xref: /illumos-gate/usr/src/uts/common/io/scsi/adapters/iscsi/iscsi.c (revision 5328fc53d11d7151861fa272e4fb0248b8f0e145)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2000 by Cisco Systems, Inc.  All rights reserved.
23  * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright 2019 Joshua M. Clulow <josh@sysmgr.org>
25  *
26  * iSCSI Software Initiator
27  */
28 
29 /*
30  * Framework interface routines for iSCSI
31  */
32 
33 #include "iscsi.h"				/* main header */
34 #include <sys/iscsi_protocol.h>	/* protocol structs */
35 #include <sys/scsi/adapters/iscsi_if.h>		/* ioctl interfaces */
36 #include "iscsi_targetparam.h"
37 #include "persistent.h"
38 #include <sys/scsi/adapters/iscsi_door.h>
39 #include <sys/dlpi.h>
40 #include <sys/utsname.h>
41 #include "isns_client.h"
42 #include "isns_protocol.h"
43 #include <sys/bootprops.h>
44 #include <sys/types.h>
45 #include <sys/bootconf.h>
46 
47 #define	ISCSI_NAME_VERSION	"iSCSI Initiator v-1.55"
48 
49 #define	MAX_GET_NAME_SIZE	1024
50 #define	MAX_NAME_PROP_SIZE	256
51 #define	UNDEFINED		-1
52 #define	ISCSI_DISC_DELAY	2	/* seconds */
53 
54 /*
55  * +--------------------------------------------------------------------+
56  * | iscsi globals                                                      |
57  * +--------------------------------------------------------------------+
58  */
59 void		*iscsi_state;
60 kmutex_t	iscsi_oid_mutex;
61 uint32_t	iscsi_oid;
62 int		iscsi_nop_delay		= ISCSI_DEFAULT_NOP_DELAY;
63 int		iscsi_rx_window		= ISCSI_DEFAULT_RX_WINDOW;
64 int		iscsi_rx_max_window	= ISCSI_DEFAULT_RX_MAX_WINDOW;
65 boolean_t	iscsi_logging		= B_FALSE;
66 
67 extern ib_boot_prop_t	*iscsiboot_prop;
68 extern int		modrootloaded;
69 extern struct bootobj	rootfs;
70 
71 /*
72  * +--------------------------------------------------------------------+
73  * | iscsi.c prototypes							|
74  * +--------------------------------------------------------------------+
75  */
76 static int iscsi_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd,
77     void *arg, void **result);
78 static int iscsi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd);
79 static int iscsi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd);
80 
81 /* scsi_tran prototypes */
82 static int iscsi_tran_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
83     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
84 static int iscsi_tran_lun_probe(struct scsi_device *sd, int (*callback) ());
85 static struct scsi_pkt *iscsi_tran_init_pkt(struct scsi_address *ap,
86     struct scsi_pkt *pkt, struct buf *bp, int cmdlen, int statuslen,
87     int tgtlen, int flags, int (*callback) (), caddr_t arg);
88 static void iscsi_tran_lun_free(dev_info_t *hba_dip, dev_info_t *lun_dip,
89     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
90 static int iscsi_tran_start(struct scsi_address *ap, struct scsi_pkt *pkt);
91 static int iscsi_tran_abort(struct scsi_address *ap, struct scsi_pkt *pkt);
92 static int iscsi_tran_reset(struct scsi_address *ap, int level);
93 static int iscsi_tran_getcap(struct scsi_address *ap, char *cap, int whom);
94 static int iscsi_tran_setcap(struct scsi_address *ap, char *cap,
95     int value, int whom);
96 static void iscsi_tran_destroy_pkt(struct scsi_address *ap,
97     struct scsi_pkt *pkt);
98 static void iscsi_tran_dmafree(struct scsi_address *ap,
99     struct scsi_pkt *pkt);
100 static void iscsi_tran_sync_pkt(struct scsi_address *ap,
101     struct scsi_pkt *pkt);
102 static void iscsi_tran_sync_pkt(struct scsi_address *ap,
103     struct scsi_pkt *pkt);
104 static int iscsi_tran_reset_notify(struct scsi_address *ap, int flag,
105     void (*callback) (caddr_t), caddr_t arg);
106 static int iscsi_tran_bus_config(dev_info_t *parent, uint_t flags,
107     ddi_bus_config_op_t op, void *arg, dev_info_t **childp);
108 static int iscsi_tran_bus_unconfig(dev_info_t *parent, uint_t flags,
109     ddi_bus_config_op_t op, void *arg);
110 static int iscsi_tran_get_name(struct scsi_device *sd, char *name, int len);
111 static int iscsi_tran_get_bus_addr(struct scsi_device *sd, char *name, int len);
112 
113 /* bus_ops prototypes */
114 /* LINTED E_STATIC_UNUSED */
115 static ddi_intrspec_t iscsi_get_intrspec(dev_info_t *dip, dev_info_t *rdip,
116     uint_t inumber);
117 /* LINTED E_STATIC_UNUSED */
118 static int iscsi_add_intrspec(dev_info_t *dip, dev_info_t *rdip,
119     ddi_intrspec_t intrspec, ddi_iblock_cookie_t *iblock_cookiep,
120     ddi_idevice_cookie_t *idevice_cookiep, uint_t (*int_handler)(caddr_t
121     int_handler_arg), caddr_t int_handler_arg, int kind);
122 /* LINTED E_STATIC_UNUSED */
123 static void iscsi_remove_intrspec(dev_info_t *dip, dev_info_t *rdip,
124     ddi_intrspec_t intrspec, ddi_iblock_cookie_t iblock_cookie);
125 /* LINTED E_STATIC_UNUSED */
126 static int iscsi_ctl(dev_info_t *dip, dev_info_t *rdip, ddi_ctl_enum_t ctlop,
127     void *arg, void *result);
128 
129 /* cb_ops prototypes */
130 static int iscsi_open(dev_t *devp, int flags, int otyp, cred_t *credp);
131 static int iscsi_close(dev_t dev, int flag, int otyp, cred_t *credp);
132 static int iscsi_ioctl(dev_t dev, int cmd, intptr_t arg, int mode,
133     cred_t *credp, int *rvalp);
134 
135 int iscsi_get_persisted_param(uchar_t *name,
136     iscsi_param_get_t *ipgp,
137     iscsi_login_params_t *params);
138 static void iscsi_override_target_default(iscsi_hba_t *ihp,
139     iscsi_param_get_t *ipg);
140 
141 /* scsi_tran helpers */
142 static int iscsi_virt_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
143     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
144 static int iscsi_phys_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
145     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
146 static int iscsi_i_commoncap(struct scsi_address *ap, char *cap,
147     int val, int lunonly, int doset);
148 static void iscsi_get_name_to_iqn(char *name, int name_max_len);
149 static void iscsi_get_name_from_iqn(char *name, int name_max_len);
150 static boolean_t iscsi_cmp_boot_sess_oid(iscsi_hba_t *ihp, uint32_t oid);
151 
152 /* iscsi initiator service helpers */
153 static boolean_t iscsi_enter_service_zone(iscsi_hba_t *ihp, uint32_t status);
154 static void iscsi_exit_service_zone(iscsi_hba_t *ihp, uint32_t status);
155 static void iscsi_check_miniroot(iscsi_hba_t *ihp);
156 static void iscsi_get_tunable_default(iscsi_tunable_object_t *param);
157 static int iscsi_get_persisted_tunable_param(uchar_t *name,
158     iscsi_tunable_object_t *tpsg);
159 static void iscsi_set_default_tunable_params(iscsi_tunable_params_t *params);
160 
161 /* struct helpers prototypes */
162 
163 /*
164  * At this point this driver doesn't need this structure because nothing
165  * is done during the open, close or ioctl. Code put in place because
166  * some admin related work might be done in the ioctl routine.
167  */
168 static struct cb_ops iscsi_cb_ops = {
169 	iscsi_open,			/* open */
170 	iscsi_close,			/* close */
171 	nodev,				/* strategy */
172 	nodev,				/* print */
173 	nodev,				/* dump */
174 	nodev,				/* read */
175 	nodev,				/* write */
176 	iscsi_ioctl,			/* ioctl */
177 	nodev,				/* devmap */
178 	nodev,				/* mmap */
179 	nodev,				/* segmap */
180 	nochpoll,			/* poll */
181 	ddi_prop_op,			/* prop_op */
182 	NULL,				/* streamtab */
183 	D_NEW | D_MP | D_HOTPLUG,	/* flags */
184 	CB_REV,				/* cb_rev */
185 	nodev,				/* aread */
186 	nodev,				/* awrite */
187 };
188 
189 static struct dev_ops iscsi_dev_ops = {
190 	DEVO_REV,		/* devo_rev */
191 	0,			/* refcnt */
192 	iscsi_getinfo,		/* getinfo */
193 	nulldev,		/* identify */
194 	nulldev,		/* probe */
195 	iscsi_attach,		/* attach */
196 	iscsi_detach,		/* detach */
197 	nodev,			/* reset */
198 	&iscsi_cb_ops,		/* driver operations */
199 	NULL,			/* bus ops */
200 	NULL,			/* power management */
201 	ddi_quiesce_not_needed,	/* quiesce */
202 };
203 
204 static struct modldrv modldrv = {
205 	&mod_driverops,		/* drv_modops */
206 	ISCSI_NAME_VERSION,	/* drv_linkinfo */
207 	&iscsi_dev_ops		/* drv_dev_ops */
208 };
209 
210 static struct modlinkage modlinkage = {
211 	MODREV_1,		/* ml_rev */
212 	&modldrv,		/* ml_linkage[] */
213 	NULL			/* NULL termination */
214 };
215 
216 /*
217  * This structure is bogus. scsi_hba_attach_setup() requires, as in the kernel
218  * will panic if you don't pass this in to the routine, this information.
219  * Need to determine what the actual impact to the system is by providing
220  * this information if any. Since dma allocation is done in pkt_init it may
221  * not have any impact. These values are straight from the Writing Device
222  * Driver manual.
223  */
224 static ddi_dma_attr_t iscsi_dma_attr = {
225 	DMA_ATTR_V0,	/* ddi_dma_attr version */
226 	0,		/* low address */
227 	0xffffffff,	/* high address */
228 	0x00ffffff,	/* counter upper bound */
229 	1,		/* alignment requirements */
230 	0x3f,		/* burst sizes */
231 	1,		/* minimum DMA access */
232 	0xffffffff,	/* maximum DMA access */
233 	(1 << 24) - 1,	/* segment boundary restrictions */
234 	1,		/* scater/gather list length */
235 	512,		/* device granularity */
236 	0		/* DMA flags */
237 };
238 
239 /*
240  * _init - General driver init entry
241  */
242 int
243 _init(void)
244 {
245 	int rval = 0;
246 
247 	iscsi_net_init();
248 
249 	mutex_init(&iscsi_oid_mutex, NULL, MUTEX_DRIVER, NULL);
250 	iscsi_oid = ISCSI_INITIATOR_OID;
251 
252 	/*
253 	 * Set up the soft state structures. If this driver is actually
254 	 * being attached to the system then we'll have at least one
255 	 * HBA/NIC used.
256 	 */
257 	rval = ddi_soft_state_init(&iscsi_state,
258 	    sizeof (iscsi_hba_t), 1);
259 	if (rval != 0) {
260 		iscsi_net_fini();
261 		goto init_done;
262 	}
263 
264 	rval = scsi_hba_init(&modlinkage);
265 	if (rval != 0) {
266 		ddi_soft_state_fini(&iscsi_state);
267 		iscsi_net_fini();
268 		goto init_done;
269 	}
270 
271 	rval = mod_install(&modlinkage);
272 	if (rval != 0) {
273 		ddi_soft_state_fini(&iscsi_state);
274 		scsi_hba_fini(&modlinkage);
275 		iscsi_net_fini();
276 		goto init_done;
277 	}
278 	(void) iscsi_door_ini();
279 
280 init_done:
281 	return (rval);
282 }
283 
284 /*
285  * _fini - General driver destructor entry
286  */
287 int
288 _fini(void)
289 {
290 	int rval = 0;
291 
292 	rval = mod_remove(&modlinkage);
293 	if (rval == 0) {
294 		scsi_hba_fini(&modlinkage);
295 		ddi_soft_state_fini(&iscsi_state);
296 		mutex_destroy(&iscsi_oid_mutex);
297 		(void) iscsi_door_term();
298 		iscsi_net_fini();
299 	}
300 	return (rval);
301 }
302 
303 /*
304  * _info - General driver info entry
305  */
306 int
307 _info(struct modinfo *mp)
308 {
309 	int rval = 0;
310 
311 	rval = mod_info(&modlinkage, mp);
312 
313 	return (rval);
314 }
315 
316 
317 /*
318  * +--------------------------------------------------------------------+
319  * | Start of dev_ops routines					  |
320  * +--------------------------------------------------------------------+
321  */
322 
323 /*
324  * iscsi_getinfo - returns general driver information
325  */
326 /* ARGSUSED */
327 static int
328 iscsi_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd,
329     void *arg, void **result)
330 {
331 	int		rval		= DDI_SUCCESS;
332 	int		instance	= getminor((dev_t)arg);
333 	iscsi_hba_t	*ip;
334 
335 	switch (infocmd) {
336 	case DDI_INFO_DEVT2DEVINFO:
337 		if ((ip = ddi_get_soft_state(iscsi_state, instance)) == NULL) {
338 			return (DDI_FAILURE);
339 		}
340 		*result = ip->hba_dip;
341 		if (ip->hba_dip == NULL)
342 			rval = DDI_FAILURE;
343 		else
344 			rval = DDI_SUCCESS;
345 		break;
346 
347 	case DDI_INFO_DEVT2INSTANCE:
348 		*result = (void *)(uintptr_t)instance;
349 		rval = DDI_SUCCESS;
350 		break;
351 
352 	default:
353 		rval = DDI_FAILURE;
354 		break;
355 	}
356 	return (rval);
357 }
358 
359 
360 /*
361  * iscsi_attach -- Attach instance of an iSCSI HBA.  We
362  * will attempt to create our HBA and register it with
363  * scsi_vhci.  If it's not possible to create the HBA
364  * or register with vhci we will fail the attach.
365  */
366 static int
367 iscsi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
368 {
369 	int			instance	= ddi_get_instance(dip);
370 	iscsi_hba_t		*ihp		= NULL;
371 	scsi_hba_tran_t		*tran		= NULL;
372 	char			init_port_name[MAX_NAME_PROP_SIZE];
373 
374 	if (cmd == DDI_RESUME) {
375 		return (DDI_SUCCESS);
376 	} else if (cmd != DDI_ATTACH) {
377 		return (DDI_FAILURE);
378 	}
379 
380 	if (!modrootloaded && iscsiboot_prop == NULL) {
381 		/*
382 		 * The root file system has not yet been mounted, and we're not
383 		 * trying to boot from an iSCSI device.  Fail to attach now so
384 		 * that we can retry after root has been mounted.
385 		 */
386 		return (DDI_FAILURE);
387 	}
388 
389 	/* create iSCSI HBA devctl device node */
390 	if (ddi_create_minor_node(dip, ISCSI_DEVCTL, S_IFCHR, 0,
391 	    DDI_PSEUDO, 0) != DDI_SUCCESS) {
392 		goto iscsi_attach_failed3;
393 	}
394 
395 	/* allocate HBA soft state */
396 	if (ddi_soft_state_zalloc(iscsi_state, instance) !=
397 	    DDI_SUCCESS) {
398 		ddi_remove_minor_node(dip, NULL);
399 		goto iscsi_attach_failed3;
400 	}
401 
402 	/* get reference to soft state */
403 	if ((ihp = (iscsi_hba_t *)ddi_get_soft_state(
404 	    iscsi_state, instance)) == NULL) {
405 		ddi_remove_minor_node(dip, NULL);
406 		ddi_soft_state_free(iscsi_state, instance);
407 		goto iscsi_attach_failed3;
408 	}
409 
410 	/* init HBA mutex used to protect discovery events */
411 	mutex_init(&ihp->hba_discovery_events_mutex, NULL,
412 	    MUTEX_DRIVER, NULL);
413 
414 	VERIFY0(ldi_ident_from_dip(dip, &ihp->hba_li));
415 
416 	/* init HBA mutex used to protect service status */
417 	mutex_init(&ihp->hba_service_lock, NULL,
418 	    MUTEX_DRIVER, NULL);
419 	cv_init(&ihp->hba_service_cv, NULL, CV_DRIVER, NULL);
420 
421 	/*
422 	 * init SendTargets semaphore that is used to allow
423 	 * only one operation at a time
424 	 */
425 	sema_init(&ihp->hba_sendtgts_semaphore, 1, NULL,
426 	    SEMA_DRIVER, NULL);
427 
428 	ihp->hba_sess_list = NULL;
429 	rw_init(&ihp->hba_sess_list_rwlock, NULL,
430 	    RW_DRIVER, NULL);
431 
432 	/* allocate scsi_hba_tran */
433 	if ((tran = scsi_hba_tran_alloc(dip, SCSI_HBA_CANSLEEP))
434 	    == NULL) {
435 		ddi_remove_minor_node(dip, NULL);
436 		goto iscsi_attach_failed2;
437 	}
438 
439 	/* soft state setup */
440 	ihp->hba_sig	= ISCSI_SIG_HBA;
441 	ihp->hba_tran	= tran;
442 	ihp->hba_dip	= dip;
443 	if (iscsiboot_prop == NULL) {
444 		ihp->hba_service_status =
445 		    ISCSI_SERVICE_DISABLED;
446 		ihp->hba_service_status_overwrite = B_FALSE;
447 	} else {
448 		ihp->hba_service_status =
449 		    ISCSI_SERVICE_ENABLED;
450 		ihp->hba_service_status_overwrite = B_TRUE;
451 	}
452 	ihp->hba_service_client_count = 0;
453 
454 	mutex_enter(&iscsi_oid_mutex);
455 	ihp->hba_oid		  = iscsi_oid++;
456 	mutex_exit(&iscsi_oid_mutex);
457 
458 	ihp->hba_name[0]	  = '\0';
459 	ihp->hba_name_length	  = 0;
460 	ihp->hba_alias_length	  = 0;
461 	ihp->hba_alias[0]	  = '\0';
462 
463 	iscsi_net->tweaks.rcvbuf = ddi_prop_get_int(
464 	    DDI_DEV_T_ANY, ihp->hba_dip, 0, "so-rcvbuf",
465 	    ISCSI_SOCKET_RCVBUF_SIZE);
466 
467 	iscsi_net->tweaks.sndbuf = ddi_prop_get_int(
468 	    DDI_DEV_T_ANY, ihp->hba_dip, 0, "so-sndbuf",
469 	    ISCSI_SOCKET_SNDBUF_SIZE);
470 
471 	iscsi_net->tweaks.nodelay = ddi_prop_get_int(
472 	    DDI_DEV_T_ANY, ihp->hba_dip, 0, "tcp-nodelay",
473 	    ISCSI_TCP_NODELAY_DEFAULT);
474 
475 	iscsi_net->tweaks.conn_notify_threshold =
476 	    ddi_prop_get_int(DDI_DEV_T_ANY,
477 	    ihp->hba_dip, 0, "tcp-conn-notify-threshold",
478 	    ISCSI_TCP_CNOTIFY_THRESHOLD_DEFAULT);
479 
480 	iscsi_net->tweaks.conn_abort_threshold =
481 	    ddi_prop_get_int(DDI_DEV_T_ANY, ihp->hba_dip,
482 	    0, "tcp-conn-abort-threshold",
483 	    ISCSI_TCP_CABORT_THRESHOLD_DEFAULT);
484 
485 	iscsi_net->tweaks.abort_threshold = ddi_prop_get_int(
486 	    DDI_DEV_T_ANY, ihp->hba_dip, 0,
487 	    "tcp-abort-threshold",
488 	    ISCSI_TCP_ABORT_THRESHOLD_DEFAULT);
489 
490 	ihp->hba_config_storm_delay = ddi_prop_get_int(
491 	    DDI_DEV_T_ANY, ihp->hba_dip, 0,
492 	    "config-storm-delay",
493 	    ISCSI_CONFIG_STORM_DELAY_DEFAULT);
494 
495 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
496 	    "so-rcvbuf", iscsi_net->tweaks.rcvbuf);
497 
498 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
499 	    "so-sndbuf", iscsi_net->tweaks.sndbuf);
500 
501 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
502 	    "tcp-nodelay", iscsi_net->tweaks.nodelay);
503 
504 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
505 	    "tcp-conn-notify-threshold",
506 	    iscsi_net->tweaks.conn_notify_threshold);
507 
508 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
509 	    "tcp-conn-abort-threshold",
510 	    iscsi_net->tweaks.conn_abort_threshold);
511 
512 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
513 	    "tcp-abort-threshold",
514 	    iscsi_net->tweaks.abort_threshold);
515 
516 	(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
517 	    "config-storm-delay",
518 	    ihp->hba_config_storm_delay);
519 
520 	/* setup hba defaults */
521 	iscsi_set_default_login_params(&ihp->hba_params);
522 	iscsi_set_default_tunable_params(
523 	    &ihp->hba_tunable_params);
524 
525 	/* setup minimal initiator params */
526 	iscsid_set_default_initiator_node_settings(ihp, B_TRUE);
527 
528 	/* hba set up */
529 	tran->tran_hba_private  = ihp;
530 	tran->tran_tgt_private  = NULL;
531 	tran->tran_tgt_init	= iscsi_tran_lun_init;
532 	tran->tran_tgt_probe	= iscsi_tran_lun_probe;
533 	tran->tran_tgt_free	= iscsi_tran_lun_free;
534 	tran->tran_start	= iscsi_tran_start;
535 	tran->tran_abort	= iscsi_tran_abort;
536 	tran->tran_reset	= iscsi_tran_reset;
537 	tran->tran_getcap	= iscsi_tran_getcap;
538 	tran->tran_setcap	= iscsi_tran_setcap;
539 	tran->tran_init_pkt	= iscsi_tran_init_pkt;
540 	tran->tran_destroy_pkt	= iscsi_tran_destroy_pkt;
541 	tran->tran_dmafree	= iscsi_tran_dmafree;
542 	tran->tran_sync_pkt	= iscsi_tran_sync_pkt;
543 	tran->tran_reset_notify	= iscsi_tran_reset_notify;
544 	tran->tran_bus_config	= iscsi_tran_bus_config;
545 	tran->tran_bus_unconfig	= iscsi_tran_bus_unconfig;
546 
547 	tran->tran_get_name	= iscsi_tran_get_name;
548 	tran->tran_get_bus_addr	= iscsi_tran_get_bus_addr;
549 	tran->tran_interconnect_type = INTERCONNECT_ISCSI;
550 
551 	/* register scsi hba with scsa */
552 	if (scsi_hba_attach_setup(dip, &iscsi_dma_attr,
553 	    tran, SCSI_HBA_TRAN_CLONE) != DDI_SUCCESS) {
554 		goto iscsi_attach_failed1;
555 	}
556 
557 	/* register scsi hba with mdi (MPxIO/vhci) */
558 	if (mdi_phci_register(MDI_HCI_CLASS_SCSI, dip, 0) !=
559 	    MDI_SUCCESS) {
560 		ihp->hba_mpxio_enabled = B_FALSE;
561 	} else {
562 		ihp->hba_mpxio_enabled = B_TRUE;
563 	}
564 
565 	(void) iscsi_hba_kstat_init(ihp);
566 
567 	/* Initialize targetparam list */
568 	iscsi_targetparam_init();
569 
570 	/* Initialize ISID */
571 	ihp->hba_isid[0] = ISCSI_SUN_ISID_0;
572 	ihp->hba_isid[1] = ISCSI_SUN_ISID_1;
573 	ihp->hba_isid[2] = ISCSI_SUN_ISID_2;
574 	ihp->hba_isid[3] = ISCSI_SUN_ISID_3;
575 	ihp->hba_isid[4] = ISCSI_SUN_ISID_4;
576 	ihp->hba_isid[5] = ISCSI_SUN_ISID_5;
577 
578 	/* Setup iSNS transport services and client */
579 	isns_client_init();
580 
581 	/*
582 	 * initialize persistent store,
583 	 * or boot target info in case of iscsi boot
584 	 */
585 	ihp->hba_persistent_loaded = B_FALSE;
586 	if (iscsid_init(ihp) == B_FALSE) {
587 		goto iscsi_attach_failed0;
588 	}
589 
590 	/* Setup init_port_name for MPAPI */
591 	(void) snprintf(init_port_name, MAX_NAME_PROP_SIZE,
592 	    "%s,%02x%02x%02x%02x%02x%02x",
593 	    (char *)ihp->hba_name, ihp->hba_isid[0],
594 	    ihp->hba_isid[1], ihp->hba_isid[2],
595 	    ihp->hba_isid[3], ihp->hba_isid[4],
596 	    ihp->hba_isid[5]);
597 
598 	if (ddi_prop_update_string(DDI_DEV_T_NONE, dip,
599 	    SCSI_ADDR_PROP_INITIATOR_PORT, init_port_name) !=
600 	    DDI_PROP_SUCCESS) {
601 		cmn_err(CE_WARN, "iscsi_attach: Creating "
602 		    SCSI_ADDR_PROP_INITIATOR_PORT
603 		    " property on iSCSI "
604 		    "HBA(%s) with dip(%d) Failed",
605 		    (char *)ihp->hba_name,
606 		    ddi_get_instance(dip));
607 	}
608 
609 	ddi_report_dev(dip);
610 	return (DDI_SUCCESS);
611 
612 iscsi_attach_failed0:
613 	isns_client_cleanup();
614 	if (ihp->stats.ks) {
615 		(void) iscsi_hba_kstat_term(ihp);
616 	}
617 	if (ihp->hba_mpxio_enabled == B_TRUE) {
618 		(void) mdi_phci_unregister(dip, 0);
619 	}
620 	(void) scsi_hba_detach(ihp->hba_dip);
621 iscsi_attach_failed1:
622 	ddi_remove_minor_node(dip, NULL);
623 	ddi_prop_remove_all(ihp->hba_dip);
624 	scsi_hba_tran_free(tran);
625 iscsi_attach_failed2:
626 	cv_destroy(&ihp->hba_service_cv);
627 	mutex_destroy(&ihp->hba_service_lock);
628 	mutex_destroy(&ihp->hba_discovery_events_mutex);
629 	sema_destroy(&ihp->hba_sendtgts_semaphore);
630 	rw_destroy(&ihp->hba_sess_list_rwlock);
631 	ddi_soft_state_free(iscsi_state, instance);
632 iscsi_attach_failed3:
633 	cmn_err(CE_WARN, "iscsi driver unable to attach "
634 	    "hba instance %d", instance);
635 	return (DDI_FAILURE);
636 }
637 
638 /*
639  * iscsi_detach - called on unload of hba instance
640  */
641 static int
642 iscsi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
643 {
644 	int			rval		= DDI_SUCCESS;
645 	scsi_hba_tran_t		*tran		= NULL;
646 	iscsi_hba_t		*ihp		= NULL;
647 	iscsi_hba_t		*ihp_check	= NULL;
648 	int			instance;
649 	char			*init_node_name;
650 
651 	instance = ddi_get_instance(dip);
652 
653 	switch (cmd) {
654 	case DDI_DETACH:
655 		if (!(tran = (scsi_hba_tran_t *)ddi_get_driver_private(dip))) {
656 			rval = DDI_SUCCESS;
657 			break;
658 		}
659 
660 		if ((ihp = (iscsi_hba_t *)tran->tran_hba_private) == NULL) {
661 			rval =  DDI_FAILURE;
662 			break;
663 		}
664 
665 		/*
666 		 * Validate that what is stored by the DDI framework is still
667 		 * the same state structure referenced by the SCSI framework
668 		 */
669 		ihp_check = ddi_get_soft_state(iscsi_state, instance);
670 		if (ihp_check != ihp) {
671 			rval = DDI_FAILURE;
672 			break;
673 		}
674 
675 		/* If a session exists we can't safely detach */
676 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
677 		if (ihp->hba_sess_list != NULL) {
678 			rw_exit(&ihp->hba_sess_list_rwlock);
679 			rval = DDI_FAILURE;
680 			break;
681 		}
682 		rw_exit(&ihp->hba_sess_list_rwlock);
683 
684 		/* Disable all discovery services */
685 		if (iscsid_disable_discovery(ihp,
686 		    ISCSI_ALL_DISCOVERY_METHODS) == B_FALSE) {
687 			/* Disable failed.  Fail detach */
688 			rval = DDI_FAILURE;
689 			break;
690 		}
691 
692 		/* Deregister from iSNS server(s). */
693 		init_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
694 		if (persistent_initiator_name_get(init_node_name,
695 		    ISCSI_MAX_NAME_LEN) == B_TRUE) {
696 			if (strlen(init_node_name) > 0) {
697 				(void) isns_dereg(ihp->hba_isid,
698 				    (uint8_t *)init_node_name);
699 			}
700 		}
701 		kmem_free(init_node_name, ISCSI_MAX_NAME_LEN);
702 		init_node_name = NULL;
703 
704 		/* Cleanup iSNS Client */
705 		isns_client_cleanup();
706 
707 		iscsi_targetparam_cleanup();
708 
709 		/* Cleanup iscsid resources */
710 		iscsid_fini();
711 
712 		if (rval != DDI_SUCCESS) {
713 			break;
714 		}
715 		/* kstat hba. destroy */
716 		KSTAT_DEC_HBA_CNTR_SESS(ihp);
717 
718 		if (ihp->hba_mpxio_enabled == B_TRUE) {
719 			(void) mdi_phci_unregister(dip, 0);
720 		}
721 		ddi_remove_minor_node(dip, NULL);
722 
723 		ddi_prop_remove_all(ihp->hba_dip);
724 
725 		ldi_ident_release(ihp->hba_li);
726 
727 		cv_destroy(&ihp->hba_service_cv);
728 		mutex_destroy(&ihp->hba_service_lock);
729 		mutex_destroy(&ihp->hba_discovery_events_mutex);
730 		rw_destroy(&ihp->hba_sess_list_rwlock);
731 		(void) iscsi_hba_kstat_term(ihp);
732 
733 		(void) scsi_hba_detach(dip);
734 		if (tran != NULL) {
735 			scsi_hba_tran_free(tran);
736 		}
737 		ddi_soft_state_free(iscsi_state, instance);
738 		break;
739 	default:
740 		break;
741 	}
742 
743 	if (rval != DDI_SUCCESS) {
744 		cmn_err(CE_WARN, "iscsi driver unable to "
745 		    "detach hba instance %d", instance);
746 	}
747 
748 	return (rval);
749 }
750 
751 /*
752  * +--------------------------------------------------------------------+
753  * | End of dev_ops routines						|
754  * +--------------------------------------------------------------------+
755  */
756 
757 /*
758  * +--------------------------------------------------------------------+
759  * | scsi_tran(9E) routines						|
760  * +--------------------------------------------------------------------+
761  */
762 
763 /*
764  * iscsi_tran_lun_init - Find target device based on SCSI device
765  * Based on the information given (SCSI device, target dev_info) find
766  * the target iSCSI device and put a pointer to that information in
767  * the scsi_hba_tran_t structure.
768  */
769 static int
770 iscsi_tran_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
771     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
772 {
773 	int		rval	= 0;
774 	int		type	= 0;
775 
776 	ASSERT(hba_tran->tran_hba_private != NULL);
777 
778 	/*
779 	 * Child node is getting initialized.  Look at the mpxio component
780 	 * type on the child device to see if this device is mpxio managed
781 	 * or not.
782 	 */
783 	type = mdi_get_component_type(lun_dip);
784 	if (type != MDI_COMPONENT_CLIENT) {
785 		rval = iscsi_phys_lun_init(hba_dip, lun_dip, hba_tran, sd);
786 	} else {
787 		rval = iscsi_virt_lun_init(hba_dip, lun_dip, hba_tran, sd);
788 	}
789 
790 	return (rval);
791 }
792 
793 /*
794  * iscsi_tran_lun_probe - This function didn't need to be implemented.
795  * We could have left NULL in the tran table.  Since this isn't a
796  * performance path this seems safe.  We are just wrappering the
797  * function so we can see the call go through if we have debugging
798  * enabled.
799  */
800 static int
801 iscsi_tran_lun_probe(struct scsi_device *sd, int (*callback) ())
802 {
803 	int rval = 0;
804 
805 	rval = scsi_hba_probe(sd, callback);
806 
807 	return (rval);
808 }
809 
810 /*
811  * iscsi_init_pkt - Allocate SCSI packet and fill in required info.
812  */
813 /* ARGSUSED */
814 static struct scsi_pkt *
815 iscsi_tran_init_pkt(struct scsi_address *ap, struct scsi_pkt *pkt,
816     struct buf *bp, int cmdlen, int statuslen, int tgtlen, int flags,
817     int (*callback) (), caddr_t arg)
818 {
819 	iscsi_lun_t *ilp;
820 	iscsi_cmd_t *icmdp;
821 
822 	ASSERT(ap != NULL);
823 	ASSERT(callback == NULL_FUNC || callback == SLEEP_FUNC);
824 
825 	/*
826 	 * The software stack doesn't have DMA which means the iSCSI
827 	 * protocol layer will be doing a bcopy from bp to outgoing
828 	 * streams buffers. Make sure that the buffer is mapped in
829 	 * so that the copy won't panic the system.
830 	 */
831 	if (bp && (bp->b_bcount != 0) &&
832 	    bp_mapin_common(bp, (callback == NULL_FUNC) ?
833 	    VM_NOSLEEP : VM_SLEEP) == NULL) {
834 		return (NULL);
835 	}
836 
837 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
838 	ASSERT(ilp != NULL);
839 
840 	if (pkt == NULL) {
841 		pkt = scsi_hba_pkt_alloc(ilp->lun_sess->sess_hba->hba_dip,
842 		    ap, cmdlen, statuslen, tgtlen, sizeof (iscsi_cmd_t),
843 		    callback, arg);
844 		if (pkt == NULL) {
845 			return (NULL);
846 		}
847 		icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
848 		icmdp->cmd_sig			= ISCSI_SIG_CMD;
849 		icmdp->cmd_state		= ISCSI_CMD_STATE_FREE;
850 		icmdp->cmd_lun			= ilp;
851 		icmdp->cmd_type			= ISCSI_CMD_TYPE_SCSI;
852 		/* add the report lun addressing type on to the lun */
853 		icmdp->cmd_un.scsi.lun		= ilp->lun_addr_type << 14;
854 		icmdp->cmd_un.scsi.lun		= icmdp->cmd_un.scsi.lun |
855 		    ilp->lun_num;
856 		icmdp->cmd_un.scsi.pkt		= pkt;
857 		icmdp->cmd_un.scsi.bp		= bp;
858 		icmdp->cmd_un.scsi.cmdlen	= cmdlen;
859 		icmdp->cmd_un.scsi.statuslen	= statuslen;
860 		icmdp->cmd_crc_error_seen	= B_FALSE;
861 		icmdp->cmd_misc_flags		= 0;
862 		if (flags & PKT_XARQ) {
863 			icmdp->cmd_misc_flags |= ISCSI_CMD_MISCFLAG_XARQ;
864 		}
865 
866 
867 		idm_sm_audit_init(&icmdp->cmd_state_audit);
868 
869 		mutex_init(&icmdp->cmd_mutex, NULL, MUTEX_DRIVER, NULL);
870 		cv_init(&icmdp->cmd_completion, NULL, CV_DRIVER, NULL);
871 
872 		pkt->pkt_address		= *ap;
873 		pkt->pkt_comp			= (void (*)())NULL;
874 		pkt->pkt_flags			= 0;
875 		pkt->pkt_time			= 0;
876 		pkt->pkt_resid			= 0;
877 		pkt->pkt_statistics		= 0;
878 		pkt->pkt_reason			= 0;
879 	}
880 	return (pkt);
881 }
882 
883 /*
884  * iscsi_tran_lun_free - Free a SCSI LUN
885  */
886 static void
887 iscsi_tran_lun_free(dev_info_t *hba_dip, dev_info_t *lun_dip,
888     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
889 {
890 	iscsi_lun_t *ilp = NULL;
891 
892 	ASSERT(hba_dip != NULL);
893 	ASSERT(lun_dip != NULL);
894 	ASSERT(hba_tran != NULL);
895 	ASSERT(sd != NULL);
896 	ilp = (iscsi_lun_t *)hba_tran->tran_tgt_private;
897 	ASSERT(ilp != NULL);
898 
899 	(void) mdi_prop_remove(ilp->lun_pip, NULL);
900 }
901 
902 /*
903  * iscsi_start -- Start a SCSI transaction based on the packet
904  * This will attempt to add the icmdp to the pending queue
905  * for the connection and kick the queue.  If the enqueue
906  * fails that means the queue is full.
907  */
908 static int
909 iscsi_tran_start(struct scsi_address *ap, struct scsi_pkt *pkt)
910 {
911 	iscsi_lun_t	*ilp		= NULL;
912 	iscsi_sess_t	*isp		= NULL;
913 	iscsi_cmd_t	*icmdp		= NULL;
914 	uint_t		flags;
915 
916 	ASSERT(ap != NULL);
917 	ASSERT(pkt != NULL);
918 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
919 	isp = (iscsi_sess_t *)ilp->lun_sess;
920 	icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
921 	flags = pkt->pkt_flags;
922 	ASSERT(ilp != NULL);
923 	ASSERT(isp != NULL);
924 	ASSERT(icmdp != NULL);
925 
926 	/*
927 	 * If the session is in the FREE state then
928 	 * all connections are down and retries have
929 	 * been exhausted.  Fail command with fatal error.
930 	 */
931 	rw_enter(&isp->sess_state_rwlock, RW_READER);
932 	if (isp->sess_state == ISCSI_SESS_STATE_FREE) {
933 		rw_exit(&isp->sess_state_rwlock);
934 		return (TRAN_FATAL_ERROR);
935 	}
936 
937 	/*
938 	 * If we haven't received data from the target in the
939 	 * max specified period something is wrong with the
940 	 * transport.  Fail IO with FATAL_ERROR.
941 	 */
942 	if (isp->sess_rx_lbolt + SEC_TO_TICK(iscsi_rx_max_window) <
943 	    ddi_get_lbolt()) {
944 		rw_exit(&isp->sess_state_rwlock);
945 		return (TRAN_FATAL_ERROR);
946 	}
947 
948 	/*
949 	 * If the session is not in LOGGED_IN then we have
950 	 * no connections LOGGED_IN, but we haven't exhuasted
951 	 * our retries.  Fail the command with busy so the
952 	 * caller might try again later.  Once retries are
953 	 * exhausted the state machine will move us to FREE.
954 	 */
955 	if (isp->sess_state != ISCSI_SESS_STATE_LOGGED_IN) {
956 		rw_exit(&isp->sess_state_rwlock);
957 		return (TRAN_BUSY);
958 	}
959 
960 	/*
961 	 * If we haven't received data from the target in the
962 	 * specified period something is probably wrong with
963 	 * the transport.  Just return back BUSY until either
964 	 * the problem is resolved of the transport fails.
965 	 */
966 	if (isp->sess_rx_lbolt + SEC_TO_TICK(iscsi_rx_window) <
967 	    ddi_get_lbolt()) {
968 		rw_exit(&isp->sess_state_rwlock);
969 		return (TRAN_BUSY);
970 	}
971 
972 
973 	/* reset cmd values in case upper level driver is retrying cmd */
974 	icmdp->cmd_prev = icmdp->cmd_next = NULL;
975 	icmdp->cmd_crc_error_seen = B_FALSE;
976 	icmdp->cmd_lbolt_pending = icmdp->cmd_lbolt_active =
977 	    icmdp->cmd_lbolt_aborting = icmdp->cmd_lbolt_timeout =
978 	    (clock_t)NULL;
979 	icmdp->cmd_itt = icmdp->cmd_ttt = 0;
980 	icmdp->cmd_un.scsi.abort_icmdp = NULL;
981 
982 	mutex_enter(&isp->sess_queue_pending.mutex);
983 	iscsi_cmd_state_machine(icmdp, ISCSI_CMD_EVENT_E1, isp);
984 	mutex_exit(&isp->sess_queue_pending.mutex);
985 	rw_exit(&isp->sess_state_rwlock);
986 
987 	/*
988 	 * If this packet doesn't have FLAG_NOINTR set, it could have
989 	 * already run to completion (and the memory freed) at this
990 	 * point, so check our local copy of pkt_flags.  Otherwise we
991 	 * have to wait for completion before returning to the caller.
992 	 */
993 	if (flags & FLAG_NOINTR) {
994 		mutex_enter(&icmdp->cmd_mutex);
995 		while ((icmdp->cmd_state != ISCSI_CMD_STATE_COMPLETED) ||
996 		    (icmdp->cmd_un.scsi.r2t_icmdp != NULL) ||
997 		    (icmdp->cmd_un.scsi.abort_icmdp != NULL) ||
998 		    (icmdp->cmd_un.scsi.r2t_more == B_TRUE)) {
999 			cv_wait(&icmdp->cmd_completion, &icmdp->cmd_mutex);
1000 		}
1001 		icmdp->cmd_state = ISCSI_CMD_STATE_FREE;
1002 		mutex_exit(&icmdp->cmd_mutex);
1003 	}
1004 
1005 	return (TRAN_ACCEPT);
1006 }
1007 
1008 /*
1009  * iscsi_tran_abort - Called when an upper level application
1010  * or driver wants to kill a scsi_pkt that was already sent to
1011  * this driver.
1012  */
1013 /* ARGSUSED */
1014 static int
1015 iscsi_tran_abort(struct scsi_address *ap, struct scsi_pkt *pkt)
1016 {
1017 	return (0);
1018 }
1019 
1020 /*
1021  * iscsi_tran_reset - Reset target at either BUS, TARGET, or LUN
1022  * level.  This will require the issuing of a task management
1023  * command down to the target/lun.
1024  */
1025 static int
1026 iscsi_tran_reset(struct scsi_address *ap, int level)
1027 {
1028 	int		rval    = ISCSI_STATUS_INTERNAL_ERROR;
1029 	iscsi_sess_t	*isp    = NULL;
1030 	iscsi_lun_t	*ilp    = NULL;
1031 
1032 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
1033 	ASSERT(ilp != NULL);
1034 	isp = ilp->lun_sess;
1035 	ASSERT(isp != NULL);
1036 
1037 	switch (level) {
1038 	case RESET_LUN:
1039 		/* reset attempt will block until attempt is complete */
1040 		rval = iscsi_handle_reset(isp, level, ilp);
1041 		break;
1042 	case RESET_BUS:
1043 		/*
1044 		 * What are we going to realy reset the ethernet
1045 		 * network!?  Just fall through to a target reset.
1046 		 */
1047 	case RESET_TARGET:
1048 		/* reset attempt will block until attempt is complete */
1049 		rval = iscsi_handle_reset(isp, level, NULL);
1050 		break;
1051 	case RESET_ALL:
1052 	default:
1053 		break;
1054 	}
1055 
1056 	return (ISCSI_SUCCESS(rval) ? 1 : 0);
1057 }
1058 
1059 /*
1060  * iscsi_tran_getcap - Get target/lun capabilities.
1061  */
1062 static int
1063 iscsi_tran_getcap(struct scsi_address *ap, char *cap, int whom)
1064 {
1065 	return (iscsi_i_commoncap(ap, cap, 0, whom, 0));
1066 }
1067 
1068 
1069 /*
1070  * iscsi_tran_setcap - Set target/lun capabilities.
1071  */
1072 /* ARGSUSED */
1073 static int
1074 iscsi_tran_setcap(struct scsi_address *ap, char *cap, int value, int whom)
1075 {
1076 	return (iscsi_i_commoncap(ap, cap, value, whom, 1));
1077 }
1078 
1079 
1080 /*
1081  * iscsi_tran_destroy_pkt - Clean up packet
1082  */
1083 static void
1084 iscsi_tran_destroy_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
1085 {
1086 	iscsi_cmd_t	*icmdp;
1087 
1088 	icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
1089 
1090 	ASSERT(icmdp != NULL);
1091 	ASSERT(icmdp->cmd_sig == ISCSI_SIG_CMD);
1092 	ASSERT(icmdp->cmd_state == ISCSI_CMD_STATE_FREE);
1093 
1094 	mutex_destroy(&icmdp->cmd_mutex);
1095 	cv_destroy(&icmdp->cmd_completion);
1096 	scsi_hba_pkt_free(ap, pkt);
1097 }
1098 
1099 /*
1100  * iscsi_tran_dmafree - This is a software driver, NO DMA
1101  */
1102 /* ARGSUSED */
1103 static void
1104 iscsi_tran_dmafree(struct scsi_address *ap, struct scsi_pkt *pkt)
1105 {
1106 	/*
1107 	 * The iSCSI interface doesn't deal with DMA
1108 	 */
1109 }
1110 
1111 /*
1112  * iscsi_tran_sync_pkt - This is a software driver, NO DMA
1113  */
1114 /* ARGSUSED */
1115 static void
1116 iscsi_tran_sync_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
1117 {
1118 	/*
1119 	 * The iSCSI interface doesn't deal with DMA
1120 	 */
1121 }
1122 
1123 /*
1124  * iscsi_tran_reset_notify - We don't support BUS_RESET so there
1125  * is no point in support callback.
1126  */
1127 /* ARGSUSED */
1128 static int
1129 iscsi_tran_reset_notify(struct scsi_address *ap, int flag,
1130     void (*callback) (caddr_t), caddr_t arg)
1131 {
1132 
1133 	/*
1134 	 * We never do BUS_RESETS so allowing this call
1135 	 * back to register has no point?
1136 	 */
1137 	return (DDI_SUCCESS);
1138 }
1139 
1140 
1141 /*
1142  * iscsi_tran_bus_config - on demand device configuration
1143  *
1144  * iscsi_tran_bus_config is called by the NDI layer at the completion
1145  * of a dev_node creation.  There are two primary cases defined in this
1146  * function.  The first is BUS_CONFIG_ALL.  In this case the NDI is trying
1147  * to identify that targets/luns are available configured at that point
1148  * in time.  It is safe to just complete the process succcessfully.  The
1149  * second case is a new case that was defined in S10 for devfs.  BUS_CONFIG_ONE
1150  * this is to help driver the top down discovery instead of bottom up.  If
1151  * we receive a BUS_CONFIG_ONE we should check to see if the <addr> exists
1152  * if so complete successfull processing.  Otherwise we should call the
1153  * deamon and see if we can plumb the <addr>.  If it is possible to plumb the
1154  * <addr> block until plumbing is complete.  In both cases of being able to
1155  * plumb <addr> or not continue with successfull processing.
1156  */
1157 static int
1158 iscsi_tran_bus_config(dev_info_t *parent, uint_t flags,
1159     ddi_bus_config_op_t op, void *arg, dev_info_t **childp)
1160 {
1161 	int		rval	= NDI_SUCCESS;
1162 	iscsi_hba_t	*ihp	= NULL;
1163 	int		iflags	= flags;
1164 	char		*name	= NULL;
1165 	char		*ptr	= NULL;
1166 	boolean_t	config_root = B_FALSE;
1167 
1168 	/* get reference to soft state */
1169 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1170 	    ddi_get_instance(parent));
1171 	if (ihp == NULL) {
1172 		return (NDI_FAILURE);
1173 	}
1174 
1175 	iscsi_check_miniroot(ihp);
1176 	if ((modrootloaded == 0) && (iscsiboot_prop != NULL)) {
1177 		config_root = B_TRUE;
1178 	}
1179 
1180 	if (config_root == B_FALSE) {
1181 		if (iscsi_client_request_service(ihp) == B_FALSE) {
1182 			return (NDI_FAILURE);
1183 		}
1184 	}
1185 
1186 	/* lock so only one config operation occrs */
1187 	sema_p(&iscsid_config_semaphore);
1188 
1189 	switch (op) {
1190 	case BUS_CONFIG_ONE:
1191 		/* parse target name out of name given */
1192 		if ((ptr = strchr((char *)arg, '@')) == NULL) {
1193 			rval = NDI_FAILURE;
1194 			break;
1195 		}
1196 		ptr++;		/* move past '@' */
1197 		name = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
1198 		(void) strncpy(name, ptr, MAX_GET_NAME_SIZE);
1199 		/* We need to strip the LUN */
1200 		if ((ptr = strchr(name, ',')) == NULL) {
1201 			rval = NDI_FAILURE;
1202 			kmem_free(name, MAX_GET_NAME_SIZE);
1203 			name = NULL;
1204 			break;
1205 		}
1206 		/* We also need to strip the 4 bytes of hex TPGT */
1207 		ptr -= 4;
1208 		if (ptr <= name) {
1209 			rval = NDI_FAILURE;
1210 			kmem_free(name, MAX_GET_NAME_SIZE);
1211 			name = NULL;
1212 			break;
1213 		}
1214 		*ptr = '\0';		/* NULL terminate */
1215 
1216 		/* translate name back to original iSCSI name */
1217 		iscsi_get_name_to_iqn(name, MAX_GET_NAME_SIZE);
1218 
1219 		/* configure target, skip 4 byte ISID */
1220 		iscsid_config_one(ihp, (name+4), B_TRUE);
1221 
1222 		kmem_free(name, MAX_GET_NAME_SIZE);
1223 		name = NULL;
1224 
1225 		/*
1226 		 * DDI group instructed us to use this flag.
1227 		 */
1228 		iflags |= NDI_MDI_FALLBACK;
1229 		break;
1230 	case BUS_CONFIG_DRIVER:
1231 		/* FALLTHRU */
1232 	case BUS_CONFIG_ALL:
1233 		iscsid_config_all(ihp, B_TRUE);
1234 		break;
1235 	default:
1236 		rval = NDI_FAILURE;
1237 		break;
1238 	}
1239 
1240 	if (rval == NDI_SUCCESS) {
1241 		rval = ndi_busop_bus_config(parent, iflags,
1242 		    op, arg, childp, 0);
1243 	}
1244 	sema_v(&iscsid_config_semaphore);
1245 
1246 	if (config_root == B_FALSE) {
1247 		iscsi_client_release_service(ihp);
1248 	}
1249 
1250 	return (rval);
1251 }
1252 
1253 /*
1254  * iscsi_tran_bus_unconfig - on demand device unconfiguration
1255  *
1256  * Called by the os framework under low resource situations.
1257  * It will attempt to unload our minor nodes (logical units
1258  * ndi/mdi nodes).
1259  */
1260 static int
1261 iscsi_tran_bus_unconfig(dev_info_t *parent, uint_t flag,
1262     ddi_bus_config_op_t op, void *arg)
1263 {
1264 	int		rval = NDI_SUCCESS;
1265 	iscsi_hba_t	*ihp = NULL;
1266 
1267 	/* get reference to soft state */
1268 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1269 	    ddi_get_instance(parent));
1270 	if (ihp == NULL) {
1271 		return (NDI_FAILURE);
1272 	}
1273 
1274 	if (iscsi_client_request_service(ihp) == B_FALSE) {
1275 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1276 		if (ihp->hba_sess_list != NULL) {
1277 			rval = NDI_FAILURE;
1278 		}
1279 		rw_exit(&ihp->hba_sess_list_rwlock);
1280 		return (rval);
1281 	}
1282 
1283 	rval = ndi_busop_bus_unconfig(parent, flag, op, arg);
1284 
1285 	iscsi_client_release_service(ihp);
1286 
1287 	return (rval);
1288 }
1289 
1290 
1291 /*
1292  * iscsi_tran_get_name - create private /devices name for LUN
1293  *
1294  * This creates the <addr> in /devices/iscsi/<driver>@<addr>
1295  * path.  For this <addr> we return the <session/target_name>,<lun num>
1296  * Where <target_name> is an <iqn/eui/...> as defined by the iSCSI
1297  * specification.  We do modify the name slightly so that it still
1298  * complies with the IEEE <addr> naming scheme.  This means that we
1299  * will substitute out the ':', '@', ... and other reserved characters
1300  * defined in the IEEE definition with '%<hex value of special char>'
1301  * This routine is indirectly called by iscsi_lun_create_xxx.  These
1302  * calling routines must prevent the session and lun lists from changing
1303  * during this routine.
1304  */
1305 static int
1306 iscsi_tran_get_name(struct scsi_device *sd, char *name, int len)
1307 {
1308 	int		target		= 0;
1309 	int		lun		= 0;
1310 	iscsi_hba_t	*ihp		= NULL;
1311 	iscsi_sess_t	*isp		= NULL;
1312 	iscsi_lun_t	*ilp		= NULL;
1313 	dev_info_t	*lun_dip	= NULL;
1314 
1315 	ASSERT(sd != NULL);
1316 	ASSERT(name != NULL);
1317 	lun_dip = sd->sd_dev;
1318 	ASSERT(lun_dip != NULL);
1319 
1320 	/* get reference to soft state */
1321 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1322 	    ddi_get_instance(ddi_get_parent(lun_dip)));
1323 	if (ihp == NULL) {
1324 		name[0] = '\0';
1325 		return (0);
1326 	}
1327 
1328 	/* Get the target num */
1329 	target = ddi_prop_get_int(DDI_DEV_T_ANY, sd->sd_dev,
1330 	    DDI_PROP_DONTPASS, TARGET_PROP, 0);
1331 
1332 	/* Get the target num */
1333 	lun = ddi_prop_get_int(DDI_DEV_T_ANY, sd->sd_dev,
1334 	    DDI_PROP_DONTPASS, LUN_PROP, 0);
1335 
1336 	/*
1337 	 * Now we need to find our ilp by walking the lists
1338 	 * off the ihp and isp.
1339 	 */
1340 	/* See if we already created this session */
1341 
1342 	/* Walk the HBA's session list */
1343 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
1344 		/* compare target name as the unique identifier */
1345 		if (target == isp->sess_oid) {
1346 			/* found match */
1347 			break;
1348 		}
1349 	}
1350 
1351 	/* If we found matching session continue searching for tgt */
1352 	if (isp == NULL) {
1353 		/* sess not found */
1354 		name[0] = '\0';
1355 		return (0);
1356 	}
1357 
1358 	/*
1359 	 * Search for the matching iscsi lun structure.  We don't
1360 	 * need to hold the READER for the lun list at this point.
1361 	 * because the tran_get_name is being called from the online
1362 	 * function which is already holding a reader on the lun
1363 	 * list.
1364 	 */
1365 	for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
1366 		if (lun == ilp->lun_num) {
1367 			/* found match */
1368 			break;
1369 		}
1370 	}
1371 
1372 	if (ilp == NULL) {
1373 		/* tgt not found */
1374 		name[0] = '\0';
1375 		return (0);
1376 	}
1377 
1378 	/* Ensure enough space for lun_addr is available */
1379 	ASSERT(ilp->lun_addr != NULL);
1380 	if ((strlen(ilp->lun_addr) + 1) > len) {
1381 		return (0);
1382 	}
1383 
1384 	/* copy lun_addr name */
1385 	(void) strcpy(name, ilp->lun_addr);
1386 
1387 	/*
1388 	 * Based on IEEE-1275 we can't have any ':', ' ', '@', or '/'
1389 	 * characters in our naming.  So replace all those characters
1390 	 * with '-'
1391 	 */
1392 	iscsi_get_name_from_iqn(name, len);
1393 
1394 	return (1);
1395 }
1396 
1397 /*
1398  * iscsi_tran_get_bus_addr - This returns a human readable string
1399  * for the bus address.  Examining most other drivers fcp, etc.  They
1400  * all just return the same string as tran_get_name.  In our case
1401  * our tran get name is already some what usable so leave alone.
1402  */
1403 static int
1404 iscsi_tran_get_bus_addr(struct scsi_device *sd, char *name, int len)
1405 {
1406 	return (iscsi_tran_get_name(sd, name, len));
1407 }
1408 
1409 
1410 /*
1411  * +--------------------------------------------------------------------+
1412  * | End of scsi_tran routines					  |
1413  * +--------------------------------------------------------------------+
1414  */
1415 
1416 /*
1417  * +--------------------------------------------------------------------+
1418  * | Start of cb_ops routines					   |
1419  * +--------------------------------------------------------------------+
1420  */
1421 
1422 /*
1423  * iscsi_open - Driver should be made IOCTL MT safe.  Otherwise
1424  * this function needs updated.
1425  */
1426 /* ARGSUSED */
1427 static int
1428 iscsi_open(dev_t *devp, int flags, int otyp, cred_t *credp)
1429 {
1430 	return (0);
1431 }
1432 
1433 /*
1434  * iscsi_close -
1435  */
1436 /* ARGSUSED */
1437 static int
1438 iscsi_close(dev_t dev, int flags, int otyp, cred_t *credp)
1439 {
1440 	return (0);
1441 }
1442 
1443 /*
1444  * iscsi_ioctl -
1445  */
1446 /* ARGSUSED */
1447 static int
1448 iscsi_ioctl(dev_t dev, int cmd, intptr_t arg, int mode,
1449     cred_t *credp, int *rvalp)
1450 {
1451 	int			rtn		= 0;
1452 	int			instance	= 0;
1453 	int			list_space	= 0;
1454 	int			lun_sz		= 0;
1455 	int			did;
1456 	int			retry;
1457 	iscsi_hba_t		*ihp		= NULL;
1458 	iscsi_sess_t		*isp		= NULL;
1459 	iscsi_conn_t		*icp		= NULL;
1460 	iscsi_login_params_t	*params		= NULL;
1461 	iscsi_login_params_t	*tmpParams	= NULL;
1462 	uchar_t			*name		= NULL;
1463 	dev_info_t		*lun_dip	= NULL;
1464 
1465 	entry_t			    e;
1466 	iscsi_oid_t		    oid;
1467 	iscsi_property_t	    *ipp;
1468 	iscsi_static_property_t	    *ispp;
1469 	iscsi_param_get_t	    *ilg;
1470 	iscsi_param_set_t	    *ils;
1471 	iscsi_target_list_t	    idl, *idlp		= NULL;
1472 	iscsi_addr_list_t	    ial, *ialp		= NULL;
1473 	iscsi_chap_props_t	    *chap		= NULL;
1474 	iscsi_radius_props_t	    *radius		= NULL;
1475 	iscsi_auth_props_t	    *auth		= NULL;
1476 	iscsi_lun_list_t	    *ll, *llp		= NULL;
1477 	iscsi_lun_props_t	    *lun		= NULL;
1478 	iscsi_lun_t		    *ilp		= NULL;
1479 	iSCSIDiscoveryMethod_t	    method;
1480 	iSCSIDiscoveryProperties_t  discovery_props;
1481 	iscsi_uscsi_t		    iu;
1482 	iscsi_uscsi_t		    iu_caller;
1483 #ifdef _MULTI_DATAMODEL
1484 	/* For use when a 32 bit app makes a call into a 64 bit ioctl */
1485 	iscsi_uscsi32_t		    iu32_caller;
1486 	model_t			    model;
1487 #endif /* _MULTI_DATAMODEL */
1488 	void			    *void_p;
1489 	iscsi_sendtgts_list_t	*stl_hdr;
1490 	iscsi_sendtgts_list_t	*istl;
1491 	int			stl_sz;
1492 	iscsi_target_entry_t	*target;
1493 	uint32_t		old_oid;
1494 	uint32_t		target_oid;
1495 	iscsi_targetparam_entry_t *curr_entry;
1496 	char			*initiator_node_name;
1497 	char			*initiator_node_alias;
1498 	isns_portal_group_list_t    *pg_list = NULL;
1499 	isns_server_portal_group_list_t    *server_pg_list_hdr = NULL;
1500 	isns_server_portal_group_list_t    *server_pg_list = NULL;
1501 	int			pg_list_sz, pg_sz_copy_out, server_pg_list_sz;
1502 	iscsi_config_sess_t	*ics;
1503 	int			size;
1504 	boolean_t		rval;
1505 	char			init_port_name[MAX_NAME_PROP_SIZE];
1506 	iscsi_sockaddr_t	addr_dsc;
1507 	iscsi_boot_property_t	*bootProp;
1508 	boolean_t		discovered = B_TRUE;
1509 	iscsi_tunable_object_t	*tpsg;
1510 	iscsi_tunable_object_t	*tpss;
1511 	iscsi_reen_t	*reenum;
1512 
1513 	instance = getminor(dev);
1514 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state, instance);
1515 	if (ihp == NULL)
1516 		return (EFAULT);
1517 
1518 	iscsi_check_miniroot(ihp);
1519 	if ((cmd != ISCSI_SMF_ONLINE) && (cmd != ISCSI_SMF_OFFLINE) &&
1520 	    (cmd != ISCSI_SMF_GET)) {
1521 		/* other cmd needs to acquire the service */
1522 		if (iscsi_client_request_service(ihp) == B_FALSE) {
1523 			return (EFAULT);
1524 		}
1525 	}
1526 
1527 	switch (cmd) {
1528 	/*
1529 	 * ISCSI_CREATE_OID - Create a Object IDentifier for a TargetName
1530 	 */
1531 	case ISCSI_CREATE_OID:
1532 		if (ddi_copyin((caddr_t)arg, &oid, sizeof (oid), mode)) {
1533 			rtn = EFAULT;
1534 			break;
1535 		}
1536 		if (oid.o_vers != ISCSI_INTERFACE_VERSION) {
1537 			rtn = EINVAL;
1538 			break;
1539 		}
1540 
1541 		/* Set the target that this session is associated with */
1542 		oid.o_oid = iscsi_targetparam_get_oid(oid.o_name);
1543 
1544 		if (ddi_copyout(&oid, (caddr_t)arg, sizeof (oid), mode)) {
1545 			rtn = EFAULT;
1546 			break;
1547 		}
1548 		break;
1549 	/*
1550 	 * ISCSI_PARAM_GET - Get param for specified
1551 	 * connection/session.
1552 	 */
1553 	case ISCSI_PARAM_GET:
1554 		/* copyin user args */
1555 		ilg = (iscsi_param_get_t *)kmem_alloc(sizeof (*ilg), KM_SLEEP);
1556 		if (ddi_copyin((caddr_t)arg, ilg, sizeof (*ilg), mode)) {
1557 			rtn = EFAULT;
1558 			kmem_free(ilg, sizeof (*ilg));
1559 			break;
1560 		}
1561 
1562 		if (ilg->g_vers != ISCSI_INTERFACE_VERSION) {
1563 			rtn = EINVAL;
1564 			kmem_free(ilg, sizeof (*ilg));
1565 			break;
1566 		}
1567 
1568 		/* handle special case for Initiator name */
1569 		if (ilg->g_param == ISCSI_LOGIN_PARAM_INITIATOR_NAME) {
1570 			(void) strlcpy((char *)ilg->g_value.v_name,
1571 			    (char *)ihp->hba_name, ISCSI_MAX_NAME_LEN);
1572 		} else if (ilg->g_param == ISCSI_LOGIN_PARAM_INITIATOR_ALIAS) {
1573 			if (ihp->hba_alias_length == 0) {
1574 				rtn = EINVAL;
1575 			} else {
1576 				(void) strlcpy((char *)ilg->g_value.v_name,
1577 				    (char *)ihp->hba_alias, ISCSI_MAX_NAME_LEN);
1578 			}
1579 		} else {
1580 			/* To describe the validity of the requested param */
1581 			boolean_t valid_flag = B_TRUE;
1582 
1583 			name = NULL;
1584 
1585 			/*
1586 			 * switch login based if looking for initiator
1587 			 * params
1588 			 */
1589 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1590 			if (ilg->g_oid == ihp->hba_oid) {
1591 				/* initiator */
1592 				params = &ihp->hba_params;
1593 				name = ihp->hba_name;
1594 				if (iscsi_get_persisted_param(name,
1595 				    ilg, params) != 0) {
1596 					valid_flag = B_FALSE;
1597 				}
1598 			} else {
1599 				/*
1600 				 * If the oid does represent a session check
1601 				 * to see if it is a target oid.  If so,
1602 				 * return the target's associated session.
1603 				 */
1604 				rtn = iscsi_sess_get(ilg->g_oid, ihp, &isp);
1605 				if (rtn != 0) {
1606 					rtn = iscsi_sess_get_by_target(
1607 					    ilg->g_oid, ihp, &isp);
1608 				}
1609 
1610 				/*
1611 				 * If rtn is zero then we have found an
1612 				 * existing session.  Use the session name to
1613 				 * do param lookup.  If rtn is non-zero then
1614 				 * create a targetparam object and use its name
1615 				 * for param lookup.
1616 				 */
1617 				if (rtn == 0) {
1618 					name = isp->sess_name;
1619 					params = &isp->sess_params;
1620 				} else {
1621 					name =
1622 					    iscsi_targetparam_get_name(
1623 					    ilg->g_oid);
1624 					if (ilg->g_param_type ==
1625 					    ISCSI_SESS_PARAM) {
1626 						tmpParams =
1627 						    (iscsi_login_params_t *)
1628 						    kmem_alloc(
1629 						    sizeof (*tmpParams),
1630 						    KM_SLEEP);
1631 						params = tmpParams;
1632 					}
1633 					rtn = 0;
1634 				}
1635 
1636 				if (name == NULL) {
1637 					rw_exit(
1638 					    &ihp->hba_sess_list_rwlock);
1639 					rtn = EFAULT;
1640 					kmem_free(ilg, sizeof (*ilg));
1641 					if (tmpParams != NULL)
1642 						kmem_free(tmpParams,
1643 						    sizeof (*tmpParams));
1644 
1645 					break;
1646 				}
1647 
1648 				if (ilg->g_param_type == ISCSI_SESS_PARAM) {
1649 					/* session */
1650 					/*
1651 					 * Update sess_params with the
1652 					 * latest params from the
1653 					 * persistent store.
1654 					 */
1655 					if (iscsi_get_persisted_param(name,
1656 					    ilg, params) != 0) {
1657 						/*
1658 						 * If the parameter in
1659 						 * question is not
1660 						 * overriden, no effect
1661 						 * on existing session
1662 						 * parameters. However,
1663 						 * the parameter is
1664 						 * marked invalid
1665 						 * (from the standpoint
1666 						 * of whether it is
1667 						 * overriden).
1668 						 */
1669 						valid_flag = B_FALSE;
1670 					}
1671 				} else if (ilg->g_param_type ==
1672 				    ISCSI_CONN_PARAM && isp != NULL) {
1673 					/* connection */
1674 					rw_enter(&isp->sess_conn_list_rwlock,
1675 					    RW_READER);
1676 					/* Assuming 1 conn per sess. */
1677 					/*
1678 					 * MC/S - Need to be modified to
1679 					 * take g_conn_cid into account when
1680 					 * we go multi-connection.
1681 					 */
1682 					if ((isp->sess_conn_act != NULL) &&
1683 					    (isp->sess_conn_act->conn_state ==
1684 					    ISCSI_CONN_STATE_LOGGED_IN)) {
1685 						params = &(isp->
1686 						    sess_conn_act->
1687 						    conn_params);
1688 					} else {
1689 						valid_flag = B_FALSE;
1690 					}
1691 					rw_exit(&isp->sess_conn_list_rwlock);
1692 				}
1693 			}
1694 
1695 			/* make sure we have params to get info from */
1696 			if (params) {
1697 				rtn = iscsi_get_param(params, valid_flag, ilg);
1698 
1699 				/*
1700 				 * for target parameters, check if any
1701 				 * parameters were overridden at the initiator
1702 				 * level. If so, then change the default value
1703 				 * to the initiator's overridden value
1704 				 */
1705 				if ((rtn == 0) &&
1706 				    (ilg->g_oid != ihp->hba_oid)) {
1707 					iscsi_override_target_default(ihp,
1708 					    ilg);
1709 				}
1710 			}
1711 			rw_exit(&ihp->hba_sess_list_rwlock);
1712 		}
1713 
1714 		if (rtn == 0) {
1715 			rtn = ddi_copyout(ilg, (caddr_t)arg,
1716 			    sizeof (iscsi_param_get_t), mode);
1717 		}
1718 		kmem_free(ilg, sizeof (*ilg));
1719 		if (tmpParams != NULL)
1720 			kmem_free(tmpParams, sizeof (*tmpParams));
1721 		break;
1722 
1723 	/*
1724 	 * ISCSI_INIT_NODE_NAME_SET - Change the initiator-node name for
1725 	 * the specified connection/session.
1726 	 */
1727 	case ISCSI_INIT_NODE_NAME_SET:
1728 		/* copyin user args */
1729 		ils = (iscsi_param_set_t *)kmem_alloc(sizeof (*ils), KM_SLEEP);
1730 		if (ddi_copyin((caddr_t)arg, ils, sizeof (*ils), mode)) {
1731 			rtn = EFAULT;
1732 			kmem_free(ils, sizeof (*ils));
1733 			break;
1734 		}
1735 
1736 		if (ils->s_vers != ISCSI_INTERFACE_VERSION) {
1737 			rtn = EINVAL;
1738 			kmem_free(ils, sizeof (*ils));
1739 			break;
1740 		}
1741 
1742 		/* saving off the old initiator-node name */
1743 		initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1744 		rval = persistent_initiator_name_get(initiator_node_name,
1745 		    ISCSI_MAX_NAME_LEN);
1746 
1747 		rtn = iscsi_set_params(ils, ihp, B_TRUE);
1748 		kmem_free(ils, sizeof (*ils));
1749 		if (rtn != 0) {
1750 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
1751 			initiator_node_name = NULL;
1752 			break;
1753 		}
1754 
1755 		(void) snprintf(init_port_name, MAX_NAME_PROP_SIZE,
1756 		    "%s,%02x%02x%02x%02x%02x%02x",
1757 		    (char *)ihp->hba_name, ihp->hba_isid[0],
1758 		    ihp->hba_isid[1], ihp->hba_isid[2],
1759 		    ihp->hba_isid[3], ihp->hba_isid[4],
1760 		    ihp->hba_isid[5]);
1761 
1762 		if (ddi_prop_update_string(DDI_DEV_T_NONE,
1763 		    ihp->hba_dip, SCSI_ADDR_PROP_INITIATOR_PORT,
1764 		    init_port_name) != DDI_PROP_SUCCESS) {
1765 			cmn_err(CE_WARN, "iscsi_ioctl: Updating "
1766 			    SCSI_ADDR_PROP_INITIATOR_PORT " property on iSCSI "
1767 			    "HBA(%s) with dip(%d) Failed",
1768 			    (char *)ihp->hba_name,
1769 			    ddi_get_instance(ihp->hba_dip));
1770 		}
1771 
1772 		/*
1773 		 * Deregister the old initiator-node name from the iSNS
1774 		 * server
1775 		 * Register the new initiator-node name with the iSNS server
1776 		 */
1777 		method = persistent_disc_meth_get();
1778 		if (method & iSCSIDiscoveryMethodISNS) {
1779 			if (rval == B_TRUE) {
1780 				if (strlen(initiator_node_name) > 0) {
1781 				/*
1782 				 * we will attempt to offline the targets.
1783 				 * if logouts fail, we will still continue
1784 				 */
1785 #define	STRING_INNO "initiator-node name - Offline "
1786 #define	STRING_FFOMD "failed for one or more devices"
1787 					if ((iscsid_del(
1788 					    ihp, NULL, method, NULL))
1789 					    != B_TRUE) {
1790 						cmn_err(CE_NOTE,
1791 						    "Attempting to change "
1792 						    STRING_INNO
1793 						    STRING_FFOMD);
1794 					}
1795 					(void) isns_dereg(ihp->hba_isid,
1796 					    (uint8_t *)initiator_node_name);
1797 #undef STRING_INNO
1798 #undef STRING_FFOMD
1799 				}
1800 			}
1801 			if (persistent_initiator_name_get(initiator_node_name,
1802 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
1803 				kmem_free(initiator_node_name,
1804 				    ISCSI_MAX_NAME_LEN);
1805 				initiator_node_name = NULL;
1806 				rtn = EIO;
1807 				break;
1808 			}
1809 			if (strlen(initiator_node_name) == 0) {
1810 				kmem_free(initiator_node_name,
1811 				    ISCSI_MAX_NAME_LEN);
1812 				initiator_node_name = NULL;
1813 				rtn = EIO;
1814 				break;
1815 			}
1816 
1817 			initiator_node_alias = kmem_zalloc(ISCSI_MAX_NAME_LEN,
1818 			    KM_SLEEP);
1819 			if (persistent_alias_name_get(initiator_node_alias,
1820 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
1821 				initiator_node_alias[0] = '\0';
1822 			}
1823 
1824 			(void) isns_reg(ihp->hba_isid,
1825 			    (uint8_t *)initiator_node_name,
1826 			    ISCSI_MAX_NAME_LEN,
1827 			    (uint8_t *)initiator_node_alias,
1828 			    ISCSI_MAX_NAME_LEN,
1829 			    ISNS_INITIATOR_NODE_TYPE,
1830 			    isns_scn_callback);
1831 			iscsid_do_isns_query(ihp);
1832 
1833 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
1834 			initiator_node_alias = NULL;
1835 		}
1836 
1837 		kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
1838 		initiator_node_name = NULL;
1839 		break;
1840 
1841 	/*
1842 	 * ISCSI_PARAM_SET - Set param for specified connection/session.
1843 	 */
1844 	case ISCSI_PARAM_SET:
1845 		/* copyin user args */
1846 		ils = (iscsi_param_set_t *)kmem_alloc(sizeof (*ils), KM_SLEEP);
1847 		if (ddi_copyin((caddr_t)arg, ils, sizeof (*ils), mode)) {
1848 			rtn = EFAULT;
1849 			kmem_free(ils, sizeof (*ils));
1850 			break;
1851 		}
1852 
1853 		if (ils->s_vers != ISCSI_INTERFACE_VERSION) {
1854 			rtn = EINVAL;
1855 			kmem_free(ils, sizeof (*ils));
1856 			break;
1857 		}
1858 		rtn = iscsi_set_params(ils, ihp, B_TRUE);
1859 		if (iscsiboot_prop) {
1860 			if (iscsi_cmp_boot_sess_oid(ihp, ils->s_oid)) {
1861 				/*
1862 				 * found active session for this object
1863 				 * or this is initiator's object
1864 				 * with mpxio enabled
1865 				 */
1866 				if (!iscsi_reconfig_boot_sess(ihp)) {
1867 					rtn = EINVAL;
1868 					kmem_free(ils, sizeof (*ils));
1869 					break;
1870 				}
1871 			}
1872 		}
1873 		kmem_free(ils, sizeof (*ils));
1874 		break;
1875 
1876 	/*
1877 	 * ISCSI_TARGET_PARAM_CLEAR
1878 	 * - remove custom parameter settings for a target.
1879 	 */
1880 	case ISCSI_TARGET_PARAM_CLEAR:
1881 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
1882 			rtn = EFAULT;
1883 			break;
1884 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
1885 			rtn = EINVAL;
1886 			break;
1887 		}
1888 
1889 		if ((e.e_oid != ihp->hba_oid) &&
1890 		    (e.e_oid != ISCSI_OID_NOTSET)) {
1891 			boolean_t rval1, rval2, rval3;
1892 			uchar_t	    *t_name;
1893 			iscsi_sess_t *t_isp;
1894 			boolean_t    t_rtn = B_TRUE;
1895 			persistent_param_t  t_param;
1896 			iscsi_config_sess_t t_ics;
1897 			persistent_tunable_param_t t_tpsg;
1898 
1899 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1900 			/*
1901 			 * If the oid does represent a session check to see
1902 			 * if it is a target oid.  If so, return the target's
1903 			 * associated session.
1904 			 */
1905 			rtn = iscsi_sess_get(e.e_oid, ihp, &isp);
1906 			if (rtn != 0) {
1907 				rtn = iscsi_sess_get_by_target(e.e_oid, ihp,
1908 				    &isp);
1909 			}
1910 
1911 			/*
1912 			 * If rtn is zero then we have found an
1913 			 * existing session.  Use the session name to
1914 			 * do param lookup.  If rtn is non-zero then
1915 			 * create a targetparam object and use its name
1916 			 * for param lookup.
1917 			 */
1918 			if (rtn == 0) {
1919 				t_name = isp->sess_name;
1920 			} else {
1921 				t_name = iscsi_targetparam_get_name(e.e_oid);
1922 				rtn = 0;
1923 			}
1924 
1925 			if (t_name == NULL) {
1926 				rw_exit(&ihp->hba_sess_list_rwlock);
1927 				rtn = EFAULT;
1928 				break;
1929 			}
1930 
1931 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1932 			(void) strncpy((char *)name, (char *)t_name,
1933 			    ISCSI_MAX_NAME_LEN);
1934 
1935 			t_ics.ics_in = 1;
1936 			rval1 = persistent_param_get((char *)name, &t_param);
1937 			rval2 = persistent_get_config_session((char *)name,
1938 			    &t_ics);
1939 			rval3 = persistent_get_tunable_param((char *)name,
1940 			    &t_tpsg);
1941 
1942 			if ((rval1 == B_FALSE) && (rval2 == B_FALSE) &&
1943 			    (rval3 == B_FALSE)) {
1944 				/* no any target parameters get */
1945 				kmem_free(name, ISCSI_MAX_NAME_LEN);
1946 				rw_exit(&ihp->hba_sess_list_rwlock);
1947 				rtn = EIO;
1948 				break;
1949 			}
1950 
1951 			if (persistent_param_clear((char *)name) == B_FALSE) {
1952 				kmem_free(name, ISCSI_MAX_NAME_LEN);
1953 				rw_exit(&ihp->hba_sess_list_rwlock);
1954 				rtn = EIO;
1955 				break;
1956 			}
1957 
1958 			ics = kmem_zalloc(sizeof (*ics), KM_SLEEP);
1959 			ics->ics_ver = ISCSI_INTERFACE_VERSION;
1960 			ics->ics_oid = ISCSI_INITIATOR_OID;
1961 			ics->ics_in  = 1;
1962 
1963 			/*
1964 			 * We may have multiple sessions with different
1965 			 * tpgt values.  So we need to loop through
1966 			 * the sessions and update all sessions.
1967 			 */
1968 			for (isp = ihp->hba_sess_list; isp;
1969 			    isp = t_isp) {
1970 				t_isp = isp->sess_next;
1971 
1972 				if (strncmp((char *)isp->sess_name,
1973 				    (char *)name, ISCSI_MAX_NAME_LEN) == 0) {
1974 					/*
1975 					 * When removing target-params we need
1976 					 * slightly different actions depending
1977 					 * on if the session should still exist.
1978 					 * Get the initiator-node value for
1979 					 * MS/T.  If there is no initiator
1980 					 * value then assume the default value
1981 					 * of 1.  If the initiator value is
1982 					 * less than this ISID then we need to
1983 					 * destroy the session.  Otherwise
1984 					 * update the session information and
1985 					 * resync (N7 event).
1986 					 */
1987 					rtn = iscsi_ioctl_get_config_sess(
1988 					    ihp, ics);
1989 					if (((rtn != 0) &&
1990 					    (isp->sess_isid[5] > 0)) ||
1991 					    ((rtn == 0) &&
1992 					    (ics->ics_out <=
1993 					    isp->sess_isid[5]))) {
1994 
1995 						/*
1996 						 * This session should no
1997 						 * longer exist.  Remove
1998 						 * session.
1999 						 */
2000 						if (!ISCSI_SUCCESS(
2001 						    iscsi_sess_destroy(isp))) {
2002 							t_rtn = B_FALSE;
2003 							continue;
2004 						}
2005 						isp = ihp->hba_sess_list;
2006 					} else {
2007 						uint32_t event_count;
2008 						/*
2009 						 * Reset the session
2010 						 * parameters.
2011 						 */
2012 						bcopy(&(isp->sess_hba->
2013 						    hba_params),
2014 						    &(isp->sess_params),
2015 						    sizeof (isp->sess_params));
2016 						if (iscsiboot_prop &&
2017 						    isp->sess_boot) {
2018 							/*
2019 							 * reconfig boot
2020 							 * session later
2021 							 */
2022 							continue;
2023 						}
2024 						/*
2025 						 * Notify the session that the
2026 						 * login parameters have
2027 						 * changed.
2028 						 */
2029 						event_count = atomic_inc_32_nv(
2030 						    &isp->
2031 						    sess_state_event_count);
2032 						iscsi_sess_enter_state_zone(
2033 						    isp);
2034 
2035 						iscsi_sess_state_machine(isp,
2036 						    ISCSI_SESS_EVENT_N7,
2037 						    event_count);
2038 
2039 						iscsi_sess_exit_state_zone(
2040 						    isp);
2041 					}
2042 				}
2043 			}
2044 			if (t_rtn == B_FALSE) {
2045 				boolean_t t_rval = B_TRUE;
2046 				/* Failure!, restore target's parameters */
2047 				if (rval1 == B_TRUE) {
2048 					rval1 = persistent_param_set(
2049 					    (char *)name, &t_param);
2050 					if (rval1 == B_FALSE) {
2051 						t_rval = B_FALSE;
2052 					}
2053 				}
2054 				if (rval2 == B_TRUE) {
2055 					rval2 = persistent_set_config_session(
2056 					    (char *)name, &t_ics);
2057 					if (rval2 == B_FALSE) {
2058 						t_rval = B_FALSE;
2059 					}
2060 				}
2061 				if (rval3 == B_TRUE) {
2062 					rval3 = persistent_set_tunable_param(
2063 					    (char *)name, &t_tpsg);
2064 					if (rval3 == B_FALSE) {
2065 						t_rval = B_FALSE;
2066 					}
2067 				}
2068 				if (t_rval == B_FALSE) {
2069 					cmn_err(CE_WARN, "Failed to restore "
2070 					    "target's parameters after remove "
2071 					    "session related to target "
2072 					    "parameters failure.");
2073 				}
2074 				rtn = EBUSY;
2075 			}
2076 			kmem_free(ics, sizeof (*ics));
2077 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2078 			rw_exit(&ihp->hba_sess_list_rwlock);
2079 			if (iscsiboot_prop) {
2080 				if (iscsi_cmp_boot_sess_oid(ihp, e.e_oid)) {
2081 					/*
2082 					 * found active session for this object
2083 					 * or this is initiator object
2084 					 * with mpxio enabled
2085 					 */
2086 					if (!iscsi_reconfig_boot_sess(ihp)) {
2087 						rtn = EINVAL;
2088 						break;
2089 					}
2090 				}
2091 			}
2092 		}
2093 		break;
2094 
2095 	/*
2096 	 * ISCSI_TARGET_OID_LIST_GET -
2097 	 */
2098 	case ISCSI_TARGET_OID_LIST_GET:
2099 		/* copyin user args */
2100 		if (ddi_copyin((caddr_t)arg, &idl,
2101 		    sizeof (idl), mode)) {
2102 			rtn = EFAULT;
2103 			break;
2104 		}
2105 
2106 		if (idl.tl_vers != ISCSI_INTERFACE_VERSION) {
2107 			rtn = EINVAL;
2108 			break;
2109 		}
2110 
2111 		list_space = sizeof (iscsi_target_list_t);
2112 		if (idl.tl_in_cnt != 0)
2113 			list_space += (sizeof (uint32_t) *
2114 			    (idl.tl_in_cnt - 1));
2115 
2116 		idlp = kmem_zalloc(list_space, KM_SLEEP);
2117 		bcopy(&idl, idlp, sizeof (idl));
2118 		idlp->tl_out_cnt = 0;
2119 
2120 		/*
2121 		 * If target list type is ISCSI_TGT_OID_LIST and discovery
2122 		 * has not been completed or in progress, poke the discovery
2123 		 * methods so target information is returned
2124 		 */
2125 		mutex_enter(&ihp->hba_discovery_events_mutex);
2126 		method = ihp->hba_discovery_events;
2127 		if ((idl.tl_tgt_list_type == ISCSI_TGT_OID_LIST) &&
2128 		    (method != ISCSI_ALL_DISCOVERY_METHODS) &&
2129 		    (ihp->hba_discovery_in_progress == B_FALSE)) {
2130 			ihp->hba_discovery_in_progress = B_TRUE;
2131 			mutex_exit(&ihp->hba_discovery_events_mutex);
2132 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodUnknown);
2133 			mutex_enter(&ihp->hba_discovery_events_mutex);
2134 			ihp->hba_discovery_in_progress = B_FALSE;
2135 		}
2136 		mutex_exit(&ihp->hba_discovery_events_mutex);
2137 
2138 		/*
2139 		 * Return the correct list information based on the type
2140 		 */
2141 		switch (idl.tl_tgt_list_type) {
2142 		/* ISCSI_TGT_PARAM_OID_LIST - iscsiadm list target-params */
2143 		case ISCSI_TGT_PARAM_OID_LIST:
2144 			/* get params from persistent store */
2145 			iscsi_targetparam_lock_list(RW_READER);
2146 			curr_entry = iscsi_targetparam_get_next_entry(NULL);
2147 			while (curr_entry != NULL) {
2148 				if (idlp->tl_out_cnt < idlp->tl_in_cnt) {
2149 					idlp->tl_oid_list[idlp->tl_out_cnt] =
2150 					    curr_entry->target_oid;
2151 				}
2152 				idlp->tl_out_cnt++;
2153 				curr_entry = iscsi_targetparam_get_next_entry(
2154 				    curr_entry);
2155 			}
2156 			iscsi_targetparam_unlock_list();
2157 			break;
2158 
2159 		/* ISCSI_STATIC_TGT_OID_LIST - iscsiadm list static-config */
2160 		case ISCSI_STATIC_TGT_OID_LIST:
2161 		{
2162 			char *target_name = NULL;
2163 			void *v = NULL;
2164 
2165 			/* get static-config from persistent store */
2166 			target_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2167 			persistent_static_addr_lock();
2168 			while (persistent_static_addr_next(&v,
2169 			    (char *)target_name, &e) == B_TRUE) {
2170 
2171 				if (idlp->tl_out_cnt < idlp->tl_in_cnt) {
2172 					idlp->tl_oid_list[idlp->tl_out_cnt] =
2173 					    e.e_oid;
2174 				}
2175 				idlp->tl_out_cnt++;
2176 
2177 			}
2178 
2179 			persistent_static_addr_unlock();
2180 			kmem_free(target_name, ISCSI_MAX_NAME_LEN);
2181 			break;
2182 		}
2183 
2184 		/* ISCSI_TGT_OID_LIST - iscsiadm list target */
2185 		case ISCSI_TGT_OID_LIST:
2186 
2187 			/* get sessions from hba's session list */
2188 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2189 			for (isp = ihp->hba_sess_list; isp;
2190 			    isp = isp->sess_next) {
2191 
2192 				if (((isp->sess_state !=
2193 				    ISCSI_SESS_STATE_FREE) ||
2194 				    (isp->sess_discovered_by !=
2195 				    iSCSIDiscoveryMethodUnknown)) &&
2196 				    (isp->sess_type ==
2197 				    ISCSI_SESS_TYPE_NORMAL)) {
2198 					if (idlp->tl_out_cnt <
2199 					    idlp->tl_in_cnt) {
2200 						idlp->tl_oid_list[
2201 						    idlp->tl_out_cnt] =
2202 						    isp->sess_oid;
2203 					}
2204 					idlp->tl_out_cnt++;
2205 				}
2206 
2207 			}
2208 			rw_exit(&ihp->hba_sess_list_rwlock);
2209 			break;
2210 
2211 		default:
2212 			ASSERT(FALSE);
2213 		}
2214 
2215 		rtn = ddi_copyout(idlp, (caddr_t)arg, list_space, mode);
2216 		kmem_free(idlp, list_space);
2217 		break;
2218 
2219 	/*
2220 	 * ISCSI_TARGET_PROPS_GET -
2221 	 */
2222 	case ISCSI_TARGET_PROPS_GET:
2223 		/* ---- fall through sense the code is almost the same ---- */
2224 
2225 	/*
2226 	 * ISCSI_TARGET_PROPS_SET -
2227 	 */
2228 	case ISCSI_TARGET_PROPS_SET:
2229 		/* copyin user args */
2230 		ipp = (iscsi_property_t *)kmem_alloc(sizeof (*ipp),
2231 		    KM_SLEEP);
2232 		if (ddi_copyin((caddr_t)arg, ipp, sizeof (*ipp), mode)) {
2233 			rtn = EFAULT;
2234 			kmem_free(ipp, sizeof (*ipp));
2235 			break;
2236 		}
2237 
2238 		if (ipp->p_vers != ISCSI_INTERFACE_VERSION) {
2239 			rtn = EINVAL;
2240 			kmem_free(ipp, sizeof (*ipp));
2241 			break;
2242 		}
2243 
2244 		rtn = iscsi_target_prop_mod(ihp, ipp, cmd);
2245 		if (rtn == 0)
2246 			rtn = ddi_copyout(ipp, (caddr_t)arg,
2247 			    sizeof (*ipp), mode);
2248 		kmem_free(ipp, sizeof (*ipp));
2249 		break;
2250 
2251 	/*
2252 	 * ISCSI_TARGET_ADDRESS_GET -
2253 	 */
2254 	case ISCSI_TARGET_ADDRESS_GET:
2255 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2256 			rtn = EFAULT;
2257 			break;
2258 		}
2259 
2260 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2261 			rtn = EINVAL;
2262 			break;
2263 		}
2264 
2265 		/*
2266 		 * Find out how much space we need to malloc for the users
2267 		 * request.
2268 		 */
2269 		list_space = sizeof (iscsi_addr_list_t);
2270 		if (ial.al_in_cnt != 0) {
2271 			list_space += (sizeof (iscsi_addr_t) *
2272 			    (ial.al_in_cnt - 1));
2273 		}
2274 		ialp = (iscsi_addr_list_t *)kmem_zalloc(list_space, KM_SLEEP);
2275 
2276 		/* Copy in the header portion */
2277 		bcopy(&ial, ialp, sizeof (ial));
2278 
2279 		/* session */
2280 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2281 		rtn = iscsi_sess_get(ialp->al_oid, ihp, &isp);
2282 		if (rtn != 0) {
2283 			rw_exit(&ihp->hba_sess_list_rwlock);
2284 			rtn = EFAULT;
2285 			break;
2286 		}
2287 
2288 		ialp->al_out_cnt	= 0;
2289 		ialp->al_tpgt		= isp->sess_tpgt_conf;
2290 		rw_enter(&isp->sess_conn_list_rwlock, RW_READER);
2291 		for (icp = isp->sess_conn_list; icp; icp = icp->conn_next) {
2292 			if (icp->conn_state != ISCSI_CONN_STATE_LOGGED_IN) {
2293 				continue;
2294 			}
2295 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2296 				iscsi_addr_t		*ap;
2297 
2298 				ap = &ialp->al_addrs[ialp->al_out_cnt];
2299 				if (icp->conn_base_addr.sin.sa_family
2300 				    == AF_INET) {
2301 
2302 					struct sockaddr_in *addr_in =
2303 					    (struct sockaddr_in *)&icp->
2304 					    conn_base_addr.sin4;
2305 					ap->a_addr.i_insize =
2306 					    sizeof (struct in_addr);
2307 					bcopy(&addr_in->sin_addr.s_addr,
2308 					    &ap->a_addr.i_addr.in4.s_addr,
2309 					    sizeof (struct in_addr));
2310 					ap->a_port = addr_in->sin_port;
2311 
2312 				} else {
2313 
2314 					struct sockaddr_in6 *addr_in6 =
2315 					    (struct sockaddr_in6 *)&icp->
2316 					    conn_base_addr.sin6;
2317 					ap->a_addr.i_insize =
2318 					    sizeof (struct in6_addr);
2319 					bcopy(&addr_in6->sin6_addr.s6_addr,
2320 					    &ap->a_addr.i_addr.in6.s6_addr,
2321 					    sizeof (struct in6_addr));
2322 					ap->a_port = addr_in6->sin6_port;
2323 
2324 				}
2325 			}
2326 			ialp->al_out_cnt++;
2327 		}
2328 		rw_exit(&isp->sess_conn_list_rwlock);
2329 		rw_exit(&ihp->hba_sess_list_rwlock);
2330 
2331 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2332 		kmem_free(ialp, list_space);
2333 		break;
2334 
2335 	/*
2336 	 * ISCSI_CHAP_SET -
2337 	 */
2338 	case ISCSI_CHAP_SET:
2339 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2340 		    KM_SLEEP);
2341 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2342 			rtn = EFAULT;
2343 			kmem_free(chap, sizeof (*chap));
2344 			break;
2345 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2346 			rtn = EINVAL;
2347 			kmem_free(chap, sizeof (*chap));
2348 			break;
2349 		}
2350 
2351 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2352 		if (chap->c_oid == ihp->hba_oid)
2353 			name = ihp->hba_name;
2354 		else {
2355 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2356 			if (rtn != 0) {
2357 				rtn = iscsi_sess_get_by_target(
2358 				    chap->c_oid, ihp, &isp);
2359 			}
2360 
2361 			/*
2362 			 * If rtn is zero then we have found an
2363 			 * existing session.  Use the session name to
2364 			 * do param lookup.  If rtn is non-zero then
2365 			 * create a targetparam object and use its name
2366 			 * for param lookup.
2367 			 */
2368 			if (rtn == 0) {
2369 				name = isp->sess_name;
2370 			} else {
2371 				name =
2372 				    iscsi_targetparam_get_name(chap->c_oid);
2373 				rtn = 0;
2374 			}
2375 		}
2376 
2377 		if (name == NULL) {
2378 			rw_exit(
2379 			    &ihp->hba_sess_list_rwlock);
2380 			rtn = EFAULT;
2381 			kmem_free(chap, sizeof (*chap));
2382 			break;
2383 		}
2384 
2385 		if (persistent_chap_set((char *)name, chap) ==
2386 		    B_FALSE) {
2387 			rtn = EIO;
2388 		}
2389 		rw_exit(&ihp->hba_sess_list_rwlock);
2390 		kmem_free(chap, sizeof (*chap));
2391 		break;
2392 
2393 	/*
2394 	 * ISCSI_CHAP_GET -
2395 	 */
2396 	case ISCSI_CHAP_GET:
2397 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2398 		    KM_SLEEP);
2399 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2400 			kmem_free(chap, sizeof (*chap));
2401 			rtn = EFAULT;
2402 			break;
2403 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2404 			kmem_free(chap, sizeof (*chap));
2405 			rtn = EINVAL;
2406 			break;
2407 		}
2408 
2409 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2410 		if (chap->c_oid == ihp->hba_oid)
2411 			name = ihp->hba_name;
2412 		else {
2413 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2414 			if (rtn != 0) {
2415 				rtn = iscsi_sess_get_by_target(
2416 				    chap->c_oid, ihp, &isp);
2417 			}
2418 
2419 			/*
2420 			 * If rtn is zero then we have found an
2421 			 * existing session.  Use the session name to
2422 			 * do param lookup.  If rtn is non-zero then
2423 			 * create a targetparam object and use its name
2424 			 * for param lookup.
2425 			 */
2426 			if (rtn == 0) {
2427 				name = isp->sess_name;
2428 			} else {
2429 				rtn = 0;
2430 				name =
2431 				    iscsi_targetparam_get_name(chap->c_oid);
2432 			}
2433 
2434 			if (name == NULL) {
2435 				rw_exit(&ihp->hba_sess_list_rwlock);
2436 				rtn = EFAULT;
2437 				break;
2438 			}
2439 			/*
2440 			 * Initialize the target-side chap name to the
2441 			 * session name if no chap settings have been
2442 			 * saved for the current session.
2443 			 */
2444 			if (persistent_chap_get((char *)name,
2445 			    chap) == B_FALSE) {
2446 				int name_len = strlen((char *)name);
2447 				iscsi_chap_props_t *chap = NULL;
2448 				chap = (iscsi_chap_props_t *)kmem_zalloc
2449 				    (sizeof (iscsi_chap_props_t), KM_SLEEP);
2450 				bcopy((char *)name, chap->c_user, name_len);
2451 				chap->c_user_len = name_len;
2452 				(void) (persistent_chap_set((char *)name,
2453 				    chap));
2454 				kmem_free(chap, sizeof (*chap));
2455 			}
2456 		}
2457 
2458 		if (name == NULL) {
2459 			rw_exit(
2460 			    &ihp->hba_sess_list_rwlock);
2461 			rtn = EFAULT;
2462 			break;
2463 		}
2464 
2465 		if (persistent_chap_get((char *)name, chap) == B_FALSE) {
2466 			rw_exit(&ihp->hba_sess_list_rwlock);
2467 			rtn = EIO;
2468 			break;
2469 		}
2470 		rw_exit(&ihp->hba_sess_list_rwlock);
2471 
2472 		rtn = ddi_copyout(chap, (caddr_t)arg, sizeof (*chap), mode);
2473 		kmem_free(chap, sizeof (*chap));
2474 		break;
2475 
2476 	/*
2477 	 * ISCSI_CHAP_CLEAR -
2478 	 */
2479 	case ISCSI_CHAP_CLEAR:
2480 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2481 		    KM_SLEEP);
2482 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2483 			rtn = EFAULT;
2484 			kmem_free(chap, sizeof (*chap));
2485 			break;
2486 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2487 			rtn = EINVAL;
2488 			kmem_free(chap, sizeof (*chap));
2489 			break;
2490 		}
2491 
2492 		if (chap->c_oid == ihp->hba_oid) {
2493 			iscsi_sess_t *sessp;
2494 
2495 			name = ihp->hba_name;
2496 
2497 			if (persistent_chap_clear(
2498 			    (char *)name) == B_FALSE) {
2499 				rtn = EIO;
2500 			}
2501 
2502 			/*
2503 			 * Loop through all sessions and memset their
2504 			 * (initiator's) passwords
2505 			 */
2506 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2507 			for (sessp = ihp->hba_sess_list; sessp;
2508 			    sessp = sessp->sess_next) {
2509 				(void) memset(sessp->sess_auth.password,
2510 				    0, iscsiAuthStringMaxLength);
2511 				sessp->sess_auth.password_length = 0;
2512 			}
2513 			rw_exit(&ihp->hba_sess_list_rwlock);
2514 
2515 		} else {
2516 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2517 			/*
2518 			 * If the oid does represent a session check to see
2519 			 * if it is a target oid.  If so, return the target's
2520 			 * associated session.
2521 			 */
2522 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2523 			if (rtn != 0) {
2524 				rtn = iscsi_sess_get_by_target(chap->c_oid,
2525 				    ihp, &isp);
2526 			}
2527 
2528 			rw_exit(&ihp->hba_sess_list_rwlock);
2529 
2530 			/*
2531 			 * If rtn is zero then we have found an
2532 			 * existing session.  Use the session name to
2533 			 * do param lookup.  If rtn is non-zero then
2534 			 * create a targetparam object and use its name
2535 			 * for param lookup.
2536 			 */
2537 			if (rtn == 0) {
2538 				name = isp->sess_name;
2539 			} else {
2540 				name =
2541 				    iscsi_targetparam_get_name(chap->c_oid);
2542 				rtn = 0;
2543 			}
2544 
2545 			if (name == NULL) {
2546 				rtn = EFAULT;
2547 				break;
2548 			}
2549 
2550 			if (persistent_chap_clear(
2551 			    (char *)name) == B_FALSE) {
2552 				rtn = EIO;
2553 			}
2554 
2555 			/*
2556 			 * Clear out session chap password if we found a
2557 			 * session above.
2558 			 */
2559 			if (isp != NULL) {
2560 				(void) memset(isp->sess_auth.password_in,
2561 				    0, iscsiAuthStringMaxLength);
2562 				isp->sess_auth.password_length_in = 0;
2563 			}
2564 
2565 		}
2566 
2567 		kmem_free(chap, sizeof (*chap));
2568 		break;
2569 
2570 	/*
2571 	 * ISCSI_STATIC_GET -
2572 	 */
2573 	case ISCSI_STATIC_GET:
2574 		ispp = (iscsi_static_property_t *)kmem_alloc(
2575 		    sizeof (*ispp), KM_SLEEP);
2576 
2577 		if (ddi_copyin((caddr_t)arg, ispp, sizeof (*ispp), mode)) {
2578 			rtn = EFAULT;
2579 			kmem_free(ispp, sizeof (*ispp));
2580 			break;
2581 		}
2582 
2583 		if (ispp->p_vers != ISCSI_INTERFACE_VERSION) {
2584 			rtn = EINVAL;
2585 			kmem_free(ispp, sizeof (*ispp));
2586 			break;
2587 		}
2588 
2589 		{
2590 			void *v = NULL;
2591 			boolean_t found = B_FALSE;
2592 
2593 			persistent_static_addr_lock();
2594 			while (persistent_static_addr_next(&v,
2595 			    (char *)ispp->p_name, &e) == B_TRUE) {
2596 
2597 				if (ispp->p_oid == e.e_oid) {
2598 					/*
2599 					 * In case there are multiple
2600 					 * addresses associated with the
2601 					 * given target OID, pick the first
2602 					 * one.
2603 					 */
2604 					iscsi_addr_t *ap;
2605 
2606 					ap = &(ispp->p_addr_list.al_addrs[0]);
2607 					ap->a_port = e.e_port;
2608 					ap->a_addr.i_insize = e.e_insize;
2609 					bcopy(e.e_u.u_in6.s6_addr,
2610 					    ap->a_addr.i_addr.in6.s6_addr,
2611 					    e.e_insize);
2612 					ispp->p_name_len =
2613 					    strlen((char *)ispp->p_name);
2614 					ispp->p_addr_list.al_tpgt = e.e_tpgt;
2615 					ispp->p_addr_list.al_out_cnt = 1;
2616 
2617 					found = B_TRUE;
2618 					break;
2619 				}
2620 			}
2621 			persistent_static_addr_unlock();
2622 
2623 			if (found == B_TRUE) {
2624 				rtn = ddi_copyout(ispp, (caddr_t)arg,
2625 				    sizeof (*ispp), mode);
2626 			} else {
2627 				rtn = ENOENT;
2628 			}
2629 		}
2630 		kmem_free(ispp, sizeof (*ispp));
2631 
2632 		break;
2633 
2634 	/*
2635 	 * ISCSI_STATIC_SET -
2636 	 */
2637 	case ISCSI_STATIC_SET:
2638 		target = iscsi_ioctl_copyin((caddr_t)arg, mode,
2639 		    sizeof (*target));
2640 		if (target == NULL) {
2641 			rtn = EFAULT;
2642 			break;
2643 		}
2644 
2645 		if ((target->te_entry.e_vers != ISCSI_INTERFACE_VERSION) ||
2646 		    (target->te_entry.e_insize == 0)) {
2647 			kmem_free(target, sizeof (*target));
2648 			rtn = EINVAL;
2649 			break;
2650 		}
2651 
2652 		/* Check if the target's already been added */
2653 		{
2654 			boolean_t static_target_found = B_FALSE;
2655 			void *v = NULL;
2656 
2657 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2658 			persistent_static_addr_lock();
2659 			while (persistent_static_addr_next(&v, (char *)name,
2660 			    &e) == B_TRUE) {
2661 				/*
2662 				 * MC/S - Need to check IP address and port
2663 				 * number as well when we support MC/S.
2664 				 */
2665 				if ((strncmp((char *)name,
2666 				    (char *)target->te_name,
2667 				    ISCSI_MAX_NAME_LEN) == 0) &&
2668 				    (target->te_entry.e_tpgt == e.e_tpgt) &&
2669 				    (target->te_entry.e_insize == e.e_insize) &&
2670 				    (bcmp(&target->te_entry.e_u, &e.e_u,
2671 				    e.e_insize) == 0)) {
2672 					/*
2673 					 * We don't allow MC/S for now but
2674 					 * we do allow adding the same target
2675 					 * with different TPGTs (hence,
2676 					 * different sessions).
2677 					 */
2678 					static_target_found = B_TRUE;
2679 					break;
2680 				}
2681 			}
2682 			persistent_static_addr_unlock();
2683 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2684 
2685 			if (static_target_found == B_TRUE) {
2686 				/* Duplicate entry */
2687 				kmem_free(target, sizeof (*target));
2688 				rtn = EEXIST;
2689 				break;
2690 			}
2691 		}
2692 
2693 		if (target->te_entry.e_oid == ISCSI_OID_NOTSET) {
2694 			mutex_enter(&iscsi_oid_mutex);
2695 			target->te_entry.e_oid = iscsi_oid++;
2696 			mutex_exit(&iscsi_oid_mutex);
2697 		}
2698 
2699 		persistent_static_addr_lock();
2700 		if (persistent_static_addr_set((char *)target->te_name,
2701 		    &target->te_entry) == B_FALSE) {
2702 			persistent_static_addr_unlock();
2703 			kmem_free(target, sizeof (*target));
2704 			rtn = EIO;
2705 			break;
2706 		}
2707 		persistent_static_addr_unlock();
2708 
2709 		/*
2710 		 * If Static Targets discovery is enabled, then add
2711 		 * target to discovery queue. Otherwise, just create
2712 		 * the session for potential future use.
2713 		 */
2714 		method = persistent_disc_meth_get();
2715 		if (method & iSCSIDiscoveryMethodStatic) {
2716 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodStatic);
2717 			(void) iscsid_login_tgt(ihp, (char *)target->te_name,
2718 			    iSCSIDiscoveryMethodStatic, NULL);
2719 		}
2720 
2721 		rtn = iscsi_ioctl_copyout(target, sizeof (*target),
2722 		    (caddr_t)arg, mode);
2723 		break;
2724 
2725 	/*
2726 	 * ISCSI_STATIC_CLEAR -
2727 	 */
2728 	case ISCSI_STATIC_CLEAR:
2729 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2730 			rtn = EFAULT;
2731 			break;
2732 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2733 			rtn = EINVAL;
2734 			break;
2735 		}
2736 
2737 		{
2738 			boolean_t	found = B_FALSE;
2739 			void		*v = NULL;
2740 			entry_t		tmp_e;
2741 			char		*name = NULL;
2742 
2743 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2744 
2745 			/* Find name for matching static_tgt oid */
2746 			persistent_static_addr_lock();
2747 			while (persistent_static_addr_next(&v,
2748 			    (char *)name, &tmp_e) == B_TRUE) {
2749 				if (e.e_oid == tmp_e.e_oid) {
2750 					found = B_TRUE;
2751 					break;
2752 				}
2753 			}
2754 
2755 			/* If static_tgt found logout and remove it */
2756 			if (found == B_TRUE) {
2757 
2758 				iscsid_addr_to_sockaddr(tmp_e.e_insize,
2759 				    &tmp_e.e_u, tmp_e.e_port, &addr_dsc.sin);
2760 
2761 				persistent_static_addr_unlock();
2762 
2763 				/*
2764 				 * If discovery in progress, try few times
2765 				 * before return busy
2766 				 */
2767 				retry = 0;
2768 				mutex_enter(&ihp->hba_discovery_events_mutex);
2769 				while (ihp->hba_discovery_in_progress ==
2770 				    B_TRUE) {
2771 					if (++retry == 5) {
2772 						rtn = EBUSY;
2773 						break;
2774 					}
2775 					mutex_exit(
2776 					    &ihp->hba_discovery_events_mutex);
2777 					delay(SEC_TO_TICK(
2778 					    ISCSI_DISC_DELAY));
2779 					mutex_enter(
2780 					    &ihp->hba_discovery_events_mutex);
2781 				}
2782 				/* remove from persistent store */
2783 				if (rtn == 0 && persistent_static_addr_clear(
2784 				    e.e_oid) == B_FALSE) {
2785 					rtn = EIO;
2786 				}
2787 				mutex_exit(&ihp->hba_discovery_events_mutex);
2788 
2789 				if (rtn != 0) {
2790 					kmem_free(name, ISCSI_MAX_NAME_LEN);
2791 					break;
2792 				}
2793 
2794 				/* Attempt to logout of target */
2795 				if (iscsid_del(ihp, (char *)name,
2796 				    iSCSIDiscoveryMethodStatic, &addr_dsc.sin)
2797 				    == B_FALSE) {
2798 					persistent_static_addr_lock();
2799 
2800 					/*
2801 					 * Restore static_tgt to
2802 					 * persistent store
2803 					 */
2804 					if (persistent_static_addr_set(
2805 					    (char *)name,
2806 					    &tmp_e) == B_FALSE) {
2807 						cmn_err(CE_WARN, "Failed to "
2808 						    "restore static target "
2809 						    "address after logout "
2810 						    "target failure.");
2811 					}
2812 					persistent_static_addr_unlock();
2813 					rtn = EBUSY;
2814 				} else {
2815 					iscsid_poke_discovery(ihp,
2816 					    iSCSIDiscoveryMethodStatic);
2817 					(void) iscsid_login_tgt(ihp,
2818 					    (char *)name,
2819 					    iSCSIDiscoveryMethodStatic,
2820 					    NULL);
2821 
2822 				}
2823 			} else {
2824 				persistent_static_addr_unlock();
2825 				rtn = EIO;
2826 			}
2827 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2828 		}
2829 		break;
2830 
2831 	/*
2832 	 * ISCSI_ISNS_SERVER_ADDR_SET:
2833 	 */
2834 	case ISCSI_ISNS_SERVER_ADDR_SET:
2835 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2836 			rtn = EFAULT;
2837 			break;
2838 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2839 			rtn = EINVAL;
2840 			break;
2841 		}
2842 
2843 		if (persistent_isns_addr_set(&e) == B_FALSE) {
2844 			rtn = EIO;
2845 			break;
2846 		}
2847 
2848 		/*
2849 		 * If iSNS server discovery is enabled, then kickoff
2850 		 * discovery of the targets advertised by the recently
2851 		 * added iSNS server address.
2852 		 */
2853 		method = persistent_disc_meth_get();
2854 		if (method & iSCSIDiscoveryMethodISNS) {
2855 			initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN,
2856 			    KM_SLEEP);
2857 			if (persistent_initiator_name_get(initiator_node_name,
2858 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
2859 				kmem_free(initiator_node_name,
2860 				    ISCSI_MAX_NAME_LEN);
2861 				initiator_node_name = NULL;
2862 				rtn = EIO;
2863 				break;
2864 			}
2865 			if (strlen(initiator_node_name) == 0) {
2866 				kmem_free(initiator_node_name,
2867 				    ISCSI_MAX_NAME_LEN);
2868 				initiator_node_name = NULL;
2869 				rtn = EIO;
2870 				break;
2871 			}
2872 
2873 			initiator_node_alias = kmem_zalloc(ISCSI_MAX_NAME_LEN,
2874 			    KM_SLEEP);
2875 			if (persistent_alias_name_get(initiator_node_alias,
2876 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
2877 				initiator_node_alias[0] = '\0';
2878 			}
2879 
2880 			/*
2881 			 * Register this initiator node against this iSNS
2882 			 * server.
2883 			 */
2884 			(void) isns_reg_one_server(&e, ihp->hba_isid,
2885 			    (uint8_t *)initiator_node_name,
2886 			    ISCSI_MAX_NAME_LEN,
2887 			    (uint8_t *)initiator_node_alias,
2888 			    ISCSI_MAX_NAME_LEN,
2889 			    ISNS_INITIATOR_NODE_TYPE,
2890 			    isns_scn_callback);
2891 
2892 			iscsid_do_isns_query_one_server(ihp, &e);
2893 
2894 			iscsid_addr_to_sockaddr(e.e_insize,
2895 			    &e.e_u, e.e_port, &addr_dsc.sin);
2896 
2897 			(void) iscsid_login_tgt(ihp, NULL,
2898 			    iSCSIDiscoveryMethodISNS,
2899 			    &addr_dsc.sin);
2900 
2901 			/* Done using the name and alias - free them. */
2902 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
2903 			initiator_node_name = NULL;
2904 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
2905 			initiator_node_alias = NULL;
2906 		}
2907 		break;
2908 
2909 	/*
2910 	 * ISCSI_DISCOVERY_ADDR_SET:
2911 	 */
2912 	case ISCSI_DISCOVERY_ADDR_SET:
2913 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2914 			rtn = EFAULT;
2915 			break;
2916 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2917 			rtn = EINVAL;
2918 			break;
2919 		}
2920 
2921 		if (e.e_oid == ISCSI_OID_NOTSET) {
2922 			mutex_enter(&iscsi_oid_mutex);
2923 			e.e_oid = iscsi_oid++;
2924 			mutex_exit(&iscsi_oid_mutex);
2925 		}
2926 
2927 		if (persistent_disc_addr_set(&e) == B_FALSE) {
2928 			rtn = EIO;
2929 			break;
2930 		}
2931 
2932 		/*
2933 		 * If Send Targets discovery is enabled, then kickoff
2934 		 * discovery of the targets advertised by the recently
2935 		 * added discovery address.
2936 		 */
2937 		method = persistent_disc_meth_get();
2938 		if (method & iSCSIDiscoveryMethodSendTargets) {
2939 
2940 			iscsid_addr_to_sockaddr(e.e_insize,
2941 			    &e.e_u, e.e_port, &addr_dsc.sin);
2942 			iscsid_do_sendtgts(&e);
2943 			(void) iscsid_login_tgt(ihp, NULL,
2944 			    iSCSIDiscoveryMethodSendTargets,
2945 			    &addr_dsc.sin);
2946 
2947 		}
2948 		break;
2949 
2950 	/*
2951 	 * ISCSI_DISCOVERY_ADDR_LIST_GET
2952 	 */
2953 	case ISCSI_DISCOVERY_ADDR_LIST_GET:
2954 		/* copyin user args */
2955 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2956 			rtn = EFAULT;
2957 			break;
2958 		}
2959 
2960 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2961 			rtn = EINVAL;
2962 			break;
2963 		}
2964 
2965 		list_space = sizeof (iscsi_addr_list_t);
2966 		if (ial.al_in_cnt != 0) {
2967 			list_space += (sizeof (iscsi_addr_t) *
2968 			    (ial.al_in_cnt - 1));
2969 		}
2970 
2971 		ialp = kmem_zalloc(list_space, KM_SLEEP);
2972 		bcopy(&ial, ialp, sizeof (iscsi_addr_list_t));
2973 
2974 		void_p = NULL;
2975 		ialp->al_out_cnt = 0;
2976 		persistent_disc_addr_lock();
2977 		while (persistent_disc_addr_next(&void_p, &e) == B_TRUE) {
2978 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2979 				int		i = ialp->al_out_cnt;
2980 				iscsi_addr_t	*addr = &ialp->al_addrs[i];
2981 
2982 				addr->a_port = e.e_port;
2983 				addr->a_addr.i_insize = e.e_insize;
2984 				addr->a_oid = e.e_oid;
2985 
2986 				if (e.e_insize == sizeof (struct in_addr)) {
2987 					/* IPv4 */
2988 					addr->a_addr.i_addr.in4.s_addr =
2989 					    e.e_u.u_in4.s_addr;
2990 				} else if (e.e_insize ==
2991 					    sizeof (struct in6_addr)) {
2992 					/* IPv6 */
2993 					bcopy(e.e_u.u_in6.s6_addr,
2994 					    addr->a_addr.i_addr.in6.s6_addr,
2995 					    16);
2996 				}
2997 			}
2998 			ialp->al_out_cnt++;
2999 		}
3000 		persistent_disc_addr_unlock();
3001 
3002 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
3003 		kmem_free(ialp, list_space);
3004 		break;
3005 
3006 	/*
3007 	 * ISCSI_ISNS_SERVER_ADDR_LIST_GET
3008 	 */
3009 	case ISCSI_ISNS_SERVER_ADDR_LIST_GET:
3010 		/* copyin user args */
3011 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
3012 			rtn = EFAULT;
3013 			break;
3014 		}
3015 
3016 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
3017 			rtn = EINVAL;
3018 			break;
3019 		}
3020 
3021 		list_space = sizeof (iscsi_addr_list_t);
3022 		if (ial.al_in_cnt != 0) {
3023 			list_space += (sizeof (iscsi_addr_t) *
3024 			    (ial.al_in_cnt - 1));
3025 		}
3026 
3027 		ialp = kmem_zalloc(list_space, KM_SLEEP);
3028 		bcopy(&ial, ialp, sizeof (iscsi_addr_list_t));
3029 
3030 		void_p = NULL;
3031 		ialp->al_out_cnt = 0;
3032 		persistent_isns_addr_lock();
3033 		while (persistent_isns_addr_next(&void_p, &e) == B_TRUE) {
3034 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
3035 				int		i = ialp->al_out_cnt;
3036 				iscsi_addr_t	*addr = &ialp->al_addrs[i];
3037 
3038 				addr->a_port = e.e_port;
3039 				addr->a_addr.i_insize = e.e_insize;
3040 				if (e.e_insize == sizeof (struct in_addr)) {
3041 					/* IPv4 */
3042 					addr->a_addr.i_addr.in4.s_addr =
3043 					    e.e_u.u_in4.s_addr;
3044 				} else if (e.e_insize ==
3045 					    sizeof (struct in6_addr)) {
3046 					/* IPv6 */
3047 					bcopy(e.e_u.u_in6.s6_addr,
3048 					    addr->a_addr.i_addr.in6.s6_addr,
3049 					    16);
3050 				}
3051 			}
3052 			ialp->al_out_cnt++;
3053 		}
3054 		persistent_isns_addr_unlock();
3055 
3056 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
3057 		kmem_free(ialp, list_space);
3058 		break;
3059 
3060 	/*
3061 	 * ISCSI_DISCOVERY_ADDR_CLEAR:
3062 	 */
3063 	case ISCSI_DISCOVERY_ADDR_CLEAR:
3064 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
3065 			rtn = EFAULT;
3066 			break;
3067 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
3068 			rtn = EINVAL;
3069 			break;
3070 		}
3071 
3072 		iscsid_addr_to_sockaddr(e.e_insize,
3073 		    &e.e_u, e.e_port, &addr_dsc.sin);
3074 
3075 		/* If discovery in progress, try few times before return busy */
3076 		retry = 0;
3077 		mutex_enter(&ihp->hba_discovery_events_mutex);
3078 		while (ihp->hba_discovery_in_progress == B_TRUE) {
3079 			if (++retry == 5) {
3080 				rtn = EBUSY;
3081 				break;
3082 			}
3083 			mutex_exit(&ihp->hba_discovery_events_mutex);
3084 			delay(SEC_TO_TICK(ISCSI_DISC_DELAY));
3085 			mutex_enter(&ihp->hba_discovery_events_mutex);
3086 		}
3087 
3088 		/*
3089 		 * Clear discovery address first, so that any bus config
3090 		 * will ignore this discovery address
3091 		 */
3092 		if (rtn == 0 && persistent_disc_addr_clear(&e) == B_FALSE) {
3093 			rtn = EIO;
3094 		}
3095 		mutex_exit(&ihp->hba_discovery_events_mutex);
3096 
3097 		if (rtn != 0) {
3098 			break;
3099 		}
3100 		/* Attempt to logout of associated targets */
3101 		if (iscsid_del(ihp, NULL,
3102 		    iSCSIDiscoveryMethodSendTargets, &addr_dsc.sin) ==
3103 		    B_FALSE) {
3104 			/* Failure!, restore the discovery addr. */
3105 			if (persistent_disc_addr_set(&e) == B_FALSE) {
3106 				cmn_err(CE_WARN, "Failed to restore sendtgt "
3107 				    "discovery address after logout associated "
3108 				    "targets failures.");
3109 			}
3110 			rtn = EBUSY;
3111 		}
3112 		break;
3113 
3114 	/*
3115 	 * ISCSI_ISNS_SERVER_CLEAR:
3116 	 */
3117 	case ISCSI_ISNS_SERVER_ADDR_CLEAR:
3118 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
3119 			rtn = EFAULT;
3120 			break;
3121 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
3122 			rtn = EINVAL;
3123 			break;
3124 		}
3125 
3126 		iscsid_addr_to_sockaddr(e.e_insize,
3127 		    &e.e_u, e.e_port, &addr_dsc.sin);
3128 
3129 		/* If discovery in progress, try few times before return busy */
3130 		retry = 0;
3131 		mutex_enter(&ihp->hba_discovery_events_mutex);
3132 		while (ihp->hba_discovery_in_progress == B_TRUE) {
3133 			if (++retry == 5) {
3134 				rtn = EBUSY;
3135 				break;
3136 			}
3137 			mutex_exit(&ihp->hba_discovery_events_mutex);
3138 			delay(SEC_TO_TICK(ISCSI_DISC_DELAY));
3139 			mutex_enter(&ihp->hba_discovery_events_mutex);
3140 		}
3141 
3142 		/*
3143 		 * Clear isns server address first, so that any bus config
3144 		 * will ignore any target registerd on this isns server
3145 		 */
3146 		if (rtn == 0 && persistent_isns_addr_clear(&e) == B_FALSE) {
3147 			rtn = EIO;
3148 		}
3149 		mutex_exit(&ihp->hba_discovery_events_mutex);
3150 
3151 		if (rtn != 0) {
3152 			break;
3153 		}
3154 
3155 		/* Attempt logout of associated targets */
3156 		if (iscsid_del(ihp, NULL, iSCSIDiscoveryMethodISNS,
3157 		    &addr_dsc.sin) == B_FALSE) {
3158 			/* Failure!, restore the isns server addr. */
3159 
3160 			if (persistent_isns_addr_set(&e) == B_FALSE) {
3161 				cmn_err(CE_WARN, "Failed to restore isns server"
3162 				    " address after logout associated targets"
3163 				    " failures.");
3164 			}
3165 			rtn = EBUSY;
3166 		} else {
3167 			method = persistent_disc_meth_get();
3168 			if (method & iSCSIDiscoveryMethodISNS) {
3169 				boolean_t is_last_isns_server_b =
3170 				    B_FALSE;
3171 				int isns_server_count = 0;
3172 				void *void_p = NULL;
3173 
3174 				/*
3175 				 * Check if the last iSNS server's been
3176 				 * removed.
3177 				 */
3178 				{
3179 					entry_t tmp_e;
3180 					persistent_isns_addr_lock();
3181 					while (persistent_isns_addr_next(
3182 					    &void_p, &tmp_e) == B_TRUE) {
3183 						isns_server_count++;
3184 					}
3185 				}
3186 				persistent_isns_addr_unlock();
3187 				if (isns_server_count == 0) {
3188 					is_last_isns_server_b = B_TRUE;
3189 				}
3190 
3191 				/*
3192 				 * Deregister this node from this iSNS
3193 				 * server.
3194 				 */
3195 				initiator_node_name = kmem_zalloc(
3196 				    ISCSI_MAX_NAME_LEN, KM_SLEEP);
3197 				if (persistent_initiator_name_get(
3198 				    initiator_node_name,
3199 				    ISCSI_MAX_NAME_LEN) == B_TRUE) {
3200 
3201 					if (strlen(initiator_node_name) > 0) {
3202 						(void) isns_dereg_one_server(
3203 						    &e, (uint8_t *)
3204 						    initiator_node_name,
3205 						    is_last_isns_server_b);
3206 					}
3207 				}
3208 				kmem_free(initiator_node_name,
3209 				    ISCSI_MAX_NAME_LEN);
3210 				initiator_node_name = NULL;
3211 			}
3212 		}
3213 		break;
3214 
3215 	/*
3216 	 * ISCSI_DISCOVERY_SET -
3217 	 */
3218 	case ISCSI_DISCOVERY_SET:
3219 		if (ddi_copyin((caddr_t)arg, &method, sizeof (method), mode)) {
3220 			rtn = EFAULT;
3221 			break;
3222 		}
3223 
3224 		if (persistent_disc_meth_set(method) == B_FALSE) {
3225 			rtn = EIO;
3226 		} else {
3227 			(void) iscsid_enable_discovery(ihp, method, B_FALSE);
3228 			iscsid_poke_discovery(ihp, method);
3229 			(void) iscsid_login_tgt(ihp, NULL, method, NULL);
3230 		}
3231 		break;
3232 
3233 	/*
3234 	 * ISCSI_DISCOVERY_GET -
3235 	 */
3236 	case ISCSI_DISCOVERY_GET:
3237 		method = persistent_disc_meth_get();
3238 		rtn = ddi_copyout(&method, (caddr_t)arg,
3239 		    sizeof (method), mode);
3240 		break;
3241 
3242 	/*
3243 	 * ISCSI_DISCOVERY_CLEAR -
3244 	 */
3245 	case ISCSI_DISCOVERY_CLEAR:
3246 		if (ddi_copyin((caddr_t)arg, &method, sizeof (method), mode)) {
3247 			rtn = EFAULT;
3248 			break;
3249 		}
3250 
3251 		/* If discovery in progress, try few times before return busy */
3252 		retry = 0;
3253 		mutex_enter(&ihp->hba_discovery_events_mutex);
3254 		while (ihp->hba_discovery_in_progress == B_TRUE) {
3255 			if (++retry == 5) {
3256 				rtn = EBUSY;
3257 				break;
3258 			}
3259 			mutex_exit(&ihp->hba_discovery_events_mutex);
3260 			delay(SEC_TO_TICK(ISCSI_DISC_DELAY));
3261 			mutex_enter(&ihp->hba_discovery_events_mutex);
3262 		}
3263 
3264 		/*
3265 		 * Clear discovery first, so that any bus config or
3266 		 * discovery requests will ignore this discovery method
3267 		 */
3268 		if (rtn == 0 && persistent_disc_meth_clear(method) == B_FALSE) {
3269 			rtn = EIO;
3270 		}
3271 		mutex_exit(&ihp->hba_discovery_events_mutex);
3272 
3273 		if (rtn != 0) {
3274 			break;
3275 		}
3276 
3277 		/* Attempt to logout from all associated targets */
3278 		if (iscsid_disable_discovery(ihp, method) == B_FALSE) {
3279 			/* Failure!, reset the discovery */
3280 			if (persistent_disc_meth_set(method) == B_FALSE) {
3281 				cmn_err(CE_WARN, "Failed to reset discovery "
3282 				    "method after discovery disable failure.");
3283 			}
3284 			rtn = EBUSY;
3285 		}
3286 		break;
3287 
3288 	/*
3289 	 * ISCSI_DISCOVERY_PROPS -
3290 	 */
3291 	case ISCSI_DISCOVERY_PROPS:
3292 		iscsid_props(&discovery_props);
3293 		if (ddi_copyout(&discovery_props, (caddr_t)arg,
3294 		    sizeof (discovery_props), mode))
3295 			rtn = EFAULT;
3296 		break;
3297 
3298 	/*
3299 	 * ISCSI_LUN_OID_LIST --
3300 	 */
3301 	case ISCSI_LUN_OID_LIST_GET:
3302 		ll = (iscsi_lun_list_t *)kmem_alloc(sizeof (*ll), KM_SLEEP);
3303 		if (ddi_copyin((caddr_t)arg, ll, sizeof (*ll), mode)) {
3304 			rtn = EFAULT;
3305 			kmem_free(ll, sizeof (*ll));
3306 			break;
3307 		}
3308 
3309 		if (ll->ll_vers != ISCSI_INTERFACE_VERSION) {
3310 			rtn = EINVAL;
3311 			kmem_free(ll, sizeof (*ll));
3312 			break;
3313 		}
3314 
3315 		/*
3316 		 * Find out how much space the user has allocated in their
3317 		 * structure. Match the same space for our structure.
3318 		 */
3319 		lun_sz = sizeof (iscsi_lun_list_t);
3320 		if (ll->ll_in_cnt > 0) {
3321 			lun_sz += (ll->ll_in_cnt - 1) * sizeof (iscsi_if_lun_t);
3322 		}
3323 
3324 		llp = kmem_zalloc(lun_sz, KM_SLEEP);
3325 		bcopy(ll, llp, sizeof (*ll));
3326 		kmem_free(ll, sizeof (*ll));
3327 
3328 		/*
3329 		 * Check to see if oid references a target-param oid.  If so,
3330 		 * find the associated  session oid before getting lu list.
3331 		 */
3332 		if (iscsi_targetparam_get_name(llp->ll_tgt_oid) != NULL) {
3333 			for (isp = ihp->hba_sess_list; isp;
3334 			    isp = isp->sess_next) {
3335 				if (isp->sess_target_oid == llp->ll_tgt_oid) {
3336 					target_oid  = isp->sess_oid;
3337 					break;
3338 				}
3339 			}
3340 		} else {
3341 			target_oid = llp->ll_tgt_oid;
3342 		}
3343 
3344 
3345 		/*
3346 		 * Look at the LUNs attached to the specified target. If there
3347 		 * is space in the user structure save that information locally.
3348 		 * Always add up the count to the total. By always adding
3349 		 * the count this code can be used if ll_in_cnt == 0 and
3350 		 * the user just wishes to know the appropriate size to
3351 		 * allocate.
3352 		 */
3353 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3354 		for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
3355 			if ((llp->ll_all_tgts == B_FALSE) &&
3356 			    (isp->sess_oid != target_oid)) {
3357 				continue;
3358 			}
3359 			rw_enter(&isp->sess_lun_list_rwlock, RW_READER);
3360 			for (ilp = isp->sess_lun_list; ilp;
3361 			    ilp = ilp->lun_next) {
3362 				if ((ilp->lun_state &
3363 				    ISCSI_LUN_STATE_ONLINE) &&
3364 				    !(ilp->lun_state &
3365 				    ISCSI_LUN_STATE_INVALID)) {
3366 					if (llp->ll_out_cnt <
3367 					    llp->ll_in_cnt) {
3368 						iscsi_if_lun_t *lp;
3369 						lp = &llp->ll_luns[
3370 						    llp->ll_out_cnt];
3371 
3372 						lp->l_tgt_oid =
3373 						    isp->sess_oid;
3374 						lp->l_oid = ilp->lun_oid;
3375 						lp->l_num = ilp->lun_num;
3376 					}
3377 				llp->ll_out_cnt++;
3378 				}
3379 			}
3380 			rw_exit(&isp->sess_lun_list_rwlock);
3381 		}
3382 		rw_exit(&ihp->hba_sess_list_rwlock);
3383 
3384 		if (ddi_copyout(llp, (caddr_t)arg, lun_sz, mode)) {
3385 			rtn = EFAULT;
3386 		}
3387 
3388 		kmem_free(llp, lun_sz);
3389 		break;
3390 
3391 	/*
3392 	 * ISCSI_LUN_PROPS_GET --
3393 	 */
3394 	case ISCSI_LUN_PROPS_GET:
3395 		lun = (iscsi_lun_props_t *)kmem_zalloc(sizeof (*lun), KM_SLEEP);
3396 		if (ddi_copyin((caddr_t)arg, lun, sizeof (*lun), mode)) {
3397 			rtn = EFAULT;
3398 			kmem_free(lun, sizeof (*lun));
3399 			break;
3400 		}
3401 
3402 		if (lun->lp_vers != ISCSI_INTERFACE_VERSION) {
3403 			rtn = EINVAL;
3404 			kmem_free(lun, sizeof (*lun));
3405 			break;
3406 		}
3407 
3408 		/*
3409 		 * For the target specified, find the LUN specified and
3410 		 * return its properties
3411 		 */
3412 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3413 		rtn = iscsi_sess_get(lun->lp_tgt_oid, ihp, &isp);
3414 		if (rtn != 0) {
3415 			rw_exit(&ihp->hba_sess_list_rwlock);
3416 			rtn = EFAULT;
3417 			kmem_free(lun, sizeof (*lun));
3418 			break;
3419 		}
3420 		rtn = EINVAL;	/* Set bad rtn, correct only if found */
3421 		rw_enter(&isp->sess_lun_list_rwlock, RW_READER);
3422 		for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
3423 			if (ilp->lun_oid == lun->lp_oid) {
3424 				lun->lp_num	= ilp->lun_num;
3425 				lun->lp_status	= LunValid;
3426 				lun->lp_time_online = ilp->lun_time_online;
3427 
3428 				if (ilp->lun_pip != NULL) {
3429 					lun_dip = mdi_pi_get_client(
3430 					    ilp->lun_pip);
3431 				} else {
3432 					lun_dip = ilp->lun_dip;
3433 				}
3434 
3435 				if (lun_dip != NULL &&
3436 				    ((i_ddi_devi_attached(lun_dip)) ||
3437 				    (ddi_get_devstate(lun_dip) ==
3438 				    DDI_DEVSTATE_UP))) {
3439 					(void) ddi_pathname(lun_dip,
3440 					    lun->lp_pathname);
3441 				} else {
3442 					/*
3443 					 * The LUN is not exported to the
3444 					 * OS yet.  It is in the process
3445 					 * of being added.
3446 					 */
3447 					lun->lp_status	= LunDoesNotExist;
3448 				}
3449 				bcopy(ilp->lun_vid, lun->lp_vid,
3450 				    sizeof (lun->lp_vid));
3451 				bcopy(ilp->lun_pid, lun->lp_pid,
3452 				    sizeof (lun->lp_pid));
3453 				rtn = ddi_copyout(lun, (caddr_t)arg,
3454 				    sizeof (*lun), mode);
3455 				if (rtn == -1) {
3456 					rtn = EFAULT;
3457 				}
3458 				break;
3459 			}
3460 		}
3461 		rw_exit(&isp->sess_lun_list_rwlock);
3462 		rw_exit(&ihp->hba_sess_list_rwlock);
3463 
3464 		kmem_free(lun, sizeof (*lun));
3465 		break;
3466 
3467 	/*
3468 	 * ISCSI_CONN_OID_LIST_GET --
3469 	 */
3470 #define	ISCSIIOCOLGC iscsi_ioctl_conn_oid_list_get_copyout
3471 	case ISCSI_CONN_OID_LIST_GET:
3472 		{
3473 			iscsi_conn_list_t	*cl;
3474 
3475 			/* Asuume the worst */
3476 			rtn = EFAULT;
3477 
3478 			/* Copy the input argument into kernel world. */
3479 			cl = iscsi_ioctl_conn_oid_list_get_copyin(
3480 			    (caddr_t)arg,
3481 			    mode);
3482 			if (cl != NULL) {
3483 				if (iscsi_ioctl_conn_oid_list_get(ihp, cl) ==
3484 				    B_TRUE) {
3485 					rtn =
3486 					    ISCSIIOCOLGC(
3487 					    cl, (caddr_t)arg, mode);
3488 				}
3489 			}
3490 			break;
3491 		}
3492 #undef ISCSIIOCOLGC
3493 	/*
3494 	 * ISCSI_CONN_OID_LIST_GET --
3495 	 */
3496 	case ISCSI_CONN_PROPS_GET:
3497 		{
3498 			iscsi_conn_props_t	*cp;
3499 
3500 			/* Asuume the worst */
3501 			rtn = EFAULT;
3502 
3503 			/* Copy the input argument into kernel world. */
3504 			cp = iscsi_ioctl_copyin(
3505 			    (caddr_t)arg,
3506 			    mode,
3507 			    sizeof (iscsi_conn_props_t));
3508 
3509 			if (cp != NULL) {
3510 				/* Get the propereties. */
3511 				if (iscsi_ioctl_conn_props_get(ihp, cp) ==
3512 				    B_TRUE) {
3513 					rtn =
3514 					    iscsi_ioctl_copyout(
3515 					    cp,
3516 					    sizeof (*cp),
3517 					    (caddr_t)arg,
3518 					    mode);
3519 				} else {
3520 					kmem_free(cp, sizeof (*cp));
3521 					cp = NULL;
3522 				}
3523 			}
3524 			break;
3525 		}
3526 
3527 	/*
3528 	 * ISCSI_RADIUS_GET -
3529 	 */
3530 	case ISCSI_RADIUS_GET:
3531 	{
3532 		iscsi_nvfile_status_t	status;
3533 
3534 		radius = (iscsi_radius_props_t *)kmem_zalloc(sizeof (*radius),
3535 		    KM_SLEEP);
3536 		if (ddi_copyin((caddr_t)arg, radius, sizeof (*radius), mode)) {
3537 			kmem_free(radius, sizeof (*radius));
3538 			rtn = EFAULT;
3539 			break;
3540 		} else if (radius->r_vers != ISCSI_INTERFACE_VERSION) {
3541 			kmem_free(radius, sizeof (*radius));
3542 			rtn = EINVAL;
3543 			break;
3544 		}
3545 
3546 		old_oid = radius->r_oid;
3547 
3548 		if (radius->r_oid == ihp->hba_oid) {
3549 			name = ihp->hba_name;
3550 		} else {
3551 			/*
3552 			 * RADIUS configuration should be done on a per
3553 			 * initiator basis.
3554 			 */
3555 			kmem_free(radius, sizeof (*radius));
3556 			rtn = EINVAL;
3557 			break;
3558 		}
3559 
3560 		status = persistent_radius_get(radius);
3561 		if (status == ISCSI_NVFILE_SUCCESS) {
3562 			/*
3563 			 * Restore the value for overridden (and bogus) oid.
3564 			 */
3565 			radius->r_oid = old_oid;
3566 			rtn = ddi_copyout(radius, (caddr_t)arg,
3567 			    sizeof (*radius), mode);
3568 		} else if (status == ISCSI_NVFILE_NAMEVAL_NOT_FOUND) {
3569 			rtn = ENOENT;
3570 		} else {
3571 			rtn = EIO;
3572 		}
3573 		kmem_free(radius, sizeof (*radius));
3574 		break;
3575 	}
3576 
3577 	/*
3578 	 * ISCSI_RADIUS_SET -
3579 	 */
3580 	case ISCSI_RADIUS_SET:
3581 		radius = (iscsi_radius_props_t *)kmem_zalloc(sizeof (*radius),
3582 		    KM_SLEEP);
3583 		if (ddi_copyin((caddr_t)arg, radius, sizeof (*radius), mode)) {
3584 			rtn = EFAULT;
3585 			kmem_free(radius, sizeof (*radius));
3586 			break;
3587 		} else if (radius->r_vers != ISCSI_INTERFACE_VERSION) {
3588 			rtn = EINVAL;
3589 			kmem_free(radius, sizeof (*radius));
3590 			break;
3591 		}
3592 
3593 		if (radius->r_oid == ihp->hba_oid) {
3594 			name = ihp->hba_name;
3595 		} else {
3596 			/*
3597 			 * RADIUS configuration should be done on a per
3598 			 * initiator basis.
3599 			 */
3600 			kmem_free(radius, sizeof (*radius));
3601 			rtn = EINVAL;
3602 			break;
3603 		}
3604 
3605 		if (persistent_radius_set(radius) == B_FALSE) {
3606 			rtn = EIO;
3607 		}
3608 
3609 		kmem_free(radius, sizeof (*radius));
3610 		break;
3611 
3612 	/*
3613 	 *  ISCSI_AUTH_GET -
3614 	 */
3615 	case ISCSI_AUTH_GET:
3616 		auth = (iscsi_auth_props_t *)kmem_zalloc(sizeof (*auth),
3617 		    KM_SLEEP);
3618 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3619 			kmem_free(auth, sizeof (*auth));
3620 			rtn = EFAULT;
3621 			break;
3622 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3623 			kmem_free(auth, sizeof (*auth));
3624 			rtn = EINVAL;
3625 			break;
3626 		}
3627 
3628 		old_oid = auth->a_oid;
3629 
3630 		if (auth->a_oid == ihp->hba_oid) {
3631 			name = ihp->hba_name;
3632 		} else {
3633 
3634 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3635 			/*
3636 			 * If the oid does represent a session check to see
3637 			 * if it is a target oid.  If so, return the target's
3638 			 * associated session.
3639 			 */
3640 			rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3641 			if (rtn != 0) {
3642 				rtn = iscsi_sess_get_by_target(auth->a_oid,
3643 				    ihp, &isp);
3644 			}
3645 			rw_exit(&ihp->hba_sess_list_rwlock);
3646 
3647 			/*
3648 			 * If rtn is zero then we have found an
3649 			 * existing session.  Use the session name to
3650 			 * do param lookup.  If rtn is non-zero then
3651 			 * create a targetparam object and use its name
3652 			 * for param lookup.
3653 			 */
3654 			if (rtn == 0) {
3655 				name = isp->sess_name;
3656 			} else {
3657 				name =
3658 				    iscsi_targetparam_get_name(auth->a_oid);
3659 			}
3660 		}
3661 
3662 		if (name == NULL) {
3663 			rtn = EFAULT;
3664 			break;
3665 		}
3666 
3667 		if (persistent_auth_get((char *)name, auth) == B_TRUE) {
3668 			/*
3669 			 * Restore the value for overridden (and bogus) oid.
3670 			 */
3671 			auth->a_oid = old_oid;
3672 			rtn = ddi_copyout(auth, (caddr_t)arg,
3673 			    sizeof (*auth), mode);
3674 		} else {
3675 			rtn = EIO;
3676 		}
3677 
3678 		kmem_free(auth, sizeof (*auth));
3679 		break;
3680 
3681 	/*
3682 	 *  ISCSI_AUTH_SET -
3683 	 */
3684 	case ISCSI_AUTH_SET:
3685 		auth = (iscsi_auth_props_t *)kmem_zalloc(sizeof (*auth),
3686 		    KM_SLEEP);
3687 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3688 			kmem_free(auth, sizeof (*auth));
3689 			rtn = EFAULT;
3690 			break;
3691 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3692 			kmem_free(auth, sizeof (*auth));
3693 			rtn = EINVAL;
3694 			break;
3695 		}
3696 
3697 		if (auth->a_oid == ihp->hba_oid) {
3698 			name = ihp->hba_name;
3699 		} else {
3700 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3701 			/*
3702 			 * If the oid does represent a session check to see
3703 			 * if it is a target oid.  If so, return the target's
3704 			 * associated session.
3705 			 */
3706 			rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3707 			if (rtn != 0) {
3708 				rtn = iscsi_sess_get_by_target(auth->a_oid,
3709 				    ihp, &isp);
3710 			}
3711 			rw_exit(&ihp->hba_sess_list_rwlock);
3712 
3713 			/*
3714 			 * If rtn is zero then we have found an
3715 			 * existing session.  Use the session name to
3716 			 * do param lookup.  If rtn is non-zero then
3717 			 * create a targetparam object and use its name
3718 			 * for param lookup.
3719 			 */
3720 			if (rtn == 0) {
3721 				name = isp->sess_name;
3722 			} else {
3723 				name =
3724 				    iscsi_targetparam_get_name(auth->a_oid);
3725 				rtn = 0;
3726 			}
3727 		}
3728 
3729 		if (name == NULL) {
3730 			rtn = EFAULT;
3731 		} else if (persistent_auth_set((char *)name, auth)
3732 		    == B_FALSE) {
3733 			rtn = EIO;
3734 		}
3735 
3736 		kmem_free(auth, sizeof (*auth));
3737 		break;
3738 
3739 	/*
3740 	 *  ISCSI_AUTH_CLEAR -
3741 	 */
3742 	case ISCSI_AUTH_CLEAR:
3743 		auth = (iscsi_auth_props_t *)kmem_alloc(sizeof (*auth),
3744 		    KM_SLEEP);
3745 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3746 			kmem_free(auth, sizeof (*auth));
3747 			rtn = EFAULT;
3748 			break;
3749 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3750 			kmem_free(auth, sizeof (*auth));
3751 			rtn = EINVAL;
3752 			break;
3753 		}
3754 
3755 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3756 		/*
3757 		 * If the oid does represent a session check to see
3758 		 * if it is a target oid.  If so, return the target's
3759 		 * associated session.
3760 		 */
3761 		rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3762 		if (rtn != 0) {
3763 			rtn = iscsi_sess_get_by_target(auth->a_oid, ihp, &isp);
3764 		}
3765 		rw_exit(&ihp->hba_sess_list_rwlock);
3766 
3767 		/*
3768 		 * If rtn is zero then we have found an
3769 		 * existing session.  Use the session name to
3770 		 * do param lookup.  If rtn is non-zero then
3771 		 * create a targetparam object and use its name
3772 		 * for param lookup.
3773 		 */
3774 		if (rtn == 0) {
3775 			name = isp->sess_name;
3776 		} else {
3777 			name =
3778 			    iscsi_targetparam_get_name(auth->a_oid);
3779 			rtn = 0;
3780 			discovered = B_FALSE;
3781 		}
3782 
3783 		if (name == NULL) {
3784 			rtn = EFAULT;
3785 			break;
3786 		}
3787 
3788 		if (persistent_auth_clear((char *)name) == B_FALSE) {
3789 			rtn = EIO;
3790 		}
3791 
3792 		/*
3793 		 * ISCSI_TARGET_PARAM_CLEAR, ISCSI_CHAP_CLEAR and
3794 		 * ISCSI_AUTH_CLEAR ioctl are called sequentially to remove
3795 		 * target parameters. Here, the target that is not discovered
3796 		 * by initiator should be removed from the iscsi_targets list
3797 		 * residing in the memory.
3798 		 */
3799 		if (discovered == B_FALSE) {
3800 			(void) iscsi_targetparam_remove_target(auth->a_oid);
3801 		}
3802 
3803 		kmem_free(auth, sizeof (*auth));
3804 		break;
3805 
3806 	/*
3807 	 * ISCSI_DB_DUMP -
3808 	 */
3809 	case ISCSI_DB_DUMP:
3810 		persistent_dump_data();
3811 		break;
3812 
3813 	case ISCSI_USCSI:
3814 
3815 #ifdef _MULTI_DATAMODEL
3816 		model = ddi_model_convert_from(mode & FMODELS);
3817 		switch (model) {
3818 		case DDI_MODEL_ILP32:
3819 
3820 			if (ddi_copyin((caddr_t)arg, &iu32_caller,
3821 			    sizeof (iscsi_uscsi32_t), mode)) {
3822 				rtn = EFAULT;
3823 				break;
3824 			}
3825 
3826 			/* perform conversion from 32 -> 64 */
3827 			iu_caller.iu_vers = iu32_caller.iu_vers;
3828 			iu_caller.iu_oid = iu32_caller.iu_oid;
3829 			iu_caller.iu_tpgt = iu32_caller.iu_tpgt;
3830 			iu_caller.iu_len = iu32_caller.iu_len;
3831 			iu_caller.iu_lun = iu32_caller.iu_lun;
3832 			uscsi_cmd32touscsi_cmd((&iu32_caller.iu_ucmd),
3833 			    (&iu_caller.iu_ucmd));
3834 
3835 			break;
3836 		case DDI_MODEL_NONE:
3837 			if (ddi_copyin((caddr_t)arg, &iu_caller,
3838 			    sizeof (iscsi_uscsi_t), mode)) {
3839 				rtn = EFAULT;
3840 				break;
3841 			}
3842 			break;
3843 		default:
3844 			ASSERT(FALSE);
3845 			rtn = EINVAL;
3846 			break;
3847 		}
3848 #endif /* _MULTI_DATAMODEL */
3849 
3850 		/* If failures earlier break */
3851 		if (rtn != 0) {
3852 			break;
3853 		}
3854 
3855 		/* copy from caller to internel cmd */
3856 		bcopy(&iu_caller, &iu, sizeof (iu));
3857 
3858 		if (iu.iu_vers != ISCSI_INTERFACE_VERSION) {
3859 			rtn = EINVAL;
3860 			break;
3861 		}
3862 		/*
3863 		 * Check to see if oid references a target-param oid.  If so,
3864 		 * find the associated  session oid before getting lu list.
3865 		 */
3866 		if (iscsi_targetparam_get_name(iu.iu_oid) != NULL) {
3867 			for (isp = ihp->hba_sess_list; isp; isp =
3868 			    isp->sess_next) {
3869 				if (isp->sess_target_oid == iu.iu_oid) {
3870 					target_oid  = isp->sess_oid;
3871 					break;
3872 				}
3873 			}
3874 		} else {
3875 			target_oid = iu.iu_oid;
3876 		}
3877 
3878 		/* make sure we have a matching session for this command */
3879 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3880 		rtn = iscsi_sess_get(target_oid, ihp, &isp);
3881 		if (rtn != 0) {
3882 			rtn = iscsi_sess_get_by_target(target_oid, ihp,
3883 			    &isp);
3884 			if (rtn != 0) {
3885 				rw_exit(&ihp->hba_sess_list_rwlock);
3886 				rtn = EFAULT;
3887 				break;
3888 			}
3889 		}
3890 		/*
3891 		 * If a caller buffer is present allocate duplicate
3892 		 * kernel space and copyin caller memory.
3893 		 */
3894 		if (iu.iu_ucmd.uscsi_buflen > 0) {
3895 			iu.iu_ucmd.uscsi_bufaddr = (caddr_t)kmem_alloc(
3896 			    iu.iu_ucmd.uscsi_buflen, KM_SLEEP);
3897 			if (ddi_copyin(iu_caller.iu_ucmd.uscsi_bufaddr,
3898 			    iu.iu_ucmd.uscsi_bufaddr,
3899 			    iu.iu_ucmd.uscsi_buflen, mode)) {
3900 				rw_exit(&ihp->hba_sess_list_rwlock);
3901 				rtn = EFAULT;
3902 				break;
3903 			}
3904 		}
3905 
3906 		/*
3907 		 * If a caller cdb is present allocate duplicate
3908 		 * kernel space and copyin caller memory.
3909 		 */
3910 		if (iu.iu_ucmd.uscsi_cdblen > 0) {
3911 			iu.iu_ucmd.uscsi_cdb = (caddr_t)kmem_alloc(
3912 			    iu_caller.iu_ucmd.uscsi_cdblen, KM_SLEEP);
3913 			if (ddi_copyin(iu_caller.iu_ucmd.uscsi_cdb,
3914 			    iu.iu_ucmd.uscsi_cdb,
3915 			    iu.iu_ucmd.uscsi_cdblen, mode)) {
3916 				if (iu.iu_ucmd.uscsi_buflen > 0) {
3917 					kmem_free(iu.iu_ucmd.uscsi_bufaddr,
3918 					    iu_caller.iu_ucmd.uscsi_buflen);
3919 				}
3920 				rw_exit(&ihp->hba_sess_list_rwlock);
3921 				rtn = EFAULT;
3922 				break;
3923 			}
3924 		}
3925 
3926 		/*
3927 		 * If a caller request sense is present allocate
3928 		 * duplicate kernel space.  No need to copyin.
3929 		 */
3930 		if (iu.iu_ucmd.uscsi_rqlen > 0) {
3931 			iu.iu_ucmd.uscsi_rqbuf = (caddr_t)kmem_alloc(
3932 			    iu.iu_ucmd.uscsi_rqlen, KM_SLEEP);
3933 		}
3934 
3935 		/* issue passthru to io path handler */
3936 		rtn = iscsi_handle_passthru(isp, iu.iu_lun, &iu.iu_ucmd);
3937 		if (rtn != 0) {
3938 			rtn = EFAULT;
3939 		}
3940 
3941 		/*
3942 		 * If the caller had a buf we need to do a copyout
3943 		 * and free the kernel memory
3944 		 */
3945 		if (iu.iu_ucmd.uscsi_buflen > 0) {
3946 			if (ddi_copyout(iu.iu_ucmd.uscsi_bufaddr,
3947 			    iu_caller.iu_ucmd.uscsi_bufaddr,
3948 			    iu.iu_ucmd.uscsi_buflen, mode) != 0) {
3949 				rtn = EFAULT;
3950 			}
3951 			kmem_free(iu.iu_ucmd.uscsi_bufaddr,
3952 			    iu.iu_ucmd.uscsi_buflen);
3953 		}
3954 
3955 		/* We need to free kernel cdb, no need to copyout */
3956 		if (iu.iu_ucmd.uscsi_cdblen > 0) {
3957 			kmem_free(iu.iu_ucmd.uscsi_cdb,
3958 			    iu.iu_ucmd.uscsi_cdblen);
3959 		}
3960 
3961 		/*
3962 		 * If the caller had a request sense we need to
3963 		 * do a copyout and free the kernel memory
3964 		 */
3965 		if (iu.iu_ucmd.uscsi_rqlen > 0) {
3966 			if (ddi_copyout(iu.iu_ucmd.uscsi_rqbuf,
3967 			    iu_caller.iu_ucmd.uscsi_rqbuf,
3968 			    iu.iu_ucmd.uscsi_rqlen - iu.iu_ucmd.uscsi_rqresid,
3969 			    mode) != 0) {
3970 				rtn = EFAULT;
3971 			}
3972 			kmem_free(iu.iu_ucmd.uscsi_rqbuf,
3973 			    iu.iu_ucmd.uscsi_rqlen);
3974 		}
3975 
3976 #ifdef _MULTI_DATAMODEL
3977 		switch (model = ddi_model_convert_from(mode & FMODELS)) {
3978 		case DDI_MODEL_ILP32:
3979 			if (iu.iu_ucmd.uscsi_status != 0) {
3980 				iu32_caller.iu_ucmd.uscsi_status =
3981 				    iu.iu_ucmd.uscsi_status;
3982 				iu32_caller.iu_ucmd.uscsi_rqresid =
3983 				    iu.iu_ucmd.uscsi_rqresid;
3984 			}
3985 			iu32_caller.iu_ucmd.uscsi_resid =
3986 			    iu.iu_ucmd.uscsi_resid;
3987 			if (ddi_copyout((void *)&iu32_caller, (caddr_t)arg,
3988 			    sizeof (iscsi_uscsi32_t), mode) != 0) {
3989 				rtn = EFAULT;
3990 			}
3991 			break;
3992 		case DDI_MODEL_NONE:
3993 			if (iu.iu_ucmd.uscsi_status != 0) {
3994 				iu_caller.iu_ucmd.uscsi_status =
3995 				    iu.iu_ucmd.uscsi_status;
3996 				iu_caller.iu_ucmd.uscsi_rqresid =
3997 				    iu.iu_ucmd.uscsi_rqresid;
3998 			}
3999 			iu_caller.iu_ucmd.uscsi_resid = iu.iu_ucmd.uscsi_resid;
4000 			if (ddi_copyout((void *)&iu_caller, (caddr_t)arg,
4001 			    sizeof (iscsi_uscsi_t), mode) != 0) {
4002 				rtn = EFAULT;
4003 			}
4004 			break;
4005 		default:
4006 			ASSERT(FALSE);
4007 		}
4008 #endif /* _MULTI_DATAMODEL */
4009 		rw_exit(&ihp->hba_sess_list_rwlock);
4010 		break;
4011 
4012 	case ISCSI_SMF_ONLINE:
4013 		if (ddi_copyin((caddr_t)arg, &did, sizeof (int), mode) != 0) {
4014 			rtn = EFAULT;
4015 			break;
4016 		}
4017 		/* just a theoretical case */
4018 		if (ihp->hba_persistent_loaded == B_FALSE) {
4019 			rtn = EFAULT;
4020 			break;
4021 		}
4022 
4023 		/* doesn't need to overwrite the status anymore */
4024 		mutex_enter(&ihp->hba_service_lock);
4025 		if (ihp->hba_service_status_overwrite == B_TRUE) {
4026 			ihp->hba_service_status = ISCSI_SERVICE_DISABLED;
4027 			ihp->hba_service_status_overwrite = B_FALSE;
4028 		}
4029 		mutex_exit(&ihp->hba_service_lock);
4030 
4031 		if (iscsi_enter_service_zone(ihp, ISCSI_SERVICE_ENABLED) ==
4032 		    B_FALSE) {
4033 			break;
4034 		}
4035 
4036 		rval = iscsi_door_bind(did);
4037 		if (rval == B_TRUE) {
4038 			rval = iscsid_start(ihp);
4039 			if (rval == B_FALSE) {
4040 				iscsi_door_unbind();
4041 			}
4042 		}
4043 
4044 		if (rval == B_TRUE) {
4045 			iscsi_exit_service_zone(ihp, ISCSI_SERVICE_ENABLED);
4046 		} else {
4047 			iscsi_exit_service_zone(ihp, ISCSI_SERVICE_DISABLED);
4048 			rtn = EFAULT;
4049 		}
4050 
4051 		break;
4052 
4053 	case ISCSI_SMF_OFFLINE:
4054 		if (iscsi_enter_service_zone(ihp, ISCSI_SERVICE_DISABLED)
4055 		    == B_FALSE) {
4056 			break;
4057 		}
4058 
4059 		rval = iscsid_stop(ihp);
4060 		iscsi_door_unbind();
4061 
4062 		iscsi_exit_service_zone(ihp, ISCSI_SERVICE_DISABLED);
4063 
4064 		if (ddi_copyout((void *)&rval, (caddr_t)arg,
4065 		    sizeof (boolean_t), mode) != 0) {
4066 			rtn = EFAULT;
4067 		}
4068 
4069 		break;
4070 
4071 	case ISCSI_SMF_GET:
4072 		mutex_enter(&ihp->hba_service_lock);
4073 		while (ihp->hba_service_status ==
4074 		    ISCSI_SERVICE_TRANSITION) {
4075 			cv_wait(&ihp->hba_service_cv,
4076 			    &ihp->hba_service_lock);
4077 		}
4078 		if (ddi_copyout((void *)&ihp->hba_service_status,
4079 		    (caddr_t)arg, sizeof (boolean_t), mode) != 0) {
4080 			rtn = EFAULT;
4081 		}
4082 		mutex_exit(&ihp->hba_service_lock);
4083 		break;
4084 
4085 	case ISCSI_DISCOVERY_EVENTS:
4086 		/*
4087 		 * If discovery has not been completed and not in progress,
4088 		 * poke the discovery methods
4089 		 */
4090 		mutex_enter(&ihp->hba_discovery_events_mutex);
4091 		method = ihp->hba_discovery_events;
4092 		if ((method != ISCSI_ALL_DISCOVERY_METHODS) &&
4093 		    (ihp->hba_discovery_in_progress == B_FALSE)) {
4094 			ihp->hba_discovery_in_progress = B_TRUE;
4095 			mutex_exit(&ihp->hba_discovery_events_mutex);
4096 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodUnknown);
4097 			mutex_enter(&ihp->hba_discovery_events_mutex);
4098 			ihp->hba_discovery_in_progress = B_FALSE;
4099 			method = ihp->hba_discovery_events;
4100 		}
4101 		mutex_exit(&ihp->hba_discovery_events_mutex);
4102 
4103 		if (ddi_copyout((void *)&method, (caddr_t)arg,
4104 		    sizeof (method), mode) != 0)
4105 			rtn = EFAULT;
4106 		break;
4107 
4108 	/*
4109 	 * ISCSI_SENDTGTS_GET --
4110 	 */
4111 	case ISCSI_SENDTGTS_GET:
4112 		stl_hdr = iscsi_ioctl_copyin((caddr_t)arg, mode,
4113 		    sizeof (*stl_hdr));
4114 		if (stl_hdr == NULL) {
4115 			rtn = EFAULT;
4116 			break;
4117 		}
4118 
4119 		if (stl_hdr->stl_entry.e_vers != ISCSI_INTERFACE_VERSION) {
4120 			rtn = EINVAL;
4121 			kmem_free(stl_hdr, sizeof (*stl_hdr));
4122 			break;
4123 		}
4124 
4125 		/* calculate how much memory user allocated for SendTgts */
4126 		stl_sz = sizeof (*stl_hdr);
4127 		if (stl_hdr->stl_in_cnt > 0) {
4128 			stl_sz += ((stl_hdr->stl_in_cnt - 1) *
4129 			    sizeof (iscsi_sendtgts_entry_t));
4130 		}
4131 
4132 		/* allocate local SendTgts list of the same size */
4133 		istl = kmem_zalloc(stl_sz, KM_SLEEP);
4134 		bcopy(stl_hdr, istl, sizeof (*stl_hdr));
4135 		kmem_free(stl_hdr, sizeof (*stl_hdr));
4136 
4137 		/* lock interface so only one SendTargets operation occurs */
4138 		sema_p(&ihp->hba_sendtgts_semaphore);
4139 
4140 		rtn = iscsi_ioctl_sendtgts_get(ihp, istl);
4141 
4142 		if (rtn == 0) {
4143 			rtn = iscsi_ioctl_copyout(istl, stl_sz,
4144 			    (caddr_t)arg, mode);
4145 		}
4146 
4147 		/* release lock to allow another SendTargets discovery */
4148 		sema_v(&ihp->hba_sendtgts_semaphore);
4149 
4150 		break;
4151 
4152 		/*
4153 		 * ISCSI_ISNS_SERVER_GET --
4154 		 */
4155 	case ISCSI_ISNS_SERVER_GET:
4156 		server_pg_list_hdr = iscsi_ioctl_copyin((caddr_t)arg, mode,
4157 		    sizeof (*server_pg_list_hdr));
4158 		if (server_pg_list_hdr == NULL) {
4159 			rtn = EFAULT;
4160 			break;
4161 		}
4162 
4163 		/* If iSNS discovery mode is not set, return with zero entry */
4164 		method = persistent_disc_meth_get();
4165 		if ((method & iSCSIDiscoveryMethodISNS) == 0) {
4166 			kmem_free(server_pg_list_hdr,
4167 			    sizeof (*server_pg_list_hdr));
4168 			server_pg_list_hdr = NULL;
4169 			rtn = EACCES;
4170 			break;
4171 		}
4172 
4173 		initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
4174 		if (persistent_initiator_name_get(initiator_node_name,
4175 		    ISCSI_MAX_NAME_LEN) != B_TRUE) {
4176 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4177 			initiator_node_name = NULL;
4178 			kmem_free(server_pg_list_hdr,
4179 			    sizeof (*server_pg_list_hdr));
4180 			server_pg_list_hdr = NULL;
4181 			rtn = EIO;
4182 			break;
4183 		}
4184 		if (strlen(initiator_node_name) == 0) {
4185 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4186 			initiator_node_name = NULL;
4187 			kmem_free(server_pg_list_hdr,
4188 			    sizeof (*server_pg_list_hdr));
4189 			server_pg_list_hdr = NULL;
4190 			rtn = EIO;
4191 			break;
4192 		}
4193 
4194 		initiator_node_alias = kmem_zalloc(
4195 		    ISCSI_MAX_NAME_LEN, KM_SLEEP);
4196 		if (persistent_alias_name_get(initiator_node_alias,
4197 		    ISCSI_MAX_NAME_LEN) != B_TRUE) {
4198 			initiator_node_alias[0] = '\0';
4199 		}
4200 		rtn = isns_query_one_server(&(server_pg_list_hdr->addr),
4201 		    ihp->hba_isid,
4202 		    (uint8_t *)initiator_node_name,
4203 		    (uint8_t *)initiator_node_alias,
4204 		    ISNS_INITIATOR_NODE_TYPE,
4205 		    &pg_list);
4206 		if (rtn != isns_ok || pg_list == NULL) {
4207 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4208 			initiator_node_name = NULL;
4209 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
4210 			initiator_node_alias = NULL;
4211 			kmem_free(server_pg_list_hdr,
4212 			    sizeof (*server_pg_list_hdr));
4213 			server_pg_list_hdr = NULL;
4214 			rtn = EIO;
4215 			break;
4216 		}
4217 
4218 		/*
4219 		 * pg_list_sz is the size of the pg_list returned from the
4220 		 *	isns_query_all
4221 		 *
4222 		 * pg_sz_copy_out is the size of the pg_list we are going to
4223 		 *	return back to the caller
4224 		 *
4225 		 * server_pg_list_sz is total amount of data we are returning
4226 		 *	back to the caller
4227 		 */
4228 		pg_list->pg_in_cnt =
4229 		    server_pg_list_hdr->addr_port_list.pg_in_cnt;
4230 		pg_list_sz = sizeof (isns_portal_group_list_t);
4231 		if (pg_list->pg_out_cnt > 0) {
4232 			pg_list_sz += (pg_list->pg_out_cnt - 1) *
4233 			    sizeof (isns_portal_group_t);
4234 		}
4235 		/*
4236 		 * check if caller passed in a buffer with enough space
4237 		 * if there isn't enough space, fill the caller's buffer with
4238 		 * as much information as possible.
4239 		 *
4240 		 * if pg_out_cnt > pg_in_cnt, pg_out_cnt will be returned with
4241 		 * the total number of targets found
4242 		 *
4243 		 * if pg_out_cnt < pg_in_cnt, pg_out_cnt will be the number
4244 		 * of targets returned
4245 		 */
4246 		if (pg_list->pg_in_cnt < pg_list->pg_out_cnt) {
4247 			pg_sz_copy_out = sizeof (isns_portal_group_list_t);
4248 			if (pg_list->pg_in_cnt > 0) {
4249 				pg_sz_copy_out += (pg_list->pg_in_cnt - 1) *
4250 				    sizeof (isns_portal_group_t);
4251 			}
4252 			server_pg_list_sz =
4253 			    sizeof (isns_server_portal_group_list_t);
4254 			if (pg_list->pg_in_cnt > 0) {
4255 				server_pg_list_sz += (pg_list->pg_in_cnt - 1) *
4256 				    sizeof (isns_portal_group_t);
4257 			}
4258 		} else {
4259 			pg_sz_copy_out = pg_list_sz;
4260 			server_pg_list_sz =
4261 			    sizeof (isns_server_portal_group_list_t);
4262 			if (pg_list->pg_out_cnt > 0) {
4263 				server_pg_list_sz += (pg_list->pg_out_cnt - 1) *
4264 				    sizeof (isns_portal_group_t);
4265 			}
4266 		}
4267 
4268 		server_pg_list = (isns_server_portal_group_list_t *)kmem_zalloc(
4269 		    server_pg_list_sz, KM_SLEEP);
4270 
4271 		bcopy(&(server_pg_list_hdr->addr), &(server_pg_list->addr),
4272 		    sizeof (server_pg_list->addr));
4273 		bcopy(pg_list, &server_pg_list->addr_port_list, pg_sz_copy_out);
4274 
4275 		if (ddi_copyout(server_pg_list, (caddr_t)arg, server_pg_list_sz,
4276 		    mode) != 0) {
4277 			rtn = EFAULT;
4278 		}
4279 		DTRACE_PROBE1(iscsi_ioctl_iscsi_isns_server_get_pg_sz,
4280 		    int, pg_list_sz);
4281 		kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4282 		initiator_node_name = NULL;
4283 		kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
4284 		initiator_node_alias = NULL;
4285 		kmem_free(pg_list, pg_list_sz);
4286 		pg_list = NULL;
4287 		kmem_free(server_pg_list, server_pg_list_sz);
4288 		server_pg_list = NULL;
4289 		kmem_free(server_pg_list_hdr, sizeof (*server_pg_list_hdr));
4290 		server_pg_list_hdr = NULL;
4291 		break;
4292 
4293 	/*
4294 	 * ISCSI_GET_CONFIG_SESSIONS --
4295 	 */
4296 	case ISCSI_GET_CONFIG_SESSIONS:
4297 		/* FALLTHRU */
4298 
4299 	case ISCSI_SET_CONFIG_SESSIONS:
4300 		size = sizeof (*ics);
4301 		ics = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
4302 		if (ics == NULL) {
4303 			rtn = EFAULT;
4304 			break;
4305 		}
4306 
4307 		/* verify version infomration */
4308 		if (ics->ics_ver != ISCSI_INTERFACE_VERSION) {
4309 			rtn = EINVAL;
4310 			kmem_free(ics, size);
4311 			ics = NULL;
4312 			break;
4313 		}
4314 
4315 		/* Check to see if we need to copy in more memory */
4316 		if (ics->ics_in > 1) {
4317 			/* record correct size */
4318 			size = ISCSI_SESSION_CONFIG_SIZE(ics->ics_in);
4319 			/* free old buffer */
4320 			kmem_free(ics, sizeof (*ics));
4321 
4322 			/* copy in complete buffer size */
4323 			ics = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
4324 			if (ics == NULL) {
4325 				rtn = EFAULT;
4326 				break;
4327 			}
4328 		}
4329 
4330 		/* switch action based on get or set */
4331 		if (cmd == ISCSI_GET_CONFIG_SESSIONS) {
4332 			/* get */
4333 			rtn = iscsi_ioctl_get_config_sess(ihp, ics);
4334 			if (rtn == 0) {
4335 				/* copyout data for gets */
4336 				rtn = iscsi_ioctl_copyout(ics, size,
4337 				    (caddr_t)arg, mode);
4338 			} else {
4339 				kmem_free(ics, size);
4340 				ics = NULL;
4341 			}
4342 		} else {
4343 			/* set */
4344 			rtn = iscsi_ioctl_set_config_sess(ihp, ics);
4345 			if (iscsiboot_prop) {
4346 				if (iscsi_cmp_boot_sess_oid(ihp,
4347 				    ics->ics_oid)) {
4348 					/*
4349 					 * found active session for this object
4350 					 * or this is initiator object
4351 					 * with mpxio enabled
4352 					 */
4353 					if (!iscsi_reconfig_boot_sess(ihp)) {
4354 						kmem_free(ics, size);
4355 						ics = NULL;
4356 						rtn = EINVAL;
4357 						break;
4358 					}
4359 				}
4360 			}
4361 			kmem_free(ics, size);
4362 			ics = NULL;
4363 		}
4364 		break;
4365 
4366 	case ISCSI_IS_ACTIVE:
4367 		/*
4368 		 * dhcpagent calls here to check if there are
4369 		 * active iSCSI sessions
4370 		 */
4371 		instance = 0;
4372 		if (iscsiboot_prop) {
4373 			instance = 1;
4374 		}
4375 		if (!instance) {
4376 			rw_enter(&ihp->hba_sess_list_rwlock,
4377 			    RW_READER);
4378 			for (isp = ihp->hba_sess_list; isp;
4379 			    isp = isp->sess_next) {
4380 				if ((isp->sess_state ==
4381 				    ISCSI_SESS_STATE_LOGGED_IN) &&
4382 				    (isp->sess_lun_list !=
4383 				    NULL)) {
4384 					instance = 1;
4385 					break;
4386 				}
4387 			}
4388 			rw_exit(&ihp->hba_sess_list_rwlock);
4389 		}
4390 		size = sizeof (instance);
4391 		if (ddi_copyout(&instance, (caddr_t)arg, size,
4392 		    mode) != 0) {
4393 			rtn = EFAULT;
4394 		}
4395 		break;
4396 
4397 	case ISCSI_BOOTPROP_GET:
4398 		size = sizeof (*bootProp);
4399 		bootProp = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
4400 		if (bootProp == NULL) {
4401 			rtn = EFAULT;
4402 			break;
4403 		}
4404 		bootProp->hba_mpxio_enabled =
4405 		    iscsi_chk_bootlun_mpxio(ihp);
4406 		if (iscsiboot_prop == NULL) {
4407 			bootProp->iscsiboot = 0;
4408 			rtn = iscsi_ioctl_copyout(bootProp, size,
4409 			    (caddr_t)arg, mode);
4410 			break;
4411 		} else {
4412 			bootProp->iscsiboot = 1;
4413 		}
4414 
4415 		if (iscsiboot_prop->boot_init.ini_name != NULL) {
4416 			(void) strncpy((char *)bootProp->ini_name.n_name,
4417 			    (char *)iscsiboot_prop->boot_init.ini_name,
4418 			    ISCSI_MAX_NAME_LEN);
4419 		}
4420 		if (iscsiboot_prop->boot_init.ini_chap_name != NULL) {
4421 			bootProp->auth.a_auth_method = authMethodCHAP;
4422 			(void) strncpy((char *)bootProp->ini_chap.c_user,
4423 			    (char *)iscsiboot_prop->boot_init.ini_chap_name,
4424 			    ISCSI_MAX_NAME_LEN);
4425 			(void) strncpy((char *)bootProp->ini_chap.c_secret,
4426 			    (char *)iscsiboot_prop->boot_init.ini_chap_sec,
4427 			    ISCSI_CHAP_SECRET_LEN);
4428 			if (iscsiboot_prop->boot_tgt.tgt_chap_name !=
4429 			    NULL) {
4430 				bootProp->auth.a_bi_auth = B_TRUE;
4431 			} else {
4432 				bootProp->auth.a_bi_auth = B_FALSE;
4433 			}
4434 		}
4435 		if (iscsiboot_prop->boot_tgt.tgt_name != NULL) {
4436 			(void) strncpy((char *)bootProp->tgt_name.n_name,
4437 			    (char *)iscsiboot_prop->boot_tgt.tgt_name,
4438 			    ISCSI_MAX_NAME_LEN);
4439 		}
4440 		if (iscsiboot_prop->boot_tgt.tgt_chap_name != NULL) {
4441 			(void) strncpy((char *)bootProp->tgt_chap.c_user,
4442 			    (char *)iscsiboot_prop->boot_tgt.tgt_chap_name,
4443 			    ISCSI_MAX_NAME_LEN);
4444 			(void) strncpy((char *)bootProp->tgt_chap.c_secret,
4445 			    (char *)iscsiboot_prop->boot_tgt.tgt_chap_sec,
4446 			    ISCSI_CHAP_SECRET_LEN);
4447 		}
4448 
4449 		rtn = iscsi_ioctl_copyout(bootProp, size, (caddr_t)arg, mode);
4450 		break;
4451 
4452 	case ISCSI_TARGET_REENUM:
4453 		size = sizeof (iscsi_reen_t);
4454 		reenum = (iscsi_reen_t *)kmem_alloc(size, KM_SLEEP);
4455 
4456 		if (ddi_copyin((caddr_t)arg, reenum, size, mode) != 0) {
4457 			rtn = EFAULT;
4458 			kmem_free(reenum, size);
4459 			break;
4460 		}
4461 		if (reenum->re_ver != ISCSI_INTERFACE_VERSION) {
4462 			rtn = EINVAL;
4463 			kmem_free(reenum, size);
4464 			break;
4465 		}
4466 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
4467 		rtn = iscsi_sess_get(reenum->re_oid, ihp, &isp);
4468 		if (rtn != 0) {
4469 			rtn = iscsi_sess_get_by_target(
4470 			    reenum->re_oid, ihp, &isp);
4471 		}
4472 
4473 		if (rtn != 0) {
4474 			rw_exit(&ihp->hba_sess_list_rwlock);
4475 			kmem_free(reenum, size);
4476 			break;
4477 		}
4478 		kmem_free(reenum, size);
4479 		if (isp->sess_type == ISCSI_SESS_TYPE_NORMAL) {
4480 			rw_enter(&isp->sess_state_rwlock, RW_READER);
4481 			if ((isp->sess_state ==
4482 			    ISCSI_SESS_STATE_LOGGED_IN) &&
4483 			    (iscsi_sess_enum_request(isp, B_TRUE,
4484 			    isp->sess_state_event_count)
4485 			    == ISCSI_SESS_ENUM_SUBMITTED)) {
4486 				(void) iscsi_sess_enum_query(isp);
4487 			}
4488 			rw_exit(&isp->sess_state_rwlock);
4489 		}
4490 		rw_exit(&ihp->hba_sess_list_rwlock);
4491 		break;
4492 
4493 	case ISCSI_TUNABLE_PARAM_SET:
4494 		tpss = (iscsi_tunable_object_t *)kmem_alloc(sizeof (*tpss),
4495 		    KM_SLEEP);
4496 		if (ddi_copyin((caddr_t)arg, tpss, sizeof (*tpss), mode)) {
4497 			rtn = EFAULT;
4498 			kmem_free(tpss, sizeof (*tpss));
4499 			break;
4500 		}
4501 		rtn = iscsi_ioctl_set_tunable_param(ihp, tpss);
4502 		kmem_free(tpss, sizeof (*tpss));
4503 		break;
4504 
4505 	case ISCSI_TUNABLE_PARAM_GET:
4506 		tpsg = (iscsi_tunable_object_t *)kmem_alloc(sizeof (*tpsg),
4507 		    KM_SLEEP);
4508 		if (ddi_copyin((caddr_t)arg, tpsg, sizeof (*tpsg), mode)) {
4509 			rtn = EFAULT;
4510 			kmem_free(tpsg, sizeof (*tpsg));
4511 			break;
4512 		}
4513 		if (tpsg->t_oid == ihp->hba_oid) {
4514 			/* initiator */
4515 			name = ihp->hba_name;
4516 			if (iscsi_get_persisted_tunable_param((uchar_t *)name,
4517 			    tpsg) == 1) {
4518 				/*
4519 				 * no persisted tunable parameters found
4520 				 * for iscsi initiator, use default tunable
4521 				 * params for initiator node.
4522 				 */
4523 				iscsi_get_tunable_default(tpsg);
4524 			}
4525 		} else {
4526 			/* check whether it is a target oid */
4527 			name = iscsi_targetparam_get_name(tpsg->t_oid);
4528 			if (name == NULL) {
4529 				/* invalid node name */
4530 				rtn = EINVAL;
4531 				kmem_free(tpsg, sizeof (*tpsg));
4532 				break;
4533 			}
4534 			if (iscsi_get_persisted_tunable_param((uchar_t *)name,
4535 			    tpsg) == 1) {
4536 				/*
4537 				 * no persisted tunable parameters found for
4538 				 * iscsi target, use initiator's configure.
4539 				 */
4540 				if (iscsi_get_persisted_tunable_param(
4541 				    (uchar_t *)ihp->hba_name, tpsg) == -1) {
4542 					/*
4543 					 * No initiator tunable parameters set
4544 					 * use default value for target
4545 					 */
4546 					iscsi_get_tunable_default(tpsg);
4547 				}
4548 			}
4549 		}
4550 
4551 		if (ddi_copyout(tpsg, (caddr_t)arg,
4552 		    sizeof (iscsi_tunable_object_t), mode) != 0) {
4553 			rtn = EFAULT;
4554 		}
4555 		kmem_free(tpsg, sizeof (*tpsg));
4556 		break;
4557 
4558 	default:
4559 		rtn = ENOTTY;
4560 		cmn_err(CE_NOTE, "unrecognized ioctl 0x%x", cmd);
4561 	} /* end of ioctl type switch/cases */
4562 
4563 	if ((cmd != ISCSI_SMF_ONLINE) && (cmd != ISCSI_SMF_OFFLINE) &&
4564 	    (cmd != ISCSI_SMF_GET)) {
4565 		/* other cmds need to release the service */
4566 		iscsi_client_release_service(ihp);
4567 	}
4568 
4569 	return (rtn);
4570 }
4571 
4572 /*
4573  * +--------------------------------------------------------------------+
4574  * | End of cb_ops routines					     |
4575  * +--------------------------------------------------------------------+
4576  */
4577 
4578 
4579 /*
4580  * +--------------------------------------------------------------------+
4581  * | Common scsi_tran support routines				  |
4582  * +--------------------------------------------------------------------+
4583  */
4584 
4585 /*
4586  * iscsi_i_commoncap -- SCSA host adapter get/set capability routines.
4587  *
4588  * Need to determine if any of these can be determined through the iSCSI
4589  * protocol. For now just return error on most.
4590  */
4591 /* ARGSUSED */
4592 static int
4593 iscsi_i_commoncap(struct scsi_address *ap, char *cap, int val,
4594     int tgtonly, int doset)
4595 {
4596 	int		rtn;
4597 	int		cidx;
4598 	iscsi_lun_t	*ilp;
4599 
4600 	ASSERT((ap)->a_hba_tran->tran_hba_private != NULL);
4601 	ilp	= (iscsi_lun_t *)((ap)->a_hba_tran->tran_tgt_private);
4602 	ASSERT(ilp != NULL);
4603 
4604 	if (cap == (char *)0) {
4605 		return (FALSE);
4606 	}
4607 
4608 	cidx = scsi_hba_lookup_capstr(cap);
4609 	if (cidx == -1) {
4610 		return (cidx);
4611 	}
4612 
4613 	/*
4614 	 * Process setcap request.
4615 	 */
4616 	if (doset) {
4617 		/*
4618 		 * At present, we can only set binary (0/1) values
4619 		 */
4620 		switch (cidx) {
4621 		case SCSI_CAP_LUN_RESET:
4622 			if (val) {
4623 				ilp->lun_cap |= ISCSI_LUN_CAP_RESET;
4624 			} else {
4625 				ilp->lun_cap &= ~ISCSI_LUN_CAP_RESET;
4626 			}
4627 			rtn = TRUE;
4628 			break;
4629 		default:
4630 			/*
4631 			 * None of these are settable via
4632 			 * the capability interface.
4633 			 */
4634 			rtn = FALSE;
4635 			break;
4636 		}
4637 
4638 		/*
4639 		 * Process getcap request.
4640 		 */
4641 	} else {
4642 		switch (cidx) {
4643 		case SCSI_CAP_DMA_MAX:
4644 			/* no DMA, Psuedo value */
4645 			rtn = INT32_MAX;
4646 			break;
4647 		case SCSI_CAP_INITIATOR_ID:
4648 			rtn = 7;
4649 			break;
4650 		case SCSI_CAP_ARQ:
4651 		case SCSI_CAP_RESET_NOTIFICATION:
4652 		case SCSI_CAP_TAGGED_QING:
4653 			rtn = TRUE;
4654 			break;
4655 		case SCSI_CAP_SCSI_VERSION:
4656 			rtn = SCSI_VERSION_3;
4657 			break;
4658 		case SCSI_CAP_INTERCONNECT_TYPE:
4659 			rtn = INTERCONNECT_FABRIC;
4660 			break;
4661 		case SCSI_CAP_LUN_RESET:
4662 			rtn = ((ilp->lun_cap & ISCSI_LUN_CAP_RESET) != 0) ?
4663 			    TRUE : FALSE;
4664 			break;
4665 		case SCSI_CAP_CDB_LEN:
4666 			/*
4667 			 * iSCSI RFC 3720 defines a default 16 byte
4668 			 * CDB as part of the Basic Header Segment
4669 			 * (BHS) (10.2.1) and allows for an Additional
4670 			 * Header Segment (AHS) Length of 255 * 4
4671 			 * (10.2.1.5).  The AHS length can be used
4672 			 * for different purposes two of which are
4673 			 * Extended CDB ADS (10.2.2.3) and Bidirectional
4674 			 * Expected Read-Data Length AHS (10.2.2.4).
4675 			 * The largest header of these consumes is
4676 			 * 32 bytes.  So the total Max CDB Length is
4677 			 * 16 + ((255 * 4 ) - 32) = 1004.
4678 			 */
4679 			rtn = 1004;
4680 			break;
4681 		default:
4682 			rtn = UNDEFINED;
4683 			break;
4684 		}
4685 	}
4686 	return (rtn);
4687 }
4688 
4689 /*
4690  * iscsi_virt_lun_init - attempts to complete a mdi/scsi_vhci binding
4691  *
4692  * This routine is used to associate the tran_tgt_private to our ilp
4693  * structure.  This function is indirectly called from our
4694  * iscsi_lun_create_xxx routines.  These routines must prevent
4695  * the session and lun lists from changing during this call.
4696  */
4697 /* ARGSUSED */
4698 static int
4699 iscsi_virt_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
4700     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
4701 {
4702 	iscsi_lun_t	*ilp		= NULL;
4703 	iscsi_lun_t	*ilp_check	= NULL;
4704 	iscsi_sess_t	*isp		= NULL;
4705 	char		*lun_guid	= NULL;
4706 	mdi_pathinfo_t	*pip		= NULL;
4707 	iscsi_hba_t	*ihp    = (iscsi_hba_t *)hba_tran->tran_hba_private;
4708 	char		target_port_name[MAX_NAME_PROP_SIZE];
4709 
4710 	/*
4711 	 * Here's a nice little piece of undocumented stuff.
4712 	 */
4713 	if ((pip = (mdi_pathinfo_t *)sd->sd_private) == NULL) {
4714 		/*
4715 		 * Very bad news if this occurs. Somehow SCSI_vhci has
4716 		 * lost the pathinfo node for this target.
4717 		 */
4718 		return (DDI_NOT_WELL_FORMED);
4719 	}
4720 
4721 	ilp = (iscsi_lun_t *)mdi_pi_get_phci_private(pip);
4722 
4723 	/*
4724 	 * +----------------------------------------------------+
4725 	 * | Looking to find the target device via the property |
4726 	 * | is not required since the driver can easily get    |
4727 	 * | this information from the mdi_phci_get_private()   |
4728 	 * | call above.  This is just a consistency check	|
4729 	 * | which can be removed.				|
4730 	 */
4731 	if (mdi_prop_lookup_string(pip, MDI_GUID, &lun_guid) !=
4732 	    DDI_PROP_SUCCESS) {
4733 		return (DDI_NOT_WELL_FORMED);
4734 	}
4735 
4736 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
4737 
4738 		/* If this isn't the matching session continue */
4739 		if (ilp->lun_sess != isp) {
4740 			continue;
4741 		}
4742 
4743 		/*
4744 		 * We are already holding the lun list rwlock
4745 		 * for this thread on the callers side of mdi_pi_online
4746 		 * or ndi_devi_online.  Which lead to this functions
4747 		 * call.
4748 		 */
4749 		for (ilp_check = isp->sess_lun_list; ilp_check;
4750 		    ilp_check = ilp_check->lun_next) {
4751 
4752 			/*
4753 			 * If this is the matching LUN and contains
4754 			 * the same LUN GUID then break we found our
4755 			 * match.
4756 			 */
4757 			if ((ilp == ilp_check) &&
4758 			    (strcmp(lun_guid, ilp_check->lun_guid) == 0)) {
4759 				break;
4760 			}
4761 		}
4762 		if (ilp_check != NULL) {
4763 			break;
4764 		}
4765 	}
4766 
4767 	/*
4768 	 * Free resource that's no longer required.
4769 	 */
4770 	if (lun_guid != NULL)
4771 		(void) mdi_prop_free(lun_guid);
4772 
4773 	if (ilp_check == NULL) {
4774 		/*
4775 		 * Failed to find iSCSI LUN in HBA chain based
4776 		 * on the GUID that was stored as a property on
4777 		 * the pathinfo node.
4778 		 */
4779 		return (DDI_NOT_WELL_FORMED);
4780 	}
4781 
4782 	if (ilp != ilp_check) {
4783 		/*
4784 		 * The iSCSI target that we found on the HBA link is
4785 		 * different than the iSCSI target that was stored as
4786 		 * private data on the pathinfo node.
4787 		 */
4788 		return (DDI_NOT_WELL_FORMED);
4789 	}
4790 	/*
4791 	 * | End of consistency check				|
4792 	 * +----------------------------------------------------+
4793 	 */
4794 
4795 	hba_tran->tran_tgt_private = ilp;
4796 
4797 	target_port_name[0] = '\0';
4798 	if (ilp->lun_sess->sess_tpgt_conf == ISCSI_DEFAULT_TPGT) {
4799 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4800 		    "%02x%02x%02x%02x%02x%02x,%s",
4801 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4802 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4803 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4804 		    ilp->lun_sess->sess_name);
4805 	} else {
4806 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4807 		    "%02x%02x%02x%02x%02x%02x,%s,%d",
4808 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4809 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4810 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4811 		    ilp->lun_sess->sess_name, ilp->lun_sess->sess_tpgt_conf);
4812 	}
4813 
4814 	if (mdi_prop_update_string(pip,
4815 	    SCSI_ADDR_PROP_TARGET_PORT, target_port_name) != DDI_PROP_SUCCESS) {
4816 		cmn_err(CE_WARN, "iscsi_virt_lun_init: Creating '"
4817 		    SCSI_ADDR_PROP_TARGET_PORT "' property on Path(%p) "
4818 		    "for Target(%s), Lun(%d) Failed",
4819 		    (void *)pip, ilp->lun_sess->sess_name, ilp->lun_num);
4820 	}
4821 
4822 	return (DDI_SUCCESS);
4823 }
4824 
4825 /*
4826  * iscsi_phys_lun_init - attempts to complete a ndi binding
4827  *
4828  * This routine is used to associate the tran_tgt_private to our
4829  * ilp structure.  This function is indirectly called from our
4830  * iscsi_lun_create_xxx routines.  These routines must prevent
4831  * the session and lun lists from changing during this call.
4832  */
4833 static int
4834 iscsi_phys_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
4835     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
4836 {
4837 	int		rtn	= DDI_SUCCESS;
4838 	iscsi_hba_t	*ihp	= NULL;
4839 	iscsi_sess_t	*isp	= NULL;
4840 	iscsi_lun_t	*ilp	= NULL;
4841 	char		target_port_name[MAX_NAME_PROP_SIZE];
4842 	int		*words = NULL;
4843 	uint_t		nwords = 0;
4844 
4845 	ASSERT(hba_dip);
4846 	ASSERT(lun_dip);
4847 	ASSERT(hba_tran);
4848 	ASSERT(sd);
4849 	ihp = (iscsi_hba_t *)hba_tran->tran_hba_private;
4850 	ASSERT(ihp);
4851 
4852 	if (ddi_prop_lookup_int_array(DDI_DEV_T_ANY, lun_dip,
4853 	    DDI_PROP_DONTPASS, LUN_PROP, &words, &nwords) != DDI_PROP_SUCCESS) {
4854 		cmn_err(CE_WARN, "iscsi_phys_lun_init: Returning DDI_FAILURE:"
4855 		    "lun for %s (instance %d)", ddi_get_name(lun_dip),
4856 		    ddi_get_instance(lun_dip));
4857 		return (DDI_FAILURE);
4858 	}
4859 
4860 	if (nwords == 0) {
4861 		ddi_prop_free(words);
4862 		return (DDI_FAILURE);
4863 	}
4864 
4865 	ASSERT(words != NULL);
4866 
4867 	/* See if we already created this session */
4868 
4869 	/* Walk the HBA's session list */
4870 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
4871 		/* compare target name as the unique identifier */
4872 		if (sd->sd_address.a_target == isp->sess_oid) {
4873 			/* found match */
4874 			break;
4875 		}
4876 	}
4877 
4878 	/* If we found matching session continue searching for tgt */
4879 	if (isp != NULL) {
4880 		/*
4881 		 * Search for the matching iscsi lun structure.  We don't
4882 		 * need to hold the READER for the lun list at this point.
4883 		 * because the tran_get_name is being called from the online
4884 		 * function which is already holding a reader on the lun
4885 		 * list.
4886 		 */
4887 		for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
4888 			if (*words == ilp->lun_num) {
4889 				/* found match */
4890 				break;
4891 			}
4892 		}
4893 
4894 		if (ilp != NULL) {
4895 			/*
4896 			 * tgt found path it to the tran_lun_private
4897 			 * this is used later for fast access on
4898 			 * init_pkt and start
4899 			 */
4900 			hba_tran->tran_tgt_private = ilp;
4901 		} else {
4902 			/* tgt not found */
4903 			ddi_prop_free(words);
4904 			return (DDI_FAILURE);
4905 		}
4906 	} else {
4907 		/* sess not found */
4908 		ddi_prop_free(words);
4909 		return (DDI_FAILURE);
4910 	}
4911 	ddi_prop_free(words);
4912 
4913 	target_port_name[0] = '\0';
4914 	if (ilp->lun_sess->sess_tpgt_conf == ISCSI_DEFAULT_TPGT) {
4915 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4916 		    "%02x%02x%02x%02x%02x%02x,%s",
4917 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4918 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4919 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4920 		    ilp->lun_sess->sess_name);
4921 	} else {
4922 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4923 		    "%02x%02x%02x%02x%02x%02x,%s,%d",
4924 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4925 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4926 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4927 		    ilp->lun_sess->sess_name, ilp->lun_sess->sess_tpgt_conf);
4928 	}
4929 
4930 	if (ddi_prop_update_string(DDI_DEV_T_NONE, lun_dip,
4931 	    SCSI_ADDR_PROP_TARGET_PORT, target_port_name) != DDI_PROP_SUCCESS) {
4932 		cmn_err(CE_WARN, "iscsi_phys_lun_init: Creating '"
4933 		    SCSI_ADDR_PROP_TARGET_PORT "' property on Target(%s), "
4934 		    "Lun(%d) Failed", ilp->lun_sess->sess_name, ilp->lun_num);
4935 	}
4936 
4937 	return (rtn);
4938 }
4939 
4940 /*
4941  * +--------------------------------------------------------------------+
4942  * | End of scsi_tran support routines					|
4943  * +--------------------------------------------------------------------+
4944  */
4945 
4946 /*
4947  * +--------------------------------------------------------------------+
4948  * | Begin of struct utility routines					|
4949  * +--------------------------------------------------------------------+
4950  */
4951 
4952 
4953 /*
4954  * iscsi_set_default_login_params - This function sets the
4955  * driver default login params.  This is using during the
4956  * creation of our iSCSI HBA structure initialization by
4957  * could be used at other times to reset back to the defaults.
4958  */
4959 void
4960 iscsi_set_default_login_params(iscsi_login_params_t *params)
4961 {
4962 	params->immediate_data		= ISCSI_DEFAULT_IMMEDIATE_DATA;
4963 	params->initial_r2t		= ISCSI_DEFAULT_INITIALR2T;
4964 	params->first_burst_length	= ISCSI_DEFAULT_FIRST_BURST_LENGTH;
4965 	params->max_burst_length	= ISCSI_DEFAULT_MAX_BURST_LENGTH;
4966 	params->data_pdu_in_order	= ISCSI_DEFAULT_DATA_PDU_IN_ORDER;
4967 	params->data_sequence_in_order	= ISCSI_DEFAULT_DATA_SEQUENCE_IN_ORDER;
4968 	params->default_time_to_wait	= ISCSI_DEFAULT_TIME_TO_WAIT;
4969 	params->default_time_to_retain	= ISCSI_DEFAULT_TIME_TO_RETAIN;
4970 	params->header_digest		= ISCSI_DEFAULT_HEADER_DIGEST;
4971 	params->data_digest		= ISCSI_DEFAULT_DATA_DIGEST;
4972 	params->max_recv_data_seg_len	= ISCSI_DEFAULT_MAX_RECV_SEG_LEN;
4973 	params->max_xmit_data_seg_len	= ISCSI_DEFAULT_MAX_XMIT_SEG_LEN;
4974 	params->max_connections		= ISCSI_DEFAULT_MAX_CONNECTIONS;
4975 	params->max_outstanding_r2t	= ISCSI_DEFAULT_MAX_OUT_R2T;
4976 	params->error_recovery_level	= ISCSI_DEFAULT_ERROR_RECOVERY_LEVEL;
4977 	params->ifmarker		= ISCSI_DEFAULT_IFMARKER;
4978 	params->ofmarker		= ISCSI_DEFAULT_OFMARKER;
4979 }
4980 
4981 /* Helper function to sets the driver default tunable parameters */
4982 static void
4983 iscsi_set_default_tunable_params(iscsi_tunable_params_t *params)
4984 {
4985 	params->recv_login_rsp_timeout = ISCSI_DEFAULT_RX_TIMEOUT_VALUE;
4986 	params->conn_login_max = ISCSI_DEFAULT_CONN_DEFAULT_LOGIN_MAX;
4987 	params->polling_login_delay = ISCSI_DEFAULT_LOGIN_POLLING_DELAY;
4988 }
4989 
4990 /*
4991  * +--------------------------------------------------------------------+
4992  * | End of struct utility routines				     |
4993  * +--------------------------------------------------------------------+
4994  */
4995 
4996 /*
4997  * +--------------------------------------------------------------------+
4998  * | Begin of ioctl utility routines				    |
4999  * +--------------------------------------------------------------------+
5000  */
5001 
5002 /*
5003  * iscsi_get_param - This function is a helper to ISCSI_GET_PARAM
5004  * IOCTL
5005  */
5006 int
5007 iscsi_get_param(iscsi_login_params_t *params, boolean_t valid_flag,
5008     iscsi_param_get_t *ipgp)
5009 {
5010 	int rtn = 0;
5011 
5012 	/* ---- Default to settable, possibly changed later ---- */
5013 	ipgp->g_value.v_valid    = valid_flag;
5014 	ipgp->g_value.v_settable = B_TRUE;
5015 
5016 	switch (ipgp->g_param) {
5017 	/*
5018 	 * Boolean parameters
5019 	 */
5020 	case ISCSI_LOGIN_PARAM_DATA_SEQUENCE_IN_ORDER:
5021 		ipgp->g_value.v_bool.b_current =
5022 		    params->data_sequence_in_order;
5023 		ipgp->g_value.v_bool.b_default =
5024 		    ISCSI_DEFAULT_DATA_SEQUENCE_IN_ORDER;
5025 		break;
5026 	case ISCSI_LOGIN_PARAM_IMMEDIATE_DATA:
5027 		ipgp->g_value.v_bool.b_current =
5028 		    params->immediate_data;
5029 		ipgp->g_value.v_bool.b_default =
5030 		    ISCSI_DEFAULT_IMMEDIATE_DATA;
5031 		break;
5032 	case ISCSI_LOGIN_PARAM_INITIAL_R2T:
5033 		ipgp->g_value.v_bool.b_current =
5034 		    params->initial_r2t;
5035 		ipgp->g_value.v_bool.b_default =
5036 		    ISCSI_DEFAULT_IMMEDIATE_DATA;
5037 		break;
5038 	case ISCSI_LOGIN_PARAM_DATA_PDU_IN_ORDER:
5039 		ipgp->g_value.v_bool.b_current =
5040 		    params->data_pdu_in_order;
5041 		ipgp->g_value.v_bool.b_default =
5042 		    ISCSI_DEFAULT_DATA_PDU_IN_ORDER;
5043 		break;
5044 
5045 	/*
5046 	 * Integer parameters
5047 	 */
5048 	case ISCSI_LOGIN_PARAM_HEADER_DIGEST:
5049 		ipgp->g_value.v_integer.i_current = params->header_digest;
5050 		ipgp->g_value.v_integer.i_default = ISCSI_DEFAULT_HEADER_DIGEST;
5051 		ipgp->g_value.v_integer.i_min = 0;
5052 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_HEADER_DIGEST;
5053 		ipgp->g_value.v_integer.i_incr = 1;
5054 		break;
5055 	case ISCSI_LOGIN_PARAM_DATA_DIGEST:
5056 		ipgp->g_value.v_integer.i_current = params->data_digest;
5057 		ipgp->g_value.v_integer.i_default = ISCSI_DEFAULT_DATA_DIGEST;
5058 		ipgp->g_value.v_integer.i_min = 0;
5059 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_DATA_DIGEST;
5060 		ipgp->g_value.v_integer.i_incr = 1;
5061 		break;
5062 	case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_RETAIN:
5063 		ipgp->g_value.v_integer.i_current =
5064 		    params->default_time_to_retain;
5065 		ipgp->g_value.v_integer.i_default =
5066 		    ISCSI_DEFAULT_TIME_TO_RETAIN;
5067 		ipgp->g_value.v_integer.i_min = 0;
5068 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_TIME2RETAIN;
5069 		ipgp->g_value.v_integer.i_incr = 1;
5070 		break;
5071 	case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_WAIT:
5072 		ipgp->g_value.v_integer.i_current =
5073 		    params->default_time_to_wait;
5074 		ipgp->g_value.v_integer.i_default =
5075 		    ISCSI_DEFAULT_TIME_TO_WAIT;
5076 		ipgp->g_value.v_integer.i_min = 0;
5077 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_TIME2WAIT;
5078 		ipgp->g_value.v_integer.i_incr = 1;
5079 		break;
5080 	case ISCSI_LOGIN_PARAM_ERROR_RECOVERY_LEVEL:
5081 		ipgp->g_value.v_integer.i_current =
5082 		    params->error_recovery_level;
5083 		ipgp->g_value.v_integer.i_default =
5084 		    ISCSI_DEFAULT_ERROR_RECOVERY_LEVEL;
5085 		ipgp->g_value.v_integer.i_min = 0;
5086 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_ERROR_RECOVERY_LEVEL;
5087 		ipgp->g_value.v_integer.i_incr = 1;
5088 		ipgp->g_value.v_settable = B_FALSE;
5089 		break;
5090 	case ISCSI_LOGIN_PARAM_FIRST_BURST_LENGTH:
5091 		ipgp->g_value.v_integer.i_current =
5092 		    params->first_burst_length;
5093 		ipgp->g_value.v_integer.i_default =
5094 		    ISCSI_DEFAULT_FIRST_BURST_LENGTH;
5095 		ipgp->g_value.v_integer.i_min = 512;
5096 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_FIRST_BURST_LENGTH;
5097 		ipgp->g_value.v_integer.i_incr = 1;
5098 		break;
5099 	case ISCSI_LOGIN_PARAM_MAX_BURST_LENGTH:
5100 		ipgp->g_value.v_integer.i_current =
5101 		    params->max_burst_length;
5102 		ipgp->g_value.v_integer.i_default =
5103 		    ISCSI_DEFAULT_MAX_BURST_LENGTH;
5104 		ipgp->g_value.v_integer.i_min = 512;
5105 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_BURST_LENGTH;
5106 		ipgp->g_value.v_integer.i_incr = 1;
5107 		break;
5108 	case ISCSI_LOGIN_PARAM_MAX_CONNECTIONS:
5109 		ipgp->g_value.v_integer.i_current =
5110 		    params->max_connections;
5111 		ipgp->g_value.v_settable = B_FALSE;
5112 		ipgp->g_value.v_integer.i_default =
5113 		    ISCSI_DEFAULT_MAX_CONNECTIONS;
5114 		ipgp->g_value.v_integer.i_min = 1;
5115 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_CONNECTIONS;
5116 		ipgp->g_value.v_integer.i_incr = 1;
5117 		break;
5118 	case ISCSI_LOGIN_PARAM_OUTSTANDING_R2T:
5119 		ipgp->g_value.v_integer.i_current =
5120 		    params->max_outstanding_r2t;
5121 		ipgp->g_value.v_settable = B_FALSE;
5122 		ipgp->g_value.v_integer.i_default =
5123 		    ISCSI_DEFAULT_MAX_OUT_R2T;
5124 		ipgp->g_value.v_integer.i_min = 1;
5125 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_OUTSTANDING_R2T;
5126 		ipgp->g_value.v_integer.i_incr = 1;
5127 		break;
5128 	case ISCSI_LOGIN_PARAM_MAX_RECV_DATA_SEGMENT_LENGTH:
5129 		ipgp->g_value.v_integer.i_current =
5130 		    params->max_recv_data_seg_len;
5131 		ipgp->g_value.v_integer.i_default =
5132 		    ISCSI_DEFAULT_MAX_RECV_SEG_LEN;
5133 		ipgp->g_value.v_integer.i_min = 512;
5134 		ipgp->g_value.v_integer.i_max =
5135 		    ISCSI_MAX_RECV_DATA_SEGMENT_LENGTH;
5136 		ipgp->g_value.v_integer.i_incr = 1;
5137 		break;
5138 	default:
5139 		rtn = EINVAL;
5140 	}
5141 
5142 	return (rtn);
5143 }
5144 
5145 /*
5146  * +--------------------------------------------------------------------+
5147  * | End of ioctl utility routines                                      |
5148  * +--------------------------------------------------------------------+
5149  */
5150 
5151 /*
5152  * iscsi_get_name_from_iqn - Translates a normal iqn/eui into a
5153  * IEEE safe address.  IEEE addresses have a number of characters
5154  * set aside as reserved.
5155  */
5156 static void
5157 iscsi_get_name_from_iqn(char *name, int name_max_len)
5158 {
5159 	char	*tmp		= NULL;
5160 	char	*oldch		= NULL;
5161 	char	*newch		= NULL;
5162 
5163 	tmp = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
5164 
5165 	for (oldch = &name[0], newch = &tmp[0]; *oldch != '\0';
5166 	    oldch++, newch++) {
5167 		switch (*oldch) {
5168 		case ':':
5169 			*newch++ = '%';
5170 			*newch++ = '3';
5171 			*newch = 'A';
5172 			break;
5173 		case ' ':
5174 			*newch++ = '%';
5175 			*newch++ = '2';
5176 			*newch = '0';
5177 			break;
5178 		case '@':
5179 			*newch++ = '%';
5180 			*newch++ = '4';
5181 			*newch = '0';
5182 			break;
5183 		case '/':
5184 			*newch++ = '%';
5185 			*newch++ = '2';
5186 			*newch = 'F';
5187 			break;
5188 		default:
5189 			*newch = *oldch;
5190 		}
5191 	}
5192 	(void) strncpy(name, tmp, name_max_len);
5193 	kmem_free(tmp, MAX_GET_NAME_SIZE);
5194 }
5195 
5196 /*
5197  * iscsi_get_name_to_iqn - Converts IEEE safe address back
5198  * into a iscsi iqn/eui.
5199  */
5200 static void
5201 iscsi_get_name_to_iqn(char *name, int name_max_len)
5202 {
5203 	char	*tmp		= NULL;
5204 	char	*oldch		= NULL;
5205 	char	*newch		= NULL;
5206 
5207 	tmp = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
5208 
5209 	for (oldch = &name[0], newch = &tmp[0]; *oldch != '\0';
5210 	    oldch++, newch++) {
5211 		if (*oldch == '%') {
5212 			switch (*(oldch+1)) {
5213 			case '2':
5214 				if (*(oldch+2) == '0') {
5215 					*newch = ' ';
5216 					oldch += 2;
5217 				} else if (*(oldch+2) == 'F') {
5218 					*newch = '/';
5219 					oldch += 2;
5220 				} else {
5221 					*newch = *oldch;
5222 				}
5223 				break;
5224 			case '3':
5225 				if (*(oldch+2) == 'A') {
5226 					*newch = ':';
5227 					oldch += 2;
5228 				} else {
5229 					*newch = *oldch;
5230 				}
5231 				break;
5232 			case '4':
5233 				if (*(oldch+2) == '0') {
5234 					*newch = '@';
5235 					oldch += 2;
5236 				} else {
5237 					*newch = *oldch;
5238 				}
5239 				break;
5240 			default:
5241 				*newch = *oldch;
5242 			}
5243 		} else {
5244 			*newch = *oldch;
5245 		}
5246 	}
5247 	(void) strncpy(name, tmp, name_max_len);
5248 	kmem_free(tmp, MAX_GET_NAME_SIZE);
5249 }
5250 
5251 /*
5252  * iscsi_get_persisted_param * - a helper to ISCSI_GET_PARAM ioctl
5253  *
5254  * On return 0 means persisted parameter found
5255  */
5256 int
5257 iscsi_get_persisted_param(uchar_t *name, iscsi_param_get_t *ipgp,
5258     iscsi_login_params_t *params)
5259 {
5260 	int rtn = 1;
5261 	persistent_param_t *pparam;
5262 
5263 	if (name == NULL || strlen((char *)name) == 0) {
5264 		return (rtn);
5265 	}
5266 
5267 	pparam = (persistent_param_t *)kmem_zalloc(sizeof (*pparam), KM_SLEEP);
5268 
5269 	if (persistent_param_get((char *)name, pparam) == B_TRUE) {
5270 		if (pparam->p_bitmap & (1 << ipgp->g_param)) {
5271 			/* Found configured parameter. */
5272 			bcopy(&pparam->p_params, params, sizeof (*params));
5273 			rtn = 0;
5274 		}
5275 	}
5276 
5277 	kmem_free(pparam, sizeof (*pparam));
5278 
5279 	return (rtn);
5280 }
5281 
5282 /*
5283  * iscsi_override_target_default - helper function set the target's default
5284  * login parameter if there is a configured initiator parameter.
5285  *
5286  */
5287 static void
5288 iscsi_override_target_default(iscsi_hba_t *ihp, iscsi_param_get_t *ipg)
5289 {
5290 	persistent_param_t *pp;
5291 	iscsi_login_params_t *params;
5292 
5293 	pp = (persistent_param_t *)kmem_zalloc(sizeof (*pp), KM_SLEEP);
5294 	if (persistent_param_get((char *)ihp->hba_name, pp) == B_TRUE) {
5295 		if (pp->p_bitmap & (1 << ipg->g_param)) {
5296 			params = &pp->p_params;
5297 			switch (ipg->g_param) {
5298 			case ISCSI_LOGIN_PARAM_DATA_SEQUENCE_IN_ORDER:
5299 				ipg->g_value.v_bool.b_default =
5300 				    params->data_sequence_in_order;
5301 				break;
5302 			case ISCSI_LOGIN_PARAM_IMMEDIATE_DATA:
5303 				ipg->g_value.v_bool.b_default =
5304 				    params->immediate_data;
5305 				break;
5306 			case ISCSI_LOGIN_PARAM_INITIAL_R2T:
5307 				ipg->g_value.v_bool.b_default =
5308 				    params->initial_r2t;
5309 				break;
5310 			case ISCSI_LOGIN_PARAM_DATA_PDU_IN_ORDER:
5311 				ipg->g_value.v_bool.b_default =
5312 				    params->data_pdu_in_order;
5313 				break;
5314 			case ISCSI_LOGIN_PARAM_HEADER_DIGEST:
5315 				ipg->g_value.v_integer.i_default =
5316 				    params->header_digest;
5317 				break;
5318 			case ISCSI_LOGIN_PARAM_DATA_DIGEST:
5319 				ipg->g_value.v_integer.i_default =
5320 				    params->data_digest;
5321 				break;
5322 			case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_RETAIN:
5323 				ipg->g_value.v_integer.i_default =
5324 				    params->default_time_to_retain;
5325 				break;
5326 			case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_WAIT:
5327 				ipg->g_value.v_integer.i_default =
5328 				    params->default_time_to_wait;
5329 				break;
5330 			case ISCSI_LOGIN_PARAM_ERROR_RECOVERY_LEVEL:
5331 				ipg->g_value.v_integer.i_default =
5332 				    params->error_recovery_level;
5333 				break;
5334 			case ISCSI_LOGIN_PARAM_FIRST_BURST_LENGTH:
5335 				ipg->g_value.v_integer.i_default =
5336 				    params->first_burst_length;
5337 				break;
5338 			case ISCSI_LOGIN_PARAM_MAX_BURST_LENGTH:
5339 				ipg->g_value.v_integer.i_default =
5340 				    params->max_burst_length;
5341 				break;
5342 			case ISCSI_LOGIN_PARAM_MAX_CONNECTIONS:
5343 				ipg->g_value.v_integer.i_default =
5344 				    params->max_connections;
5345 				break;
5346 			case ISCSI_LOGIN_PARAM_OUTSTANDING_R2T:
5347 				ipg->g_value.v_integer.i_default =
5348 				    params->max_outstanding_r2t;
5349 				break;
5350 			case ISCSI_LOGIN_PARAM_MAX_RECV_DATA_SEGMENT_LENGTH:
5351 				ipg->g_value.v_integer.i_default =
5352 				    params->max_xmit_data_seg_len;
5353 				break;
5354 			default:
5355 				break;
5356 			}
5357 		}
5358 	}
5359 	kmem_free(pp, sizeof (*pp));
5360 }
5361 
5362 static boolean_t
5363 iscsi_cmp_boot_sess_oid(iscsi_hba_t *ihp, uint32_t oid)
5364 {
5365 	iscsi_sess_t *isp = NULL;
5366 
5367 	if (iscsi_chk_bootlun_mpxio(ihp)) {
5368 		for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
5369 			if ((isp->sess_oid == oid) && isp->sess_boot) {
5370 				/* oid is session object */
5371 				break;
5372 			}
5373 			if ((isp->sess_target_oid == oid) && isp->sess_boot) {
5374 				/*
5375 				 * oid is target object while
5376 				 * this session is boot session
5377 				 */
5378 				break;
5379 			}
5380 		}
5381 		if (oid == ihp->hba_oid) {
5382 			/* oid is initiator object id */
5383 			return (B_TRUE);
5384 		} else if ((isp != NULL) && (isp->sess_boot)) {
5385 			/* oid is boot session object id */
5386 			return (B_TRUE);
5387 		}
5388 	}
5389 	return (B_FALSE);
5390 }
5391 
5392 /*
5393  * iscsi_client_request_service - request the iSCSI service
5394  *     returns true if the service is enabled and increases the count
5395  *     returns false if the service is disabled
5396  *     blocks until the service status is either enabled or disabled
5397  */
5398 boolean_t
5399 iscsi_client_request_service(iscsi_hba_t *ihp)
5400 {
5401 	boolean_t	rval = B_TRUE;
5402 
5403 	mutex_enter(&ihp->hba_service_lock);
5404 	while ((ihp->hba_service_status == ISCSI_SERVICE_TRANSITION) ||
5405 	    (ihp->hba_service_client_count == UINT_MAX)) {
5406 		cv_wait(&ihp->hba_service_cv, &ihp->hba_service_lock);
5407 	}
5408 	if (ihp->hba_service_status == ISCSI_SERVICE_ENABLED) {
5409 		ihp->hba_service_client_count++;
5410 	} else {
5411 		rval = B_FALSE;
5412 	}
5413 	mutex_exit(&ihp->hba_service_lock);
5414 
5415 	return (rval);
5416 }
5417 
5418 /*
5419  * iscsi_client_release_service - decrease the count and wake up
5420  *     blocking threads if the count reaches zero
5421  */
5422 void
5423 iscsi_client_release_service(iscsi_hba_t *ihp)
5424 {
5425 	mutex_enter(&ihp->hba_service_lock);
5426 	ASSERT(ihp->hba_service_client_count > 0);
5427 	ihp->hba_service_client_count--;
5428 	if (ihp->hba_service_client_count == 0) {
5429 		cv_broadcast(&ihp->hba_service_cv);
5430 	}
5431 	mutex_exit(&ihp->hba_service_lock);
5432 }
5433 
5434 /*
5435  * iscsi_enter_service_zone - enter the service zone, should be called
5436  * before doing any modifications to the service status
5437  * return TRUE if the zone is entered
5438  *	  FALSE if no need to enter the zone
5439  */
5440 static boolean_t
5441 iscsi_enter_service_zone(iscsi_hba_t *ihp, uint32_t status)
5442 {
5443 	if ((status != ISCSI_SERVICE_ENABLED) &&
5444 	    (status != ISCSI_SERVICE_DISABLED)) {
5445 		return (B_FALSE);
5446 	}
5447 
5448 	mutex_enter(&ihp->hba_service_lock);
5449 	while (ihp->hba_service_status == ISCSI_SERVICE_TRANSITION) {
5450 		cv_wait(&ihp->hba_service_cv, &ihp->hba_service_lock);
5451 	}
5452 	if (ihp->hba_service_status == status) {
5453 		mutex_exit(&ihp->hba_service_lock);
5454 		return (B_FALSE);
5455 	}
5456 	ihp->hba_service_status = ISCSI_SERVICE_TRANSITION;
5457 	while (ihp->hba_service_client_count > 0) {
5458 		cv_wait(&ihp->hba_service_cv, &ihp->hba_service_lock);
5459 	}
5460 	mutex_exit(&ihp->hba_service_lock);
5461 	return (B_TRUE);
5462 }
5463 
5464 /*
5465  * iscsi_exit_service_zone - exits the service zone and wakes up waiters
5466  */
5467 static void
5468 iscsi_exit_service_zone(iscsi_hba_t *ihp, uint32_t status)
5469 {
5470 	if ((status != ISCSI_SERVICE_ENABLED) &&
5471 	    (status != ISCSI_SERVICE_DISABLED)) {
5472 		return;
5473 	}
5474 
5475 	mutex_enter(&ihp->hba_service_lock);
5476 	ASSERT(ihp->hba_service_status == ISCSI_SERVICE_TRANSITION);
5477 	ihp->hba_service_status = status;
5478 	cv_broadcast(&ihp->hba_service_cv);
5479 	mutex_exit(&ihp->hba_service_lock);
5480 }
5481 
5482 static void
5483 iscsi_check_miniroot(iscsi_hba_t *ihp)
5484 {
5485 	if (strncmp(rootfs.bo_name, "/ramdisk", 8) == 0) {
5486 		/*
5487 		 * in miniroot we don't have the persistent store
5488 		 * so just to need to ensure an enabled status
5489 		 */
5490 		ihp->hba_service_status = ISCSI_SERVICE_ENABLED;
5491 	}
5492 }
5493 
5494 static void
5495 iscsi_get_tunable_default(iscsi_tunable_object_t *param)
5496 {
5497 	int	param_id = 0;
5498 
5499 	param_id = 1 << (param->t_param - 1);
5500 	param->t_set = B_FALSE;
5501 	switch (param_id) {
5502 	case ISCSI_TUNABLE_PARAM_RX_TIMEOUT_VALUE:
5503 		param->t_value.v_integer = ISCSI_DEFAULT_RX_TIMEOUT_VALUE;
5504 		break;
5505 	case ISCSI_TUNABLE_PARAM_LOGIN_POLLING_DELAY:
5506 		param->t_value.v_integer = ISCSI_DEFAULT_LOGIN_POLLING_DELAY;
5507 		break;
5508 	case ISCSI_TUNABLE_PARAM_CONN_LOGIN_MAX:
5509 		param->t_value.v_integer = ISCSI_DEFAULT_CONN_DEFAULT_LOGIN_MAX;
5510 		break;
5511 	default:
5512 		break;
5513 	}
5514 }
5515 
5516 /*
5517  * iscsi_get_persisted_tunable_param * - a helper to ISCSI_TUNABLE_PARAM_GET
5518  * ioctl
5519  * return:
5520  *    0		persisted tunable parameter found
5521  *    1		persisted tunable parameter not found
5522  */
5523 static int
5524 iscsi_get_persisted_tunable_param(uchar_t *name, iscsi_tunable_object_t *tpsg)
5525 {
5526 	int rtn = 1;
5527 	int param_id = 0;
5528 	persistent_tunable_param_t *pparam;
5529 
5530 	if ((name == NULL) || strlen((char *)name) == 0) {
5531 		return (rtn);
5532 	}
5533 
5534 	tpsg->t_set = B_FALSE;
5535 	pparam = (persistent_tunable_param_t *)kmem_zalloc(sizeof (*pparam),
5536 	    KM_SLEEP);
5537 	if (persistent_get_tunable_param((char *)name, pparam) == B_TRUE) {
5538 		if (pparam->p_bitmap & (1 << (tpsg->t_param - 1))) {
5539 			tpsg->t_set = B_TRUE;
5540 			param_id = 1 << (tpsg->t_param - 1);
5541 			switch (param_id) {
5542 			case ISCSI_TUNABLE_PARAM_RX_TIMEOUT_VALUE:
5543 				tpsg->t_value.v_integer =
5544 				    pparam->p_params.recv_login_rsp_timeout;
5545 				break;
5546 			case ISCSI_TUNABLE_PARAM_LOGIN_POLLING_DELAY:
5547 				tpsg->t_value.v_integer =
5548 				    pparam->p_params.polling_login_delay;
5549 				break;
5550 			case ISCSI_TUNABLE_PARAM_CONN_LOGIN_MAX:
5551 				tpsg->t_value.v_integer =
5552 				    pparam->p_params.conn_login_max;
5553 				break;
5554 			default:
5555 				break;
5556 			}
5557 			rtn = 0;
5558 		}
5559 	}
5560 
5561 	kmem_free(pparam, sizeof (*pparam));
5562 
5563 	return (rtn);
5564 }
5565