digest = !!(icreq->digest & NVME_TCP_DATA_DIGEST_ENABLE); 924 if (queue->hdr_digest || queue->data_digest) { 925 ret = nvmet_tcp_alloc_crypto(queue); 926 if (ret) 927 return ret; 928 } 929 930 memset(icresp, 0, sizeof(*icresp)); 931 icresp->hdr.type = nvme_tcp_icresp; 932 icresp->hdr.hlen = sizeof(*icresp); 933 icresp->hdr.pdo = 0; 934 icresp->hdr.plen = cpu_to_le32(icresp->hdr.hlen); 935 icresp->pfv = cpu_to_le16(NVME_TCP_PFV_1_0); 936 icresp->maxdata = cpu_to_le32(NVMET_TCP_MAXH2CDATA); 937 icresp->cpda = 0; 938 if (queue->hdr_digest) 939 icresp->digest |= NVME_TCP_HDR_DIGEST_ENABLE; 940 if (queue->data_digest) 941 icresp->digest |= NVME_TCP_DATA_DIGEST_ENABLE; 942 943 iov.iov_base = icresp; 944 iov.iov_len = sizeof(*icresp); 945 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len); 946 if (ret < 0) { 947 queue->state = NVMET_TCP_Q_FAILED; 948 return ret; /* queue removal will cleanup */ 949 } 950 951 queue->state = NVMET_TCP_Q_LIVE; 952 nvmet_prepare_receive_pdu(queue); 953 return 0; 954 } 955 nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * cmd,struct nvmet_req * req)956 static void nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue *queue, 957 struct nvmet_tcp_cmd *cmd, struct nvmet_req *req) 958 { 959 size_t data_len = le32_to_cpu(req->cmd->common.dptr.sgl.length); 960 int ret; 961 962 /* 963 * This command has not been processed yet, hence we are trying to 964 * figure out if there is still pending data left to receive. If 965 * we don't, we can simply prepare for the next pdu and bail out, 966 * otherwise we will need to prepare a buffer and receive the 967 * stale data before continuing forward. 968 */ 969 if (!nvme_is_write(cmd->req.cmd) || !data_len || 970 data_len > cmd->req.port->inline_data_size) { 971 nvmet_prepare_receive_pdu(queue); 972 return; 973 } 974 975 ret = nvmet_tcp_map_data(cmd); 976 if (unlikely(ret)) { 977 pr_err("queue %d: failed to map data\n", queue->idx); 978 nvmet_tcp_fatal_error(queue); 979 return; 980 } 981 982 queue->rcv_state = NVMET_TCP_RECV_DATA; 983 nvmet_tcp_build_pdu_iovec(cmd); 984 cmd->flags |= NVMET_TCP_F_INIT_FAILED; 985 } 986 nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue * queue)987 static int nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue *queue) 988 { 989 struct nvme_tcp_data_pdu *data = &queue->pdu.data; 990 struct nvmet_tcp_cmd *cmd; 991 unsigned int exp_data_len; 992 993 if (likely(queue->nr_cmds)) { 994 if (unlikely(data->ttag >= queue->nr_cmds)) { 995 pr_err("queue %d: received out of bound ttag %u, nr_cmds %u\n", 996 queue->idx, data->ttag, queue->nr_cmds); 997 goto err_proto; 998 } 999 cmd = &queue->cmds[data->ttag]; 1000 } else { 1001 cmd = &queue->connect; 1002 } 1003 1004 if (le32_to_cpu(data->data_offset) != cmd->rbytes_done) { 1005 pr_err("ttag %u unexpected data offset %u (expected %u)\n", 1006 data->ttag, le32_to_cpu(data->data_offset), 1007 cmd->rbytes_done); 1008 goto err_proto; 1009 } 1010 1011 exp_data_len = le32_to_cpu(data->hdr.plen) - 1012 nvmet_tcp_hdgst_len(queue) - 1013 nvmet_tcp_ddgst_len(queue) - 1014 sizeof(*data); 1015 1016 cmd->pdu_len = le32_to_cpu(data->data_length); 1017 if (unlikely(cmd->pdu_len != exp_data_len || 1018 cmd->pdu_len == 0 || 1019 cmd->pdu_len > NVMET_TCP_MAXH2CDATA)) { 1020 pr_err("H2CData PDU len %u is invalid\n", cmd->pdu_len); 1021 goto err_proto; 1022 } 1023 cmd->pdu_recv = 0; 1024 nvmet_tcp_build_pdu_iovec(cmd); 1025 queue->cmd = cmd; 1026 queue->rcv_state = NVMET_TCP_RECV_DATA; 1027 1028 return 0; 1029 1030 err_proto: 1031 /* FIXME: use proper transport errors */ 1032 nvmet_tcp_fatal_error(queue); 1033 return -EPROTO; 1034 } 1035 nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue * queue)1036 static int nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue *queue) 1037 { 1038 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr; 1039 struct nvme_command *nvme_cmd = &queue->pdu.cmd.cmd; 1040 struct nvmet_req *req; 1041 int ret; 1042 1043 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) { 1044 if (hdr->type != nvme_tcp_icreq) { 1045 pr_err("unexpected pdu type (%d) before icreq\n", 1046 hdr->type); 1047 nvmet_tcp_fatal_error(queue); 1048 return -EPROTO; 1049 } 1050 return nvmet_tcp_handle_icreq(queue); 1051 } 1052 1053 if (unlikely(hdr->type == nvme_tcp_icreq)) { 1054 pr_err("queue %d: received icreq pdu in state %d\n", 1055 queue->idx, queue->state); 1056 nvmet_tcp_fatal_error(queue); 1057 return -EPROTO; 1058 } 1059 1060 if (hdr->type == nvme_tcp_h2c_data) { 1061 ret = nvmet_tcp_handle_h2c_data_pdu(queue); 1062 if (unlikely(ret)) 1063 return ret; 1064 return 0; 1065 } 1066 1067 queue->cmd = nvmet_tcp_get_cmd(queue); 1068 if (unlikely(!queue->cmd)) { 1069 /* This should never happen */ 1070 pr_err("queue %d: out of commands (%d) send_list_len: %d, opcode: %d", 1071 queue->idx, queue->nr_cmds, queue->send_list_len, 1072 nvme_cmd->common.opcode); 1073 nvmet_tcp_fatal_error(queue); 1074 return -ENOMEM; 1075 } 1076 1077 req = &queue->cmd->req; 1078 memcpy(req->cmd, nvme_cmd, sizeof(*nvme_cmd)); 1079 1080 if (unlikely(!nvmet_req_init(req, &queue->nvme_cq, 1081 &queue->nvme_sq, &nvmet_tcp_ops))) { 1082 pr_err("failed cmd %p id %d opcode %d, data_len: %d, status: %04x\n", 1083 req->cmd, req->cmd->common.command_id, 1084 req->cmd->common.opcode, 1085 le32_to_cpu(req->cmd->common.dptr.sgl.length), 1086 le16_to_cpu(req->cqe->status)); 1087 1088 nvmet_tcp_handle_req_failure(queue, queue->cmd, req); 1089 return 0; 1090 } 1091 1092 ret = nvmet_tcp_map_data(queue->cmd); 1093 if (unlikely(ret)) { 1094 pr_err("queue %d: failed to map data\n", queue->idx); 1095 if (nvmet_tcp_has_inline_data(queue->cmd)) 1096 nvmet_tcp_fatal_error(queue); 1097 else 1098 nvmet_req_complete(req, ret); 1099 ret = -EAGAIN; 1100 goto out; 1101 } 1102 1103 if (nvmet_tcp_need_data_in(queue->cmd)) { 1104 if (nvmet_tcp_has_inline_data(queue->cmd)) { 1105 queue->rcv_state = NVMET_TCP_RECV_DATA; 1106 nvmet_tcp_build_pdu_iovec(queue->cmd); 1107 return 0; 1108 } 1109 /* send back R2T */ 1110 nvmet_tcp_queue_response(&queue->cmd->req); 1111 goto out; 1112 } 1113 1114 queue->cmd->req.execute(&queue->cmd->req); 1115 out: 1116 nvmet_prepare_receive_pdu(queue); 1117 return ret; 1118 } 1119 1120 static const u8 nvme_tcp_pdu_sizes[] = { 1121 [nvme_tcp_icreq] = sizeof(struct nvme_tcp_icreq_pdu), 1122 [nvme_tcp_cmd] = sizeof(struct nvme_tcp_cmd_pdu), 1123 [nvme_tcp_h2c_data] = sizeof(struct nvme_tcp_data_pdu), 1124 }; 1125 nvmet_tcp_pdu_size(u8 type)1126 static inline u8 nvmet_tcp_pdu_size(u8 type) 1127 { 1128 size_t idx = type; 1129 1130 return (idx < ARRAY_SIZE(nvme_tcp_pdu_sizes) && 1131 nvme_tcp_pdu_sizes[idx]) ? 1132 nvme_tcp_pdu_sizes[idx] : 0; 1133 } 1134 nvmet_tcp_pdu_valid(u8 type)1135 static inline bool nvmet_tcp_pdu_valid(u8 type) 1136 { 1137 switch (type) { 1138 case nvme_tcp_icreq: 1139 case nvme_tcp_cmd: 1140 case nvme_tcp_h2c_data: 1141 /* fallthru */ 1142 return true; 1143 } 1144 1145 return false; 1146 } 1147 nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue * queue,struct msghdr * msg,char * cbuf)1148 static int nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue *queue, 1149 struct msghdr *msg, char *cbuf) 1150 { 1151 struct cmsghdr *cmsg = (struct cmsghdr *)cbuf; 1152 u8 ctype, level, description; 1153 int ret = 0; 1154 1155 ctype = tls_get_record_type(queue->sock->sk, cmsg); 1156 switch (ctype) { 1157 case 0: 1158 break; 1159 case TLS_RECORD_TYPE_DATA: 1160 break; 1161 case TLS_RECORD_TYPE_ALERT: 1162 tls_alert_recv(queue->sock->sk, msg, &level, &description); 1163 if (level == TLS_ALERT_LEVEL_FATAL) { 1164 pr_err("queue %d: TLS Alert desc %u\n", 1165 queue->idx, description); 1166 ret = -ENOTCONN; 1167 } else { 1168 pr_warn("queue %d: TLS Alert desc %u\n", 1169 queue->idx, description); 1170 ret = -EAGAIN; 1171 } 1172 break; 1173 default: 1174 /* discard this record type */ 1175 pr_err("queue %d: TLS record %d unhandled\n", 1176 queue->idx, ctype); 1177 ret = -EAGAIN; 1178 break; 1179 } 1180 return ret; 1181 } 1182 nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue * queue)1183 static int nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue *queue) 1184 { 1185 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr; 1186 int len, ret; 1187 struct kvec iov; 1188 char cbuf[CMSG_LEN(sizeof(char))] = {}; 1189 struct msghdr msg = { .msg_flags = MSG_DONTWAIT }; 1190 1191 recv: 1192 iov.iov_base = (void *)&queue->pdu + queue->offset; 1193 iov.iov_len = queue->left; 1194 if (queue->tls_pskid) { 1195 msg.msg_control = cbuf; 1196 msg.msg_controllen = sizeof(cbuf); 1197 } 1198 len = kernel_recvmsg(queue->sock, &msg, &iov, 1, 1199 iov.iov_len, msg.msg_flags); 1200 if (unlikely(len < 0)) 1201 return len; 1202 if (queue->tls_pskid) { 1203 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf); 1204 if (ret < 0) 1205 return ret; 1206 } 1207 1208 queue->offset += len; 1209 queue->left -= len; 1210 if (queue->left) 1211 return -EAGAIN; 1212 1213 if (queue->offset == sizeof(struct nvme_tcp_hdr)) { 1214 u8 hdgst = nvmet_tcp_hdgst_len(queue); 1215 1216 if (unlikely(!nvmet_tcp_pdu_valid(hdr->type))) { 1217 pr_err("unexpected pdu type %d\n", hdr->type); 1218 nvmet_tcp_fatal_error(queue); 1219 return -EIO; 1220 } 1221 1222 if (unlikely(hdr->hlen != nvmet_tcp_pdu_size(hdr->type))) { 1223 pr_err("pdu %d bad hlen %d\n", hdr->type, hdr->hlen); 1224 return -EIO; 1225 } 1226 1227 queue->left = hdr->hlen - queue->offset + hdgst; 1228 goto recv; 1229 } 1230 1231 if (queue->hdr_digest && 1232 nvmet_tcp_verify_hdgst(queue, &queue->pdu, hdr->hlen)) { 1233 nvmet_tcp_fatal_error(queue); /* fatal */ 1234 return -EPROTO; 1235 } 1236 1237 if (queue->data_digest && 1238 nvmet_tcp_check_ddgst(queue, &queue->pdu)) { 1239 nvmet_tcp_fatal_error(queue); /* fatal */ 1240 return -EPROTO; 1241 } 1242 1243 return nvmet_tcp_done_recv_pdu(queue); 1244 } 1245 nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd * cmd)1246 static void nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd *cmd) 1247 { 1248 struct nvmet_tcp_queue *queue = cmd->queue; 1249 1250 nvmet_tcp_calc_ddgst(queue->rcv_hash, cmd); 1251 queue->offset = 0; 1252 queue->left = NVME_TCP_DIGEST_LENGTH; 1253 queue->rcv_state = NVMET_TCP_RECV_DDGST; 1254 } 1255 nvmet_tcp_try_recv_data(struct nvmet_tcp_queue * queue)1256 static int nvmet_tcp_try_recv_data(struct nvmet_tcp_queue *queue) 1257 { 1258 struct nvmet_tcp_cmd *cmd = queue->cmd; 1259 int len, ret; 1260 1261 while (msg_data_left(&cmd->recv_msg)) { 1262 len = sock_recvmsg(cmd->queue->sock, &cmd->recv_msg, 1263 cmd->recv_msg.msg_flags); 1264 if (len <= 0) 1265 return len; 1266 if (queue->tls_pskid) { 1267 ret = nvmet_tcp_tls_record_ok(cmd->queue, 1268 &cmd->recv_msg, cmd->recv_cbuf); 1269 if (ret < 0) 1270 return ret; 1271 } 1272 1273 cmd->pdu_recv += len; 1274 cmd->rbytes_done += len; 1275 } 1276 1277 if (queue->data_digest) { 1278 nvmet_tcp_prep_recv_ddgst(cmd); 1279 return 0; 1280 } 1281 1282 if (cmd->rbytes_done == cmd->req.transfer_len) 1283 nvmet_tcp_execute_request(cmd); 1284 1285 nvmet_prepare_receive_pdu(queue); 1286 return 0; 1287 } 1288 nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue * queue)1289 static int nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue *queue) 1290 { 1291 struct nvmet_tcp_cmd *cmd = queue->cmd; 1292 int ret, len; 1293 char cbuf[CMSG_LEN(sizeof(char))] = {}; 1294 struct msghdr msg = { .msg_flags = MSG_DONTWAIT }; 1295 struct kvec iov = { 1296 .iov_base = (void *)&cmd->recv_ddgst + queue->offset, 1297 .iov_len = queue->left 1298 }; 1299 1300 if (queue->tls_pskid) { 1301 msg.msg_control = cbuf; 1302 msg.msg_controllen = sizeof(cbuf); 1303 } 1304 len = kernel_recvmsg(queue->sock, &msg, &iov, 1, 1305 iov.iov_len, msg.msg_flags); 1306 if (unlikely(len < 0)) 1307 return len; 1308 if (queue->tls_pskid) { 1309 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf); 1310 if (ret < 0) 1311 return ret; 1312 } 1313 1314 queue->offset += len; 1315 queue->left -= len; 1316 if (queue->left) 1317 return -EAGAIN; 1318 1319 if (queue->data_digest && cmd->exp_ddgst != cmd->recv_ddgst) { 1320 pr_err("queue %d: cmd %d pdu (%d) data digest error: recv %#x expected %#x\n", 1321 queue->idx, cmd->req.cmd->common.command_id, 1322 queue->pdu.cmd.hdr.type, le32_to_cpu(cmd->recv_ddgst), 1323 le32_to_cpu(cmd->exp_ddgst)); 1324 nvmet_req_uninit(&cmd->req); 1325 nvmet_tcp_free_cmd_buffers(cmd); 1326 nvmet_tcp_fatal_error(queue); 1327 ret = -EPROTO; 1328 goto out; 1329 } 1330 1331 if (cmd->rbytes_done == cmd->req.transfer_len) 1332 nvmet_tcp_execute_request(cmd); 1333 1334 ret = 0; 1335 out: 1336 nvmet_prepare_receive_pdu(queue); 1337 return ret; 1338 } 1339 nvmet_tcp_try_recv_one(struct nvmet_tcp_queue * queue)1340 static int nvmet_tcp_try_recv_one(struct nvmet_tcp_queue *queue) 1341 { 1342 int result = 0; 1343 1344 if (unlikely(queue->rcv_state == NVMET_TCP_RECV_ERR)) 1345 return 0; 1346 1347 if (queue->rcv_state == NVMET_TCP_RECV_PDU) { 1348 result = nvmet_tcp_try_recv_pdu(queue); 1349 if (result != 0) 1350 goto done_recv; 1351 } 1352 1353 if (queue->rcv_state == NVMET_TCP_RECV_DATA) { 1354 result = nvmet_tcp_try_recv_data(queue); 1355 if (result != 0) 1356 goto done_recv; 1357 } 1358 1359 if (queue->rcv_state == NVMET_TCP_RECV_DDGST) { 1360 result = nvmet_tcp_try_recv_ddgst(queue); 1361 if (result != 0) 1362 goto done_recv; 1363 } 1364 1365 done_recv: 1366 if (result < 0) { 1367 if (result == -EAGAIN) 1368 return 0; 1369 return result; 1370 } 1371 return 1; 1372 } 1373 nvmet_tcp_try_recv(struct nvmet_tcp_queue * queue,int budget,int * recvs)1374 static int nvmet_tcp_try_recv(struct nvmet_tcp_queue *queue, 1375 int budget, int *recvs) 1376 { 1377 int i, ret = 0; 1378 1379 for (i = 0; i < budget; i++) { 1380 ret = nvmet_tcp_try_recv_one(queue); 1381 if (unlikely(ret < 0)) { 1382 nvmet_tcp_socket_error(queue, ret); 1383 goto done; 1384 } else if (ret == 0) { 1385 break; 1386 } 1387 (*recvs)++; 1388 } 1389 done: 1390 return ret; 1391 } 1392 nvmet_tcp_release_queue(struct kref * kref)1393 static void nvmet_tcp_release_queue(struct kref *kref) 1394 { 1395 struct nvmet_tcp_queue *queue = 1396 container_of(kref, struct nvmet_tcp_queue, kref); 1397 1398 WARN_ON(queue->state != NVMET_TCP_Q_DISCONNECTING); 1399 queue_work(nvmet_wq, &queue->release_work); 1400 } 1401 nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue * queue)1402 static void nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue *queue) 1403 { 1404 spin_lock_bh(&queue->state_lock); 1405 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) { 1406 /* Socket closed during handshake */ 1407 tls_handshake_cancel(queue->sock->sk); 1408 } 1409 if (queue->state != NVMET_TCP_Q_DISCONNECTING) { 1410 queue->state = NVMET_TCP_Q_DISCONNECTING; 1411 kref_put(&queue->kref, nvmet_tcp_release_queue); 1412 } 1413 spin_unlock_bh(&queue->state_lock); 1414 } 1415 nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue * queue)1416 static inline void nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue *queue) 1417 { 1418 queue->poll_end = jiffies + usecs_to_jiffies(idle_poll_period_usecs); 1419 } 1420 nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue * queue,int ops)1421 static bool nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue *queue, 1422 int ops) 1423 { 1424 if (!idle_poll_period_usecs) 1425 return false; 1426 1427 if (ops) 1428 nvmet_tcp_arm_queue_deadline(queue); 1429 1430 return !time_after(jiffies, queue->poll_end); 1431 } 1432 nvmet_tcp_io_work(struct work_struct * w)1433 static void nvmet_tcp_io_work(struct work_struct *w) 1434 { 1435 struct nvmet_tcp_queue *queue = 1436 container_of(w, struct nvmet_tcp_queue, io_work); 1437 bool pending; 1438 int ret, ops = 0; 1439 1440 do { 1441 pending = false; 1442 1443 ret = nvmet_tcp_try_recv(queue, NVMET_TCP_RECV_BUDGET, &ops); 1444 if (ret > 0) 1445 pending = true; 1446 else if (ret < 0) 1447 return; 1448 1449 ret = nvmet_tcp_try_send(queue, NVMET_TCP_SEND_BUDGET, &ops); 1450 if (ret > 0) 1451 pending = true; 1452 else if (ret < 0) 1453 return; 1454 1455 } while (pending && ops < NVMET_TCP_IO_WORK_BUDGET); 1456 1457 /* 1458 * Requeue the worker if idle deadline period is in progress or any 1459 * ops activity was recorded during the do-while loop above. 1460 */ 1461 if (nvmet_tcp_check_queue_deadline(queue, ops) || pending) 1462 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work); 1463 } 1464 nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * c)1465 static int nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue *queue, 1466 struct nvmet_tcp_cmd *c) 1467 { 1468 u8 hdgst = nvmet_tcp_hdgst_len(queue); 1469 1470 c->queue = queue; 1471 c->req.port = queue->port->nport; 1472 1473 c->cmd_pdu = page_frag_alloc(&queue->pf_cache, 1474 sizeof(*c->cmd_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1475 if (!c->cmd_pdu) 1476 return -ENOMEM; 1477 c->req.cmd = &c->cmd_pdu->cmd; 1478 1479 c->rsp_pdu = page_frag_alloc(&queue->pf_cache, 1480 sizeof(*c->rsp_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1481 if (!c->rsp_pdu) 1482 goto out_free_cmd; 1483 c->req.cqe = &c->rsp_pdu->cqe; 1484 1485 c->data_pdu = page_frag_alloc(&queue->pf_cache, 1486 sizeof(*c->data_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1487 if (!c->data_pdu) 1488 goto out_free_rsp; 1489 1490 c->r2t_pdu = page_frag_alloc(&queue->pf_cache, 1491 sizeof(*c->r2t_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1492 if (!c->r2t_pdu) 1493 goto out_free_data; 1494 1495 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) { 1496 c->recv_msg.msg_control = c->recv_cbuf; 1497 c->recv_msg.msg_controllen = sizeof(c->recv_cbuf); 1498 } 1499 c->recv_msg.msg_flags = MSG_DONTWAIT | MSG_NOSIGNAL; 1500 1501 list_add_tail(&c->entry, &queue->free_list); 1502 1503 return 0; 1504 out_free_data: 1505 page_frag_free(c->data_pdu); 1506 out_free_rsp: 1507 page_frag_free(c->rsp_pdu); 1508 out_free_cmd: 1509 page_frag_free(c->cmd_pdu); 1510 return -ENOMEM; 1511 } 1512 nvmet_tcp_free_cmd(struct nvmet_tcp_cmd * c)1513 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c) 1514 { 1515 page_frag_free(c->r2t_pdu); 1516 page_frag_free(c->data_pdu); 1517 page_frag_free(c->rsp_pdu); 1518 page_frag_free(c->cmd_pdu); 1519 } 1520 nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue * queue)1521 static int nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue *queue) 1522 { 1523 struct nvmet_tcp_cmd *cmds; 1524 int i, ret = -EINVAL, nr_cmds = queue->nr_cmds; 1525 1526 cmds = kcalloc(nr_cmds, sizeof(struct nvmet_tcp_cmd), GFP_KERNEL); 1527 if (!cmds) 1528 goto out; 1529 1530 for (i = 0; i < nr_cmds; i++) { 1531 ret = nvmet_tcp_alloc_cmd(queue, cmds + i); 1532 if (ret) 1533 goto out_free; 1534 } 1535 1536 queue->cmds = cmds; 1537 1538 return 0; 1539 out_free: 1540 while (--i >= 0) 1541 nvmet_tcp_free_cmd(cmds + i); 1542 kfree(cmds); 1543 out: 1544 return ret; 1545 } 1546 nvmet_tcp_free_cmds(struct nvmet_tcp_queue * queue)1547 static void nvmet_tcp_free_cmds(struct nvmet_tcp_queue *queue) 1548 { 1549 struct nvmet_tcp_cmd *cmds = queue->cmds; 1550 int i; 1551 1552 for (i = 0; i < queue->nr_cmds; i++) 1553 nvmet_tcp_free_cmd(cmds + i); 1554 1555 nvmet_tcp_free_cmd(&queue->connect); 1556 kfree(cmds); 1557 } 1558 nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue * queue)1559 static void nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue *queue) 1560 { 1561 struct socket *sock = queue->sock; 1562 1563 write_lock_bh(&sock->sk->sk_callback_lock); 1564 sock->sk->sk_data_ready = queue->data_ready; 1565 sock->sk->sk_state_change = queue->state_change; 1566 sock->sk->sk_write_space = queue->write_space; 1567 sock->sk->sk_user_data = NULL; 1568 write_unlock_bh(&sock->sk->sk_callback_lock); 1569 } 1570 nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue * queue)1571 static void nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue *queue) 1572 { 1573 struct nvmet_tcp_cmd *cmd = queue->cmds; 1574 int i; 1575 1576 for (i = 0; i < queue->nr_cmds; i++, cmd++) { 1577 if (nvmet_tcp_need_data_in(cmd)) 1578 nvmet_req_uninit(&cmd->req); 1579 } 1580 1581 if (!queue->nr_cmds && nvmet_tcp_need_data_in(&queue->connect)) { 1582 /* failed in connect */ 1583 nvmet_req_uninit(&queue->connect.req); 1584 } 1585 } 1586 nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue * queue)1587 static void nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue *queue) 1588 { 1589 struct nvmet_tcp_cmd *cmd = queue->cmds; 1590 int i; 1591 1592 for (i = 0; i < queue->nr_cmds; i++, cmd++) 1593 nvmet_tcp_free_cmd_buffers(cmd); 1594 nvmet_tcp_free_cmd_buffers(&queue->connect); 1595 } 1596 nvmet_tcp_release_queue_work(struct work_struct * w)1597 static void nvmet_tcp_release_queue_work(struct work_struct *w) 1598 { 1599 struct nvmet_tcp_queue *queue = 1600 container_of(w, struct nvmet_tcp_queue, release_work); 1601 1602 mutex_lock(&nvmet_tcp_queue_mutex); 1603 list_del_init(&queue->queue_list); 1604 mutex_unlock(&nvmet_tcp_queue_mutex); 1605 1606 nvmet_tcp_restore_socket_callbacks(queue); 1607 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work); 1608 cancel_work_sync(&queue->io_work); 1609 /* stop accepting incoming data */ 1610 queue->rcv_state = NVMET_TCP_RECV_ERR; 1611 1612 nvmet_sq_put_tls_key(&queue->nvme_sq); 1613 nvmet_tcp_uninit_data_in_cmds(queue); 1614 nvmet_sq_destroy(&queue->nvme_sq); 1615 cancel_work_sync(&queue->io_work); 1616 nvmet_tcp_free_cmd_data_in_buffers(queue); 1617 /* ->sock will be released by fput() */ 1618 fput(queue->sock->file); 1619 nvmet_tcp_free_cmds(queue); 1620 if (queue->hdr_digest || queue->data_digest) 1621 nvmet_tcp_free_crypto(queue); 1622 ida_free(&nvmet_tcp_queue_ida, queue->idx); 1623 page_frag_cache_drain(&queue->pf_cache); 1624 kfree(queue); 1625 } 1626 nvmet_tcp_data_ready(struct sock * sk)1627 static void nvmet_tcp_data_ready(struct sock *sk) 1628 { 1629 struct nvmet_tcp_queue *queue; 1630 1631 trace_sk_data_ready(sk); 1632 1633 read_lock_bh(&sk->sk_callback_lock); 1634 queue = sk->sk_user_data; 1635 if (likely(queue)) { 1636 if (queue->data_ready) 1637 queue->data_ready(sk); 1638 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE) 1639 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, 1640 &queue->io_work); 1641 } 1642 read_unlock_bh(&sk->sk_callback_lock); 1643 } 1644 nvmet_tcp_write_space(struct sock * sk)1645 static void nvmet_tcp_write_space(struct sock *sk) 1646 { 1647 struct nvmet_tcp_queue *queue; 1648 1649 read_lock_bh(&sk->sk_callback_lock); 1650 queue = sk->sk_user_data; 1651 if (unlikely(!queue)) 1652 goto out; 1653 1654 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) { 1655 queue->write_space(sk); 1656 goto out; 1657 } 1658 1659 if (sk_stream_is_writeable(sk)) { 1660 clear_bit(SOCK_NOSPACE, &sk->sk_socket->flags); 1661 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work); 1662 } 1663 out: 1664 read_unlock_bh(&sk->sk_callback_lock); 1665 } 1666 nvmet_tcp_state_change(struct sock * sk)1667 static void nvmet_tcp_state_change(struct sock *sk) 1668 { 1669 struct nvmet_tcp_queue *queue; 1670 1671 read_lock_bh(&sk->sk_callback_lock); 1672 queue = sk->sk_user_data; 1673 if (!queue) 1674 goto done; 1675 1676 switch (sk->sk_state) { 1677 case TCP_FIN_WAIT2: 1678 case TCP_LAST_ACK: 1679 break; 1680 case TCP_FIN_WAIT1: 1681 case TCP_CLOSE_WAIT: 1682 case TCP_CLOSE: 1683 /* FALLTHRU */ 1684 nvmet_tcp_schedule_release_queue(queue); 1685 break; 1686 default: 1687 pr_warn("queue %d unhandled state %d\n", 1688 queue->idx, sk->sk_state); 1689 } 1690 done: 1691 read_unlock_bh(&sk->sk_callback_lock); 1692 } 1693 nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue * queue)1694 static int nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue *queue) 1695 { 1696 struct socket *sock = queue->sock; 1697 struct inet_sock *inet = inet_sk(sock->sk); 1698 int ret; 1699 1700 ret = kernel_getsockname(sock, 1701 (struct sockaddr *)&queue->sockaddr); 1702 if (ret < 0) 1703 return ret; 1704 1705 ret = kernel_getpeername(sock, 1706 (struct sockaddr *)&queue->sockaddr_peer); 1707 if (ret < 0) 1708 return ret; 1709 1710 /* 1711 * Cleanup whatever is sitting in the TCP transmit queue on socket 1712 * close. This is done to prevent stale data from being sent should 1713 * the network connection be restored before TCP times out. 1714 */ 1715 sock_no_linger(sock->sk); 1716 1717 if (so_priority > 0) 1718 sock_set_priority(sock->sk, so_priority); 1719 1720 /* Set socket type of service */ 1721 if (inet->rcv_tos > 0) 1722 ip_sock_set_tos(sock->sk, inet->rcv_tos); 1723 1724 ret = 0; 1725 write_lock_bh(&sock->sk->sk_callback_lock); 1726 if (sock->sk->sk_state != TCP_ESTABLISHED) { 1727 /* 1728 * If the socket is already closing, don't even start 1729 * consuming it 1730 */ 1731 ret = -ENOTCONN; 1732 } else { 1733 sock->sk->sk_user_data = queue; 1734 queue->data_ready = sock->sk->sk_data_ready; 1735 sock->sk->sk_data_ready = nvmet_tcp_data_ready; 1736 queue->state_change = sock->sk->sk_state_change; 1737 sock->sk->sk_state_change = nvmet_tcp_state_change; 1738 queue->write_space = sock->sk->sk_write_space; 1739 sock->sk->sk_write_space = nvmet_tcp_write_space; 1740 if (idle_poll_period_usecs) 1741 nvmet_tcp_arm_queue_deadline(queue); 1742 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work); 1743 } 1744 write_unlock_bh(&sock->sk->sk_callback_lock); 1745 1746 return ret; 1747 } 1748 1749 #ifdef CONFIG_NVME_TARGET_TCP_TLS nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue * queue)1750 static int nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue *queue) 1751 { 1752 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr; 1753 int len, ret; 1754 struct kvec iov = { 1755 .iov_base = (u8 *)&queue->pdu + queue->offset, 1756 .iov_len = sizeof(struct nvme_tcp_hdr), 1757 }; 1758 char cbuf[CMSG_LEN(sizeof(char))] = {}; 1759 struct msghdr msg = { 1760 .msg_control = cbuf, 1761 .msg_controllen = sizeof(cbuf), 1762 .msg_flags = MSG_PEEK, 1763 }; 1764 1765 if (nvmet_port_secure_channel_required(queue->port->nport)) 1766 return 0; 1767 1768 len = kernel_recvmsg(queue->sock, &msg, &iov, 1, 1769 iov.iov_len, msg.msg_flags); 1770 if (unlikely(len < 0)) { 1771 pr_debug("queue %d: peek error %d\n", 1772 queue->idx, len); 1773 return len; 1774 } 1775 1776 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf); 1777 if (ret < 0) 1778 return ret; 1779 1780 if (len < sizeof(struct nvme_tcp_hdr)) { 1781 pr_debug("queue %d: short read, %d bytes missing\n", 1782 queue->idx, (int)iov.iov_len - len); 1783 return -EAGAIN; 1784 } 1785 pr_debug("queue %d: hdr type %d hlen %d plen %d size %d\n", 1786 queue->idx, hdr->type, hdr->hlen, hdr->plen, 1787 (int)sizeof(struct nvme_tcp_icreq_pdu)); 1788 if (hdr->type == nvme_tcp_icreq && 1789 hdr->hlen == sizeof(struct nvme_tcp_icreq_pdu) && 1790 hdr->plen == cpu_to_le32(sizeof(struct nvme_tcp_icreq_pdu))) { 1791 pr_debug("queue %d: icreq detected\n", 1792 queue->idx); 1793 return len; 1794 } 1795 return 0; 1796 } 1797 nvmet_tcp_tls_key_lookup(struct nvmet_tcp_queue * queue,key_serial_t peerid)1798 static int nvmet_tcp_tls_key_lookup(struct nvmet_tcp_queue *queue, 1799 key_serial_t peerid) 1800 { 1801 struct key *tls_key = nvme_tls_key_lookup(peerid); 1802 int status = 0; 1803 1804 if (IS_ERR(tls_key)) { 1805 pr_warn("%s: queue %d failed to lookup key %x\n", 1806 __func__, queue->idx, peerid); 1807 spin_lock_bh(&queue->state_lock); 1808 queue->state = NVMET_TCP_Q_FAILED; 1809 spin_unlock_bh(&queue->state_lock); 1810 status = PTR_ERR(tls_key); 1811 } else { 1812 pr_debug("%s: queue %d using TLS PSK %x\n", 1813 __func__, queue->idx, peerid); 1814 queue->nvme_sq.tls_key = tls_key; 1815 } 1816 return status; 1817 } 1818 nvmet_tcp_tls_handshake_done(void * data,int status,key_serial_t peerid)1819 static void nvmet_tcp_tls_handshake_done(void *data, int status, 1820 key_serial_t peerid) 1821 { 1822 struct nvmet_tcp_queue *queue = data; 1823 1824 pr_debug("queue %d: TLS handshake done, key %x, status %d\n", 1825 queue->idx, peerid, status); 1826 spin_lock_bh(&queue->state_lock); 1827 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) { 1828 spin_unlock_bh(&queue->state_lock); 1829 return; 1830 } 1831 if (!status) { 1832 queue->tls_pskid = peerid; 1833 queue->state = NVMET_TCP_Q_CONNECTING; 1834 } else 1835 queue->state = NVMET_TCP_Q_FAILED; 1836 spin_unlock_bh(&queue->state_lock); 1837 1838 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work); 1839 1840 if (!status) 1841 status = nvmet_tcp_tls_key_lookup(queue, peerid); 1842 1843 if (status) 1844 nvmet_tcp_schedule_release_queue(queue); 1845 else 1846 nvmet_tcp_set_queue_sock(queue); 1847 kref_put(&queue->kref, nvmet_tcp_release_queue); 1848 } 1849 nvmet_tcp_tls_handshake_timeout(struct work_struct * w)1850 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w) 1851 { 1852 struct nvmet_tcp_queue *queue = container_of(to_delayed_work(w), 1853 struct nvmet_tcp_queue, tls_handshake_tmo_work); 1854 1855 pr_warn("queue %d: TLS handshake timeout\n", queue->idx); 1856 /* 1857 * If tls_handshake_cancel() fails we've lost the race with 1858 * nvmet_tcp_tls_handshake_done() */ 1859 if (!tls_handshake_cancel(queue->sock->sk)) 1860 return; 1861 spin_lock_bh(&queue->state_lock); 1862 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) { 1863 spin_unlock_bh(&queue->state_lock); 1864 return; 1865 } 1866 queue->state = NVMET_TCP_Q_FAILED; 1867 spin_unlock_bh(&queue->state_lock); 1868 nvmet_tcp_schedule_release_queue(queue); 1869 kref_put(&queue->kref, nvmet_tcp_release_queue); 1870 } 1871 nvmet_tcp_tls_handshake(struct nvmet_tcp_queue * queue)1872 static int nvmet_tcp_tls_handshake(struct nvmet_tcp_queue *queue) 1873 { 1874 int ret = -EOPNOTSUPP; 1875 struct tls_handshake_args args; 1876 1877 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE) { 1878 pr_warn("cannot start TLS in state %d\n", queue->state); 1879 return -EINVAL; 1880 } 1881 1882 kref_get(&queue->kref); 1883 pr_debug("queue %d: TLS ServerHello\n", queue->idx); 1884 memset(&args, 0, sizeof(args)); 1885 args.ta_sock = queue->sock; 1886 args.ta_done = nvmet_tcp_tls_handshake_done; 1887 args.ta_data = queue; 1888 args.ta_keyring = key_serial(queue->port->nport->keyring); 1889 args.ta_timeout_ms = tls_handshake_timeout * 1000; 1890 1891 ret = tls_server_hello_psk(&args, GFP_KERNEL); 1892 if (ret) { 1893 kref_put(&queue->kref, nvmet_tcp_release_queue); 1894 pr_err("failed to start TLS, err=%d\n", ret); 1895 } else { 1896 queue_delayed_work(nvmet_wq, &queue->tls_handshake_tmo_work, 1897 tls_handshake_timeout * HZ); 1898 } 1899 return ret; 1900 } 1901 #else nvmet_tcp_tls_handshake_timeout(struct work_struct * w)1902 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w) {} 1903 #endif 1904 nvmet_tcp_alloc_queue(struct nvmet_tcp_port * port,struct socket * newsock)1905 static void nvmet_tcp_alloc_queue(struct nvmet_tcp_port *port, 1906 struct socket *newsock) 1907 { 1908 struct nvmet_tcp_queue *queue; 1909 struct file *sock_file = NULL; 1910 int ret; 1911 1912 queue = kzalloc(sizeof(*queue), GFP_KERNEL); 1913 if (!queue) { 1914 ret = -ENOMEM; 1915 goto out_release; 1916 } 1917 1918 INIT_WORK(&queue->release_work, nvmet_tcp_release_queue_work); 1919 INIT_WORK(&queue->io_work, nvmet_tcp_io_work); 1920 kref_init(&queue->kref); 1921 queue->sock = newsock; 1922 queue->port = port; 1923 queue->nr_cmds = 0; 1924 spin_lock_init(&queue->state_lock); 1925 if (queue->port->nport->disc_addr.tsas.tcp.sectype == 1926 NVMF_TCP_SECTYPE_TLS13) 1927 queue->state = NVMET_TCP_Q_TLS_HANDSHAKE; 1928 else 1929 queue->state = NVMET_TCP_Q_CONNECTING; 1930 INIT_LIST_HEAD(&queue->free_list); 1931 init_llist_head(&queue->resp_list); 1932 INIT_LIST_HEAD(&queue->resp_send_list); 1933 1934 sock_file = sock_alloc_file(queue->sock, O_CLOEXEC, NULL); 1935 if (IS_ERR(sock_file)) { 1936 ret = PTR_ERR(sock_file); 1937 goto out_free_queue; 1938 } 1939 1940 queue->idx = ida_alloc(&nvmet_tcp_queue_ida, GFP_KERNEL); 1941 if (queue->idx < 0) { 1942 ret = queue->idx; 1943 goto out_sock; 1944 } 1945 1946 ret = nvmet_tcp_alloc_cmd(queue, &queue->connect); 1947 if (ret) 1948 goto out_ida_remove; 1949 1950 ret = nvmet_sq_init(&queue->nvme_sq); 1951 if (ret) 1952 goto out_free_connect; 1953 1954 nvmet_prepare_receive_pdu(queue); 1955 1956 mutex_lock(&nvmet_tcp_queue_mutex); 1957 list_add_tail(&queue->queue_list, &nvmet_tcp_queue_list); 1958 mutex_unlock(&nvmet_tcp_queue_mutex); 1959 1960 INIT_DELAYED_WORK(&queue->tls_handshake_tmo_work, 1961 nvmet_tcp_tls_handshake_timeout); 1962 #ifdef CONFIG_NVME_TARGET_TCP_TLS 1963 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) { 1964 struct sock *sk = queue->sock->sk; 1965 1966 /* Restore the default callbacks before starting upcall */ 1967 read_lock_bh(&sk->sk_callback_lock); 1968 sk->sk_user_data = NULL; 1969 sk->sk_data_ready = port->data_ready; 1970 read_unlock_bh(&sk->sk_callback_lock); 1971 if (!nvmet_tcp_try_peek_pdu(queue)) { 1972 if (!nvmet_tcp_tls_handshake(queue)) 1973 return; 1974 /* TLS handshake failed, terminate the connection */ 1975 goto out_destroy_sq; 1976 } 1977 /* Not a TLS connection, continue with normal processing */ 1978 queue->state = NVMET_TCP_Q_CONNECTING; 1979 } 1980 #endif 1981 1982 ret = nvmet_tcp_set_queue_sock(queue); 1983 if (ret) 1984 goto out_destroy_sq; 1985 1986 return; 1987 out_destroy_sq: 1988 mutex_lock(&nvmet_tcp_queue_mutex); 1989 list_del_init(&queue->queue_list); 1990 mutex_unlock(&nvmet_tcp_queue_mutex); 1991 nvmet_sq_destroy(&queue->nvme_sq); 1992 out_free_connect: 1993 nvmet_tcp_free_cmd(&queue->connect); 1994 out_ida_remove: 1995 ida_free(&nvmet_tcp_queue_ida, queue->idx); 1996 out_sock: 1997 fput(queue->sock->file); 1998 out_free_queue: 1999 kfree(queue); 2000 out_release: 2001 pr_err("failed to allocate queue, error %d\n", ret); 2002 if (!sock_file) 2003 sock_release(newsock); 2004 } 2005 nvmet_tcp_accept_work(struct work_struct * w)2006 static void nvmet_tcp_accept_work(struct work_struct *w) 2007 { 2008 struct nvmet_tcp_port *port = 2009 container_of(w, struct nvmet_tcp_port, accept_work); 2010 struct socket *newsock; 2011 int ret; 2012 2013 while (true) { 2014 ret = kernel_accept(port->sock, &newsock, O_NONBLOCK); 2015 if (ret < 0) { 2016 if (ret != -EAGAIN) 2017 pr_warn("failed to accept err=%d\n", ret); 2018 return; 2019 } 2020 nvmet_tcp_alloc_queue(port, newsock); 2021 } 2022 } 2023 nvmet_tcp_listen_data_ready(struct sock * sk)2024 static void nvmet_tcp_listen_data_ready(struct sock *sk) 2025 { 2026 struct nvmet_tcp_port *port; 2027 2028 trace_sk_data_ready(sk); 2029 2030 read_lock_bh(&sk->sk_callback_lock); 2031 port = sk->sk_user_data; 2032 if (!port) 2033 goto out; 2034 2035 if (sk->sk_state == TCP_LISTEN) 2036 queue_work(nvmet_wq, &port->accept_work); 2037 out: 2038 read_unlock_bh(&sk->sk_callback_lock); 2039 } 2040 nvmet_tcp_add_port(struct nvmet_port * nport)2041 static int nvmet_tcp_add_port(struct nvmet_port *nport) 2042 { 2043 struct nvmet_tcp_port *port; 2044 __kernel_sa_family_t af; 2045 int ret; 2046 2047 port = kzalloc(sizeof(*port), GFP_KERNEL); 2048 if (!port) 2049 return -ENOMEM; 2050 2051 switch (nport->disc_addr.adrfam) { 2052 case NVMF_ADDR_FAMILY_IP4: 2053 af = AF_INET; 2054 break; 2055 case NVMF_ADDR_FAMILY_IP6: 2056 af = AF_INET6; 2057 break; 2058 default: 2059 pr_err("address family %d not supported\n", 2060 nport->disc_addr.adrfam); 2061 ret = -EINVAL; 2062 goto err_port; 2063 } 2064 2065 ret = inet_pton_with_scope(&init_net, af, nport->disc_addr.traddr, 2066 nport->disc_addr.trsvcid, &port->addr); 2067 if (ret) { 2068 pr_err("malformed ip/port passed: %s:%s\n", 2069 nport->disc_addr.traddr, nport->disc_addr.trsvcid); 2070 goto err_port; 2071 } 2072 2073 port->nport = nport; 2074 INIT_WORK(&port->accept_work, nvmet_tcp_accept_work); 2075 if (port->nport->inline_data_size < 0) 2076 port->nport->inline_data_size = NVMET_TCP_DEF_INLINE_DATA_SIZE; 2077 2078 ret = sock_create(port->addr.ss_family, SOCK_STREAM, 2079 IPPROTO_TCP, &port->sock); 2080 if (ret) { 2081 pr_err("failed to create a socket\n"); 2082 goto err_port; 2083 } 2084 2085 port->sock->sk->sk_user_data = port; 2086 port->data_ready = port->sock->sk->sk_data_ready; 2087 port->sock->sk->sk_data_ready = nvmet_tcp_listen_data_ready; 2088 sock_set_reuseaddr(port->sock->sk); 2089 tcp_sock_set_nodelay(port->sock->sk); 2090 if (so_priority > 0) 2091 sock_set_priority(port->sock->sk, so_priority); 2092 2093 ret = kernel_bind(port->sock, (struct sockaddr *)&port->addr, 2094 sizeof(port->addr)); 2095 if (ret) { 2096 pr_err("failed to bind port socket %d\n", ret); 2097 goto err_sock; 2098 } 2099 2100 ret = kernel_listen(port->sock, NVMET_TCP_BACKLOG); 2101 if (ret) { 2102 pr_err("failed to listen %d on port sock\n", ret); 2103 goto err_sock; 2104 } 2105 2106 nport->priv = port; 2107 pr_info("enabling port %d (%pISpc)\n", 2108 le16_to_cpu(nport->disc_addr.portid), &port->addr); 2109 2110 return 0; 2111 2112 err_sock: 2113 sock_release(port->sock); 2114 err_port: 2115 kfree(port); 2116 return ret; 2117 } 2118 nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port * port)2119 static void nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port *port) 2120 { 2121 struct nvmet_tcp_queue *queue; 2122 2123 mutex_lock(&nvmet_tcp_queue_mutex); 2124 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list) 2125 if (queue->port == port) 2126 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 2127 mutex_unlock(&nvmet_tcp_queue_mutex); 2128 } 2129 nvmet_tcp_remove_port(struct nvmet_port * nport)2130 static void nvmet_tcp_remove_port(struct nvmet_port *nport) 2131 { 2132 struct nvmet_tcp_port *port = nport->priv; 2133 2134 write_lock_bh(&port->sock->sk->sk_callback_lock); 2135 port->sock->sk->sk_data_ready = port->data_ready; 2136 port->sock->sk->sk_user_data = NULL; 2137 write_unlock_bh(&port->sock->sk->sk_callback_lock); 2138 cancel_work_sync(&port->accept_work); 2139 /* 2140 * Destroy the remaining queues, which are not belong to any 2141 * controller yet. 2142 */ 2143 nvmet_tcp_destroy_port_queues(port); 2144 2145 sock_release(port->sock); 2146 kfree(port); 2147 } 2148 nvmet_tcp_delete_ctrl(struct nvmet_ctrl * ctrl)2149 static void nvmet_tcp_delete_ctrl(struct nvmet_ctrl *ctrl) 2150 { 2151 struct nvmet_tcp_queue *queue; 2152 2153 mutex_lock(&nvmet_tcp_queue_mutex); 2154 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list) 2155 if (queue->nvme_sq.ctrl == ctrl) 2156 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 2157 mutex_unlock(&nvmet_tcp_queue_mutex); 2158 } 2159 nvmet_tcp_install_queue(struct nvmet_sq * sq)2160 static u16 nvmet_tcp_install_queue(struct nvmet_sq *sq) 2161 { 2162 struct nvmet_tcp_queue *queue = 2163 container_of(sq, struct nvmet_tcp_queue, nvme_sq); 2164 2165 if (sq->qid == 0) { 2166 struct nvmet_tcp_queue *q; 2167 int pending = 0; 2168 2169 /* Check for pending controller teardown */ 2170 mutex_lock(&nvmet_tcp_queue_mutex); 2171 list_for_each_entry(q, &nvmet_tcp_queue_list, queue_list) { 2172 if (q->nvme_sq.ctrl == sq->ctrl && 2173 q->state == NVMET_TCP_Q_DISCONNECTING) 2174 pending++; 2175 } 2176 mutex_unlock(&nvmet_tcp_queue_mutex); 2177 if (pending > NVMET_TCP_BACKLOG) 2178 return NVME_SC_CONNECT_CTRL_BUSY; 2179 } 2180 2181 queue->nr_cmds = sq->size * 2; 2182 if (nvmet_tcp_alloc_cmds(queue)) { 2183 queue->nr_cmds = 0; 2184 return NVME_SC_INTERNAL; 2185 } 2186 return 0; 2187 } 2188 nvmet_tcp_disc_port_addr(struct nvmet_req * req,struct nvmet_port * nport,char * traddr)2189 static void nvmet_tcp_disc_port_addr(struct nvmet_req *req, 2190 struct nvmet_port *nport, char *traddr) 2191 { 2192 struct nvmet_tcp_port *port = nport->priv; 2193 2194 if (inet_addr_is_any((struct sockaddr *)&port->addr)) { 2195 struct nvmet_tcp_cmd *cmd = 2196 container_of(req, struct nvmet_tcp_cmd, req); 2197 struct nvmet_tcp_queue *queue = cmd->queue; 2198 2199 sprintf(traddr, "%pISc", (struct sockaddr *)&queue->sockaddr); 2200 } else { 2201 memcpy(traddr, nport->disc_addr.traddr, NVMF_TRADDR_SIZE); 2202 } 2203 } 2204 nvmet_tcp_host_port_addr(struct nvmet_ctrl * ctrl,char * traddr,size_t traddr_len)2205 static ssize_t nvmet_tcp_host_port_addr(struct nvmet_ctrl *ctrl, 2206 char *traddr, size_t traddr_len) 2207 { 2208 struct nvmet_sq *sq = ctrl->sqs[0]; 2209 struct nvmet_tcp_queue *queue = 2210 container_of(sq, struct nvmet_tcp_queue, nvme_sq); 2211 2212 if (queue->sockaddr_peer.ss_family == AF_UNSPEC) 2213 return -EINVAL; 2214 return snprintf(traddr, traddr_len, "%pISc", 2215 (struct sockaddr *)&queue->sockaddr_peer); 2216 } 2217 2218 static const struct nvmet_fabrics_ops nvmet_tcp_ops = { 2219 .owner = THIS_MODULE, 2220 .type = NVMF_TRTYPE_TCP, 2221 .msdbd = 1, 2222 .add_port = nvmet_tcp_add_port, 2223 .remove_port = nvmet_tcp_remove_port, 2224 .queue_response = nvmet_tcp_queue_response, 2225 .delete_ctrl = nvmet_tcp_delete_ctrl, 2226 .install_queue = nvmet_tcp_install_queue, 2227 .disc_traddr = nvmet_tcp_disc_port_addr, 2228 .host_traddr = nvmet_tcp_host_port_addr, 2229 }; 2230 nvmet_tcp_init(void)2231 static int __init nvmet_tcp_init(void) 2232 { 2233 int ret; 2234 2235 nvmet_tcp_wq = alloc_workqueue("nvmet_tcp_wq", 2236 WQ_MEM_RECLAIM | WQ_HIGHPRI, 0); 2237 if (!nvmet_tcp_wq) 2238 return -ENOMEM; 2239 2240 ret = nvmet_register_transport(&nvmet_tcp_ops); 2241 if (ret) 2242 goto err; 2243 2244 return 0; 2245 err: 2246 destroy_workqueue(nvmet_tcp_wq); 2247 return ret; 2248 } 2249 nvmet_tcp_exit(void)2250 static void __exit nvmet_tcp_exit(void) 2251 { 2252 struct nvmet_tcp_queue *queue; 2253 2254 nvmet_unregister_transport(&nvmet_tcp_ops); 2255 2256 flush_workqueue(nvmet_wq); 2257 mutex_lock(&nvmet_tcp_queue_mutex); 2258 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list) 2259 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 2260 mutex_unlock(&nvmet_tcp_queue_mutex); 2261 flush_workqueue(nvmet_wq); 2262 2263 destroy_workqueue(nvmet_tcp_wq); 2264 ida_destroy(&nvmet_tcp_queue_ida); 2265 } 2266 2267 module_init(nvmet_tcp_init); 2268 module_exit(nvmet_tcp_exit); 2269 2270 MODULE_DESCRIPTION("NVMe target TCP transport driver"); 2271 MODULE_LICENSE("GPL v2"); 2272 MODULE_ALIAS("nvmet-transport-3"); /* 3 == NVMF_TRTYPE_TCP */ 2273