1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2003, 2004 Silicon Graphics International Corp. 5 * Copyright (c) 1997-2007 Kenneth D. Merry 6 * Copyright (c) 2012 The FreeBSD Foundation 7 * Copyright (c) 2017 Jakub Wojciech Klama <jceel@FreeBSD.org> 8 * All rights reserved. 9 * 10 * Portions of this software were developed by Edward Tomasz Napierala 11 * under sponsorship from the FreeBSD Foundation. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions, and the following disclaimer, 18 * without modification. 19 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 20 * substantially similar to the "NO WARRANTY" disclaimer below 21 * ("Disclaimer") and any redistribution must be conditioned upon 22 * including a substantially similar Disclaimer requirement for further 23 * binary redistribution. 24 * 25 * NO WARRANTY 26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 27 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 28 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR 29 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 30 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 34 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 35 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGES. 37 * 38 */ 39 40 #include <sys/cdefs.h> 41 __FBSDID("$FreeBSD$"); 42 43 #include <sys/param.h> 44 #include <sys/capsicum.h> 45 #include <sys/callout.h> 46 #include <sys/ioctl.h> 47 #include <sys/linker.h> 48 #include <sys/module.h> 49 #include <sys/queue.h> 50 #include <sys/sbuf.h> 51 #include <sys/nv.h> 52 #include <sys/stat.h> 53 #include <assert.h> 54 #include <bsdxml.h> 55 #include <capsicum_helpers.h> 56 #include <ctype.h> 57 #include <errno.h> 58 #include <fcntl.h> 59 #include <stdint.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 #include <strings.h> 64 #include <cam/scsi/scsi_all.h> 65 #include <cam/scsi/scsi_message.h> 66 #include <cam/ctl/ctl.h> 67 #include <cam/ctl/ctl_io.h> 68 #include <cam/ctl/ctl_backend.h> 69 #include <cam/ctl/ctl_ioctl.h> 70 #include <cam/ctl/ctl_util.h> 71 #include <cam/ctl/ctl_scsi_all.h> 72 73 #include "ctld.h" 74 75 #ifdef ICL_KERNEL_PROXY 76 #include <netdb.h> 77 #endif 78 79 #define NVLIST_BUFSIZE 1024 80 81 extern bool proxy_mode; 82 83 static int ctl_fd = 0; 84 85 void 86 kernel_init(void) 87 { 88 int retval, saved_errno; 89 90 ctl_fd = open(CTL_DEFAULT_DEV, O_RDWR); 91 if (ctl_fd < 0 && errno == ENOENT) { 92 saved_errno = errno; 93 retval = kldload("ctl"); 94 if (retval != -1) 95 ctl_fd = open(CTL_DEFAULT_DEV, O_RDWR); 96 else 97 errno = saved_errno; 98 } 99 if (ctl_fd < 0) 100 log_err(1, "failed to open %s", CTL_DEFAULT_DEV); 101 #ifdef WANT_ISCSI 102 else { 103 saved_errno = errno; 104 if (modfind("cfiscsi") == -1 && kldload("cfiscsi") == -1) 105 log_warn("couldn't load cfiscsi"); 106 errno = saved_errno; 107 } 108 #endif 109 } 110 111 /* 112 * Name/value pair used for per-LUN attributes. 113 */ 114 struct cctl_lun_nv { 115 char *name; 116 char *value; 117 STAILQ_ENTRY(cctl_lun_nv) links; 118 }; 119 120 /* 121 * Backend LUN information. 122 */ 123 struct cctl_lun { 124 uint64_t lun_id; 125 char *backend_type; 126 uint8_t device_type; 127 uint64_t size_blocks; 128 uint32_t blocksize; 129 char *serial_number; 130 char *device_id; 131 char *ctld_name; 132 STAILQ_HEAD(,cctl_lun_nv) attr_list; 133 STAILQ_ENTRY(cctl_lun) links; 134 }; 135 136 struct cctl_port { 137 uint32_t port_id; 138 char *port_frontend; 139 char *port_name; 140 int pp; 141 int vp; 142 int cfiscsi_state; 143 char *cfiscsi_target; 144 uint16_t cfiscsi_portal_group_tag; 145 char *ctld_portal_group_name; 146 STAILQ_HEAD(,cctl_lun_nv) attr_list; 147 STAILQ_ENTRY(cctl_port) links; 148 }; 149 150 struct cctl_devlist_data { 151 int num_luns; 152 STAILQ_HEAD(,cctl_lun) lun_list; 153 struct cctl_lun *cur_lun; 154 int num_ports; 155 STAILQ_HEAD(,cctl_port) port_list; 156 struct cctl_port *cur_port; 157 int level; 158 struct sbuf *cur_sb[32]; 159 }; 160 161 static void 162 cctl_start_element(void *user_data, const char *name, const char **attr) 163 { 164 int i; 165 struct cctl_devlist_data *devlist; 166 struct cctl_lun *cur_lun; 167 168 devlist = (struct cctl_devlist_data *)user_data; 169 cur_lun = devlist->cur_lun; 170 devlist->level++; 171 if ((u_int)devlist->level >= (sizeof(devlist->cur_sb) / 172 sizeof(devlist->cur_sb[0]))) 173 log_errx(1, "%s: too many nesting levels, %zd max", __func__, 174 sizeof(devlist->cur_sb) / sizeof(devlist->cur_sb[0])); 175 176 devlist->cur_sb[devlist->level] = sbuf_new_auto(); 177 if (devlist->cur_sb[devlist->level] == NULL) 178 log_err(1, "%s: unable to allocate sbuf", __func__); 179 180 if (strcmp(name, "lun") == 0) { 181 if (cur_lun != NULL) 182 log_errx(1, "%s: improper lun element nesting", 183 __func__); 184 185 cur_lun = calloc(1, sizeof(*cur_lun)); 186 if (cur_lun == NULL) 187 log_err(1, "%s: cannot allocate %zd bytes", __func__, 188 sizeof(*cur_lun)); 189 190 devlist->num_luns++; 191 devlist->cur_lun = cur_lun; 192 193 STAILQ_INIT(&cur_lun->attr_list); 194 STAILQ_INSERT_TAIL(&devlist->lun_list, cur_lun, links); 195 196 for (i = 0; attr[i] != NULL; i += 2) { 197 if (strcmp(attr[i], "id") == 0) { 198 cur_lun->lun_id = strtoull(attr[i+1], NULL, 0); 199 } else { 200 log_errx(1, "%s: invalid LUN attribute %s = %s", 201 __func__, attr[i], attr[i+1]); 202 } 203 } 204 } 205 } 206 207 static void 208 cctl_end_element(void *user_data, const char *name) 209 { 210 struct cctl_devlist_data *devlist; 211 struct cctl_lun *cur_lun; 212 char *str; 213 214 devlist = (struct cctl_devlist_data *)user_data; 215 cur_lun = devlist->cur_lun; 216 217 if ((cur_lun == NULL) 218 && (strcmp(name, "ctllunlist") != 0)) 219 log_errx(1, "%s: cur_lun == NULL! (name = %s)", __func__, name); 220 221 if (devlist->cur_sb[devlist->level] == NULL) 222 log_errx(1, "%s: no valid sbuf at level %d (name %s)", __func__, 223 devlist->level, name); 224 225 sbuf_finish(devlist->cur_sb[devlist->level]); 226 str = checked_strdup(sbuf_data(devlist->cur_sb[devlist->level])); 227 228 if (strlen(str) == 0) { 229 free(str); 230 str = NULL; 231 } 232 233 sbuf_delete(devlist->cur_sb[devlist->level]); 234 devlist->cur_sb[devlist->level] = NULL; 235 devlist->level--; 236 237 if (strcmp(name, "backend_type") == 0) { 238 cur_lun->backend_type = str; 239 str = NULL; 240 } else if (strcmp(name, "lun_type") == 0) { 241 cur_lun->device_type = strtoull(str, NULL, 0); 242 } else if (strcmp(name, "size") == 0) { 243 cur_lun->size_blocks = strtoull(str, NULL, 0); 244 } else if (strcmp(name, "blocksize") == 0) { 245 cur_lun->blocksize = strtoul(str, NULL, 0); 246 } else if (strcmp(name, "serial_number") == 0) { 247 cur_lun->serial_number = str; 248 str = NULL; 249 } else if (strcmp(name, "device_id") == 0) { 250 cur_lun->device_id = str; 251 str = NULL; 252 } else if (strcmp(name, "ctld_name") == 0) { 253 cur_lun->ctld_name = str; 254 str = NULL; 255 } else if (strcmp(name, "lun") == 0) { 256 devlist->cur_lun = NULL; 257 } else if (strcmp(name, "ctllunlist") == 0) { 258 /* Nothing. */ 259 } else { 260 struct cctl_lun_nv *nv; 261 262 nv = calloc(1, sizeof(*nv)); 263 if (nv == NULL) 264 log_err(1, "%s: can't allocate %zd bytes for nv pair", 265 __func__, sizeof(*nv)); 266 267 nv->name = checked_strdup(name); 268 269 nv->value = str; 270 str = NULL; 271 STAILQ_INSERT_TAIL(&cur_lun->attr_list, nv, links); 272 } 273 274 free(str); 275 } 276 277 static void 278 cctl_start_pelement(void *user_data, const char *name, const char **attr) 279 { 280 int i; 281 struct cctl_devlist_data *devlist; 282 struct cctl_port *cur_port; 283 284 devlist = (struct cctl_devlist_data *)user_data; 285 cur_port = devlist->cur_port; 286 devlist->level++; 287 if ((u_int)devlist->level >= (sizeof(devlist->cur_sb) / 288 sizeof(devlist->cur_sb[0]))) 289 log_errx(1, "%s: too many nesting levels, %zd max", __func__, 290 sizeof(devlist->cur_sb) / sizeof(devlist->cur_sb[0])); 291 292 devlist->cur_sb[devlist->level] = sbuf_new_auto(); 293 if (devlist->cur_sb[devlist->level] == NULL) 294 log_err(1, "%s: unable to allocate sbuf", __func__); 295 296 if (strcmp(name, "targ_port") == 0) { 297 if (cur_port != NULL) 298 log_errx(1, "%s: improper port element nesting (%s)", 299 __func__, name); 300 301 cur_port = calloc(1, sizeof(*cur_port)); 302 if (cur_port == NULL) 303 log_err(1, "%s: cannot allocate %zd bytes", __func__, 304 sizeof(*cur_port)); 305 306 devlist->num_ports++; 307 devlist->cur_port = cur_port; 308 309 STAILQ_INIT(&cur_port->attr_list); 310 STAILQ_INSERT_TAIL(&devlist->port_list, cur_port, links); 311 312 for (i = 0; attr[i] != NULL; i += 2) { 313 if (strcmp(attr[i], "id") == 0) { 314 cur_port->port_id = strtoul(attr[i+1], NULL, 0); 315 } else { 316 log_errx(1, "%s: invalid LUN attribute %s = %s", 317 __func__, attr[i], attr[i+1]); 318 } 319 } 320 } 321 } 322 323 static void 324 cctl_end_pelement(void *user_data, const char *name) 325 { 326 struct cctl_devlist_data *devlist; 327 struct cctl_port *cur_port; 328 char *str; 329 330 devlist = (struct cctl_devlist_data *)user_data; 331 cur_port = devlist->cur_port; 332 333 if ((cur_port == NULL) 334 && (strcmp(name, "ctlportlist") != 0)) 335 log_errx(1, "%s: cur_port == NULL! (name = %s)", __func__, name); 336 337 if (devlist->cur_sb[devlist->level] == NULL) 338 log_errx(1, "%s: no valid sbuf at level %d (name %s)", __func__, 339 devlist->level, name); 340 341 sbuf_finish(devlist->cur_sb[devlist->level]); 342 str = checked_strdup(sbuf_data(devlist->cur_sb[devlist->level])); 343 344 if (strlen(str) == 0) { 345 free(str); 346 str = NULL; 347 } 348 349 sbuf_delete(devlist->cur_sb[devlist->level]); 350 devlist->cur_sb[devlist->level] = NULL; 351 devlist->level--; 352 353 if (strcmp(name, "frontend_type") == 0) { 354 cur_port->port_frontend = str; 355 str = NULL; 356 } else if (strcmp(name, "port_name") == 0) { 357 cur_port->port_name = str; 358 str = NULL; 359 } else if (strcmp(name, "physical_port") == 0) { 360 cur_port->pp = strtoul(str, NULL, 0); 361 } else if (strcmp(name, "virtual_port") == 0) { 362 cur_port->vp = strtoul(str, NULL, 0); 363 } else if (strcmp(name, "cfiscsi_target") == 0) { 364 cur_port->cfiscsi_target = str; 365 str = NULL; 366 } else if (strcmp(name, "cfiscsi_state") == 0) { 367 cur_port->cfiscsi_state = strtoul(str, NULL, 0); 368 } else if (strcmp(name, "cfiscsi_portal_group_tag") == 0) { 369 cur_port->cfiscsi_portal_group_tag = strtoul(str, NULL, 0); 370 } else if (strcmp(name, "ctld_portal_group_name") == 0) { 371 cur_port->ctld_portal_group_name = str; 372 str = NULL; 373 } else if (strcmp(name, "targ_port") == 0) { 374 devlist->cur_port = NULL; 375 } else if (strcmp(name, "ctlportlist") == 0) { 376 /* Nothing. */ 377 } else { 378 struct cctl_lun_nv *nv; 379 380 nv = calloc(1, sizeof(*nv)); 381 if (nv == NULL) 382 log_err(1, "%s: can't allocate %zd bytes for nv pair", 383 __func__, sizeof(*nv)); 384 385 nv->name = checked_strdup(name); 386 387 nv->value = str; 388 str = NULL; 389 STAILQ_INSERT_TAIL(&cur_port->attr_list, nv, links); 390 } 391 392 free(str); 393 } 394 395 static void 396 cctl_char_handler(void *user_data, const XML_Char *str, int len) 397 { 398 struct cctl_devlist_data *devlist; 399 400 devlist = (struct cctl_devlist_data *)user_data; 401 402 sbuf_bcat(devlist->cur_sb[devlist->level], str, len); 403 } 404 405 struct conf * 406 conf_new_from_kernel(void) 407 { 408 struct conf *conf = NULL; 409 struct target *targ; 410 struct portal_group *pg; 411 struct pport *pp; 412 struct port *cp; 413 struct lun *cl; 414 struct option *o; 415 struct ctl_lun_list list; 416 struct cctl_devlist_data devlist; 417 struct cctl_lun *lun; 418 struct cctl_port *port; 419 XML_Parser parser; 420 char *str, *name; 421 int len, retval; 422 423 bzero(&devlist, sizeof(devlist)); 424 STAILQ_INIT(&devlist.lun_list); 425 STAILQ_INIT(&devlist.port_list); 426 427 log_debugx("obtaining previously configured CTL luns from the kernel"); 428 429 str = NULL; 430 len = 4096; 431 retry: 432 str = realloc(str, len); 433 if (str == NULL) 434 log_err(1, "realloc"); 435 436 bzero(&list, sizeof(list)); 437 list.alloc_len = len; 438 list.status = CTL_LUN_LIST_NONE; 439 list.lun_xml = str; 440 441 if (ioctl(ctl_fd, CTL_LUN_LIST, &list) == -1) { 442 log_warn("error issuing CTL_LUN_LIST ioctl"); 443 free(str); 444 return (NULL); 445 } 446 447 if (list.status == CTL_LUN_LIST_ERROR) { 448 log_warnx("error returned from CTL_LUN_LIST ioctl: %s", 449 list.error_str); 450 free(str); 451 return (NULL); 452 } 453 454 if (list.status == CTL_LUN_LIST_NEED_MORE_SPACE) { 455 len = len << 1; 456 goto retry; 457 } 458 459 parser = XML_ParserCreate(NULL); 460 if (parser == NULL) { 461 log_warnx("unable to create XML parser"); 462 free(str); 463 return (NULL); 464 } 465 466 XML_SetUserData(parser, &devlist); 467 XML_SetElementHandler(parser, cctl_start_element, cctl_end_element); 468 XML_SetCharacterDataHandler(parser, cctl_char_handler); 469 470 retval = XML_Parse(parser, str, strlen(str), 1); 471 XML_ParserFree(parser); 472 free(str); 473 if (retval != 1) { 474 log_warnx("XML_Parse failed"); 475 return (NULL); 476 } 477 478 str = NULL; 479 len = 4096; 480 retry_port: 481 str = realloc(str, len); 482 if (str == NULL) 483 log_err(1, "realloc"); 484 485 bzero(&list, sizeof(list)); 486 list.alloc_len = len; 487 list.status = CTL_LUN_LIST_NONE; 488 list.lun_xml = str; 489 490 if (ioctl(ctl_fd, CTL_PORT_LIST, &list) == -1) { 491 log_warn("error issuing CTL_PORT_LIST ioctl"); 492 free(str); 493 return (NULL); 494 } 495 496 if (list.status == CTL_LUN_LIST_ERROR) { 497 log_warnx("error returned from CTL_PORT_LIST ioctl: %s", 498 list.error_str); 499 free(str); 500 return (NULL); 501 } 502 503 if (list.status == CTL_LUN_LIST_NEED_MORE_SPACE) { 504 len = len << 1; 505 goto retry_port; 506 } 507 508 parser = XML_ParserCreate(NULL); 509 if (parser == NULL) { 510 log_warnx("unable to create XML parser"); 511 free(str); 512 return (NULL); 513 } 514 515 XML_SetUserData(parser, &devlist); 516 XML_SetElementHandler(parser, cctl_start_pelement, cctl_end_pelement); 517 XML_SetCharacterDataHandler(parser, cctl_char_handler); 518 519 retval = XML_Parse(parser, str, strlen(str), 1); 520 XML_ParserFree(parser); 521 free(str); 522 if (retval != 1) { 523 log_warnx("XML_Parse failed"); 524 return (NULL); 525 } 526 527 conf = conf_new(); 528 529 name = NULL; 530 STAILQ_FOREACH(port, &devlist.port_list, links) { 531 if (strcmp(port->port_frontend, "ha") == 0) 532 continue; 533 free(name); 534 if (port->pp == 0 && port->vp == 0) { 535 name = checked_strdup(port->port_name); 536 } else if (port->vp == 0) { 537 retval = asprintf(&name, "%s/%d", 538 port->port_name, port->pp); 539 if (retval <= 0) 540 log_err(1, "asprintf"); 541 } else { 542 retval = asprintf(&name, "%s/%d/%d", 543 port->port_name, port->pp, port->vp); 544 if (retval <= 0) 545 log_err(1, "asprintf"); 546 } 547 548 if (port->cfiscsi_target == NULL) { 549 log_debugx("CTL port %u \"%s\" wasn't managed by ctld; ", 550 port->port_id, name); 551 pp = pport_find(conf, name); 552 if (pp == NULL) { 553 #if 0 554 log_debugx("found new kernel port %u \"%s\"", 555 port->port_id, name); 556 #endif 557 pp = pport_new(conf, name, port->port_id); 558 if (pp == NULL) { 559 log_warnx("pport_new failed"); 560 continue; 561 } 562 } 563 continue; 564 } 565 if (port->cfiscsi_state != 1) { 566 log_debugx("CTL port %ju is not active (%d); ignoring", 567 (uintmax_t)port->port_id, port->cfiscsi_state); 568 continue; 569 } 570 571 targ = target_find(conf, port->cfiscsi_target); 572 if (targ == NULL) { 573 #if 0 574 log_debugx("found new kernel target %s for CTL port %ld", 575 port->cfiscsi_target, port->port_id); 576 #endif 577 targ = target_new(conf, port->cfiscsi_target); 578 if (targ == NULL) { 579 log_warnx("target_new failed"); 580 continue; 581 } 582 } 583 584 if (port->ctld_portal_group_name == NULL) 585 continue; 586 pg = portal_group_find(conf, port->ctld_portal_group_name); 587 if (pg == NULL) { 588 #if 0 589 log_debugx("found new kernel portal group %s for CTL port %ld", 590 port->ctld_portal_group_name, port->port_id); 591 #endif 592 pg = portal_group_new(conf, port->ctld_portal_group_name); 593 if (pg == NULL) { 594 log_warnx("portal_group_new failed"); 595 continue; 596 } 597 } 598 pg->pg_tag = port->cfiscsi_portal_group_tag; 599 cp = port_new(conf, targ, pg); 600 if (cp == NULL) { 601 log_warnx("port_new failed"); 602 continue; 603 } 604 cp->p_ctl_port = port->port_id; 605 } 606 free(name); 607 608 STAILQ_FOREACH(lun, &devlist.lun_list, links) { 609 struct cctl_lun_nv *nv; 610 611 if (lun->ctld_name == NULL) { 612 log_debugx("CTL lun %ju wasn't managed by ctld; " 613 "ignoring", (uintmax_t)lun->lun_id); 614 continue; 615 } 616 617 cl = lun_find(conf, lun->ctld_name); 618 if (cl != NULL) { 619 log_warnx("found CTL lun %ju \"%s\", " 620 "also backed by CTL lun %d; ignoring", 621 (uintmax_t)lun->lun_id, lun->ctld_name, 622 cl->l_ctl_lun); 623 continue; 624 } 625 626 log_debugx("found CTL lun %ju \"%s\"", 627 (uintmax_t)lun->lun_id, lun->ctld_name); 628 629 cl = lun_new(conf, lun->ctld_name); 630 if (cl == NULL) { 631 log_warnx("lun_new failed"); 632 continue; 633 } 634 lun_set_backend(cl, lun->backend_type); 635 lun_set_device_type(cl, lun->device_type); 636 lun_set_blocksize(cl, lun->blocksize); 637 lun_set_device_id(cl, lun->device_id); 638 lun_set_serial(cl, lun->serial_number); 639 lun_set_size(cl, lun->size_blocks * cl->l_blocksize); 640 lun_set_ctl_lun(cl, lun->lun_id); 641 642 STAILQ_FOREACH(nv, &lun->attr_list, links) { 643 if (strcmp(nv->name, "file") == 0 || 644 strcmp(nv->name, "dev") == 0) { 645 lun_set_path(cl, nv->value); 646 continue; 647 } 648 o = option_new(&cl->l_options, nv->name, nv->value); 649 if (o == NULL) 650 log_warnx("unable to add CTL lun option %s " 651 "for CTL lun %ju \"%s\"", 652 nv->name, (uintmax_t) lun->lun_id, 653 cl->l_name); 654 } 655 } 656 657 return (conf); 658 } 659 660 int 661 kernel_lun_add(struct lun *lun) 662 { 663 struct option *o; 664 struct ctl_lun_req req; 665 int error; 666 667 bzero(&req, sizeof(req)); 668 669 strlcpy(req.backend, lun->l_backend, sizeof(req.backend)); 670 req.reqtype = CTL_LUNREQ_CREATE; 671 672 req.reqdata.create.blocksize_bytes = lun->l_blocksize; 673 674 if (lun->l_size != 0) 675 req.reqdata.create.lun_size_bytes = lun->l_size; 676 677 if (lun->l_ctl_lun >= 0) { 678 req.reqdata.create.req_lun_id = lun->l_ctl_lun; 679 req.reqdata.create.flags |= CTL_LUN_FLAG_ID_REQ; 680 } 681 682 req.reqdata.create.flags |= CTL_LUN_FLAG_DEV_TYPE; 683 req.reqdata.create.device_type = lun->l_device_type; 684 685 if (lun->l_serial != NULL) { 686 strncpy(req.reqdata.create.serial_num, lun->l_serial, 687 sizeof(req.reqdata.create.serial_num)); 688 req.reqdata.create.flags |= CTL_LUN_FLAG_SERIAL_NUM; 689 } 690 691 if (lun->l_device_id != NULL) { 692 strncpy(req.reqdata.create.device_id, lun->l_device_id, 693 sizeof(req.reqdata.create.device_id)); 694 req.reqdata.create.flags |= CTL_LUN_FLAG_DEVID; 695 } 696 697 if (lun->l_path != NULL) { 698 o = option_find(&lun->l_options, "file"); 699 if (o != NULL) { 700 option_set(o, lun->l_path); 701 } else { 702 o = option_new(&lun->l_options, "file", lun->l_path); 703 assert(o != NULL); 704 } 705 } 706 707 o = option_find(&lun->l_options, "ctld_name"); 708 if (o != NULL) { 709 option_set(o, lun->l_name); 710 } else { 711 o = option_new(&lun->l_options, "ctld_name", lun->l_name); 712 assert(o != NULL); 713 } 714 715 o = option_find(&lun->l_options, "scsiname"); 716 if (o == NULL && lun->l_scsiname != NULL) { 717 o = option_new(&lun->l_options, "scsiname", lun->l_scsiname); 718 assert(o != NULL); 719 } 720 721 if (!TAILQ_EMPTY(&lun->l_options)) { 722 req.args_nvl = nvlist_create(0); 723 if (req.args_nvl == NULL) { 724 log_warn("error allocating nvlist"); 725 return (1); 726 } 727 728 TAILQ_FOREACH(o, &lun->l_options, o_next) 729 nvlist_add_string(req.args_nvl, o->o_name, o->o_value); 730 731 req.args = nvlist_pack(req.args_nvl, &req.args_len); 732 if (req.args == NULL) { 733 log_warn("error packing nvlist"); 734 return (1); 735 } 736 } 737 738 error = ioctl(ctl_fd, CTL_LUN_REQ, &req); 739 nvlist_destroy(req.args_nvl); 740 741 if (error != 0) { 742 log_warn("error issuing CTL_LUN_REQ ioctl"); 743 return (1); 744 } 745 746 switch (req.status) { 747 case CTL_LUN_ERROR: 748 log_warnx("LUN creation error: %s", req.error_str); 749 return (1); 750 case CTL_LUN_WARNING: 751 log_warnx("LUN creation warning: %s", req.error_str); 752 break; 753 case CTL_LUN_OK: 754 break; 755 default: 756 log_warnx("unknown LUN creation status: %d", 757 req.status); 758 return (1); 759 } 760 761 lun_set_ctl_lun(lun, req.reqdata.create.req_lun_id); 762 return (0); 763 } 764 765 int 766 kernel_lun_modify(struct lun *lun) 767 { 768 struct option *o; 769 struct ctl_lun_req req; 770 int error; 771 772 bzero(&req, sizeof(req)); 773 774 strlcpy(req.backend, lun->l_backend, sizeof(req.backend)); 775 req.reqtype = CTL_LUNREQ_MODIFY; 776 777 req.reqdata.modify.lun_id = lun->l_ctl_lun; 778 req.reqdata.modify.lun_size_bytes = lun->l_size; 779 780 if (!TAILQ_EMPTY(&lun->l_options)) { 781 req.args_nvl = nvlist_create(0); 782 if (req.args_nvl == NULL) { 783 log_warn("error allocating nvlist"); 784 return (1); 785 } 786 787 TAILQ_FOREACH(o, &lun->l_options, o_next) 788 nvlist_add_string(req.args_nvl, o->o_name, o->o_value); 789 790 req.args = nvlist_pack(req.args_nvl, &req.args_len); 791 if (req.args == NULL) { 792 log_warn("error packing nvlist"); 793 return (1); 794 } 795 } 796 797 error = ioctl(ctl_fd, CTL_LUN_REQ, &req); 798 nvlist_destroy(req.args_nvl); 799 800 if (error != 0) { 801 log_warn("error issuing CTL_LUN_REQ ioctl"); 802 return (1); 803 } 804 805 switch (req.status) { 806 case CTL_LUN_ERROR: 807 log_warnx("LUN modification error: %s", req.error_str); 808 return (1); 809 case CTL_LUN_WARNING: 810 log_warnx("LUN modification warning: %s", req.error_str); 811 break; 812 case CTL_LUN_OK: 813 break; 814 default: 815 log_warnx("unknown LUN modification status: %d", 816 req.status); 817 return (1); 818 } 819 820 return (0); 821 } 822 823 int 824 kernel_lun_remove(struct lun *lun) 825 { 826 struct ctl_lun_req req; 827 828 bzero(&req, sizeof(req)); 829 830 strlcpy(req.backend, lun->l_backend, sizeof(req.backend)); 831 req.reqtype = CTL_LUNREQ_RM; 832 833 req.reqdata.rm.lun_id = lun->l_ctl_lun; 834 835 if (ioctl(ctl_fd, CTL_LUN_REQ, &req) == -1) { 836 log_warn("error issuing CTL_LUN_REQ ioctl"); 837 return (1); 838 } 839 840 switch (req.status) { 841 case CTL_LUN_ERROR: 842 log_warnx("LUN removal error: %s", req.error_str); 843 return (1); 844 case CTL_LUN_WARNING: 845 log_warnx("LUN removal warning: %s", req.error_str); 846 break; 847 case CTL_LUN_OK: 848 break; 849 default: 850 log_warnx("unknown LUN removal status: %d", req.status); 851 return (1); 852 } 853 854 return (0); 855 } 856 857 void 858 kernel_handoff(struct connection *conn) 859 { 860 struct ctl_iscsi req; 861 862 bzero(&req, sizeof(req)); 863 864 req.type = CTL_ISCSI_HANDOFF; 865 strlcpy(req.data.handoff.initiator_name, 866 conn->conn_initiator_name, sizeof(req.data.handoff.initiator_name)); 867 strlcpy(req.data.handoff.initiator_addr, 868 conn->conn_initiator_addr, sizeof(req.data.handoff.initiator_addr)); 869 if (conn->conn_initiator_alias != NULL) { 870 strlcpy(req.data.handoff.initiator_alias, 871 conn->conn_initiator_alias, sizeof(req.data.handoff.initiator_alias)); 872 } 873 memcpy(req.data.handoff.initiator_isid, conn->conn_initiator_isid, 874 sizeof(req.data.handoff.initiator_isid)); 875 strlcpy(req.data.handoff.target_name, 876 conn->conn_target->t_name, sizeof(req.data.handoff.target_name)); 877 if (conn->conn_portal->p_portal_group->pg_offload != NULL) { 878 strlcpy(req.data.handoff.offload, 879 conn->conn_portal->p_portal_group->pg_offload, 880 sizeof(req.data.handoff.offload)); 881 } 882 #ifdef ICL_KERNEL_PROXY 883 if (proxy_mode) 884 req.data.handoff.connection_id = conn->conn_socket; 885 else 886 req.data.handoff.socket = conn->conn_socket; 887 #else 888 req.data.handoff.socket = conn->conn_socket; 889 #endif 890 req.data.handoff.portal_group_tag = 891 conn->conn_portal->p_portal_group->pg_tag; 892 if (conn->conn_header_digest == CONN_DIGEST_CRC32C) 893 req.data.handoff.header_digest = CTL_ISCSI_DIGEST_CRC32C; 894 if (conn->conn_data_digest == CONN_DIGEST_CRC32C) 895 req.data.handoff.data_digest = CTL_ISCSI_DIGEST_CRC32C; 896 req.data.handoff.cmdsn = conn->conn_cmdsn; 897 req.data.handoff.statsn = conn->conn_statsn; 898 req.data.handoff.max_recv_data_segment_length = 899 conn->conn_max_recv_data_segment_length; 900 req.data.handoff.max_send_data_segment_length = 901 conn->conn_max_send_data_segment_length; 902 req.data.handoff.max_burst_length = conn->conn_max_burst_length; 903 req.data.handoff.first_burst_length = conn->conn_first_burst_length; 904 req.data.handoff.immediate_data = conn->conn_immediate_data; 905 906 if (ioctl(ctl_fd, CTL_ISCSI, &req) == -1) { 907 log_err(1, "error issuing CTL_ISCSI ioctl; " 908 "dropping connection"); 909 } 910 911 if (req.status != CTL_ISCSI_OK) { 912 log_errx(1, "error returned from CTL iSCSI handoff request: " 913 "%s; dropping connection", req.error_str); 914 } 915 } 916 917 void 918 kernel_limits(const char *offload, int *max_recv_dsl, int *max_send_dsl, 919 int *max_burst_length, int *first_burst_length) 920 { 921 struct ctl_iscsi req; 922 struct ctl_iscsi_limits_params *cilp; 923 924 bzero(&req, sizeof(req)); 925 926 req.type = CTL_ISCSI_LIMITS; 927 cilp = (struct ctl_iscsi_limits_params *)&(req.data.limits); 928 if (offload != NULL) { 929 strlcpy(cilp->offload, offload, sizeof(cilp->offload)); 930 } 931 932 if (ioctl(ctl_fd, CTL_ISCSI, &req) == -1) { 933 log_err(1, "error issuing CTL_ISCSI ioctl; " 934 "dropping connection"); 935 } 936 937 if (req.status != CTL_ISCSI_OK) { 938 log_errx(1, "error returned from CTL iSCSI limits request: " 939 "%s; dropping connection", req.error_str); 940 } 941 942 if (cilp->max_recv_data_segment_length != 0) { 943 *max_recv_dsl = cilp->max_recv_data_segment_length; 944 *max_send_dsl = cilp->max_recv_data_segment_length; 945 } 946 if (cilp->max_send_data_segment_length != 0) 947 *max_send_dsl = cilp->max_send_data_segment_length; 948 if (cilp->max_burst_length != 0) 949 *max_burst_length = cilp->max_burst_length; 950 if (cilp->first_burst_length != 0) 951 *first_burst_length = cilp->first_burst_length; 952 if (*max_burst_length < *first_burst_length) 953 *first_burst_length = *max_burst_length; 954 955 if (offload != NULL) { 956 log_debugx("Kernel limits for offload \"%s\" are " 957 "MaxRecvDataSegment=%d, max_send_dsl=%d, " 958 "MaxBurstLength=%d, FirstBurstLength=%d", 959 offload, *max_recv_dsl, *max_send_dsl, *max_burst_length, 960 *first_burst_length); 961 } else { 962 log_debugx("Kernel limits are " 963 "MaxRecvDataSegment=%d, max_send_dsl=%d, " 964 "MaxBurstLength=%d, FirstBurstLength=%d", 965 *max_recv_dsl, *max_send_dsl, *max_burst_length, 966 *first_burst_length); 967 } 968 } 969 970 int 971 kernel_port_add(struct port *port) 972 { 973 struct option *o; 974 struct ctl_port_entry entry; 975 struct ctl_req req; 976 struct ctl_lun_map lm; 977 struct target *targ = port->p_target; 978 struct portal_group *pg = port->p_portal_group; 979 char result_buf[NVLIST_BUFSIZE]; 980 int error, i; 981 982 /* Create iSCSI port. */ 983 if (port->p_portal_group || port->p_ioctl_port) { 984 bzero(&req, sizeof(req)); 985 req.reqtype = CTL_REQ_CREATE; 986 987 if (port->p_portal_group) { 988 strlcpy(req.driver, "iscsi", sizeof(req.driver)); 989 req.args_nvl = nvlist_create(0); 990 nvlist_add_string(req.args_nvl, "cfiscsi_target", 991 targ->t_name); 992 nvlist_add_string(req.args_nvl, 993 "ctld_portal_group_name", pg->pg_name); 994 nvlist_add_stringf(req.args_nvl, 995 "cfiscsi_portal_group_tag", "%u", pg->pg_tag); 996 997 if (targ->t_alias) { 998 nvlist_add_string(req.args_nvl, 999 "cfiscsi_target_alias", targ->t_alias); 1000 } 1001 1002 TAILQ_FOREACH(o, &pg->pg_options, o_next) 1003 nvlist_add_string(req.args_nvl, o->o_name, 1004 o->o_value); 1005 } 1006 1007 if (port->p_ioctl_port) { 1008 strlcpy(req.driver, "ioctl", sizeof(req.driver)); 1009 req.args_nvl = nvlist_create(0); 1010 nvlist_add_stringf(req.args_nvl, "pp", "%d", 1011 port->p_ioctl_pp); 1012 nvlist_add_stringf(req.args_nvl, "vp", "%d", 1013 port->p_ioctl_vp); 1014 } 1015 1016 req.args = nvlist_pack(req.args_nvl, &req.args_len); 1017 if (req.args == NULL) { 1018 log_warn("error packing nvlist"); 1019 return (1); 1020 } 1021 1022 req.result = result_buf; 1023 req.result_len = sizeof(result_buf); 1024 error = ioctl(ctl_fd, CTL_PORT_REQ, &req); 1025 nvlist_destroy(req.args_nvl); 1026 1027 if (error != 0) { 1028 log_warn("error issuing CTL_PORT_REQ ioctl"); 1029 return (1); 1030 } 1031 if (req.status == CTL_LUN_ERROR) { 1032 log_warnx("error returned from port creation request: %s", 1033 req.error_str); 1034 return (1); 1035 } 1036 if (req.status != CTL_LUN_OK) { 1037 log_warnx("unknown port creation request status %d", 1038 req.status); 1039 return (1); 1040 } 1041 1042 req.result_nvl = nvlist_unpack(result_buf, req.result_len, 0); 1043 if (req.result_nvl == NULL) { 1044 log_warnx("error unpacking result nvlist"); 1045 return (1); 1046 } 1047 1048 port->p_ctl_port = nvlist_get_number(req.result_nvl, "port_id"); 1049 nvlist_destroy(req.result_nvl); 1050 } else if (port->p_pport) { 1051 port->p_ctl_port = port->p_pport->pp_ctl_port; 1052 1053 if (strncmp(targ->t_name, "naa.", 4) == 0 && 1054 strlen(targ->t_name) == 20) { 1055 bzero(&entry, sizeof(entry)); 1056 entry.port_type = CTL_PORT_NONE; 1057 entry.targ_port = port->p_ctl_port; 1058 entry.flags |= CTL_PORT_WWNN_VALID; 1059 entry.wwnn = strtoull(targ->t_name + 4, NULL, 16); 1060 if (ioctl(ctl_fd, CTL_SET_PORT_WWNS, &entry) == -1) 1061 log_warn("CTL_SET_PORT_WWNS ioctl failed"); 1062 } 1063 } 1064 1065 /* Explicitly enable mapping to block any access except allowed. */ 1066 lm.port = port->p_ctl_port; 1067 lm.plun = UINT32_MAX; 1068 lm.lun = 0; 1069 error = ioctl(ctl_fd, CTL_LUN_MAP, &lm); 1070 if (error != 0) 1071 log_warn("CTL_LUN_MAP ioctl failed"); 1072 1073 /* Map configured LUNs */ 1074 for (i = 0; i < MAX_LUNS; i++) { 1075 if (targ->t_luns[i] == NULL) 1076 continue; 1077 lm.port = port->p_ctl_port; 1078 lm.plun = i; 1079 lm.lun = targ->t_luns[i]->l_ctl_lun; 1080 error = ioctl(ctl_fd, CTL_LUN_MAP, &lm); 1081 if (error != 0) 1082 log_warn("CTL_LUN_MAP ioctl failed"); 1083 } 1084 1085 /* Enable port */ 1086 bzero(&entry, sizeof(entry)); 1087 entry.targ_port = port->p_ctl_port; 1088 error = ioctl(ctl_fd, CTL_ENABLE_PORT, &entry); 1089 if (error != 0) { 1090 log_warn("CTL_ENABLE_PORT ioctl failed"); 1091 return (-1); 1092 } 1093 1094 return (0); 1095 } 1096 1097 int 1098 kernel_port_update(struct port *port, struct port *oport) 1099 { 1100 struct ctl_lun_map lm; 1101 struct target *targ = port->p_target; 1102 struct target *otarg = oport->p_target; 1103 int error, i; 1104 uint32_t olun; 1105 1106 /* Map configured LUNs and unmap others */ 1107 for (i = 0; i < MAX_LUNS; i++) { 1108 lm.port = port->p_ctl_port; 1109 lm.plun = i; 1110 if (targ->t_luns[i] == NULL) 1111 lm.lun = UINT32_MAX; 1112 else 1113 lm.lun = targ->t_luns[i]->l_ctl_lun; 1114 if (otarg->t_luns[i] == NULL) 1115 olun = UINT32_MAX; 1116 else 1117 olun = otarg->t_luns[i]->l_ctl_lun; 1118 if (lm.lun == olun) 1119 continue; 1120 error = ioctl(ctl_fd, CTL_LUN_MAP, &lm); 1121 if (error != 0) 1122 log_warn("CTL_LUN_MAP ioctl failed"); 1123 } 1124 return (0); 1125 } 1126 1127 int 1128 kernel_port_remove(struct port *port) 1129 { 1130 struct ctl_port_entry entry; 1131 struct ctl_lun_map lm; 1132 struct ctl_req req; 1133 struct target *targ = port->p_target; 1134 struct portal_group *pg = port->p_portal_group; 1135 int error; 1136 1137 /* Disable port */ 1138 bzero(&entry, sizeof(entry)); 1139 entry.targ_port = port->p_ctl_port; 1140 error = ioctl(ctl_fd, CTL_DISABLE_PORT, &entry); 1141 if (error != 0) { 1142 log_warn("CTL_DISABLE_PORT ioctl failed"); 1143 return (-1); 1144 } 1145 1146 /* Remove iSCSI or ioctl port. */ 1147 if (port->p_portal_group || port->p_ioctl_port) { 1148 bzero(&req, sizeof(req)); 1149 strlcpy(req.driver, port->p_ioctl_port ? "ioctl" : "iscsi", 1150 sizeof(req.driver)); 1151 req.reqtype = CTL_REQ_REMOVE; 1152 req.args_nvl = nvlist_create(0); 1153 if (req.args_nvl == NULL) 1154 log_err(1, "nvlist_create"); 1155 1156 if (port->p_ioctl_port) 1157 nvlist_add_stringf(req.args_nvl, "port_id", "%d", 1158 port->p_ctl_port); 1159 else { 1160 nvlist_add_string(req.args_nvl, "cfiscsi_target", 1161 targ->t_name); 1162 nvlist_add_stringf(req.args_nvl, 1163 "cfiscsi_portal_group_tag", "%u", pg->pg_tag); 1164 } 1165 1166 req.args = nvlist_pack(req.args_nvl, &req.args_len); 1167 if (req.args == NULL) { 1168 log_warn("error packing nvlist"); 1169 return (1); 1170 } 1171 1172 error = ioctl(ctl_fd, CTL_PORT_REQ, &req); 1173 nvlist_destroy(req.args_nvl); 1174 1175 if (error != 0) { 1176 log_warn("error issuing CTL_PORT_REQ ioctl"); 1177 return (1); 1178 } 1179 if (req.status == CTL_LUN_ERROR) { 1180 log_warnx("error returned from port removal request: %s", 1181 req.error_str); 1182 return (1); 1183 } 1184 if (req.status != CTL_LUN_OK) { 1185 log_warnx("unknown port removal request status %d", 1186 req.status); 1187 return (1); 1188 } 1189 } else { 1190 /* Disable LUN mapping. */ 1191 lm.port = port->p_ctl_port; 1192 lm.plun = UINT32_MAX; 1193 lm.lun = UINT32_MAX; 1194 error = ioctl(ctl_fd, CTL_LUN_MAP, &lm); 1195 if (error != 0) 1196 log_warn("CTL_LUN_MAP ioctl failed"); 1197 } 1198 return (0); 1199 } 1200 1201 #ifdef ICL_KERNEL_PROXY 1202 void 1203 kernel_listen(struct addrinfo *ai, bool iser, int portal_id) 1204 { 1205 struct ctl_iscsi req; 1206 1207 bzero(&req, sizeof(req)); 1208 1209 req.type = CTL_ISCSI_LISTEN; 1210 req.data.listen.iser = iser; 1211 req.data.listen.domain = ai->ai_family; 1212 req.data.listen.socktype = ai->ai_socktype; 1213 req.data.listen.protocol = ai->ai_protocol; 1214 req.data.listen.addr = ai->ai_addr; 1215 req.data.listen.addrlen = ai->ai_addrlen; 1216 req.data.listen.portal_id = portal_id; 1217 1218 if (ioctl(ctl_fd, CTL_ISCSI, &req) == -1) 1219 log_err(1, "error issuing CTL_ISCSI ioctl"); 1220 1221 if (req.status != CTL_ISCSI_OK) { 1222 log_errx(1, "error returned from CTL iSCSI listen: %s", 1223 req.error_str); 1224 } 1225 } 1226 1227 void 1228 kernel_accept(int *connection_id, int *portal_id, 1229 struct sockaddr *client_sa, socklen_t *client_salen) 1230 { 1231 struct ctl_iscsi req; 1232 struct sockaddr_storage ss; 1233 1234 bzero(&req, sizeof(req)); 1235 1236 req.type = CTL_ISCSI_ACCEPT; 1237 req.data.accept.initiator_addr = (struct sockaddr *)&ss; 1238 1239 if (ioctl(ctl_fd, CTL_ISCSI, &req) == -1) 1240 log_err(1, "error issuing CTL_ISCSI ioctl"); 1241 1242 if (req.status != CTL_ISCSI_OK) { 1243 log_errx(1, "error returned from CTL iSCSI accept: %s", 1244 req.error_str); 1245 } 1246 1247 *connection_id = req.data.accept.connection_id; 1248 *portal_id = req.data.accept.portal_id; 1249 *client_salen = req.data.accept.initiator_addrlen; 1250 memcpy(client_sa, &ss, *client_salen); 1251 } 1252 1253 void 1254 kernel_send(struct pdu *pdu) 1255 { 1256 struct ctl_iscsi req; 1257 1258 bzero(&req, sizeof(req)); 1259 1260 req.type = CTL_ISCSI_SEND; 1261 req.data.send.connection_id = pdu->pdu_connection->conn_socket; 1262 req.data.send.bhs = pdu->pdu_bhs; 1263 req.data.send.data_segment_len = pdu->pdu_data_len; 1264 req.data.send.data_segment = pdu->pdu_data; 1265 1266 if (ioctl(ctl_fd, CTL_ISCSI, &req) == -1) { 1267 log_err(1, "error issuing CTL_ISCSI ioctl; " 1268 "dropping connection"); 1269 } 1270 1271 if (req.status != CTL_ISCSI_OK) { 1272 log_errx(1, "error returned from CTL iSCSI send: " 1273 "%s; dropping connection", req.error_str); 1274 } 1275 } 1276 1277 void 1278 kernel_receive(struct pdu *pdu) 1279 { 1280 struct connection *conn; 1281 struct ctl_iscsi req; 1282 1283 conn = pdu->pdu_connection; 1284 pdu->pdu_data = malloc(conn->conn_max_recv_data_segment_length); 1285 if (pdu->pdu_data == NULL) 1286 log_err(1, "malloc"); 1287 1288 bzero(&req, sizeof(req)); 1289 1290 req.type = CTL_ISCSI_RECEIVE; 1291 req.data.receive.connection_id = conn->conn_socket; 1292 req.data.receive.bhs = pdu->pdu_bhs; 1293 req.data.receive.data_segment_len = 1294 conn->conn_max_recv_data_segment_length; 1295 req.data.receive.data_segment = pdu->pdu_data; 1296 1297 if (ioctl(ctl_fd, CTL_ISCSI, &req) == -1) { 1298 log_err(1, "error issuing CTL_ISCSI ioctl; " 1299 "dropping connection"); 1300 } 1301 1302 if (req.status != CTL_ISCSI_OK) { 1303 log_errx(1, "error returned from CTL iSCSI receive: " 1304 "%s; dropping connection", req.error_str); 1305 } 1306 1307 } 1308 1309 #endif /* ICL_KERNEL_PROXY */ 1310 1311 /* 1312 * XXX: I CANT INTO LATIN 1313 */ 1314 void 1315 kernel_capsicate(void) 1316 { 1317 cap_rights_t rights; 1318 const unsigned long cmds[] = { CTL_ISCSI }; 1319 1320 cap_rights_init(&rights, CAP_IOCTL); 1321 if (caph_rights_limit(ctl_fd, &rights) < 0) 1322 log_err(1, "cap_rights_limit"); 1323 1324 if (caph_ioctls_limit(ctl_fd, cmds, nitems(cmds)) < 0) 1325 log_err(1, "cap_ioctls_limit"); 1326 1327 if (caph_enter() < 0) 1328 log_err(1, "cap_enter"); 1329 1330 if (cap_sandboxed()) 1331 log_debugx("Capsicum capability mode enabled"); 1332 else 1333 log_warnx("Capsicum capability mode not supported"); 1334 } 1335 1336