1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2012 The FreeBSD Foundation 5 * 6 * This software was developed by Edward Tomasz Napierala under sponsorship 7 * from the FreeBSD Foundation. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include <sys/types.h> 36 #include <sys/time.h> 37 #include <sys/ioctl.h> 38 #include <sys/param.h> 39 #include <sys/linker.h> 40 #include <sys/socket.h> 41 #include <sys/sysctl.h> 42 #include <sys/capsicum.h> 43 #include <sys/wait.h> 44 #include <netinet/in.h> 45 #include <netinet/tcp.h> 46 #include <assert.h> 47 #include <capsicum_helpers.h> 48 #include <errno.h> 49 #include <fcntl.h> 50 #include <libutil.h> 51 #include <netdb.h> 52 #include <signal.h> 53 #include <stdbool.h> 54 #include <stdint.h> 55 #include <stdio.h> 56 #include <stdlib.h> 57 #include <string.h> 58 #include <unistd.h> 59 60 #include "iscsid.h" 61 62 static bool timed_out(void); 63 #ifdef ICL_KERNEL_PROXY 64 static void pdu_receive_proxy(struct pdu *pdu); 65 static void pdu_send_proxy(struct pdu *pdu); 66 #endif /* ICL_KERNEL_PROXY */ 67 68 static volatile bool sigalrm_received = false; 69 70 static int nchildren = 0; 71 72 static struct connection_ops conn_ops = { 73 .timed_out = timed_out, 74 #ifdef ICL_KERNEL_PROXY 75 .pdu_receive_proxy = pdu_receive_proxy, 76 .pdu_send_proxy = pdu_send_proxy, 77 #endif 78 .fail = fail, 79 }; 80 81 static void 82 usage(void) 83 { 84 85 fprintf(stderr, "usage: iscsid [-P pidfile][-d][-m maxproc][-t timeout]\n"); 86 exit(1); 87 } 88 89 #ifdef ICL_KERNEL_PROXY 90 91 static void 92 pdu_receive_proxy(struct pdu *pdu) 93 { 94 struct iscsid_connection *conn; 95 struct iscsi_daemon_receive idr; 96 size_t len; 97 int error; 98 99 conn = (struct iscsid_connection *)pdu->pdu_connection; 100 assert(conn->conn_conf.isc_iser != 0); 101 102 pdu->pdu_data = malloc(conn->conn.conn_max_recv_data_segment_length); 103 if (pdu->pdu_data == NULL) 104 log_err(1, "malloc"); 105 106 memset(&idr, 0, sizeof(idr)); 107 idr.idr_session_id = conn->conn_session_id; 108 idr.idr_bhs = pdu->pdu_bhs; 109 idr.idr_data_segment_len = conn->conn.conn_max_recv_data_segment_length; 110 idr.idr_data_segment = pdu->pdu_data; 111 112 error = ioctl(conn->conn_iscsi_fd, ISCSIDRECEIVE, &idr); 113 if (error != 0) 114 log_err(1, "ISCSIDRECEIVE"); 115 116 len = pdu_ahs_length(pdu); 117 if (len > 0) 118 log_errx(1, "protocol error: non-empty AHS"); 119 120 len = pdu_data_segment_length(pdu); 121 assert(len <= (size_t)conn->conn.conn_max_recv_data_segment_length); 122 pdu->pdu_data_len = len; 123 } 124 125 static void 126 pdu_send_proxy(struct pdu *pdu) 127 { 128 struct iscsid_connection *conn; 129 struct iscsi_daemon_send ids; 130 int error; 131 132 conn = (struct iscsid_connection *)pdu->pdu_connection; 133 assert(conn->conn_conf.isc_iser != 0); 134 135 pdu_set_data_segment_length(pdu, pdu->pdu_data_len); 136 137 memset(&ids, 0, sizeof(ids)); 138 ids.ids_session_id = conn->conn_session_id; 139 ids.ids_bhs = pdu->pdu_bhs; 140 ids.ids_data_segment_len = pdu->pdu_data_len; 141 ids.ids_data_segment = pdu->pdu_data; 142 143 error = ioctl(conn->conn_iscsi_fd, ISCSIDSEND, &ids); 144 if (error != 0) 145 log_err(1, "ISCSIDSEND"); 146 } 147 148 #endif /* ICL_KERNEL_PROXY */ 149 150 static void 151 resolve_addr(const struct connection *conn, const char *address, 152 struct addrinfo **ai, bool initiator_side) 153 { 154 struct addrinfo hints; 155 char *arg, *addr, *ch, *tofree; 156 const char *port; 157 int error, colons = 0; 158 159 tofree = arg = checked_strdup(address); 160 161 if (arg[0] == '\0') { 162 fail(conn, "empty address"); 163 log_errx(1, "empty address"); 164 } 165 if (arg[0] == '[') { 166 /* 167 * IPv6 address in square brackets, perhaps with port. 168 */ 169 arg++; 170 addr = strsep(&arg, "]"); 171 if (arg == NULL) { 172 fail(conn, "malformed address"); 173 log_errx(1, "malformed address %s", address); 174 } 175 if (arg[0] == '\0') { 176 port = NULL; 177 } else if (arg[0] == ':') { 178 port = arg + 1; 179 } else { 180 fail(conn, "malformed address"); 181 log_errx(1, "malformed address %s", address); 182 } 183 } else { 184 /* 185 * Either IPv6 address without brackets - and without 186 * a port - or IPv4 address. Just count the colons. 187 */ 188 for (ch = arg; *ch != '\0'; ch++) { 189 if (*ch == ':') 190 colons++; 191 } 192 if (colons > 1) { 193 addr = arg; 194 port = NULL; 195 } else { 196 addr = strsep(&arg, ":"); 197 if (arg == NULL) 198 port = NULL; 199 else 200 port = arg; 201 } 202 } 203 204 if (port == NULL && !initiator_side) 205 port = "3260"; 206 207 memset(&hints, 0, sizeof(hints)); 208 hints.ai_family = PF_UNSPEC; 209 hints.ai_socktype = SOCK_STREAM; 210 hints.ai_flags = AI_ADDRCONFIG | AI_NUMERICSERV; 211 if (initiator_side) 212 hints.ai_flags |= AI_PASSIVE; 213 214 error = getaddrinfo(addr, port, &hints, ai); 215 if (error != 0) { 216 fail(conn, gai_strerror(error)); 217 log_errx(1, "getaddrinfo for %s failed: %s", 218 address, gai_strerror(error)); 219 } 220 221 free(tofree); 222 } 223 224 static struct iscsid_connection * 225 connection_new(int iscsi_fd, const struct iscsi_daemon_request *request) 226 { 227 struct iscsid_connection *conn; 228 struct addrinfo *from_ai, *to_ai; 229 const char *from_addr, *to_addr; 230 #ifdef ICL_KERNEL_PROXY 231 struct iscsi_daemon_connect idc; 232 #endif 233 int error, optval; 234 235 conn = calloc(1, sizeof(*conn)); 236 if (conn == NULL) 237 log_err(1, "calloc"); 238 239 connection_init(&conn->conn, &conn_ops, 240 request->idr_conf.isc_iser != 0); 241 conn->conn_protocol_level = 0; 242 conn->conn_initial_r2t = true; 243 conn->conn_iscsi_fd = iscsi_fd; 244 245 conn->conn_session_id = request->idr_session_id; 246 memcpy(&conn->conn_conf, &request->idr_conf, sizeof(conn->conn_conf)); 247 memcpy(&conn->conn.conn_isid, &request->idr_isid, 248 sizeof(conn->conn.conn_isid)); 249 conn->conn.conn_tsih = request->idr_tsih; 250 251 from_addr = conn->conn_conf.isc_initiator_addr; 252 to_addr = conn->conn_conf.isc_target_addr; 253 254 if (from_addr[0] != '\0') 255 resolve_addr(&conn->conn, from_addr, &from_ai, true); 256 else 257 from_ai = NULL; 258 259 resolve_addr(&conn->conn, to_addr, &to_ai, false); 260 261 #ifdef ICL_KERNEL_PROXY 262 if (conn->conn_conf.isc_iser) { 263 memset(&idc, 0, sizeof(idc)); 264 idc.idc_session_id = conn->conn_session_id; 265 if (conn->conn_conf.isc_iser) 266 idc.idc_iser = 1; 267 idc.idc_domain = to_ai->ai_family; 268 idc.idc_socktype = to_ai->ai_socktype; 269 idc.idc_protocol = to_ai->ai_protocol; 270 if (from_ai != NULL) { 271 idc.idc_from_addr = from_ai->ai_addr; 272 idc.idc_from_addrlen = from_ai->ai_addrlen; 273 } 274 idc.idc_to_addr = to_ai->ai_addr; 275 idc.idc_to_addrlen = to_ai->ai_addrlen; 276 277 log_debugx("connecting to %s using ICL kernel proxy", to_addr); 278 error = ioctl(iscsi_fd, ISCSIDCONNECT, &idc); 279 if (error != 0) { 280 fail(&conn->conn, strerror(errno)); 281 log_err(1, "failed to connect to %s " 282 "using ICL kernel proxy: ISCSIDCONNECT", to_addr); 283 } 284 285 if (from_ai != NULL) 286 freeaddrinfo(from_ai); 287 freeaddrinfo(to_ai); 288 289 return (conn); 290 } 291 #endif /* ICL_KERNEL_PROXY */ 292 293 if (conn->conn_conf.isc_iser) { 294 fail(&conn->conn, "iSER not supported"); 295 log_errx(1, "iscsid(8) compiled without ICL_KERNEL_PROXY " 296 "does not support iSER"); 297 } 298 299 conn->conn.conn_socket = socket(to_ai->ai_family, to_ai->ai_socktype, 300 to_ai->ai_protocol); 301 if (conn->conn.conn_socket < 0) { 302 fail(&conn->conn, strerror(errno)); 303 log_err(1, "failed to create socket for %s", from_addr); 304 } 305 optval = SOCKBUF_SIZE; 306 if (setsockopt(conn->conn.conn_socket, SOL_SOCKET, SO_RCVBUF, 307 &optval, sizeof(optval)) == -1) 308 log_warn("setsockopt(SO_RCVBUF) failed"); 309 optval = SOCKBUF_SIZE; 310 if (setsockopt(conn->conn.conn_socket, SOL_SOCKET, SO_SNDBUF, 311 &optval, sizeof(optval)) == -1) 312 log_warn("setsockopt(SO_SNDBUF) failed"); 313 optval = 1; 314 if (setsockopt(conn->conn.conn_socket, SOL_SOCKET, SO_NO_DDP, 315 &optval, sizeof(optval)) == -1) 316 log_warn("setsockopt(SO_NO_DDP) failed"); 317 if (conn->conn_conf.isc_dscp != -1) { 318 int tos = conn->conn_conf.isc_dscp << 2; 319 if (to_ai->ai_family == AF_INET) { 320 if (setsockopt(conn->conn.conn_socket, 321 IPPROTO_IP, IP_TOS, 322 &tos, sizeof(tos)) == -1) 323 log_warn("setsockopt(IP_TOS) " 324 "failed for %s", 325 from_addr); 326 } else 327 if (to_ai->ai_family == AF_INET6) { 328 if (setsockopt(conn->conn.conn_socket, 329 IPPROTO_IPV6, IPV6_TCLASS, 330 &tos, sizeof(tos)) == -1) 331 log_warn("setsockopt(IPV6_TCLASS) " 332 "failed for %s", 333 from_addr); 334 } 335 } 336 if (conn->conn_conf.isc_pcp != -1) { 337 int pcp = conn->conn_conf.isc_pcp; 338 if (to_ai->ai_family == AF_INET) { 339 if (setsockopt(conn->conn.conn_socket, 340 IPPROTO_IP, IP_VLAN_PCP, 341 &pcp, sizeof(pcp)) == -1) 342 log_warn("setsockopt(IP_VLAN_PCP) " 343 "failed for %s", 344 from_addr); 345 } else 346 if (to_ai->ai_family == AF_INET6) { 347 if (setsockopt(conn->conn.conn_socket, 348 IPPROTO_IPV6, IPV6_VLAN_PCP, 349 &pcp, sizeof(pcp)) == -1) 350 log_warn("setsockopt(IPV6_VLAN_PCP) " 351 "failed for %s", 352 from_addr); 353 } 354 } 355 /* 356 * Reduce TCP SYN_SENT timeout while 357 * no connectivity exists, to allow 358 * rapid reuse of the available slots. 359 */ 360 int keepinit = 0; 361 if (conn->conn_conf.isc_login_timeout > 0) { 362 keepinit = conn->conn_conf.isc_login_timeout; 363 log_debugx("session specific LoginTimeout at %d sec", 364 keepinit); 365 } 366 if (conn->conn_conf.isc_login_timeout == -1) { 367 int value; 368 size_t size = sizeof(value); 369 if (sysctlbyname("kern.iscsi.login_timeout", 370 &value, &size, NULL, 0) == 0) { 371 keepinit = value; 372 log_debugx("global login_timeout at %d sec", 373 keepinit); 374 } 375 } 376 if (keepinit > 0) { 377 if (setsockopt(conn->conn.conn_socket, 378 IPPROTO_TCP, TCP_KEEPINIT, 379 &keepinit, sizeof(keepinit)) == -1) 380 log_warnx("setsockopt(TCP_KEEPINIT) " 381 "failed for %s", to_addr); 382 } 383 if (from_ai != NULL) { 384 error = bind(conn->conn.conn_socket, from_ai->ai_addr, 385 from_ai->ai_addrlen); 386 if (error != 0) { 387 fail(&conn->conn, strerror(errno)); 388 log_err(1, "failed to bind to %s", from_addr); 389 } 390 } 391 log_debugx("connecting to %s", to_addr); 392 error = connect(conn->conn.conn_socket, to_ai->ai_addr, 393 to_ai->ai_addrlen); 394 if (error != 0) { 395 fail(&conn->conn, strerror(errno)); 396 log_err(1, "failed to connect to %s", to_addr); 397 } 398 399 if (from_ai != NULL) 400 freeaddrinfo(from_ai); 401 freeaddrinfo(to_ai); 402 403 return (conn); 404 } 405 406 static void 407 limits(struct iscsid_connection *conn) 408 { 409 struct iscsi_daemon_limits idl; 410 struct iscsi_session_limits *isl; 411 int error; 412 413 log_debugx("fetching limits from the kernel"); 414 415 memset(&idl, 0, sizeof(idl)); 416 idl.idl_session_id = conn->conn_session_id; 417 idl.idl_socket = conn->conn.conn_socket; 418 419 error = ioctl(conn->conn_iscsi_fd, ISCSIDLIMITS, &idl); 420 if (error != 0) 421 log_err(1, "ISCSIDLIMITS"); 422 423 /* 424 * Read the driver limits and provide reasonable defaults for the ones 425 * the driver doesn't care about. If a max_snd_dsl is not explicitly 426 * provided by the driver then we'll make sure both conn->max_snd_dsl 427 * and isl->max_snd_dsl are set to the rcv_dsl. This preserves historic 428 * behavior. 429 */ 430 isl = &conn->conn_limits; 431 memcpy(isl, &idl.idl_limits, sizeof(*isl)); 432 if (isl->isl_max_recv_data_segment_length == 0) 433 isl->isl_max_recv_data_segment_length = (1 << 24) - 1; 434 if (isl->isl_max_send_data_segment_length == 0) 435 isl->isl_max_send_data_segment_length = 436 isl->isl_max_recv_data_segment_length; 437 if (isl->isl_max_burst_length == 0) 438 isl->isl_max_burst_length = (1 << 24) - 1; 439 if (isl->isl_first_burst_length == 0) 440 isl->isl_first_burst_length = (1 << 24) - 1; 441 if (isl->isl_first_burst_length > isl->isl_max_burst_length) 442 isl->isl_first_burst_length = isl->isl_max_burst_length; 443 444 /* 445 * Limit default send length in case it won't be negotiated. 446 * We can't do it for other limits, since they may affect both 447 * sender and receiver operation, and we must obey defaults. 448 */ 449 if (conn->conn.conn_max_send_data_segment_length > 450 isl->isl_max_send_data_segment_length) { 451 conn->conn.conn_max_send_data_segment_length = 452 isl->isl_max_send_data_segment_length; 453 } 454 } 455 456 static void 457 handoff(struct iscsid_connection *conn) 458 { 459 struct iscsi_daemon_handoff idh; 460 int error; 461 462 log_debugx("handing off connection to the kernel"); 463 464 memset(&idh, 0, sizeof(idh)); 465 idh.idh_session_id = conn->conn_session_id; 466 idh.idh_socket = conn->conn.conn_socket; 467 strlcpy(idh.idh_target_alias, conn->conn_target_alias, 468 sizeof(idh.idh_target_alias)); 469 idh.idh_tsih = conn->conn.conn_tsih; 470 idh.idh_statsn = conn->conn.conn_statsn; 471 idh.idh_protocol_level = conn->conn_protocol_level; 472 idh.idh_header_digest = conn->conn.conn_header_digest; 473 idh.idh_data_digest = conn->conn.conn_data_digest; 474 idh.idh_initial_r2t = conn->conn_initial_r2t; 475 idh.idh_immediate_data = conn->conn.conn_immediate_data; 476 idh.idh_max_recv_data_segment_length = 477 conn->conn.conn_max_recv_data_segment_length; 478 idh.idh_max_send_data_segment_length = 479 conn->conn.conn_max_send_data_segment_length; 480 idh.idh_max_burst_length = conn->conn.conn_max_burst_length; 481 idh.idh_first_burst_length = conn->conn.conn_first_burst_length; 482 483 error = ioctl(conn->conn_iscsi_fd, ISCSIDHANDOFF, &idh); 484 if (error != 0) 485 log_err(1, "ISCSIDHANDOFF"); 486 } 487 488 void 489 fail(const struct connection *base_conn, const char *reason) 490 { 491 const struct iscsid_connection *conn; 492 struct iscsi_daemon_fail idf; 493 int error, saved_errno; 494 495 conn = (const struct iscsid_connection *)base_conn; 496 saved_errno = errno; 497 498 memset(&idf, 0, sizeof(idf)); 499 idf.idf_session_id = conn->conn_session_id; 500 strlcpy(idf.idf_reason, reason, sizeof(idf.idf_reason)); 501 502 error = ioctl(conn->conn_iscsi_fd, ISCSIDFAIL, &idf); 503 if (error != 0) 504 log_err(1, "ISCSIDFAIL"); 505 506 errno = saved_errno; 507 } 508 509 /* 510 * XXX: I CANT INTO LATIN 511 */ 512 static void 513 capsicate(struct iscsid_connection *conn) 514 { 515 cap_rights_t rights; 516 const unsigned long cmds[] = { 517 #ifdef ICL_KERNEL_PROXY 518 ISCSIDCONNECT, 519 ISCSIDSEND, 520 ISCSIDRECEIVE, 521 #endif 522 ISCSIDLIMITS, 523 ISCSIDHANDOFF, 524 ISCSIDFAIL, 525 ISCSISADD, 526 ISCSISREMOVE, 527 ISCSISMODIFY 528 }; 529 530 cap_rights_init(&rights, CAP_IOCTL); 531 if (caph_rights_limit(conn->conn_iscsi_fd, &rights) < 0) 532 log_err(1, "cap_rights_limit"); 533 534 if (caph_ioctls_limit(conn->conn_iscsi_fd, cmds, nitems(cmds)) < 0) 535 log_err(1, "cap_ioctls_limit"); 536 537 if (caph_enter() != 0) 538 log_err(1, "cap_enter"); 539 540 if (cap_sandboxed()) 541 log_debugx("Capsicum capability mode enabled"); 542 else 543 log_warnx("Capsicum capability mode not supported"); 544 } 545 546 static bool 547 timed_out(void) 548 { 549 550 return (sigalrm_received); 551 } 552 553 static void 554 sigalrm_handler(int dummy __unused) 555 { 556 /* 557 * It would be easiest to just log an error and exit. We can't 558 * do this, though, because log_errx() is not signal safe, since 559 * it calls syslog(3). Instead, set a flag checked by pdu_send() 560 * and pdu_receive(), to call log_errx() there. Should they fail 561 * to notice, we'll exit here one second later. 562 */ 563 if (sigalrm_received) { 564 /* 565 * Oh well. Just give up and quit. 566 */ 567 _exit(2); 568 } 569 570 sigalrm_received = true; 571 } 572 573 static void 574 set_timeout(int timeout) 575 { 576 struct sigaction sa; 577 struct itimerval itv; 578 int error; 579 580 if (timeout <= 0) { 581 log_debugx("session timeout disabled"); 582 return; 583 } 584 585 bzero(&sa, sizeof(sa)); 586 sa.sa_handler = sigalrm_handler; 587 sigfillset(&sa.sa_mask); 588 error = sigaction(SIGALRM, &sa, NULL); 589 if (error != 0) 590 log_err(1, "sigaction"); 591 592 /* 593 * First SIGALRM will arive after conf_timeout seconds. 594 * If we do nothing, another one will arrive a second later. 595 */ 596 bzero(&itv, sizeof(itv)); 597 itv.it_interval.tv_sec = 1; 598 itv.it_value.tv_sec = timeout; 599 600 log_debugx("setting session timeout to %d seconds", 601 timeout); 602 error = setitimer(ITIMER_REAL, &itv, NULL); 603 if (error != 0) 604 log_err(1, "setitimer"); 605 } 606 607 static void 608 sigchld_handler(int dummy __unused) 609 { 610 611 /* 612 * The only purpose of this handler is to make SIGCHLD 613 * interrupt the ISCSIDWAIT ioctl(2), so we can call 614 * wait_for_children(). 615 */ 616 } 617 618 static void 619 register_sigchld(void) 620 { 621 struct sigaction sa; 622 int error; 623 624 bzero(&sa, sizeof(sa)); 625 sa.sa_handler = sigchld_handler; 626 sigfillset(&sa.sa_mask); 627 error = sigaction(SIGCHLD, &sa, NULL); 628 if (error != 0) 629 log_err(1, "sigaction"); 630 631 } 632 633 static void 634 handle_request(int iscsi_fd, const struct iscsi_daemon_request *request, int timeout) 635 { 636 struct iscsid_connection *conn; 637 638 log_set_peer_addr(request->idr_conf.isc_target_addr); 639 if (request->idr_conf.isc_target[0] != '\0') { 640 log_set_peer_name(request->idr_conf.isc_target); 641 setproctitle("%s (%s)", request->idr_conf.isc_target_addr, request->idr_conf.isc_target); 642 } else { 643 setproctitle("%s", request->idr_conf.isc_target_addr); 644 } 645 646 conn = connection_new(iscsi_fd, request); 647 capsicate(conn); 648 limits(conn); 649 set_timeout(timeout); 650 login(conn); 651 if (conn->conn_conf.isc_discovery != 0) 652 discovery(conn); 653 else 654 handoff(conn); 655 656 log_debugx("nothing more to do; exiting"); 657 exit (0); 658 } 659 660 static int 661 wait_for_children(bool block) 662 { 663 pid_t pid; 664 int status; 665 int num = 0; 666 667 for (;;) { 668 /* 669 * If "block" is true, wait for at least one process. 670 */ 671 if (block && num == 0) 672 pid = wait4(-1, &status, 0, NULL); 673 else 674 pid = wait4(-1, &status, WNOHANG, NULL); 675 if (pid <= 0) 676 break; 677 if (WIFSIGNALED(status)) { 678 log_warnx("child process %d terminated with signal %d", 679 pid, WTERMSIG(status)); 680 } else if (WEXITSTATUS(status) != 0) { 681 log_warnx("child process %d terminated with exit status %d", 682 pid, WEXITSTATUS(status)); 683 } else { 684 log_debugx("child process %d terminated gracefully", pid); 685 } 686 num++; 687 } 688 689 return (num); 690 } 691 692 int 693 main(int argc, char **argv) 694 { 695 int ch, debug = 0, error, iscsi_fd, maxproc = 30, retval, saved_errno, 696 timeout = 60; 697 bool dont_daemonize = false; 698 struct pidfh *pidfh; 699 pid_t pid, otherpid; 700 const char *pidfile_path = DEFAULT_PIDFILE; 701 struct iscsi_daemon_request request; 702 703 while ((ch = getopt(argc, argv, "P:dl:m:t:")) != -1) { 704 switch (ch) { 705 case 'P': 706 pidfile_path = optarg; 707 break; 708 case 'd': 709 dont_daemonize = true; 710 debug++; 711 break; 712 case 'l': 713 debug = atoi(optarg); 714 break; 715 case 'm': 716 maxproc = atoi(optarg); 717 break; 718 case 't': 719 timeout = atoi(optarg); 720 break; 721 case '?': 722 default: 723 usage(); 724 } 725 } 726 argc -= optind; 727 if (argc != 0) 728 usage(); 729 730 log_init(debug); 731 732 pidfh = pidfile_open(pidfile_path, 0600, &otherpid); 733 if (pidfh == NULL) { 734 if (errno == EEXIST) 735 log_errx(1, "daemon already running, pid: %jd.", 736 (intmax_t)otherpid); 737 log_err(1, "cannot open or create pidfile \"%s\"", 738 pidfile_path); 739 } 740 741 iscsi_fd = open(ISCSI_PATH, O_RDWR); 742 if (iscsi_fd < 0 && errno == ENOENT) { 743 saved_errno = errno; 744 retval = kldload("iscsi"); 745 if (retval != -1) 746 iscsi_fd = open(ISCSI_PATH, O_RDWR); 747 else 748 errno = saved_errno; 749 } 750 if (iscsi_fd < 0) 751 log_err(1, "failed to open %s", ISCSI_PATH); 752 753 if (dont_daemonize == false) { 754 if (daemon(0, 0) == -1) { 755 log_warn("cannot daemonize"); 756 pidfile_remove(pidfh); 757 exit(1); 758 } 759 } 760 761 pidfile_write(pidfh); 762 763 register_sigchld(); 764 765 for (;;) { 766 log_debugx("waiting for request from the kernel"); 767 768 memset(&request, 0, sizeof(request)); 769 error = ioctl(iscsi_fd, ISCSIDWAIT, &request); 770 if (error != 0) { 771 if (errno == EINTR) { 772 nchildren -= wait_for_children(false); 773 assert(nchildren >= 0); 774 continue; 775 } 776 777 log_err(1, "ISCSIDWAIT"); 778 } 779 780 if (dont_daemonize) { 781 log_debugx("not forking due to -d flag; " 782 "will exit after servicing a single request"); 783 } else { 784 nchildren -= wait_for_children(false); 785 assert(nchildren >= 0); 786 787 while (maxproc > 0 && nchildren >= maxproc) { 788 log_debugx("maxproc limit of %d child processes hit; " 789 "waiting for child process to exit", maxproc); 790 nchildren -= wait_for_children(true); 791 assert(nchildren >= 0); 792 } 793 log_debugx("incoming connection; forking child process #%d", 794 nchildren); 795 nchildren++; 796 797 pid = fork(); 798 if (pid < 0) 799 log_err(1, "fork"); 800 if (pid > 0) 801 continue; 802 } 803 804 pidfile_close(pidfh); 805 handle_request(iscsi_fd, &request, timeout); 806 } 807 808 return (0); 809 } 810