xref: /freebsd/sys/dev/iscsi/icl.c (revision ee7b0571c2c18bdec848ed2044223cc88db29bd8)
1 /*-
2  * Copyright (c) 2012 The FreeBSD Foundation
3  * All rights reserved.
4  *
5  * This software was developed by Edward Tomasz Napierala under sponsorship
6  * from the FreeBSD Foundation.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $FreeBSD$
30  */
31 
32 /*
33  * iSCSI Common Layer.  It's used by both the initiator and target to send
34  * and receive iSCSI PDUs.
35  */
36 
37 #include <sys/param.h>
38 #include <sys/capsicum.h>
39 #include <sys/condvar.h>
40 #include <sys/conf.h>
41 #include <sys/file.h>
42 #include <sys/kernel.h>
43 #include <sys/kthread.h>
44 #include <sys/lock.h>
45 #include <sys/mbuf.h>
46 #include <sys/mutex.h>
47 #include <sys/module.h>
48 #include <sys/protosw.h>
49 #include <sys/socket.h>
50 #include <sys/socketvar.h>
51 #include <sys/sysctl.h>
52 #include <sys/systm.h>
53 #include <sys/sx.h>
54 #include <sys/uio.h>
55 #include <vm/uma.h>
56 #include <netinet/in.h>
57 #include <netinet/tcp.h>
58 
59 #include "icl.h"
60 #include "iscsi_proto.h"
61 
62 SYSCTL_NODE(_kern, OID_AUTO, icl, CTLFLAG_RD, 0, "iSCSI Common Layer");
63 static int debug = 1;
64 SYSCTL_INT(_kern_icl, OID_AUTO, debug, CTLFLAG_RWTUN,
65     &debug, 0, "Enable debug messages");
66 static int coalesce = 1;
67 SYSCTL_INT(_kern_icl, OID_AUTO, coalesce, CTLFLAG_RWTUN,
68     &coalesce, 0, "Try to coalesce PDUs before sending");
69 static int partial_receive_len = 128 * 1024;
70 SYSCTL_INT(_kern_icl, OID_AUTO, partial_receive_len, CTLFLAG_RWTUN,
71     &partial_receive_len, 0, "Minimum read size for partially received "
72     "data segment");
73 static int sendspace = 1048576;
74 SYSCTL_INT(_kern_icl, OID_AUTO, sendspace, CTLFLAG_RWTUN,
75     &sendspace, 0, "Default send socket buffer size");
76 static int recvspace = 1048576;
77 SYSCTL_INT(_kern_icl, OID_AUTO, recvspace, CTLFLAG_RWTUN,
78     &recvspace, 0, "Default receive socket buffer size");
79 
80 static uma_zone_t icl_conn_zone;
81 static uma_zone_t icl_pdu_zone;
82 
83 static volatile u_int	icl_ncons;
84 
85 #define	ICL_DEBUG(X, ...)						\
86 	do {								\
87 		if (debug > 1)						\
88 			printf("%s: " X "\n", __func__, ## __VA_ARGS__);\
89 	} while (0)
90 
91 #define	ICL_WARN(X, ...)						\
92 	do {								\
93 		if (debug > 0) {					\
94 			printf("WARNING: %s: " X "\n",			\
95 			    __func__, ## __VA_ARGS__);			\
96 		}							\
97 	} while (0)
98 
99 #define ICL_CONN_LOCK(X)		mtx_lock(X->ic_lock)
100 #define ICL_CONN_UNLOCK(X)		mtx_unlock(X->ic_lock)
101 #define ICL_CONN_LOCK_ASSERT(X)		mtx_assert(X->ic_lock, MA_OWNED)
102 #define ICL_CONN_LOCK_ASSERT_NOT(X)	mtx_assert(X->ic_lock, MA_NOTOWNED)
103 
104 STAILQ_HEAD(icl_pdu_stailq, icl_pdu);
105 
106 static void
107 icl_conn_fail(struct icl_conn *ic)
108 {
109 	if (ic->ic_socket == NULL)
110 		return;
111 
112 	/*
113 	 * XXX
114 	 */
115 	ic->ic_socket->so_error = EDOOFUS;
116 	(ic->ic_error)(ic);
117 }
118 
119 static struct mbuf *
120 icl_conn_receive(struct icl_conn *ic, size_t len)
121 {
122 	struct uio uio;
123 	struct socket *so;
124 	struct mbuf *m;
125 	int error, flags;
126 
127 	so = ic->ic_socket;
128 
129 	memset(&uio, 0, sizeof(uio));
130 	uio.uio_resid = len;
131 
132 	flags = MSG_DONTWAIT;
133 	error = soreceive(so, NULL, &uio, &m, NULL, &flags);
134 	if (error != 0) {
135 		ICL_DEBUG("soreceive error %d", error);
136 		return (NULL);
137 	}
138 	if (uio.uio_resid != 0) {
139 		m_freem(m);
140 		ICL_DEBUG("short read");
141 		return (NULL);
142 	}
143 
144 	return (m);
145 }
146 
147 static struct icl_pdu *
148 icl_pdu_new(struct icl_conn *ic, int flags)
149 {
150 	struct icl_pdu *ip;
151 
152 #ifdef DIAGNOSTIC
153 	refcount_acquire(&ic->ic_outstanding_pdus);
154 #endif
155 	ip = uma_zalloc(icl_pdu_zone, flags | M_ZERO);
156 	if (ip == NULL) {
157 		ICL_WARN("failed to allocate %zd bytes", sizeof(*ip));
158 #ifdef DIAGNOSTIC
159 		refcount_release(&ic->ic_outstanding_pdus);
160 #endif
161 		return (NULL);
162 	}
163 
164 	ip->ip_conn = ic;
165 
166 	return (ip);
167 }
168 
169 void
170 icl_pdu_free(struct icl_pdu *ip)
171 {
172 	struct icl_conn *ic;
173 
174 	ic = ip->ip_conn;
175 
176 	m_freem(ip->ip_bhs_mbuf);
177 	m_freem(ip->ip_ahs_mbuf);
178 	m_freem(ip->ip_data_mbuf);
179 	uma_zfree(icl_pdu_zone, ip);
180 #ifdef DIAGNOSTIC
181 	refcount_release(&ic->ic_outstanding_pdus);
182 #endif
183 }
184 
185 /*
186  * Allocate icl_pdu with empty BHS to fill up by the caller.
187  */
188 struct icl_pdu *
189 icl_pdu_new_bhs(struct icl_conn *ic, int flags)
190 {
191 	struct icl_pdu *ip;
192 
193 	ip = icl_pdu_new(ic, flags);
194 	if (ip == NULL)
195 		return (NULL);
196 
197 	ip->ip_bhs_mbuf = m_getm2(NULL, sizeof(struct iscsi_bhs),
198 	    flags, MT_DATA, M_PKTHDR);
199 	if (ip->ip_bhs_mbuf == NULL) {
200 		ICL_WARN("failed to allocate %zd bytes", sizeof(*ip));
201 		icl_pdu_free(ip);
202 		return (NULL);
203 	}
204 	ip->ip_bhs = mtod(ip->ip_bhs_mbuf, struct iscsi_bhs *);
205 	memset(ip->ip_bhs, 0, sizeof(struct iscsi_bhs));
206 	ip->ip_bhs_mbuf->m_len = sizeof(struct iscsi_bhs);
207 
208 	return (ip);
209 }
210 
211 static int
212 icl_pdu_ahs_length(const struct icl_pdu *request)
213 {
214 
215 	return (request->ip_bhs->bhs_total_ahs_len * 4);
216 }
217 
218 size_t
219 icl_pdu_data_segment_length(const struct icl_pdu *request)
220 {
221 	uint32_t len = 0;
222 
223 	len += request->ip_bhs->bhs_data_segment_len[0];
224 	len <<= 8;
225 	len += request->ip_bhs->bhs_data_segment_len[1];
226 	len <<= 8;
227 	len += request->ip_bhs->bhs_data_segment_len[2];
228 
229 	return (len);
230 }
231 
232 static void
233 icl_pdu_set_data_segment_length(struct icl_pdu *response, uint32_t len)
234 {
235 
236 	response->ip_bhs->bhs_data_segment_len[2] = len;
237 	response->ip_bhs->bhs_data_segment_len[1] = len >> 8;
238 	response->ip_bhs->bhs_data_segment_len[0] = len >> 16;
239 }
240 
241 static size_t
242 icl_pdu_padding(const struct icl_pdu *ip)
243 {
244 
245 	if ((ip->ip_data_len % 4) != 0)
246 		return (4 - (ip->ip_data_len % 4));
247 
248 	return (0);
249 }
250 
251 static size_t
252 icl_pdu_size(const struct icl_pdu *response)
253 {
254 	size_t len;
255 
256 	KASSERT(response->ip_ahs_len == 0, ("responding with AHS"));
257 
258 	len = sizeof(struct iscsi_bhs) + response->ip_data_len +
259 	    icl_pdu_padding(response);
260 	if (response->ip_conn->ic_header_crc32c)
261 		len += ISCSI_HEADER_DIGEST_SIZE;
262 	if (response->ip_data_len != 0 && response->ip_conn->ic_data_crc32c)
263 		len += ISCSI_DATA_DIGEST_SIZE;
264 
265 	return (len);
266 }
267 
268 static int
269 icl_pdu_receive_bhs(struct icl_pdu *request, size_t *availablep)
270 {
271 	struct mbuf *m;
272 
273 	m = icl_conn_receive(request->ip_conn, sizeof(struct iscsi_bhs));
274 	if (m == NULL) {
275 		ICL_DEBUG("failed to receive BHS");
276 		return (-1);
277 	}
278 
279 	request->ip_bhs_mbuf = m_pullup(m, sizeof(struct iscsi_bhs));
280 	if (request->ip_bhs_mbuf == NULL) {
281 		ICL_WARN("m_pullup failed");
282 		return (-1);
283 	}
284 	request->ip_bhs = mtod(request->ip_bhs_mbuf, struct iscsi_bhs *);
285 
286 	/*
287 	 * XXX: For architectures with strict alignment requirements
288 	 * 	we may need to allocate ip_bhs and copy the data into it.
289 	 * 	For some reason, though, not doing this doesn't seem
290 	 * 	to cause problems; tested on sparc64.
291 	 */
292 
293 	*availablep -= sizeof(struct iscsi_bhs);
294 	return (0);
295 }
296 
297 static int
298 icl_pdu_receive_ahs(struct icl_pdu *request, size_t *availablep)
299 {
300 
301 	request->ip_ahs_len = icl_pdu_ahs_length(request);
302 	if (request->ip_ahs_len == 0)
303 		return (0);
304 
305 	request->ip_ahs_mbuf = icl_conn_receive(request->ip_conn,
306 	    request->ip_ahs_len);
307 	if (request->ip_ahs_mbuf == NULL) {
308 		ICL_DEBUG("failed to receive AHS");
309 		return (-1);
310 	}
311 
312 	*availablep -= request->ip_ahs_len;
313 	return (0);
314 }
315 
316 static uint32_t
317 icl_mbuf_to_crc32c(const struct mbuf *m0)
318 {
319 	uint32_t digest = 0xffffffff;
320 	const struct mbuf *m;
321 
322 	for (m = m0; m != NULL; m = m->m_next)
323 		digest = calculate_crc32c(digest,
324 		    mtod(m, const void *), m->m_len);
325 
326 	digest = digest ^ 0xffffffff;
327 
328 	return (digest);
329 }
330 
331 static int
332 icl_pdu_check_header_digest(struct icl_pdu *request, size_t *availablep)
333 {
334 	struct mbuf *m;
335 	uint32_t received_digest, valid_digest;
336 
337 	if (request->ip_conn->ic_header_crc32c == false)
338 		return (0);
339 
340 	m = icl_conn_receive(request->ip_conn, ISCSI_HEADER_DIGEST_SIZE);
341 	if (m == NULL) {
342 		ICL_DEBUG("failed to receive header digest");
343 		return (-1);
344 	}
345 
346 	CTASSERT(sizeof(received_digest) == ISCSI_HEADER_DIGEST_SIZE);
347 	m_copydata(m, 0, ISCSI_HEADER_DIGEST_SIZE, (void *)&received_digest);
348 	m_freem(m);
349 
350 	*availablep -= ISCSI_HEADER_DIGEST_SIZE;
351 
352 	/*
353 	 * XXX: Handle AHS.
354 	 */
355 	valid_digest = icl_mbuf_to_crc32c(request->ip_bhs_mbuf);
356 	if (received_digest != valid_digest) {
357 		ICL_WARN("header digest check failed; got 0x%x, "
358 		    "should be 0x%x", received_digest, valid_digest);
359 		return (-1);
360 	}
361 
362 	return (0);
363 }
364 
365 /*
366  * Return the number of bytes that should be waiting in the receive socket
367  * before icl_pdu_receive_data_segment() gets called.
368  */
369 static size_t
370 icl_pdu_data_segment_receive_len(const struct icl_pdu *request)
371 {
372 	size_t len;
373 
374 	len = icl_pdu_data_segment_length(request);
375 	if (len == 0)
376 		return (0);
377 
378 	/*
379 	 * Account for the parts of data segment already read from
380 	 * the socket buffer.
381 	 */
382 	KASSERT(len > request->ip_data_len, ("len <= request->ip_data_len"));
383 	len -= request->ip_data_len;
384 
385 	/*
386 	 * Don't always wait for the full data segment to be delivered
387 	 * to the socket; this might badly affect performance due to
388 	 * TCP window scaling.
389 	 */
390 	if (len > partial_receive_len) {
391 #if 0
392 		ICL_DEBUG("need %zd bytes of data, limiting to %zd",
393 		    len, partial_receive_len));
394 #endif
395 		len = partial_receive_len;
396 
397 		return (len);
398 	}
399 
400 	/*
401 	 * Account for padding.  Note that due to the way code is written,
402 	 * the icl_pdu_receive_data_segment() must always receive padding
403 	 * along with the last part of data segment, because it would be
404 	 * impossible to tell whether we've already received the full data
405 	 * segment including padding, or without it.
406 	 */
407 	if ((len % 4) != 0)
408 		len += 4 - (len % 4);
409 
410 #if 0
411 	ICL_DEBUG("need %zd bytes of data", len));
412 #endif
413 
414 	return (len);
415 }
416 
417 static int
418 icl_pdu_receive_data_segment(struct icl_pdu *request,
419     size_t *availablep, bool *more_neededp)
420 {
421 	struct icl_conn *ic;
422 	size_t len, padding = 0;
423 	struct mbuf *m;
424 
425 	ic = request->ip_conn;
426 
427 	*more_neededp = false;
428 	ic->ic_receive_len = 0;
429 
430 	len = icl_pdu_data_segment_length(request);
431 	if (len == 0)
432 		return (0);
433 
434 	if ((len % 4) != 0)
435 		padding = 4 - (len % 4);
436 
437 	/*
438 	 * Account for already received parts of data segment.
439 	 */
440 	KASSERT(len > request->ip_data_len, ("len <= request->ip_data_len"));
441 	len -= request->ip_data_len;
442 
443 	if (len + padding > *availablep) {
444 		/*
445 		 * Not enough data in the socket buffer.  Receive as much
446 		 * as we can.  Don't receive padding, since, obviously, it's
447 		 * not the end of data segment yet.
448 		 */
449 #if 0
450 		ICL_DEBUG("limited from %zd to %zd",
451 		    len + padding, *availablep - padding));
452 #endif
453 		len = *availablep - padding;
454 		*more_neededp = true;
455 		padding = 0;
456 	}
457 
458 	/*
459 	 * Must not try to receive padding without at least one byte
460 	 * of actual data segment.
461 	 */
462 	if (len > 0) {
463 		m = icl_conn_receive(request->ip_conn, len + padding);
464 		if (m == NULL) {
465 			ICL_DEBUG("failed to receive data segment");
466 			return (-1);
467 		}
468 
469 		if (request->ip_data_mbuf == NULL)
470 			request->ip_data_mbuf = m;
471 		else
472 			m_cat(request->ip_data_mbuf, m);
473 
474 		request->ip_data_len += len;
475 		*availablep -= len + padding;
476 	} else
477 		ICL_DEBUG("len 0");
478 
479 	if (*more_neededp)
480 		ic->ic_receive_len =
481 		    icl_pdu_data_segment_receive_len(request);
482 
483 	return (0);
484 }
485 
486 static int
487 icl_pdu_check_data_digest(struct icl_pdu *request, size_t *availablep)
488 {
489 	struct mbuf *m;
490 	uint32_t received_digest, valid_digest;
491 
492 	if (request->ip_conn->ic_data_crc32c == false)
493 		return (0);
494 
495 	if (request->ip_data_len == 0)
496 		return (0);
497 
498 	m = icl_conn_receive(request->ip_conn, ISCSI_DATA_DIGEST_SIZE);
499 	if (m == NULL) {
500 		ICL_DEBUG("failed to receive data digest");
501 		return (-1);
502 	}
503 
504 	CTASSERT(sizeof(received_digest) == ISCSI_DATA_DIGEST_SIZE);
505 	m_copydata(m, 0, ISCSI_DATA_DIGEST_SIZE, (void *)&received_digest);
506 	m_freem(m);
507 
508 	*availablep -= ISCSI_DATA_DIGEST_SIZE;
509 
510 	/*
511 	 * Note that ip_data_mbuf also contains padding; since digest
512 	 * calculation is supposed to include that, we iterate over
513 	 * the entire ip_data_mbuf chain, not just ip_data_len bytes of it.
514 	 */
515 	valid_digest = icl_mbuf_to_crc32c(request->ip_data_mbuf);
516 	if (received_digest != valid_digest) {
517 		ICL_WARN("data digest check failed; got 0x%x, "
518 		    "should be 0x%x", received_digest, valid_digest);
519 		return (-1);
520 	}
521 
522 	return (0);
523 }
524 
525 /*
526  * Somewhat contrary to the name, this attempts to receive only one
527  * "part" of PDU at a time; call it repeatedly until it returns non-NULL.
528  */
529 static struct icl_pdu *
530 icl_conn_receive_pdu(struct icl_conn *ic, size_t *availablep)
531 {
532 	struct icl_pdu *request;
533 	struct socket *so;
534 	size_t len;
535 	int error;
536 	bool more_needed;
537 
538 	so = ic->ic_socket;
539 
540 	if (ic->ic_receive_state == ICL_CONN_STATE_BHS) {
541 		KASSERT(ic->ic_receive_pdu == NULL,
542 		    ("ic->ic_receive_pdu != NULL"));
543 		request = icl_pdu_new(ic, M_NOWAIT);
544 		if (request == NULL) {
545 			ICL_DEBUG("failed to allocate PDU; "
546 			    "dropping connection");
547 			icl_conn_fail(ic);
548 			return (NULL);
549 		}
550 		ic->ic_receive_pdu = request;
551 	} else {
552 		KASSERT(ic->ic_receive_pdu != NULL,
553 		    ("ic->ic_receive_pdu == NULL"));
554 		request = ic->ic_receive_pdu;
555 	}
556 
557 	if (*availablep < ic->ic_receive_len) {
558 #if 0
559 		ICL_DEBUG("not enough data; need %zd, "
560 		    "have %zd", ic->ic_receive_len, *availablep);
561 #endif
562 		return (NULL);
563 	}
564 
565 	switch (ic->ic_receive_state) {
566 	case ICL_CONN_STATE_BHS:
567 		//ICL_DEBUG("receiving BHS");
568 		error = icl_pdu_receive_bhs(request, availablep);
569 		if (error != 0) {
570 			ICL_DEBUG("failed to receive BHS; "
571 			    "dropping connection");
572 			break;
573 		}
574 
575 		/*
576 		 * We don't enforce any limit for AHS length;
577 		 * its length is stored in 8 bit field.
578 		 */
579 
580 		len = icl_pdu_data_segment_length(request);
581 		if (len > ic->ic_max_data_segment_length) {
582 			ICL_WARN("received data segment "
583 			    "length %zd is larger than negotiated "
584 			    "MaxDataSegmentLength %zd; "
585 			    "dropping connection",
586 			    len, ic->ic_max_data_segment_length);
587 			error = EINVAL;
588 			break;
589 		}
590 
591 		ic->ic_receive_state = ICL_CONN_STATE_AHS;
592 		ic->ic_receive_len = icl_pdu_ahs_length(request);
593 		break;
594 
595 	case ICL_CONN_STATE_AHS:
596 		//ICL_DEBUG("receiving AHS");
597 		error = icl_pdu_receive_ahs(request, availablep);
598 		if (error != 0) {
599 			ICL_DEBUG("failed to receive AHS; "
600 			    "dropping connection");
601 			break;
602 		}
603 		ic->ic_receive_state = ICL_CONN_STATE_HEADER_DIGEST;
604 		if (ic->ic_header_crc32c == false)
605 			ic->ic_receive_len = 0;
606 		else
607 			ic->ic_receive_len = ISCSI_HEADER_DIGEST_SIZE;
608 		break;
609 
610 	case ICL_CONN_STATE_HEADER_DIGEST:
611 		//ICL_DEBUG("receiving header digest");
612 		error = icl_pdu_check_header_digest(request, availablep);
613 		if (error != 0) {
614 			ICL_DEBUG("header digest failed; "
615 			    "dropping connection");
616 			break;
617 		}
618 
619 		ic->ic_receive_state = ICL_CONN_STATE_DATA;
620 		ic->ic_receive_len =
621 		    icl_pdu_data_segment_receive_len(request);
622 		break;
623 
624 	case ICL_CONN_STATE_DATA:
625 		//ICL_DEBUG("receiving data segment");
626 		error = icl_pdu_receive_data_segment(request, availablep,
627 		    &more_needed);
628 		if (error != 0) {
629 			ICL_DEBUG("failed to receive data segment;"
630 			    "dropping connection");
631 			break;
632 		}
633 
634 		if (more_needed)
635 			break;
636 
637 		ic->ic_receive_state = ICL_CONN_STATE_DATA_DIGEST;
638 		if (request->ip_data_len == 0 || ic->ic_data_crc32c == false)
639 			ic->ic_receive_len = 0;
640 		else
641 			ic->ic_receive_len = ISCSI_DATA_DIGEST_SIZE;
642 		break;
643 
644 	case ICL_CONN_STATE_DATA_DIGEST:
645 		//ICL_DEBUG("receiving data digest");
646 		error = icl_pdu_check_data_digest(request, availablep);
647 		if (error != 0) {
648 			ICL_DEBUG("data digest failed; "
649 			    "dropping connection");
650 			break;
651 		}
652 
653 		/*
654 		 * We've received complete PDU; reset the receive state machine
655 		 * and return the PDU.
656 		 */
657 		ic->ic_receive_state = ICL_CONN_STATE_BHS;
658 		ic->ic_receive_len = sizeof(struct iscsi_bhs);
659 		ic->ic_receive_pdu = NULL;
660 		return (request);
661 
662 	default:
663 		panic("invalid ic_receive_state %d\n", ic->ic_receive_state);
664 	}
665 
666 	if (error != 0) {
667 		/*
668 		 * Don't free the PDU; it's pointed to by ic->ic_receive_pdu
669 		 * and will get freed in icl_conn_close().
670 		 */
671 		icl_conn_fail(ic);
672 	}
673 
674 	return (NULL);
675 }
676 
677 static void
678 icl_conn_receive_pdus(struct icl_conn *ic, size_t available)
679 {
680 	struct icl_pdu *response;
681 	struct socket *so;
682 
683 	so = ic->ic_socket;
684 
685 	/*
686 	 * This can never happen; we're careful to only mess with ic->ic_socket
687 	 * pointer when the send/receive threads are not running.
688 	 */
689 	KASSERT(so != NULL, ("NULL socket"));
690 
691 	for (;;) {
692 		if (ic->ic_disconnecting)
693 			return;
694 
695 		if (so->so_error != 0) {
696 			ICL_DEBUG("connection error %d; "
697 			    "dropping connection", so->so_error);
698 			icl_conn_fail(ic);
699 			return;
700 		}
701 
702 		/*
703 		 * Loop until we have a complete PDU or there is not enough
704 		 * data in the socket buffer.
705 		 */
706 		if (available < ic->ic_receive_len) {
707 #if 0
708 			ICL_DEBUG("not enough data; have %zd, "
709 			    "need %zd", available,
710 			    ic->ic_receive_len);
711 #endif
712 			return;
713 		}
714 
715 		response = icl_conn_receive_pdu(ic, &available);
716 		if (response == NULL)
717 			continue;
718 
719 		if (response->ip_ahs_len > 0) {
720 			ICL_WARN("received PDU with unsupported "
721 			    "AHS; opcode 0x%x; dropping connection",
722 			    response->ip_bhs->bhs_opcode);
723 			icl_pdu_free(response);
724 			icl_conn_fail(ic);
725 			return;
726 		}
727 
728 		(ic->ic_receive)(response);
729 	}
730 }
731 
732 static void
733 icl_receive_thread(void *arg)
734 {
735 	struct icl_conn *ic;
736 	size_t available;
737 	struct socket *so;
738 
739 	ic = arg;
740 	so = ic->ic_socket;
741 
742 	ICL_CONN_LOCK(ic);
743 	ic->ic_receive_running = true;
744 	ICL_CONN_UNLOCK(ic);
745 
746 	for (;;) {
747 		if (ic->ic_disconnecting) {
748 			//ICL_DEBUG("terminating");
749 			break;
750 		}
751 
752 		/*
753 		 * Set the low watermark, to be checked by
754 		 * soreadable() in icl_soupcall_receive()
755 		 * to avoid unneccessary wakeups until there
756 		 * is enough data received to read the PDU.
757 		 */
758 		SOCKBUF_LOCK(&so->so_rcv);
759 		available = so->so_rcv.sb_cc;
760 		if (available < ic->ic_receive_len) {
761 			so->so_rcv.sb_lowat = ic->ic_receive_len;
762 			cv_wait(&ic->ic_receive_cv, &so->so_rcv.sb_mtx);
763 		} else
764 			so->so_rcv.sb_lowat = so->so_rcv.sb_hiwat + 1;
765 		SOCKBUF_UNLOCK(&so->so_rcv);
766 
767 		icl_conn_receive_pdus(ic, available);
768 	}
769 
770 	ICL_CONN_LOCK(ic);
771 	ic->ic_receive_running = false;
772 	ICL_CONN_UNLOCK(ic);
773 	kthread_exit();
774 }
775 
776 static int
777 icl_soupcall_receive(struct socket *so, void *arg, int waitflag)
778 {
779 	struct icl_conn *ic;
780 
781 	if (!soreadable(so))
782 		return (SU_OK);
783 
784 	ic = arg;
785 	cv_signal(&ic->ic_receive_cv);
786 	return (SU_OK);
787 }
788 
789 static int
790 icl_pdu_finalize(struct icl_pdu *request)
791 {
792 	size_t padding, pdu_len;
793 	uint32_t digest, zero = 0;
794 	int ok;
795 	struct icl_conn *ic;
796 
797 	ic = request->ip_conn;
798 
799 	icl_pdu_set_data_segment_length(request, request->ip_data_len);
800 
801 	pdu_len = icl_pdu_size(request);
802 
803 	if (ic->ic_header_crc32c) {
804 		digest = icl_mbuf_to_crc32c(request->ip_bhs_mbuf);
805 		ok = m_append(request->ip_bhs_mbuf, sizeof(digest),
806 		    (void *)&digest);
807 		if (ok != 1) {
808 			ICL_WARN("failed to append header digest");
809 			return (1);
810 		}
811 	}
812 
813 	if (request->ip_data_len != 0) {
814 		padding = icl_pdu_padding(request);
815 		if (padding > 0) {
816 			ok = m_append(request->ip_data_mbuf, padding,
817 			    (void *)&zero);
818 			if (ok != 1) {
819 				ICL_WARN("failed to append padding");
820 				return (1);
821 			}
822 		}
823 
824 		if (ic->ic_data_crc32c) {
825 			digest = icl_mbuf_to_crc32c(request->ip_data_mbuf);
826 
827 			ok = m_append(request->ip_data_mbuf, sizeof(digest),
828 			    (void *)&digest);
829 			if (ok != 1) {
830 				ICL_WARN("failed to append data digest");
831 				return (1);
832 			}
833 		}
834 
835 		m_cat(request->ip_bhs_mbuf, request->ip_data_mbuf);
836 		request->ip_data_mbuf = NULL;
837 	}
838 
839 	request->ip_bhs_mbuf->m_pkthdr.len = pdu_len;
840 
841 	return (0);
842 }
843 
844 static void
845 icl_conn_send_pdus(struct icl_conn *ic, struct icl_pdu_stailq *queue)
846 {
847 	struct icl_pdu *request, *request2;
848 	struct socket *so;
849 	size_t available, size, size2;
850 	int coalesced, error;
851 
852 	ICL_CONN_LOCK_ASSERT_NOT(ic);
853 
854 	so = ic->ic_socket;
855 
856 	SOCKBUF_LOCK(&so->so_snd);
857 	/*
858 	 * Check how much space do we have for transmit.  We can't just
859 	 * call sosend() and retry when we get EWOULDBLOCK or EMSGSIZE,
860 	 * as it always frees the mbuf chain passed to it, even in case
861 	 * of error.
862 	 */
863 	available = sbspace(&so->so_snd);
864 
865 	/*
866 	 * Notify the socket upcall that we don't need wakeups
867 	 * for the time being.
868 	 */
869 	so->so_snd.sb_lowat = so->so_snd.sb_hiwat + 1;
870 	SOCKBUF_UNLOCK(&so->so_snd);
871 
872 	while (!STAILQ_EMPTY(queue)) {
873 		if (ic->ic_disconnecting)
874 			return;
875 		request = STAILQ_FIRST(queue);
876 		size = icl_pdu_size(request);
877 		if (available < size) {
878 
879 			/*
880 			 * Set the low watermark, to be checked by
881 			 * sowriteable() in icl_soupcall_send()
882 			 * to avoid unneccessary wakeups until there
883 			 * is enough space for the PDU to fit.
884 			 */
885 			SOCKBUF_LOCK(&so->so_snd);
886 			available = sbspace(&so->so_snd);
887 			if (available < size) {
888 #if 1
889 				ICL_DEBUG("no space to send; "
890 				    "have %zd, need %zd",
891 				    available, size);
892 #endif
893 				so->so_snd.sb_lowat = size;
894 				SOCKBUF_UNLOCK(&so->so_snd);
895 				return;
896 			}
897 			SOCKBUF_UNLOCK(&so->so_snd);
898 		}
899 		STAILQ_REMOVE_HEAD(queue, ip_next);
900 		error = icl_pdu_finalize(request);
901 		if (error != 0) {
902 			ICL_DEBUG("failed to finalize PDU; "
903 			    "dropping connection");
904 			icl_conn_fail(ic);
905 			icl_pdu_free(request);
906 			return;
907 		}
908 		if (coalesce) {
909 			coalesced = 1;
910 			for (;;) {
911 				request2 = STAILQ_FIRST(queue);
912 				if (request2 == NULL)
913 					break;
914 				size2 = icl_pdu_size(request2);
915 				if (available < size + size2)
916 					break;
917 				STAILQ_REMOVE_HEAD(queue, ip_next);
918 				error = icl_pdu_finalize(request2);
919 				if (error != 0) {
920 					ICL_DEBUG("failed to finalize PDU; "
921 					    "dropping connection");
922 					icl_conn_fail(ic);
923 					icl_pdu_free(request);
924 					icl_pdu_free(request2);
925 					return;
926 				}
927 				m_cat(request->ip_bhs_mbuf, request2->ip_bhs_mbuf);
928 				request2->ip_bhs_mbuf = NULL;
929 				request->ip_bhs_mbuf->m_pkthdr.len += size2;
930 				size += size2;
931 				STAILQ_REMOVE_AFTER(queue, request, ip_next);
932 				icl_pdu_free(request2);
933 				coalesced++;
934 			}
935 #if 0
936 			if (coalesced > 1) {
937 				ICL_DEBUG("coalesced %d PDUs into %zd bytes",
938 				    coalesced, size);
939 			}
940 #endif
941 		}
942 		available -= size;
943 		error = sosend(so, NULL, NULL, request->ip_bhs_mbuf,
944 		    NULL, MSG_DONTWAIT, curthread);
945 		request->ip_bhs_mbuf = NULL; /* Sosend consumes the mbuf. */
946 		if (error != 0) {
947 			ICL_DEBUG("failed to send PDU, error %d; "
948 			    "dropping connection", error);
949 			icl_conn_fail(ic);
950 			icl_pdu_free(request);
951 			return;
952 		}
953 		icl_pdu_free(request);
954 	}
955 }
956 
957 static void
958 icl_send_thread(void *arg)
959 {
960 	struct icl_conn *ic;
961 	struct icl_pdu_stailq queue;
962 
963 	ic = arg;
964 
965 	STAILQ_INIT(&queue);
966 
967 	ICL_CONN_LOCK(ic);
968 	ic->ic_send_running = true;
969 
970 	for (;;) {
971 		if (ic->ic_disconnecting) {
972 			//ICL_DEBUG("terminating");
973 			break;
974 		}
975 
976 		for (;;) {
977 			/*
978 			 * If the local queue is empty, populate it from
979 			 * the main one.  This way the icl_conn_send_pdus()
980 			 * can go through all the queued PDUs without holding
981 			 * any locks.
982 			 */
983 			if (STAILQ_EMPTY(&queue))
984 				STAILQ_SWAP(&ic->ic_to_send, &queue, icl_pdu);
985 
986 			ic->ic_check_send_space = false;
987 			ICL_CONN_UNLOCK(ic);
988 			icl_conn_send_pdus(ic, &queue);
989 			ICL_CONN_LOCK(ic);
990 
991 			/*
992 			 * The icl_soupcall_send() was called since the last
993 			 * call to sbspace(); go around;
994 			 */
995 			if (ic->ic_check_send_space)
996 				continue;
997 
998 			/*
999 			 * Local queue is empty, but we still have PDUs
1000 			 * in the main one; go around.
1001 			 */
1002 			if (STAILQ_EMPTY(&queue) &&
1003 			    !STAILQ_EMPTY(&ic->ic_to_send))
1004 				continue;
1005 
1006 			/*
1007 			 * There might be some stuff in the local queue,
1008 			 * which didn't get sent due to not having enough send
1009 			 * space.  Wait for socket upcall.
1010 			 */
1011 			break;
1012 		}
1013 
1014 		cv_wait(&ic->ic_send_cv, ic->ic_lock);
1015 	}
1016 
1017 	/*
1018 	 * We're exiting; move PDUs back to the main queue, so they can
1019 	 * get freed properly.  At this point ordering doesn't matter.
1020 	 */
1021 	STAILQ_CONCAT(&ic->ic_to_send, &queue);
1022 
1023 	ic->ic_send_running = false;
1024 	ICL_CONN_UNLOCK(ic);
1025 	kthread_exit();
1026 }
1027 
1028 static int
1029 icl_soupcall_send(struct socket *so, void *arg, int waitflag)
1030 {
1031 	struct icl_conn *ic;
1032 
1033 	if (!sowriteable(so))
1034 		return (SU_OK);
1035 
1036 	ic = arg;
1037 
1038 	ICL_CONN_LOCK(ic);
1039 	ic->ic_check_send_space = true;
1040 	ICL_CONN_UNLOCK(ic);
1041 
1042 	cv_signal(&ic->ic_send_cv);
1043 
1044 	return (SU_OK);
1045 }
1046 
1047 int
1048 icl_pdu_append_data(struct icl_pdu *request, const void *addr, size_t len,
1049     int flags)
1050 {
1051 	struct mbuf *mb, *newmb;
1052 	size_t copylen, off = 0;
1053 
1054 	KASSERT(len > 0, ("len == 0"));
1055 
1056 	newmb = m_getm2(NULL, len, flags, MT_DATA, M_PKTHDR);
1057 	if (newmb == NULL) {
1058 		ICL_WARN("failed to allocate mbuf for %zd bytes", len);
1059 		return (ENOMEM);
1060 	}
1061 
1062 	for (mb = newmb; mb != NULL; mb = mb->m_next) {
1063 		copylen = min(M_TRAILINGSPACE(mb), len - off);
1064 		memcpy(mtod(mb, char *), (const char *)addr + off, copylen);
1065 		mb->m_len = copylen;
1066 		off += copylen;
1067 	}
1068 	KASSERT(off == len, ("%s: off != len", __func__));
1069 
1070 	if (request->ip_data_mbuf == NULL) {
1071 		request->ip_data_mbuf = newmb;
1072 		request->ip_data_len = len;
1073 	} else {
1074 		m_cat(request->ip_data_mbuf, newmb);
1075 		request->ip_data_len += len;
1076 	}
1077 
1078 	return (0);
1079 }
1080 
1081 void
1082 icl_pdu_get_data(struct icl_pdu *ip, size_t off, void *addr, size_t len)
1083 {
1084 
1085 	m_copydata(ip->ip_data_mbuf, off, len, addr);
1086 }
1087 
1088 void
1089 icl_pdu_queue(struct icl_pdu *ip)
1090 {
1091 	struct icl_conn *ic;
1092 
1093 	ic = ip->ip_conn;
1094 
1095 	ICL_CONN_LOCK_ASSERT(ic);
1096 
1097 	if (ic->ic_disconnecting || ic->ic_socket == NULL) {
1098 		ICL_DEBUG("icl_pdu_queue on closed connection");
1099 		icl_pdu_free(ip);
1100 		return;
1101 	}
1102 
1103 	if (!STAILQ_EMPTY(&ic->ic_to_send)) {
1104 		STAILQ_INSERT_TAIL(&ic->ic_to_send, ip, ip_next);
1105 		/*
1106 		 * If the queue is not empty, someone else had already
1107 		 * signaled the send thread; no need to do that again,
1108 		 * just return.
1109 		 */
1110 		return;
1111 	}
1112 
1113 	STAILQ_INSERT_TAIL(&ic->ic_to_send, ip, ip_next);
1114 	cv_signal(&ic->ic_send_cv);
1115 }
1116 
1117 struct icl_conn *
1118 icl_conn_new(const char *name, struct mtx *lock)
1119 {
1120 	struct icl_conn *ic;
1121 
1122 	refcount_acquire(&icl_ncons);
1123 
1124 	ic = uma_zalloc(icl_conn_zone, M_WAITOK | M_ZERO);
1125 
1126 	STAILQ_INIT(&ic->ic_to_send);
1127 	ic->ic_lock = lock;
1128 	cv_init(&ic->ic_send_cv, "icl_tx");
1129 	cv_init(&ic->ic_receive_cv, "icl_rx");
1130 #ifdef DIAGNOSTIC
1131 	refcount_init(&ic->ic_outstanding_pdus, 0);
1132 #endif
1133 	ic->ic_max_data_segment_length = ICL_MAX_DATA_SEGMENT_LENGTH;
1134 	ic->ic_name = name;
1135 
1136 	return (ic);
1137 }
1138 
1139 void
1140 icl_conn_free(struct icl_conn *ic)
1141 {
1142 
1143 	cv_destroy(&ic->ic_send_cv);
1144 	cv_destroy(&ic->ic_receive_cv);
1145 	uma_zfree(icl_conn_zone, ic);
1146 	refcount_release(&icl_ncons);
1147 }
1148 
1149 static int
1150 icl_conn_start(struct icl_conn *ic)
1151 {
1152 	size_t minspace;
1153 	struct sockopt opt;
1154 	int error, one = 1;
1155 
1156 	ICL_CONN_LOCK(ic);
1157 
1158 	/*
1159 	 * XXX: Ugly hack.
1160 	 */
1161 	if (ic->ic_socket == NULL) {
1162 		ICL_CONN_UNLOCK(ic);
1163 		return (EINVAL);
1164 	}
1165 
1166 	ic->ic_receive_state = ICL_CONN_STATE_BHS;
1167 	ic->ic_receive_len = sizeof(struct iscsi_bhs);
1168 	ic->ic_disconnecting = false;
1169 
1170 	ICL_CONN_UNLOCK(ic);
1171 
1172 	/*
1173 	 * For sendspace, this is required because the current code cannot
1174 	 * send a PDU in pieces; thus, the minimum buffer size is equal
1175 	 * to the maximum PDU size.  "+4" is to account for possible padding.
1176 	 *
1177 	 * What we should actually do here is to use autoscaling, but set
1178 	 * some minimal buffer size to "minspace".  I don't know a way to do
1179 	 * that, though.
1180 	 */
1181 	minspace = sizeof(struct iscsi_bhs) + ic->ic_max_data_segment_length +
1182 	    ISCSI_HEADER_DIGEST_SIZE + ISCSI_DATA_DIGEST_SIZE + 4;
1183 	if (sendspace < minspace) {
1184 		ICL_WARN("kern.icl.sendspace too low; must be at least %zd",
1185 		    minspace);
1186 		sendspace = minspace;
1187 	}
1188 	if (recvspace < minspace) {
1189 		ICL_WARN("kern.icl.recvspace too low; must be at least %zd",
1190 		    minspace);
1191 		recvspace = minspace;
1192 	}
1193 
1194 	error = soreserve(ic->ic_socket, sendspace, recvspace);
1195 	if (error != 0) {
1196 		ICL_WARN("soreserve failed with error %d", error);
1197 		icl_conn_close(ic);
1198 		return (error);
1199 	}
1200 
1201 	/*
1202 	 * Disable Nagle.
1203 	 */
1204 	bzero(&opt, sizeof(opt));
1205 	opt.sopt_dir = SOPT_SET;
1206 	opt.sopt_level = IPPROTO_TCP;
1207 	opt.sopt_name = TCP_NODELAY;
1208 	opt.sopt_val = &one;
1209 	opt.sopt_valsize = sizeof(one);
1210 	error = sosetopt(ic->ic_socket, &opt);
1211 	if (error != 0) {
1212 		ICL_WARN("disabling TCP_NODELAY failed with error %d", error);
1213 		icl_conn_close(ic);
1214 		return (error);
1215 	}
1216 
1217 	/*
1218 	 * Start threads.
1219 	 */
1220 	error = kthread_add(icl_send_thread, ic, NULL, NULL, 0, 0, "%stx",
1221 	    ic->ic_name);
1222 	if (error != 0) {
1223 		ICL_WARN("kthread_add(9) failed with error %d", error);
1224 		icl_conn_close(ic);
1225 		return (error);
1226 	}
1227 
1228 	error = kthread_add(icl_receive_thread, ic, NULL, NULL, 0, 0, "%srx",
1229 	    ic->ic_name);
1230 	if (error != 0) {
1231 		ICL_WARN("kthread_add(9) failed with error %d", error);
1232 		icl_conn_close(ic);
1233 		return (error);
1234 	}
1235 
1236 	/*
1237 	 * Register socket upcall, to get notified about incoming PDUs
1238 	 * and free space to send outgoing ones.
1239 	 */
1240 	SOCKBUF_LOCK(&ic->ic_socket->so_snd);
1241 	soupcall_set(ic->ic_socket, SO_SND, icl_soupcall_send, ic);
1242 	SOCKBUF_UNLOCK(&ic->ic_socket->so_snd);
1243 	SOCKBUF_LOCK(&ic->ic_socket->so_rcv);
1244 	soupcall_set(ic->ic_socket, SO_RCV, icl_soupcall_receive, ic);
1245 	SOCKBUF_UNLOCK(&ic->ic_socket->so_rcv);
1246 
1247 	return (0);
1248 }
1249 
1250 int
1251 icl_conn_handoff(struct icl_conn *ic, int fd)
1252 {
1253 	struct file *fp;
1254 	struct socket *so;
1255 	cap_rights_t rights;
1256 	int error;
1257 
1258 	ICL_CONN_LOCK_ASSERT_NOT(ic);
1259 
1260 	/*
1261 	 * Steal the socket from userland.
1262 	 */
1263 	error = fget(curthread, fd,
1264 	    cap_rights_init(&rights, CAP_SOCK_CLIENT), &fp);
1265 	if (error != 0)
1266 		return (error);
1267 	if (fp->f_type != DTYPE_SOCKET) {
1268 		fdrop(fp, curthread);
1269 		return (EINVAL);
1270 	}
1271 	so = fp->f_data;
1272 	if (so->so_type != SOCK_STREAM) {
1273 		fdrop(fp, curthread);
1274 		return (EINVAL);
1275 	}
1276 
1277 	ICL_CONN_LOCK(ic);
1278 
1279 	if (ic->ic_socket != NULL) {
1280 		ICL_CONN_UNLOCK(ic);
1281 		fdrop(fp, curthread);
1282 		return (EBUSY);
1283 	}
1284 
1285 	ic->ic_socket = fp->f_data;
1286 	fp->f_ops = &badfileops;
1287 	fp->f_data = NULL;
1288 	fdrop(fp, curthread);
1289 	ICL_CONN_UNLOCK(ic);
1290 
1291 	error = icl_conn_start(ic);
1292 
1293 	return (error);
1294 }
1295 
1296 void
1297 icl_conn_shutdown(struct icl_conn *ic)
1298 {
1299 	ICL_CONN_LOCK_ASSERT_NOT(ic);
1300 
1301 	ICL_CONN_LOCK(ic);
1302 	if (ic->ic_socket == NULL) {
1303 		ICL_CONN_UNLOCK(ic);
1304 		return;
1305 	}
1306 	ICL_CONN_UNLOCK(ic);
1307 
1308 	soshutdown(ic->ic_socket, SHUT_RDWR);
1309 }
1310 
1311 void
1312 icl_conn_close(struct icl_conn *ic)
1313 {
1314 	struct icl_pdu *pdu;
1315 
1316 	ICL_CONN_LOCK_ASSERT_NOT(ic);
1317 
1318 	ICL_CONN_LOCK(ic);
1319 	if (ic->ic_socket == NULL) {
1320 		ICL_CONN_UNLOCK(ic);
1321 		return;
1322 	}
1323 
1324 	/*
1325 	 * Deregister socket upcalls.
1326 	 */
1327 	ICL_CONN_UNLOCK(ic);
1328 	SOCKBUF_LOCK(&ic->ic_socket->so_snd);
1329 	if (ic->ic_socket->so_snd.sb_upcall != NULL)
1330 		soupcall_clear(ic->ic_socket, SO_SND);
1331 	SOCKBUF_UNLOCK(&ic->ic_socket->so_snd);
1332 	SOCKBUF_LOCK(&ic->ic_socket->so_rcv);
1333 	if (ic->ic_socket->so_rcv.sb_upcall != NULL)
1334 		soupcall_clear(ic->ic_socket, SO_RCV);
1335 	SOCKBUF_UNLOCK(&ic->ic_socket->so_rcv);
1336 	ICL_CONN_LOCK(ic);
1337 
1338 	ic->ic_disconnecting = true;
1339 
1340 	/*
1341 	 * Wake up the threads, so they can properly terminate.
1342 	 */
1343 	cv_signal(&ic->ic_receive_cv);
1344 	cv_signal(&ic->ic_send_cv);
1345 	while (ic->ic_receive_running || ic->ic_send_running) {
1346 		//ICL_DEBUG("waiting for send/receive threads to terminate");
1347 		ICL_CONN_UNLOCK(ic);
1348 		cv_signal(&ic->ic_receive_cv);
1349 		cv_signal(&ic->ic_send_cv);
1350 		pause("icl_close", 1 * hz);
1351 		ICL_CONN_LOCK(ic);
1352 	}
1353 	//ICL_DEBUG("send/receive threads terminated");
1354 
1355 	ICL_CONN_UNLOCK(ic);
1356 	soclose(ic->ic_socket);
1357 	ICL_CONN_LOCK(ic);
1358 	ic->ic_socket = NULL;
1359 
1360 	if (ic->ic_receive_pdu != NULL) {
1361 		//ICL_DEBUG("freeing partially received PDU");
1362 		icl_pdu_free(ic->ic_receive_pdu);
1363 		ic->ic_receive_pdu = NULL;
1364 	}
1365 
1366 	/*
1367 	 * Remove any outstanding PDUs from the send queue.
1368 	 */
1369 	while (!STAILQ_EMPTY(&ic->ic_to_send)) {
1370 		pdu = STAILQ_FIRST(&ic->ic_to_send);
1371 		STAILQ_REMOVE_HEAD(&ic->ic_to_send, ip_next);
1372 		icl_pdu_free(pdu);
1373 	}
1374 
1375 	KASSERT(STAILQ_EMPTY(&ic->ic_to_send),
1376 	    ("destroying session with non-empty send queue"));
1377 #ifdef DIAGNOSTIC
1378 	KASSERT(ic->ic_outstanding_pdus == 0,
1379 	    ("destroying session with %d outstanding PDUs",
1380 	     ic->ic_outstanding_pdus));
1381 #endif
1382 	ICL_CONN_UNLOCK(ic);
1383 }
1384 
1385 bool
1386 icl_conn_connected(struct icl_conn *ic)
1387 {
1388 	ICL_CONN_LOCK_ASSERT_NOT(ic);
1389 
1390 	ICL_CONN_LOCK(ic);
1391 	if (ic->ic_socket == NULL) {
1392 		ICL_CONN_UNLOCK(ic);
1393 		return (false);
1394 	}
1395 	if (ic->ic_socket->so_error != 0) {
1396 		ICL_CONN_UNLOCK(ic);
1397 		return (false);
1398 	}
1399 	ICL_CONN_UNLOCK(ic);
1400 	return (true);
1401 }
1402 
1403 #ifdef ICL_KERNEL_PROXY
1404 int
1405 icl_conn_handoff_sock(struct icl_conn *ic, struct socket *so)
1406 {
1407 	int error;
1408 
1409 	ICL_CONN_LOCK_ASSERT_NOT(ic);
1410 
1411 	if (so->so_type != SOCK_STREAM)
1412 		return (EINVAL);
1413 
1414 	ICL_CONN_LOCK(ic);
1415 	if (ic->ic_socket != NULL) {
1416 		ICL_CONN_UNLOCK(ic);
1417 		return (EBUSY);
1418 	}
1419 	ic->ic_socket = so;
1420 	ICL_CONN_UNLOCK(ic);
1421 
1422 	error = icl_conn_start(ic);
1423 
1424 	return (error);
1425 }
1426 #endif /* ICL_KERNEL_PROXY */
1427 
1428 static int
1429 icl_unload(void)
1430 {
1431 
1432 	if (icl_ncons != 0)
1433 		return (EBUSY);
1434 
1435 	uma_zdestroy(icl_conn_zone);
1436 	uma_zdestroy(icl_pdu_zone);
1437 
1438 	return (0);
1439 }
1440 
1441 static void
1442 icl_load(void)
1443 {
1444 
1445 	icl_conn_zone = uma_zcreate("icl_conn",
1446 	    sizeof(struct icl_conn), NULL, NULL, NULL, NULL,
1447 	    UMA_ALIGN_PTR, 0);
1448 	icl_pdu_zone = uma_zcreate("icl_pdu",
1449 	    sizeof(struct icl_pdu), NULL, NULL, NULL, NULL,
1450 	    UMA_ALIGN_PTR, 0);
1451 
1452 	refcount_init(&icl_ncons, 0);
1453 }
1454 
1455 static int
1456 icl_modevent(module_t mod, int what, void *arg)
1457 {
1458 
1459 	switch (what) {
1460 	case MOD_LOAD:
1461 		icl_load();
1462 		return (0);
1463 	case MOD_UNLOAD:
1464 		return (icl_unload());
1465 	default:
1466 		return (EINVAL);
1467 	}
1468 }
1469 
1470 moduledata_t icl_data = {
1471 	"icl",
1472 	icl_modevent,
1473 	0
1474 };
1475 
1476 DECLARE_MODULE(icl, icl_data, SI_SUB_DRIVERS, SI_ORDER_FIRST);
1477 MODULE_VERSION(icl, 1);
1478