xref: /illumos-gate/usr/src/uts/common/io/scsi/adapters/iscsi/iscsi.c (revision 968633ad8faee931821fd6b656eb0d96d4b186c0)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2000 by Cisco Systems, Inc.  All rights reserved.
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  *
26  * iSCSI Software Initiator
27  */
28 
29 /*
30  * Framework interface routines for iSCSI
31  */
32 #include "iscsi.h"		/* main header */
33 #include <sys/scsi/adapters/iscsi_if.h>		/* ioctl interfaces */
34 #include <sys/scsi/adapters/iscsi_protocol.h>
35 /* protocol structs and defines */
36 
37 #include "iscsi_targetparam.h"
38 #include "persistent.h"
39 #include <sys/scsi/adapters/iscsi_door.h>
40 #include <sys/dlpi.h>
41 #include <sys/utsname.h>
42 #include "isns_client.h"
43 #include "isns_protocol.h"
44 
45 #define	ISCSI_NAME_VERSION	"iSCSI Initiator v-1.55"
46 
47 #define	MAX_GET_NAME_SIZE	1024
48 #define	MAX_NAME_PROP_SIZE	256
49 #define	UNDEFINED		-1
50 
51 /*
52  * +--------------------------------------------------------------------+
53  * | iscsi globals                                                      |
54  * +--------------------------------------------------------------------+
55  */
56 void		*iscsi_state;
57 kmutex_t	iscsi_oid_mutex;
58 uint32_t	iscsi_oid;
59 int		iscsi_nop_delay		= ISCSI_DEFAULT_NOP_DELAY;
60 int		iscsi_rx_window		= ISCSI_DEFAULT_RX_WINDOW;
61 int		iscsi_rx_max_window	= ISCSI_DEFAULT_RX_MAX_WINDOW;
62 
63 /*
64  * +--------------------------------------------------------------------+
65  * | iscsi.c prototypes							|
66  * +--------------------------------------------------------------------+
67  */
68 static int iscsi_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd,
69     void *arg, void **result);
70 static int iscsi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd);
71 static int iscsi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd);
72 
73 /* scsi_tran prototypes */
74 static int iscsi_tran_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
75     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
76 static int iscsi_tran_lun_probe(struct scsi_device *sd, int (*callback) ());
77 static struct scsi_pkt *iscsi_tran_init_pkt(struct scsi_address *ap,
78     struct scsi_pkt *pkt, struct buf *bp, int cmdlen, int statuslen,
79     int tgtlen, int flags, int (*callback) (), caddr_t arg);
80 static void iscsi_tran_lun_free(dev_info_t *hba_dip, dev_info_t *lun_dip,
81     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
82 static int iscsi_tran_start(struct scsi_address *ap, struct scsi_pkt *pkt);
83 static int iscsi_tran_abort(struct scsi_address *ap, struct scsi_pkt *pkt);
84 static int iscsi_tran_reset(struct scsi_address *ap, int level);
85 static int iscsi_tran_getcap(struct scsi_address *ap, char *cap, int whom);
86 static int iscsi_tran_setcap(struct scsi_address *ap, char *cap,
87     int value, int whom);
88 static void iscsi_tran_destroy_pkt(struct scsi_address *ap,
89     struct scsi_pkt *pkt);
90 static void iscsi_tran_dmafree(struct scsi_address *ap,
91     struct scsi_pkt *pkt);
92 static void iscsi_tran_sync_pkt(struct scsi_address *ap,
93     struct scsi_pkt *pkt);
94 static void iscsi_tran_sync_pkt(struct scsi_address *ap,
95     struct scsi_pkt *pkt);
96 static int iscsi_tran_reset_notify(struct scsi_address *ap, int flag,
97     void (*callback) (caddr_t), caddr_t arg);
98 static int iscsi_tran_bus_config(dev_info_t *parent, uint_t flags,
99     ddi_bus_config_op_t op, void *arg, dev_info_t **childp);
100 static int iscsi_tran_bus_unconfig(dev_info_t *parent, uint_t flags,
101     ddi_bus_config_op_t op, void *arg);
102 static int iscsi_tran_get_name(struct scsi_device *sd, char *name, int len);
103 static int iscsi_tran_get_bus_addr(struct scsi_device *sd, char *name, int len);
104 
105 /* bus_ops prototypes */
106 /* LINTED E_STATIC_UNUSED */
107 static ddi_intrspec_t iscsi_get_intrspec(dev_info_t *dip, dev_info_t *rdip,
108     uint_t inumber);
109 /* LINTED E_STATIC_UNUSED */
110 static int iscsi_add_intrspec(dev_info_t *dip, dev_info_t *rdip,
111     ddi_intrspec_t intrspec, ddi_iblock_cookie_t *iblock_cookiep,
112     ddi_idevice_cookie_t *idevice_cookiep, uint_t (*int_handler)(caddr_t
113     int_handler_arg), caddr_t int_handler_arg, int kind);
114 /* LINTED E_STATIC_UNUSED */
115 static void iscsi_remove_intrspec(dev_info_t *dip, dev_info_t *rdip,
116     ddi_intrspec_t intrspec, ddi_iblock_cookie_t iblock_cookie);
117 /* LINTED E_STATIC_UNUSED */
118 static int iscsi_ctl(dev_info_t *dip, dev_info_t *rdip, ddi_ctl_enum_t ctlop,
119     void *arg, void *result);
120 
121 /* cb_ops prototypes */
122 static int iscsi_open(dev_t *devp, int flags, int otyp, cred_t *credp);
123 static int iscsi_close(dev_t dev, int flag, int otyp, cred_t *credp);
124 /* --- iscsi_ioctl is called by the discovery code so needs to be global --- */
125 int iscsi_ioctl(dev_t dev, int cmd, intptr_t arg, int mode,
126     cred_t *credp, int *rvalp);
127 
128 int iscsi_get_persisted_param(uchar_t *name,
129     iscsi_param_get_t *ipgp,
130     iscsi_login_params_t *params);
131 static void iscsi_override_target_default(iscsi_hba_t *ihp,
132     iscsi_param_get_t *ipg);
133 
134 /* scsi_tran helpers */
135 static int iscsi_virt_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
136     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
137 static int iscsi_phys_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
138     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
139 static int iscsi_i_commoncap(struct scsi_address *ap, char *cap,
140     int val, int lunonly, int doset);
141 static void iscsi_get_name_to_iqn(char *name, int name_max_len);
142 static void iscsi_get_name_from_iqn(char *name, int name_max_len);
143 
144 /* struct helpers prototypes */
145 
146 /*
147  * At this point this driver doesn't need this structure because nothing
148  * is done during the open, close or ioctl. Code put in place because
149  * some admin related work might be done in the ioctl routine.
150  */
151 static struct cb_ops iscsi_cb_ops = {
152 	iscsi_open,			/* open */
153 	iscsi_close,			/* close */
154 	nodev,				/* strategy */
155 	nodev,				/* print */
156 	nodev,				/* dump */
157 	nodev,				/* read */
158 	nodev,				/* write */
159 	iscsi_ioctl,			/* ioctl */
160 	nodev,				/* devmap */
161 	nodev,				/* mmap */
162 	nodev,				/* segmap */
163 	nochpoll,			/* poll */
164 	ddi_prop_op,			/* prop_op */
165 	NULL,				/* streamtab */
166 	D_NEW | D_MP | D_HOTPLUG,	/* flags */
167 	CB_REV,				/* cb_rev */
168 	nodev,				/* aread */
169 	nodev,				/* awrite */
170 };
171 
172 static struct dev_ops iscsi_dev_ops = {
173 	DEVO_REV,		/* devo_rev */
174 	0,			/* refcnt */
175 	iscsi_getinfo,		/* getinfo */
176 	nulldev,		/* identify */
177 	nulldev,		/* probe */
178 	iscsi_attach,		/* attach */
179 	iscsi_detach,		/* detach */
180 	nodev,			/* reset */
181 	&iscsi_cb_ops,		/* driver operations */
182 	NULL,			/* bus ops */
183 	NULL,			/* power management */
184 };
185 
186 static struct modldrv modldrv = {
187 	&mod_driverops,		/* drv_modops */
188 	ISCSI_NAME_VERSION,	/* drv_linkinfo */
189 	&iscsi_dev_ops		/* drv_dev_ops */
190 };
191 
192 static struct modlinkage modlinkage = {
193 	MODREV_1,		/* ml_rev */
194 	&modldrv,		/* ml_linkage[] */
195 	NULL			/* NULL termination */
196 };
197 
198 /*
199  * This structure is bogus. scsi_hba_attach_setup() requires, as in the kernel
200  * will panic if you don't pass this in to the routine, this information.
201  * Need to determine what the actual impact to the system is by providing
202  * this information if any. Since dma allocation is done in pkt_init it may
203  * not have any impact. These values are straight from the Writing Device
204  * Driver manual.
205  */
206 static ddi_dma_attr_t iscsi_dma_attr = {
207 	DMA_ATTR_V0,	/* ddi_dma_attr version */
208 	0,		/* low address */
209 	0xffffffff,	/* high address */
210 	0x00ffffff,	/* counter upper bound */
211 	1,		/* alignment requirements */
212 	0x3f,		/* burst sizes */
213 	1,		/* minimum DMA access */
214 	0xffffffff,	/* maximum DMA access */
215 	(1 << 24) - 1,	/* segment boundary restrictions */
216 	1,		/* scater/gather list length */
217 	512,		/* device granularity */
218 	0		/* DMA flags */
219 };
220 
221 /*
222  * _init - General driver init entry
223  */
224 int
225 _init(void)
226 {
227 	int rval = 0;
228 
229 	iscsi_net_init();
230 
231 	mutex_init(&iscsi_oid_mutex, NULL, MUTEX_DRIVER, NULL);
232 	iscsi_oid = ISCSI_INITIATOR_OID;
233 
234 	/*
235 	 * Set up the soft state structures. If this driver is actually
236 	 * being attached to the system then we'll have at least one
237 	 * HBA/NIC used.
238 	 */
239 	rval = ddi_soft_state_init(&iscsi_state,
240 	    sizeof (iscsi_hba_t), 1);
241 	if (rval != 0) {
242 		iscsi_net_fini();
243 		goto init_done;
244 	}
245 
246 	rval = scsi_hba_init(&modlinkage);
247 	if (rval != 0) {
248 		ddi_soft_state_fini(&iscsi_state);
249 		iscsi_net_fini();
250 		goto init_done;
251 	}
252 
253 	rval = mod_install(&modlinkage);
254 	if (rval != 0) {
255 		ddi_soft_state_fini(&iscsi_state);
256 		scsi_hba_fini(&modlinkage);
257 		iscsi_net_fini();
258 		goto init_done;
259 	}
260 	(void) iscsi_door_ini();
261 
262 init_done:
263 	return (rval);
264 }
265 
266 /*
267  * _fini - General driver destructor entry
268  */
269 int
270 _fini(void)
271 {
272 	int rval = 0;
273 
274 	rval = mod_remove(&modlinkage);
275 	if (rval == 0) {
276 		scsi_hba_fini(&modlinkage);
277 		ddi_soft_state_fini(&iscsi_state);
278 		mutex_destroy(&iscsi_oid_mutex);
279 		(void) iscsi_door_term();
280 		iscsi_net_fini();
281 	}
282 	return (rval);
283 }
284 
285 /*
286  * _info - General driver info entry
287  */
288 int
289 _info(struct modinfo *mp)
290 {
291 	int rval = 0;
292 
293 	rval = mod_info(&modlinkage, mp);
294 
295 	return (rval);
296 }
297 
298 
299 /*
300  * +--------------------------------------------------------------------+
301  * | Start of dev_ops routines					  |
302  * +--------------------------------------------------------------------+
303  */
304 
305 /*
306  * iscsi_getinfo - returns general driver information
307  */
308 /* ARGSUSED */
309 static int
310 iscsi_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd,
311     void *arg, void **result)
312 {
313 	int		rval		= DDI_SUCCESS;
314 	int		instance	= getminor((dev_t)arg);
315 	iscsi_hba_t	*ip;
316 
317 	switch (infocmd) {
318 	case DDI_INFO_DEVT2DEVINFO:
319 		if ((ip = ddi_get_soft_state(iscsi_state, instance)) == NULL) {
320 			return (DDI_FAILURE);
321 		}
322 		*result = ip->hba_dip;
323 		if (ip->hba_dip == NULL)
324 			rval = DDI_FAILURE;
325 		else
326 			rval = DDI_SUCCESS;
327 		break;
328 
329 	case DDI_INFO_DEVT2INSTANCE:
330 		*result = (void *)(uintptr_t)instance;
331 		rval = DDI_SUCCESS;
332 		break;
333 
334 	default:
335 		rval = DDI_FAILURE;
336 		break;
337 	}
338 	return (rval);
339 }
340 
341 
342 /*
343  * iscsi_attach -- Attach instance of an iSCSI HBA.  We
344  * will attempt to create our HBA and register it with
345  * scsi_vhci.  If it's not possible to create the HBA
346  * or register with vhci we will fail the attach.
347  */
348 static int
349 iscsi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
350 {
351 	int			rval		= DDI_SUCCESS;
352 	int			instance	= ddi_get_instance(dip);
353 	iscsi_hba_t		*ihp		= NULL;
354 	scsi_hba_tran_t		*tran		= NULL;
355 	char			init_port_name[MAX_NAME_PROP_SIZE];
356 
357 	switch (cmd) {
358 	case DDI_ATTACH:
359 		/* create iSCSH HBA devctl device node */
360 		if (ddi_create_minor_node(dip, ISCSI_DEVCTL, S_IFCHR, 0,
361 		    DDI_PSEUDO, 0) == DDI_SUCCESS) {
362 
363 			/* allocate HBA soft state */
364 			if (ddi_soft_state_zalloc(iscsi_state, instance) !=
365 			    DDI_SUCCESS) {
366 				ddi_remove_minor_node(dip, NULL);
367 				rval = DDI_FAILURE;
368 				break;
369 			}
370 
371 			/* get reference to soft state */
372 			if ((ihp = (iscsi_hba_t *)ddi_get_soft_state(
373 			    iscsi_state, instance)) == NULL) {
374 				ddi_remove_minor_node(dip, NULL);
375 				ddi_soft_state_free(iscsi_state, instance);
376 				rval = DDI_FAILURE;
377 				break;
378 			}
379 
380 			/* init HBA mutex used to protect discovery events */
381 			mutex_init(&ihp->hba_discovery_events_mutex, NULL,
382 			    MUTEX_DRIVER, NULL);
383 
384 			/*
385 			 * init SendTargets semaphore that is used to allow
386 			 * only one operation at a time
387 			 */
388 			sema_init(&ihp->hba_sendtgts_semaphore, 1, NULL,
389 			    SEMA_DRIVER, NULL);
390 
391 			ihp->hba_sess_list = NULL;
392 			rw_init(&ihp->hba_sess_list_rwlock, NULL,
393 			    RW_DRIVER, NULL);
394 
395 			/* allocate scsi_hba_tran */
396 			if ((tran = scsi_hba_tran_alloc(dip, SCSI_HBA_CANSLEEP))
397 			    == NULL) {
398 				ddi_remove_minor_node(dip, NULL);
399 				goto iscsi_attach_failed2;
400 			}
401 
402 			/* soft state setup */
403 			ihp->hba_sig	= ISCSI_SIG_HBA;
404 			ihp->hba_tran	= tran;
405 			ihp->hba_dip	= dip;
406 
407 			mutex_enter(&iscsi_oid_mutex);
408 			ihp->hba_oid		  = iscsi_oid++;
409 			mutex_exit(&iscsi_oid_mutex);
410 
411 			ihp->hba_name[0]	  = '\0';
412 			ihp->hba_name_length	  = 0;
413 			ihp->hba_alias_length	  = 0;
414 			ihp->hba_alias[0]	  = '\0';
415 
416 			iscsi_net->tweaks.rcvbuf = ddi_prop_get_int(
417 			    DDI_DEV_T_ANY, ihp->hba_dip, 0, "so-rcvbuf",
418 			    ISCSI_SOCKET_RCVBUF_SIZE);
419 
420 			iscsi_net->tweaks.sndbuf = ddi_prop_get_int(
421 			    DDI_DEV_T_ANY, ihp->hba_dip, 0, "so-sndbuf",
422 			    ISCSI_SOCKET_SNDBUF_SIZE);
423 
424 			iscsi_net->tweaks.nodelay = ddi_prop_get_int(
425 			    DDI_DEV_T_ANY, ihp->hba_dip, 0, "tcp-nodelay",
426 			    ISCSI_TCP_NODELAY_DEFAULT);
427 
428 			iscsi_net->tweaks.conn_notify_threshold =
429 			    ddi_prop_get_int(DDI_DEV_T_ANY,
430 			    ihp->hba_dip, 0, "tcp-conn-notify-threshold",
431 			    ISCSI_TCP_CNOTIFY_THRESHOLD_DEFAULT);
432 
433 			iscsi_net->tweaks.conn_abort_threshold =
434 			    ddi_prop_get_int(DDI_DEV_T_ANY, ihp->hba_dip,
435 			    0, "tcp-conn-abort-threshold",
436 			    ISCSI_TCP_CABORT_THRESHOLD_DEFAULT);
437 
438 			iscsi_net->tweaks.abort_threshold = ddi_prop_get_int(
439 			    DDI_DEV_T_ANY, ihp->hba_dip, 0,
440 			    "tcp-abort-threshold",
441 			    ISCSI_TCP_ABORT_THRESHOLD_DEFAULT);
442 
443 			ihp->hba_config_storm_delay = ddi_prop_get_int(
444 			    DDI_DEV_T_ANY, ihp->hba_dip, 0,
445 			    "config-storm-delay",
446 			    ISCSI_CONFIG_STORM_DELAY_DEFAULT);
447 
448 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
449 			    "so-rcvbuf", iscsi_net->tweaks.rcvbuf);
450 
451 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
452 			    "so-sndbuf", iscsi_net->tweaks.sndbuf);
453 
454 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
455 			    "tcp-nodelay", iscsi_net->tweaks.nodelay);
456 
457 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
458 			    "tcp-conn-notify-threshold",
459 			    iscsi_net->tweaks.conn_notify_threshold);
460 
461 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
462 			    "tcp-conn-abort-threshold",
463 			    iscsi_net->tweaks.conn_abort_threshold);
464 
465 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
466 			    "tcp-abort-threshold",
467 			    iscsi_net->tweaks.abort_threshold);
468 
469 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
470 			    "config-storm-delay",
471 			    ihp->hba_config_storm_delay);
472 
473 			/* setup hba defaults */
474 			iscsi_set_default_login_params(&ihp->hba_params);
475 
476 			/* hba set up */
477 			tran->tran_hba_private  = ihp;
478 			tran->tran_tgt_private  = NULL;
479 			tran->tran_tgt_init	= iscsi_tran_lun_init;
480 			tran->tran_tgt_probe	= iscsi_tran_lun_probe;
481 			tran->tran_tgt_free	= iscsi_tran_lun_free;
482 			tran->tran_start	= iscsi_tran_start;
483 			tran->tran_abort	= iscsi_tran_abort;
484 			tran->tran_reset	= iscsi_tran_reset;
485 			tran->tran_getcap	= iscsi_tran_getcap;
486 			tran->tran_setcap	= iscsi_tran_setcap;
487 			tran->tran_init_pkt	= iscsi_tran_init_pkt;
488 			tran->tran_destroy_pkt	= iscsi_tran_destroy_pkt;
489 			tran->tran_dmafree	= iscsi_tran_dmafree;
490 			tran->tran_sync_pkt	= iscsi_tran_sync_pkt;
491 			tran->tran_reset_notify	= iscsi_tran_reset_notify;
492 			tran->tran_bus_config	= iscsi_tran_bus_config;
493 			tran->tran_bus_unconfig	= iscsi_tran_bus_unconfig;
494 
495 			tran->tran_get_name	= iscsi_tran_get_name;
496 			tran->tran_get_bus_addr	= iscsi_tran_get_bus_addr;
497 			tran->tran_interconnect_type = INTERCONNECT_ISCSI;
498 
499 			/* register scsi hba with scsa */
500 			if (scsi_hba_attach_setup(dip, &iscsi_dma_attr,
501 			    tran, SCSI_HBA_TRAN_CLONE) != DDI_SUCCESS) {
502 				goto iscsi_attach_failed1;
503 			}
504 
505 			/* register scsi hba with mdi (MPxIO/vhci) */
506 			if (mdi_phci_register(MDI_HCI_CLASS_SCSI, dip, 0) !=
507 			    MDI_SUCCESS) {
508 				ihp->hba_mpxio_enabled = B_FALSE;
509 			} else {
510 				ihp->hba_mpxio_enabled = B_TRUE;
511 			}
512 
513 			(void) iscsi_hba_kstat_init(ihp);
514 
515 			/* Initialize targetparam list */
516 			iscsi_targetparam_init();
517 
518 			/* Initialize ISID */
519 			ihp->hba_isid[0] = ISCSI_SUN_ISID_0;
520 			ihp->hba_isid[1] = ISCSI_SUN_ISID_1;
521 			ihp->hba_isid[2] = ISCSI_SUN_ISID_2;
522 			ihp->hba_isid[3] = ISCSI_SUN_ISID_3;
523 			ihp->hba_isid[4] = ISCSI_SUN_ISID_4;
524 			ihp->hba_isid[5] = ISCSI_SUN_ISID_5;
525 
526 			/* Setup iSNS transport services and client */
527 			isns_client_init();
528 
529 			/*
530 			 * initialize the discovery processes and
531 			 * persistent store.
532 			 */
533 			if (iscsid_init(ihp, B_FALSE) == B_FALSE) {
534 				goto iscsi_attach_failed0;
535 			}
536 
537 			/* Setup init_port_name for MPAPI */
538 			(void) snprintf(init_port_name, MAX_NAME_PROP_SIZE,
539 			    "%s,%02x%02x%02x%02x%02x%02x",
540 			    (char *)ihp->hba_name, ihp->hba_isid[0],
541 			    ihp->hba_isid[1], ihp->hba_isid[2],
542 			    ihp->hba_isid[3], ihp->hba_isid[4],
543 			    ihp->hba_isid[5]);
544 
545 			if (ddi_prop_update_string(DDI_DEV_T_NONE, dip,
546 			    "initiator-port", init_port_name) !=
547 			    DDI_PROP_SUCCESS) {
548 				cmn_err(CE_WARN, "iscsi_attach: Creating "
549 				    "initiator-port property on iSCSI "
550 				    "HBA(%s) with dip(%d) Failed",
551 				    (char *)ihp->hba_name,
552 				    ddi_get_instance(dip));
553 			}
554 
555 			ddi_report_dev(dip);
556 		} else {
557 			rval = DDI_FAILURE;
558 		}
559 		break;
560 
561 iscsi_attach_failed0:
562 		isns_client_cleanup();
563 		if (ihp->stats.ks) {
564 			(void) iscsi_hba_kstat_term(ihp);
565 		}
566 		if (ihp->hba_mpxio_enabled == B_TRUE) {
567 			(void) mdi_phci_unregister(dip, 0);
568 		}
569 		(void) scsi_hba_detach(ihp->hba_dip);
570 iscsi_attach_failed1:
571 		ddi_remove_minor_node(dip, NULL);
572 		ddi_prop_remove_all(ihp->hba_dip);
573 		scsi_hba_tran_free(tran);
574 iscsi_attach_failed2:
575 		mutex_destroy(&ihp->hba_discovery_events_mutex);
576 		sema_destroy(&ihp->hba_sendtgts_semaphore);
577 		rw_destroy(&ihp->hba_sess_list_rwlock);
578 		ddi_soft_state_free(iscsi_state, instance);
579 		rval = DDI_FAILURE;
580 		break;
581 
582 	case DDI_RESUME:
583 		break;
584 
585 	default:
586 		rval = DDI_FAILURE;
587 	}
588 
589 	if (rval != DDI_SUCCESS) {
590 		cmn_err(CE_WARN, "iscsi driver unable to attach "
591 		    "hba instance %d", instance);
592 	}
593 
594 	return (rval);
595 }
596 
597 /*
598  * iscsi_detach - called on unload of hba instance
599  */
600 static int
601 iscsi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
602 {
603 	int			rval		= DDI_SUCCESS;
604 	scsi_hba_tran_t		*tran		= NULL;
605 	iscsi_hba_t		*ihp		= NULL;
606 	iscsi_hba_t		*ihp_check	= NULL;
607 	int			instance;
608 	char			*init_node_name;
609 
610 	instance = ddi_get_instance(dip);
611 
612 	switch (cmd) {
613 	case DDI_DETACH:
614 		if (!(tran = (scsi_hba_tran_t *)ddi_get_driver_private(dip))) {
615 			rval = DDI_SUCCESS;
616 			break;
617 		}
618 
619 		if ((ihp = (iscsi_hba_t *)tran->tran_hba_private) == NULL) {
620 			rval =  DDI_FAILURE;
621 			break;
622 		}
623 
624 		/*
625 		 * Validate that what is stored by the DDI framework is still
626 		 * the same state structure referenced by the SCSI framework
627 		 */
628 		ihp_check = ddi_get_soft_state(iscsi_state, instance);
629 		if (ihp_check != ihp) {
630 			rval = DDI_FAILURE;
631 			break;
632 		}
633 
634 		/* If a session exists we can't safely detach */
635 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
636 		if (ihp->hba_sess_list != NULL) {
637 			rw_exit(&ihp->hba_sess_list_rwlock);
638 			rval = DDI_FAILURE;
639 			break;
640 		}
641 		rw_exit(&ihp->hba_sess_list_rwlock);
642 
643 		/* Disable all discovery services */
644 		if (iscsid_disable_discovery(ihp,
645 		    ISCSI_ALL_DISCOVERY_METHODS) == B_FALSE) {
646 			/* Disable failed.  Fail detach */
647 			rval = DDI_FAILURE;
648 			break;
649 		}
650 
651 		/* Deregister from iSNS server(s). */
652 		init_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
653 		if (persistent_initiator_name_get(init_node_name,
654 		    ISCSI_MAX_NAME_LEN) == B_TRUE) {
655 			if (strlen(init_node_name) > 0) {
656 				(void) isns_dereg(ihp->hba_isid,
657 				    (uint8_t *)init_node_name);
658 			}
659 		}
660 		kmem_free(init_node_name, ISCSI_MAX_NAME_LEN);
661 		init_node_name = NULL;
662 
663 		/* Cleanup iSNS Client */
664 		isns_client_cleanup();
665 
666 		iscsi_targetparam_cleanup();
667 
668 		/* Cleanup iscsid resources */
669 		iscsid_fini();
670 
671 		if (rval != DDI_SUCCESS) {
672 			break;
673 		}
674 		/* kstat hba. destroy */
675 		KSTAT_DEC_HBA_CNTR_SESS(ihp);
676 
677 		if (ihp->hba_mpxio_enabled == B_TRUE) {
678 			(void) mdi_phci_unregister(dip, 0);
679 		}
680 		ddi_remove_minor_node(dip, NULL);
681 
682 		ddi_prop_remove_all(ihp->hba_dip);
683 		mutex_destroy(&ihp->hba_discovery_events_mutex);
684 		rw_destroy(&ihp->hba_sess_list_rwlock);
685 		(void) iscsi_hba_kstat_term(ihp);
686 
687 		(void) scsi_hba_detach(dip);
688 		if (tran != NULL) {
689 			scsi_hba_tran_free(tran);
690 		}
691 		ddi_soft_state_free(iscsi_state, instance);
692 		break;
693 	default:
694 		break;
695 	}
696 
697 	if (rval != DDI_SUCCESS) {
698 		cmn_err(CE_WARN, "iscsi driver unable to "
699 		    "detach hba instance %d", instance);
700 	}
701 
702 	return (rval);
703 }
704 
705 /*
706  * +--------------------------------------------------------------------+
707  * | End of dev_ops routines						|
708  * +--------------------------------------------------------------------+
709  */
710 
711 /*
712  * +--------------------------------------------------------------------+
713  * | scsi_tran(9E) routines						|
714  * +--------------------------------------------------------------------+
715  */
716 
717 /*
718  * iscsi_tran_lun_init - Find target device based on SCSI device
719  * Based on the information given (SCSI device, target dev_info) find
720  * the target iSCSI device and put a pointer to that information in
721  * the scsi_hba_tran_t structure.
722  */
723 static int
724 iscsi_tran_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
725     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
726 {
727 	int		rval	= 0;
728 	int		type	= 0;
729 
730 	ASSERT(hba_tran->tran_hba_private != NULL);
731 
732 	/*
733 	 * Child node is getting initialized.  Look at the mpxio component
734 	 * type on the child device to see if this device is mpxio managed
735 	 * or not.
736 	 */
737 	type = mdi_get_component_type(lun_dip);
738 	if (type != MDI_COMPONENT_CLIENT) {
739 		rval = iscsi_phys_lun_init(hba_dip, lun_dip, hba_tran, sd);
740 	} else {
741 		rval = iscsi_virt_lun_init(hba_dip, lun_dip, hba_tran, sd);
742 	}
743 
744 	return (rval);
745 }
746 
747 /*
748  * iscsi_tran_lun_probe - This function didn't need to be implemented.
749  * We could have left NULL in the tran table.  Since this isn't a
750  * performance path this seems safe.  We are just wrappering the
751  * function so we can see the call go through if we have debugging
752  * enabled.
753  */
754 static int
755 iscsi_tran_lun_probe(struct scsi_device *sd, int (*callback) ())
756 {
757 	int rval = 0;
758 
759 	rval = scsi_hba_probe(sd, callback);
760 
761 	return (rval);
762 }
763 
764 /*
765  * iscsi_init_pkt - Allocate SCSI packet and fill in required info.
766  */
767 /* ARGSUSED */
768 static struct scsi_pkt *
769 iscsi_tran_init_pkt(struct scsi_address *ap, struct scsi_pkt *pkt,
770     struct buf *bp, int cmdlen, int statuslen, int tgtlen, int flags,
771     int (*callback) (), caddr_t arg)
772 {
773 	iscsi_lun_t *ilp;
774 	iscsi_cmd_t *icmdp;
775 
776 	ASSERT(ap != NULL);
777 	ASSERT(callback == NULL_FUNC || callback == SLEEP_FUNC);
778 
779 	/*
780 	 * The software stack doesn't have DMA which means the iSCSI
781 	 * protocol layer will be doing a bcopy from bp to outgoing
782 	 * streams buffers. Make sure that the buffer is mapped in
783 	 * so that the copy won't panic the system.
784 	 */
785 	if (bp && bp_mapin_common(bp, (callback == NULL_FUNC) ?
786 	    VM_NOSLEEP : VM_SLEEP) == NULL) {
787 		return (NULL);
788 	}
789 
790 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
791 	ASSERT(ilp != NULL);
792 
793 	if (pkt == NULL) {
794 		pkt = scsi_hba_pkt_alloc(ilp->lun_sess->sess_hba->hba_dip,
795 		    ap, cmdlen, statuslen, tgtlen, sizeof (iscsi_cmd_t),
796 		    callback, arg);
797 		if (pkt == NULL) {
798 			return (NULL);
799 		}
800 		icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
801 		icmdp->cmd_sig			= ISCSI_SIG_CMD;
802 		icmdp->cmd_state		= ISCSI_CMD_STATE_FREE;
803 		icmdp->cmd_lun			= ilp;
804 		icmdp->cmd_type			= ISCSI_CMD_TYPE_SCSI;
805 		/* add the report lun addressing type on to the lun */
806 		icmdp->cmd_un.scsi.lun		= ilp->lun_addr_type << 14;
807 		icmdp->cmd_un.scsi.lun		= icmdp->cmd_un.scsi.lun |
808 		    ilp->lun_num;
809 		icmdp->cmd_un.scsi.pkt		= pkt;
810 		icmdp->cmd_un.scsi.bp		= bp;
811 		icmdp->cmd_un.scsi.cmdlen	= cmdlen;
812 		icmdp->cmd_un.scsi.statuslen	= statuslen;
813 		icmdp->cmd_crc_error_seen	= B_FALSE;
814 		icmdp->cmd_internal		= B_FALSE;
815 		icmdp->cmd_free			= B_FALSE;
816 		mutex_init(&icmdp->cmd_mutex, NULL, MUTEX_DRIVER, NULL);
817 		cv_init(&icmdp->cmd_completion, NULL, CV_DRIVER, NULL);
818 
819 		pkt->pkt_address		= *ap;
820 		pkt->pkt_comp			= (void (*)())NULL;
821 		pkt->pkt_flags			= 0;
822 		pkt->pkt_time			= 0;
823 		pkt->pkt_resid			= 0;
824 		pkt->pkt_statistics		= 0;
825 		pkt->pkt_reason			= 0;
826 	}
827 	return (pkt);
828 }
829 
830 /*
831  * iscsi_tran_lun_free - Free a SCSI LUN
832  */
833 static void
834 iscsi_tran_lun_free(dev_info_t *hba_dip, dev_info_t *lun_dip,
835     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
836 {
837 	iscsi_lun_t *ilp = NULL;
838 
839 	ASSERT(hba_dip != NULL);
840 	ASSERT(lun_dip != NULL);
841 	ASSERT(hba_tran != NULL);
842 	ASSERT(sd != NULL);
843 	ilp = (iscsi_lun_t *)hba_tran->tran_tgt_private;
844 	ASSERT(ilp != NULL);
845 
846 	(void) mdi_prop_remove(ilp->lun_pip, NULL);
847 }
848 
849 /*
850  * iscsi_start -- Start a SCSI transaction based on the packet
851  * This will attempt to add the icmdp to the pending queue
852  * for the connection and kick the queue.  If the enqueue
853  * fails that means the queue is full.
854  */
855 static int
856 iscsi_tran_start(struct scsi_address *ap, struct scsi_pkt *pkt)
857 {
858 	iscsi_lun_t	*ilp		= NULL;
859 	iscsi_sess_t	*isp		= NULL;
860 	iscsi_cmd_t	*icmdp		= NULL;
861 	uint_t		flags;
862 
863 	ASSERT(ap != NULL);
864 	ASSERT(pkt != NULL);
865 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
866 	isp = (iscsi_sess_t *)ilp->lun_sess;
867 	icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
868 	flags = pkt->pkt_flags;
869 	ASSERT(ilp != NULL);
870 	ASSERT(isp != NULL);
871 	ASSERT(icmdp != NULL);
872 
873 	/*
874 	 * If the session is in the FREE state then
875 	 * all connections are down and retries have
876 	 * been exhausted.  Fail command with fatal error.
877 	 */
878 	mutex_enter(&isp->sess_state_mutex);
879 	if (isp->sess_state == ISCSI_SESS_STATE_FREE) {
880 		mutex_exit(&isp->sess_state_mutex);
881 		return (TRAN_FATAL_ERROR);
882 	}
883 
884 	/*
885 	 * If the session is not in LOGGED_IN then we have
886 	 * no connections LOGGED_IN, but we haven't exhuasted
887 	 * our retries.  Fail the command with busy so the
888 	 * caller might try again later.  Once retries are
889 	 * exhausted the state machine will move us to FREE.
890 	 */
891 	if (isp->sess_state != ISCSI_SESS_STATE_LOGGED_IN) {
892 		mutex_exit(&isp->sess_state_mutex);
893 		return (TRAN_BUSY);
894 	}
895 
896 	/*
897 	 * If we haven't received data from the target in the
898 	 * max specified period something is wrong with the
899 	 * transport.  Fail IO with FATAL_ERROR.
900 	 */
901 	if (isp->sess_rx_lbolt + SEC_TO_TICK(iscsi_rx_max_window) <
902 	    ddi_get_lbolt()) {
903 		mutex_exit(&isp->sess_state_mutex);
904 		return (TRAN_FATAL_ERROR);
905 	}
906 
907 	/*
908 	 * If we haven't received data from the target in the
909 	 * specified period something is probably wrong with
910 	 * the transport.  Just return back BUSY until either
911 	 * the problem is resolved of the transport fails.
912 	 */
913 	if (isp->sess_rx_lbolt + SEC_TO_TICK(iscsi_rx_window) <
914 	    ddi_get_lbolt()) {
915 		mutex_exit(&isp->sess_state_mutex);
916 		return (TRAN_BUSY);
917 	}
918 
919 
920 	/* reset cmd values in case upper level driver is retrying cmd */
921 	icmdp->cmd_prev = icmdp->cmd_next = NULL;
922 	icmdp->cmd_crc_error_seen = B_FALSE;
923 	icmdp->cmd_lbolt_pending = icmdp->cmd_lbolt_active =
924 	    icmdp->cmd_lbolt_aborting = icmdp->cmd_lbolt_timeout =
925 	    (clock_t)NULL;
926 	icmdp->cmd_itt = icmdp->cmd_ttt = 0;
927 	icmdp->cmd_un.scsi.abort_icmdp = NULL;
928 
929 	mutex_enter(&isp->sess_queue_pending.mutex);
930 	iscsi_cmd_state_machine(icmdp, ISCSI_CMD_EVENT_E1, isp);
931 	mutex_exit(&isp->sess_queue_pending.mutex);
932 	mutex_exit(&isp->sess_state_mutex);
933 
934 	/*
935 	 * If this packet doesn't have FLAG_NOINTR set, it could have
936 	 * already run to completion (and the memory freed) at this
937 	 * point, so check our local copy of pkt_flags.  Otherwise we
938 	 * have to wait for completion before returning to the caller.
939 	 */
940 	if (flags & FLAG_NOINTR) {
941 		mutex_enter(&icmdp->cmd_mutex);
942 		while ((icmdp->cmd_state != ISCSI_CMD_STATE_COMPLETED) ||
943 		    (icmdp->cmd_un.scsi.r2t_icmdp != NULL) ||
944 		    (icmdp->cmd_un.scsi.abort_icmdp != NULL)) {
945 			cv_wait(&icmdp->cmd_completion, &icmdp->cmd_mutex);
946 		}
947 		icmdp->cmd_state = ISCSI_CMD_STATE_FREE;
948 		mutex_exit(&icmdp->cmd_mutex);
949 	}
950 
951 	return (TRAN_ACCEPT);
952 }
953 
954 /*
955  * iscsi_tran_abort - Called when an upper level application
956  * or driver wants to kill a scsi_pkt that was already sent to
957  * this driver.
958  */
959 /* ARGSUSED */
960 static int
961 iscsi_tran_abort(struct scsi_address *ap, struct scsi_pkt *pkt)
962 {
963 	return (0);
964 }
965 
966 /*
967  * iscsi_tran_reset - Reset target at either BUS, TARGET, or LUN
968  * level.  This will require the issuing of a task management
969  * command down to the target/lun.
970  */
971 static int
972 iscsi_tran_reset(struct scsi_address *ap, int level)
973 {
974 	int		rval    = ISCSI_STATUS_INTERNAL_ERROR;
975 	iscsi_sess_t	*isp    = NULL;
976 	iscsi_lun_t	*ilp    = NULL;
977 
978 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
979 	ASSERT(ilp != NULL);
980 	isp = ilp->lun_sess;
981 	ASSERT(isp != NULL);
982 
983 	switch (level) {
984 	case RESET_LUN:
985 		/* reset attempt will block until attempt is complete */
986 		rval = iscsi_handle_reset(isp, level, ilp);
987 		break;
988 	case RESET_BUS:
989 		/*
990 		 * What are we going to realy reset the ethernet
991 		 * network!?  Just fall through to a target reset.
992 		 */
993 	case RESET_TARGET:
994 		/* reset attempt will block until attempt is complete */
995 		rval = iscsi_handle_reset(isp, level, NULL);
996 		break;
997 	case RESET_ALL:
998 	default:
999 		break;
1000 	}
1001 
1002 	return (ISCSI_SUCCESS(rval) ? 1 : 0);
1003 }
1004 
1005 /*
1006  * iscsi_tran_getcap - Get target/lun capabilities.
1007  */
1008 static int
1009 iscsi_tran_getcap(struct scsi_address *ap, char *cap, int whom)
1010 {
1011 	return (iscsi_i_commoncap(ap, cap, 0, whom, 0));
1012 }
1013 
1014 
1015 /*
1016  * iscsi_tran_setcap - Set target/lun capabilities.
1017  */
1018 /* ARGSUSED */
1019 static int
1020 iscsi_tran_setcap(struct scsi_address *ap, char *cap, int value, int whom)
1021 {
1022 	return (iscsi_i_commoncap(ap, cap, 0, whom, 1));
1023 }
1024 
1025 
1026 /*
1027  * iscsi_tran_destroy_pkt - Clean up packet
1028  */
1029 static void
1030 iscsi_tran_destroy_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
1031 {
1032 	iscsi_cmd_t	*icmdp;
1033 
1034 	icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
1035 
1036 	ASSERT(icmdp != NULL);
1037 	ASSERT(icmdp->cmd_sig == ISCSI_SIG_CMD);
1038 	ASSERT(icmdp->cmd_state == ISCSI_CMD_STATE_FREE);
1039 
1040 	mutex_destroy(&icmdp->cmd_mutex);
1041 	cv_destroy(&icmdp->cmd_completion);
1042 	scsi_hba_pkt_free(ap, pkt);
1043 }
1044 
1045 /*
1046  * iscsi_tran_dmafree - This is a software driver, NO DMA
1047  */
1048 /* ARGSUSED */
1049 static void
1050 iscsi_tran_dmafree(struct scsi_address *ap, struct scsi_pkt *pkt)
1051 {
1052 	/*
1053 	 * The iSCSI interface doesn't deal with DMA
1054 	 */
1055 }
1056 
1057 /*
1058  * iscsi_tran_sync_pkt - This is a software driver, NO DMA
1059  */
1060 /* ARGSUSED */
1061 static void
1062 iscsi_tran_sync_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
1063 {
1064 	/*
1065 	 * The iSCSI interface doesn't deal with DMA
1066 	 */
1067 }
1068 
1069 /*
1070  * iscsi_tran_reset_notify - We don't support BUS_RESET so there
1071  * is no point in support callback.
1072  */
1073 /* ARGSUSED */
1074 static int
1075 iscsi_tran_reset_notify(struct scsi_address *ap, int flag,
1076     void (*callback) (caddr_t), caddr_t arg)
1077 {
1078 
1079 	/*
1080 	 * We never do BUS_RESETS so allowing this call
1081 	 * back to register has no point?
1082 	 */
1083 	return (DDI_SUCCESS);
1084 }
1085 
1086 
1087 /*
1088  * iscsi_tran_bus_config - on demand device configuration
1089  *
1090  * iscsi_tran_bus_config is called by the NDI layer at the completion
1091  * of a dev_node creation.  There are two primary cases defined in this
1092  * function.  The first is BUS_CONFIG_ALL.  In this case the NDI is trying
1093  * to identify that targets/luns are available configured at that point
1094  * in time.  It is safe to just complete the process succcessfully.  The
1095  * second case is a new case that was defined in S10 for devfs.  BUS_CONFIG_ONE
1096  * this is to help driver the top down discovery instead of bottom up.  If
1097  * we receive a BUS_CONFIG_ONE we should check to see if the <addr> exists
1098  * if so complete successfull processing.  Otherwise we should call the
1099  * deamon and see if we can plumb the <addr>.  If it is possible to plumb the
1100  * <addr> block until plumbing is complete.  In both cases of being able to
1101  * plumb <addr> or not continue with successfull processing.
1102  */
1103 static int
1104 iscsi_tran_bus_config(dev_info_t *parent, uint_t flags,
1105     ddi_bus_config_op_t op, void *arg, dev_info_t **childp)
1106 {
1107 	int		rval	= NDI_SUCCESS;
1108 	iscsi_hba_t	*ihp	= NULL;
1109 	int		iflags	= flags;
1110 	char		*name	= NULL;
1111 	char		*ptr	= NULL;
1112 
1113 	/* get reference to soft state */
1114 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1115 	    ddi_get_instance(parent));
1116 	if (ihp == NULL) {
1117 		return (NDI_FAILURE);
1118 	}
1119 
1120 	/* lock so only one config operation occrs */
1121 	sema_p(&iscsid_config_semaphore);
1122 
1123 	switch (op) {
1124 	case BUS_CONFIG_ONE:
1125 		/* parse target name out of name given */
1126 		if ((ptr = strchr((char *)arg, '@')) == NULL) {
1127 			rval = NDI_FAILURE;
1128 			break;
1129 		}
1130 		ptr++;		/* move past '@' */
1131 		name = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
1132 		(void) strncpy(name, ptr, MAX_GET_NAME_SIZE);
1133 		/* We need to strip the LUN */
1134 		if ((ptr = strchr(name, ',')) == NULL) {
1135 			rval = NDI_FAILURE;
1136 			kmem_free(name, MAX_GET_NAME_SIZE);
1137 			name = NULL;
1138 			break;
1139 		}
1140 		/* We also need to strip the 4 bytes of hex TPGT */
1141 		ptr -= 4;
1142 		if (ptr <= name) {
1143 			rval = NDI_FAILURE;
1144 			kmem_free(name, MAX_GET_NAME_SIZE);
1145 			name = NULL;
1146 			break;
1147 		}
1148 		*ptr = '\0';		/* NULL terminate */
1149 
1150 		/* translate name back to original iSCSI name */
1151 		iscsi_get_name_to_iqn(name, MAX_GET_NAME_SIZE);
1152 
1153 		/* configure target, skip 4 byte ISID */
1154 		iscsid_config_one(ihp, (name+4), B_TRUE);
1155 
1156 		kmem_free(name, MAX_GET_NAME_SIZE);
1157 		name = NULL;
1158 
1159 		/*
1160 		 * DDI group instructed us to use this flag.
1161 		 */
1162 		iflags |= NDI_MDI_FALLBACK;
1163 		break;
1164 	case BUS_CONFIG_DRIVER:
1165 		/* FALLTHRU */
1166 	case BUS_CONFIG_ALL:
1167 		iscsid_config_all(ihp, B_TRUE);
1168 		break;
1169 	default:
1170 		rval = NDI_FAILURE;
1171 		break;
1172 	}
1173 
1174 	if (rval == NDI_SUCCESS) {
1175 		rval = ndi_busop_bus_config(parent, iflags,
1176 		    op, arg, childp, 0);
1177 	}
1178 	sema_v(&iscsid_config_semaphore);
1179 
1180 	return (rval);
1181 }
1182 
1183 /*
1184  * iscsi_tran_bus_unconfig - on demand device unconfiguration
1185  *
1186  * Called by the os framework under low resource situations.
1187  * It will attempt to unload our minor nodes (logical units
1188  * ndi/mdi nodes).
1189  */
1190 static int
1191 iscsi_tran_bus_unconfig(dev_info_t *parent, uint_t flag,
1192     ddi_bus_config_op_t op, void *arg)
1193 {
1194 	return (ndi_busop_bus_unconfig(parent, flag, op, arg));
1195 }
1196 
1197 
1198 /*
1199  * iscsi_tran_get_name - create private /devices name for LUN
1200  *
1201  * This creates the <addr> in /devices/iscsi/<driver>@<addr>
1202  * path.  For this <addr> we return the <session/target_name>,<lun num>
1203  * Where <target_name> is an <iqn/eui/...> as defined by the iSCSI
1204  * specification.  We do modify the name slightly so that it still
1205  * complies with the IEEE <addr> naming scheme.  This means that we
1206  * will substitute out the ':', '@', ... and other reserved characters
1207  * defined in the IEEE definition with '%<hex value of special char>'
1208  * This routine is indirectly called by iscsi_lun_create_xxx.  These
1209  * calling routines must prevent the session and lun lists from changing
1210  * during this routine.
1211  */
1212 static int
1213 iscsi_tran_get_name(struct scsi_device *sd, char *name, int len)
1214 {
1215 	int		target		= 0;
1216 	int		lun		= 0;
1217 	iscsi_hba_t	*ihp		= NULL;
1218 	iscsi_sess_t	*isp		= NULL;
1219 	iscsi_lun_t	*ilp		= NULL;
1220 	dev_info_t	*lun_dip	= NULL;
1221 
1222 	ASSERT(sd != NULL);
1223 	ASSERT(name != NULL);
1224 	lun_dip = sd->sd_dev;
1225 	ASSERT(lun_dip != NULL);
1226 
1227 	/* get reference to soft state */
1228 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1229 	    ddi_get_instance(ddi_get_parent(lun_dip)));
1230 	if (ihp == NULL) {
1231 		name[0] = '\0';
1232 		return (0);
1233 	}
1234 
1235 	/* Get the target num */
1236 	target = ddi_prop_get_int(DDI_DEV_T_ANY, sd->sd_dev,
1237 	    DDI_PROP_DONTPASS, TARGET_PROP, 0);
1238 
1239 	/* Get the target num */
1240 	lun = ddi_prop_get_int(DDI_DEV_T_ANY, sd->sd_dev,
1241 	    DDI_PROP_DONTPASS, LUN_PROP, 0);
1242 
1243 	/*
1244 	 * Now we need to find our ilp by walking the lists
1245 	 * off the ihp and isp.
1246 	 */
1247 	/* See if we already created this session */
1248 
1249 	/* Walk the HBA's session list */
1250 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
1251 		/* compare target name as the unique identifier */
1252 		if (target == isp->sess_oid) {
1253 			/* found match */
1254 			break;
1255 		}
1256 	}
1257 
1258 	/* If we found matching session continue searching for tgt */
1259 	if (isp == NULL) {
1260 		/* sess not found */
1261 		name[0] = '\0';
1262 		return (0);
1263 	}
1264 
1265 	/*
1266 	 * Search for the matching iscsi lun structure.  We don't
1267 	 * need to hold the READER for the lun list at this point.
1268 	 * because the tran_get_name is being called from the online
1269 	 * function which is already holding a reader on the lun
1270 	 * list.
1271 	 */
1272 	for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
1273 		if (lun == ilp->lun_num) {
1274 			/* found match */
1275 			break;
1276 		}
1277 	}
1278 
1279 	if (ilp == NULL) {
1280 		/* tgt not found */
1281 		name[0] = '\0';
1282 		return (0);
1283 	}
1284 
1285 	/* Ensure enough space for lun_addr is available */
1286 	ASSERT(ilp->lun_addr != NULL);
1287 	if ((strlen(ilp->lun_addr) + 1) > len) {
1288 		return (0);
1289 	}
1290 
1291 	/* copy lun_addr name */
1292 	(void) strcpy(name, ilp->lun_addr);
1293 
1294 	/*
1295 	 * Based on IEEE-1275 we can't have any ':', ' ', '@', or '/'
1296 	 * characters in our naming.  So replace all those characters
1297 	 * with '-'
1298 	 */
1299 	iscsi_get_name_from_iqn(name, len);
1300 
1301 	return (1);
1302 }
1303 
1304 /*
1305  * iscsi_tran_get_bus_addr - This returns a human readable string
1306  * for the bus address.  Examining most other drivers fcp, etc.  They
1307  * all just return the same string as tran_get_name.  In our case
1308  * our tran get name is already some what usable so leave alone.
1309  */
1310 static int
1311 iscsi_tran_get_bus_addr(struct scsi_device *sd, char *name, int len)
1312 {
1313 	return (iscsi_tran_get_name(sd, name, len));
1314 }
1315 
1316 
1317 /*
1318  * +--------------------------------------------------------------------+
1319  * | End of scsi_tran routines					  |
1320  * +--------------------------------------------------------------------+
1321  */
1322 
1323 /*
1324  * +--------------------------------------------------------------------+
1325  * | Start of cb_ops routines					   |
1326  * +--------------------------------------------------------------------+
1327  */
1328 
1329 /*
1330  * iscsi_open - Driver should be made IOCTL MT safe.  Otherwise
1331  * this function needs updated.
1332  */
1333 /* ARGSUSED */
1334 static int
1335 iscsi_open(dev_t *devp, int flags, int otyp, cred_t *credp)
1336 {
1337 	return (0);
1338 }
1339 
1340 /*
1341  * iscsi_close -
1342  */
1343 /* ARGSUSED */
1344 static int
1345 iscsi_close(dev_t dev, int flags, int otyp, cred_t *credp)
1346 {
1347 	return (0);
1348 }
1349 
1350 /*
1351  * iscsi_ioctl -
1352  */
1353 /* ARGSUSED */
1354 int
1355 iscsi_ioctl(dev_t dev, int cmd, intptr_t arg, int mode,
1356     cred_t *credp, int *rvalp)
1357 {
1358 	int			rtn		= 0;
1359 	int			instance	= 0;
1360 	int			list_space	= 0;
1361 	int			lun_sz		= 0;
1362 	int			did;
1363 	iscsi_hba_t		*ihp		= NULL;
1364 	iscsi_sess_t		*isp		= NULL;
1365 	iscsi_conn_t		*icp		= NULL;
1366 	iscsi_login_params_t	*params		= NULL;
1367 	iscsi_login_params_t	*tmpParams	= NULL;
1368 	uchar_t			*name		= NULL;
1369 	dev_info_t		*lun_dip	= NULL;
1370 
1371 	entry_t			    e;
1372 	iscsi_oid_t		    oid;
1373 	iscsi_property_t	    *ipp;
1374 	iscsi_static_property_t	    *ispp;
1375 	iscsi_param_get_t	    *ilg;
1376 	iscsi_param_set_t	    *ils;
1377 	iscsi_target_list_t	    idl, *idlp		= NULL;
1378 	iscsi_addr_list_t	    ial, *ialp		= NULL;
1379 	iscsi_chap_props_t	    *chap		= NULL;
1380 	iscsi_radius_props_t	    *radius		= NULL;
1381 	iscsi_auth_props_t	    *auth		= NULL;
1382 	iscsi_lun_list_t	    *ll, *llp		= NULL;
1383 	iscsi_lun_props_t	    *lun		= NULL;
1384 	iscsi_lun_t		    *ilp 		= NULL;
1385 	iSCSIDiscoveryMethod_t	    method;
1386 	iSCSIDiscoveryProperties_t  discovery_props;
1387 	iscsi_uscsi_t		    iu;
1388 	iscsi_uscsi_t		    iu_caller;
1389 #ifdef _MULTI_DATAMODEL
1390 	/* For use when a 32 bit app makes a call into a 64 bit ioctl */
1391 	iscsi_uscsi32_t		    iu32_caller;
1392 	model_t			    model;
1393 #endif /* _MULTI_DATAMODEL */
1394 	void			    *void_p;
1395 	iscsi_sendtgts_list_t	*stl_hdr;
1396 	iscsi_sendtgts_list_t	*istl;
1397 	int			stl_sz;
1398 	iscsi_target_entry_t	*target;
1399 	uint32_t		old_oid;
1400 	uint32_t		target_oid;
1401 	iscsi_targetparam_entry_t *curr_entry;
1402 	char			*initiator_node_name;
1403 	char			*initiator_node_alias;
1404 	isns_portal_group_list_t    *pg_list = NULL;
1405 	isns_server_portal_group_list_t    *server_pg_list_hdr = NULL;
1406 	isns_server_portal_group_list_t    *server_pg_list = NULL;
1407 	int			pg_list_sz, pg_sz_copy_out, server_pg_list_sz;
1408 	iscsi_config_sess_t	*ics;
1409 	int			size;
1410 	boolean_t		rval;
1411 	char			init_port_name[MAX_NAME_PROP_SIZE];
1412 	iscsi_sockaddr_t	addr_dsc;
1413 
1414 	instance = getminor(dev);
1415 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state, instance);
1416 	if (ihp == NULL)
1417 		return (EFAULT);
1418 
1419 	switch (cmd) {
1420 	/*
1421 	 * ISCSI_CREATE_OID - Create a Object IDentifier for a TargetName
1422 	 */
1423 	case ISCSI_CREATE_OID:
1424 		if (ddi_copyin((caddr_t)arg, &oid, sizeof (oid), mode)) {
1425 			rtn = EFAULT;
1426 			break;
1427 		}
1428 		if (oid.o_vers != ISCSI_INTERFACE_VERSION) {
1429 			rtn = EINVAL;
1430 			break;
1431 		}
1432 
1433 		/* Set the target that this session is associated with */
1434 		oid.o_oid = iscsi_targetparam_get_oid(oid.o_name);
1435 
1436 		if (ddi_copyout(&oid, (caddr_t)arg, sizeof (oid), mode)) {
1437 			rtn = EFAULT;
1438 			break;
1439 		}
1440 		break;
1441 	/*
1442 	 * ISCSI_PARAM_GET - Get param for specified
1443 	 * connection/session.
1444 	 */
1445 	case ISCSI_PARAM_GET:
1446 		/* copyin user args */
1447 		ilg = (iscsi_param_get_t *)kmem_alloc(sizeof (*ilg), KM_SLEEP);
1448 		if (ddi_copyin((caddr_t)arg, ilg, sizeof (*ilg), mode)) {
1449 			rtn = EFAULT;
1450 			kmem_free(ilg, sizeof (*ilg));
1451 			break;
1452 		}
1453 
1454 		if (ilg->g_vers != ISCSI_INTERFACE_VERSION) {
1455 			rtn = EINVAL;
1456 			kmem_free(ilg, sizeof (*ilg));
1457 			break;
1458 		}
1459 
1460 		/* handle special case for Initiator name */
1461 		if (ilg->g_param == ISCSI_LOGIN_PARAM_INITIATOR_NAME) {
1462 			(void) strlcpy((char *)ilg->g_value.v_name,
1463 			    (char *)ihp->hba_name, ISCSI_MAX_NAME_LEN);
1464 		} else if (ilg->g_param == ISCSI_LOGIN_PARAM_INITIATOR_ALIAS) {
1465 			if (ihp->hba_alias_length == 0) {
1466 				rtn = EINVAL;
1467 			} else {
1468 				(void) strlcpy((char *)ilg->g_value.v_name,
1469 				    (char *)ihp->hba_alias, ISCSI_MAX_NAME_LEN);
1470 			}
1471 		} else {
1472 			/* To describe the validity of the requested param */
1473 			boolean_t valid_flag = B_TRUE;
1474 
1475 			name = NULL;
1476 
1477 			/*
1478 			 * switch login based if looking for initiator
1479 			 * params
1480 			 */
1481 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1482 			if (ilg->g_oid == ihp->hba_oid) {
1483 				/* initiator */
1484 				params = &ihp->hba_params;
1485 				name = ihp->hba_name;
1486 				if (iscsi_get_persisted_param(name,
1487 				    ilg, params) != 0) {
1488 					valid_flag = B_FALSE;
1489 				}
1490 			} else {
1491 				/*
1492 				 * If the oid does represent a session check
1493 				 * to see if it is a target oid.  If so,
1494 				 * return the target's associated session.
1495 				 */
1496 				rtn = iscsi_sess_get(ilg->g_oid, ihp, &isp);
1497 				if (rtn != 0) {
1498 					rtn = iscsi_sess_get_by_target(
1499 					    ilg->g_oid, ihp, &isp);
1500 				}
1501 
1502 				/*
1503 				 * If rtn is zero then we have found an
1504 				 * existing session.  Use the session name to
1505 				 * do param lookup.  If rtn is non-zero then
1506 				 * create a targetparam object and use its name
1507 				 * for param lookup.
1508 				 */
1509 				if (rtn == 0) {
1510 					name = isp->sess_name;
1511 					params = &isp->sess_params;
1512 				} else {
1513 					name =
1514 					    iscsi_targetparam_get_name(
1515 					    ilg->g_oid);
1516 					if (ilg->g_param_type ==
1517 					    ISCSI_SESS_PARAM) {
1518 						tmpParams =
1519 						    (iscsi_login_params_t *)
1520 						    kmem_alloc(
1521 						    sizeof (*tmpParams),
1522 						    KM_SLEEP);
1523 						params = tmpParams;
1524 					}
1525 					rtn = 0;
1526 				}
1527 
1528 				if (name == NULL) {
1529 					rw_exit(
1530 					    &ihp->hba_sess_list_rwlock);
1531 					rtn = EFAULT;
1532 					kmem_free(ilg, sizeof (*ilg));
1533 					if (tmpParams != NULL)
1534 						kmem_free(tmpParams,
1535 						    sizeof (*tmpParams));
1536 
1537 					break;
1538 				}
1539 
1540 				if (ilg->g_param_type == ISCSI_SESS_PARAM) {
1541 					/* session */
1542 					/*
1543 					 * Update sess_params with the
1544 					 * latest params from the
1545 					 * persistent store.
1546 					 */
1547 					if (iscsi_get_persisted_param(name,
1548 					    ilg, params) != 0) {
1549 						/*
1550 						 * If the parameter in
1551 						 * question is not
1552 						 * overriden, no effect
1553 						 * on existing session
1554 						 * parameters. However,
1555 						 * the parameter is
1556 						 * marked invalid
1557 						 * (from the standpoint
1558 						 * of whether it is
1559 						 * overriden).
1560 						 */
1561 						valid_flag = B_FALSE;
1562 					}
1563 				} else if (ilg->g_param_type ==
1564 				    ISCSI_CONN_PARAM && isp != NULL) {
1565 					/* connection */
1566 					rw_enter(&isp->sess_conn_list_rwlock,
1567 					    RW_READER);
1568 					/* Assuming 1 conn per sess. */
1569 					/*
1570 					 * MC/S - Need to be modified to
1571 					 * take g_conn_cid into account when
1572 					 * we go multi-connection.
1573 					 */
1574 					if ((isp->sess_conn_act != NULL) &&
1575 					    (isp->sess_conn_act->conn_state ==
1576 					    ISCSI_CONN_STATE_LOGGED_IN)) {
1577 						params = &(isp->
1578 						    sess_conn_act->
1579 						    conn_params);
1580 					} else {
1581 						valid_flag = B_FALSE;
1582 					}
1583 					rw_exit(&isp->sess_conn_list_rwlock);
1584 				}
1585 			}
1586 
1587 			/* make sure we have params to get info from */
1588 			if (params) {
1589 				rtn = iscsi_get_param(params, valid_flag, ilg);
1590 
1591 				/*
1592 				 * for target parameters, check if any
1593 				 * parameters were overridden at the initiator
1594 				 * level. If so, then change the default value
1595 				 * to the initiator's overridden value
1596 				 */
1597 				if ((rtn == 0) &&
1598 				    (ilg->g_oid != ihp->hba_oid)) {
1599 					iscsi_override_target_default(ihp,
1600 					    ilg);
1601 				}
1602 			}
1603 			rw_exit(&ihp->hba_sess_list_rwlock);
1604 		}
1605 
1606 		if (rtn == 0) {
1607 			rtn = ddi_copyout(ilg, (caddr_t)arg,
1608 			    sizeof (iscsi_param_get_t), mode);
1609 		}
1610 		kmem_free(ilg, sizeof (*ilg));
1611 		if (tmpParams != NULL)
1612 			kmem_free(tmpParams, sizeof (*tmpParams));
1613 		break;
1614 
1615 	/*
1616 	 * ISCSI_INIT_NODE_NAME_SET - Change the initiator-node name for
1617 	 * the specified connection/session.
1618 	 */
1619 	case ISCSI_INIT_NODE_NAME_SET:
1620 		/* copyin user args */
1621 		ils = (iscsi_param_set_t *)kmem_alloc(sizeof (*ils), KM_SLEEP);
1622 		if (ddi_copyin((caddr_t)arg, ils, sizeof (*ils), mode)) {
1623 			rtn = EFAULT;
1624 			kmem_free(ils, sizeof (*ils));
1625 			break;
1626 		}
1627 
1628 		if (ils->s_vers != ISCSI_INTERFACE_VERSION) {
1629 			rtn = EINVAL;
1630 			kmem_free(ils, sizeof (*ils));
1631 			break;
1632 		}
1633 
1634 		/* saving off the old initiator-node name */
1635 		initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1636 		rval = persistent_initiator_name_get(initiator_node_name,
1637 		    ISCSI_MAX_NAME_LEN);
1638 
1639 		rtn = iscsi_set_params(ils, ihp, B_TRUE);
1640 		kmem_free(ils, sizeof (*ils));
1641 		if (rtn != 0) {
1642 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
1643 			return (rtn);
1644 		}
1645 
1646 		(void) snprintf(init_port_name, MAX_NAME_PROP_SIZE,
1647 		    "%s,%02x%02x%02x%02x%02x%02x",
1648 		    (char *)ihp->hba_name, ihp->hba_isid[0],
1649 		    ihp->hba_isid[1], ihp->hba_isid[2],
1650 		    ihp->hba_isid[3], ihp->hba_isid[4],
1651 		    ihp->hba_isid[5]);
1652 
1653 		if (ddi_prop_update_string(DDI_DEV_T_NONE,
1654 		    ihp->hba_dip, "initiator-port",
1655 		    init_port_name) != DDI_PROP_SUCCESS) {
1656 			cmn_err(CE_WARN, "iscsi_ioctl: Updating "
1657 			    "initiator-port property on iSCSI "
1658 			    "HBA(%s) with dip(%d) Failed",
1659 			    (char *)ihp->hba_name,
1660 			    ddi_get_instance(ihp->hba_dip));
1661 		}
1662 
1663 		/*
1664 		 * Deregister the old initiator-node name from the iSNS
1665 		 * server
1666 		 * Register the new initiator-node name with the iSNS server
1667 		 */
1668 		method = persistent_disc_meth_get();
1669 		if (method & iSCSIDiscoveryMethodISNS) {
1670 			if (rval == B_TRUE) {
1671 				if (strlen(initiator_node_name) > 0) {
1672 				/*
1673 				 * we will attempt to offline the targets.
1674 				 * if logouts fail, we will still continue
1675 				 */
1676 #define	STRING_INNO "initiator-node name - Offline "
1677 #define	STRING_FFOMD "failed for one or more devices"
1678 					if ((iscsid_del(
1679 					    ihp, NULL, method, NULL))
1680 					    != B_TRUE) {
1681 						cmn_err(CE_NOTE,
1682 						    "Attempting to change "
1683 						    STRING_INNO
1684 						    STRING_FFOMD);
1685 					}
1686 					(void) isns_dereg(ihp->hba_isid,
1687 					    (uint8_t *)initiator_node_name);
1688 #undef STRING_INNO
1689 #undef STRING_FFOMD
1690 				}
1691 			}
1692 			if (persistent_initiator_name_get(initiator_node_name,
1693 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
1694 				kmem_free(initiator_node_name,
1695 				    ISCSI_MAX_NAME_LEN);
1696 				initiator_node_name = NULL;
1697 				rtn = EIO;
1698 				break;
1699 			}
1700 			if (strlen(initiator_node_name) == 0) {
1701 				kmem_free(initiator_node_name,
1702 				    ISCSI_MAX_NAME_LEN);
1703 				initiator_node_name = NULL;
1704 				rtn = EIO;
1705 				break;
1706 			}
1707 
1708 			initiator_node_alias = kmem_zalloc(ISCSI_MAX_NAME_LEN,
1709 			    KM_SLEEP);
1710 			if (persistent_alias_name_get(initiator_node_alias,
1711 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
1712 				initiator_node_alias[0] = '\0';
1713 			}
1714 
1715 			(void) isns_reg(ihp->hba_isid,
1716 			    (uint8_t *)initiator_node_name,
1717 			    ISCSI_MAX_NAME_LEN,
1718 			    (uint8_t *)initiator_node_alias,
1719 			    ISCSI_MAX_NAME_LEN,
1720 			    ISNS_INITIATOR_NODE_TYPE,
1721 			    isns_scn_callback);
1722 			iscsid_do_isns_query(ihp);
1723 
1724 			/* Done using the name and alias - free them. */
1725 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
1726 			initiator_node_name = NULL;
1727 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
1728 			initiator_node_alias = NULL;
1729 		}
1730 		break;
1731 
1732 	/*
1733 	 * ISCSI_PARAM_SET - Set param for specified connection/session.
1734 	 */
1735 	case ISCSI_PARAM_SET:
1736 		/* copyin user args */
1737 		ils = (iscsi_param_set_t *)kmem_alloc(sizeof (*ils), KM_SLEEP);
1738 		if (ddi_copyin((caddr_t)arg, ils, sizeof (*ils), mode)) {
1739 			rtn = EFAULT;
1740 			kmem_free(ils, sizeof (*ils));
1741 			break;
1742 		}
1743 
1744 		if (ils->s_vers != ISCSI_INTERFACE_VERSION) {
1745 			rtn = EINVAL;
1746 			kmem_free(ils, sizeof (*ils));
1747 			break;
1748 		}
1749 		rtn = iscsi_set_params(ils, ihp, B_TRUE);
1750 		kmem_free(ils, sizeof (*ils));
1751 		break;
1752 
1753 	/*
1754 	 * ISCSI_TARGET_PARAM_CLEAR
1755 	 * - remove custom parameter settings for a target.
1756 	 */
1757 	case ISCSI_TARGET_PARAM_CLEAR:
1758 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
1759 			rtn = EFAULT;
1760 			break;
1761 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
1762 			rtn = EINVAL;
1763 			break;
1764 		}
1765 
1766 		if ((e.e_oid != ihp->hba_oid) &&
1767 		    (e.e_oid != ISCSI_OID_NOTSET)) {
1768 			uchar_t	    *t_name;
1769 			iscsi_sess_t *t_isp;
1770 
1771 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1772 			/*
1773 			 * If the oid does represent a session check to see
1774 			 * if it is a target oid.  If so, return the target's
1775 			 * associated session.
1776 			 */
1777 			rtn = iscsi_sess_get(e.e_oid, ihp, &isp);
1778 			if (rtn != 0) {
1779 				rtn = iscsi_sess_get_by_target(e.e_oid, ihp,
1780 				    &isp);
1781 			}
1782 
1783 			/*
1784 			 * If rtn is zero then we have found an
1785 			 * existing session.  Use the session name to
1786 			 * do param lookup.  If rtn is non-zero then
1787 			 * create a targetparam object and use its name
1788 			 * for param lookup.
1789 			 */
1790 			if (rtn == 0) {
1791 				t_name = isp->sess_name;
1792 			} else {
1793 				t_name = iscsi_targetparam_get_name(e.e_oid);
1794 				rtn = 0;
1795 			}
1796 
1797 			if (t_name == NULL) {
1798 				rw_exit(&ihp->hba_sess_list_rwlock);
1799 				rtn = EFAULT;
1800 				break;
1801 			}
1802 
1803 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1804 			(void) strncpy((char *)name, (char *)t_name,
1805 			    ISCSI_MAX_NAME_LEN);
1806 
1807 			if (persistent_param_clear((char *)name) == B_FALSE) {
1808 				kmem_free(name, ISCSI_MAX_NAME_LEN);
1809 				rw_exit(&ihp->hba_sess_list_rwlock);
1810 				rtn = EIO;
1811 				break;
1812 			}
1813 
1814 			ics = kmem_zalloc(sizeof (*ics), KM_SLEEP);
1815 			ics->ics_ver = ISCSI_INTERFACE_VERSION;
1816 			ics->ics_oid = ISCSI_INITIATOR_OID;
1817 			ics->ics_in  = 1;
1818 
1819 			/*
1820 			 * We may have multiple sessions with different
1821 			 * tpgt values.  So we need to loop through
1822 			 * the sessions and update all sessions.
1823 			 */
1824 			for (isp = ihp->hba_sess_list; isp;
1825 			    isp = t_isp) {
1826 				t_isp = isp->sess_next;
1827 
1828 				if (strncmp((char *)isp->sess_name,
1829 				    (char *)name, ISCSI_MAX_NAME_LEN) == 0) {
1830 					/*
1831 					 * When removing target-params we need
1832 					 * slightly different actions depending
1833 					 * on if the session should still exist.
1834 					 * Get the initiator-node value for
1835 					 * MS/T.  If there is no initiator
1836 					 * value then assume the default value
1837 					 * of 1.  If the initiator value is
1838 					 * less than this ISID then we need to
1839 					 * destroy the session.  Otherwise
1840 					 * update the session information and
1841 					 * resync (N7 event).
1842 					 */
1843 					rtn = iscsi_ioctl_get_config_sess(
1844 					    ihp, ics);
1845 					if (((rtn != 0) &&
1846 					    (isp->sess_isid[5] > 0)) ||
1847 					    ((rtn == 0) &&
1848 					    (ics->ics_out <=
1849 					    isp->sess_isid[5]))) {
1850 
1851 						/*
1852 						 * This session should no
1853 						 * longer exist.  Remove
1854 						 * session.
1855 						 */
1856 						if (!ISCSI_SUCCESS(
1857 						    iscsi_sess_destroy(isp))) {
1858 							kmem_free(ics,
1859 							    sizeof (*ics));
1860 							kmem_free(name,
1861 							    ISCSI_MAX_NAME_LEN);
1862 						rw_exit(&ihp->
1863 						    hba_sess_list_rwlock);
1864 							rtn = EBUSY;
1865 							break;
1866 						}
1867 						isp = ihp->hba_sess_list;
1868 					} else {
1869 						/*
1870 						 * Reset the session
1871 						 * parameters.
1872 						 */
1873 						bcopy(&(isp->sess_hba->
1874 						    hba_params),
1875 						    &(isp->sess_params),
1876 						    sizeof (isp->sess_params));
1877 
1878 						/*
1879 						 * Notify the session that the
1880 						 * login parameters have
1881 						 * changed.
1882 						 */
1883 						mutex_enter(&isp->
1884 						    sess_state_mutex);
1885 						iscsi_sess_state_machine(isp,
1886 						    ISCSI_SESS_EVENT_N7);
1887 						mutex_exit(&isp->
1888 						    sess_state_mutex);
1889 					}
1890 				}
1891 			}
1892 			kmem_free(ics, sizeof (*ics));
1893 			kmem_free(name, ISCSI_MAX_NAME_LEN);
1894 			rw_exit(&ihp->hba_sess_list_rwlock);
1895 		}
1896 		break;
1897 
1898 	/*
1899 	 * ISCSI_TARGET_OID_LIST_GET -
1900 	 */
1901 	case ISCSI_TARGET_OID_LIST_GET:
1902 		/* copyin user args */
1903 		if (ddi_copyin((caddr_t)arg, &idl,
1904 		    sizeof (idl), mode)) {
1905 			rtn = EFAULT;
1906 			break;
1907 		}
1908 
1909 		if (idl.tl_vers != ISCSI_INTERFACE_VERSION) {
1910 			rtn = EINVAL;
1911 			break;
1912 		}
1913 
1914 		list_space = sizeof (iscsi_target_list_t);
1915 		if (idl.tl_in_cnt != 0)
1916 			list_space += (sizeof (uint32_t) *
1917 			    (idl.tl_in_cnt - 1));
1918 
1919 		idlp = kmem_zalloc(list_space, KM_SLEEP);
1920 		bcopy(&idl, idlp, sizeof (idl));
1921 		idlp->tl_out_cnt = 0;
1922 
1923 		/*
1924 		 * If target list type is ISCSI_TGT_OID_LIST and discovery
1925 		 * has not been completed or in progress, poke the discovery
1926 		 * methods so target information is returned
1927 		 */
1928 		mutex_enter(&ihp->hba_discovery_events_mutex);
1929 		method = ihp->hba_discovery_events;
1930 		if ((idl.tl_tgt_list_type == ISCSI_TGT_OID_LIST) &&
1931 		    (method != ISCSI_ALL_DISCOVERY_METHODS) &&
1932 		    (ihp->hba_discovery_in_progress == B_FALSE)) {
1933 			ihp->hba_discovery_in_progress = B_TRUE;
1934 			mutex_exit(&ihp->hba_discovery_events_mutex);
1935 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodUnknown);
1936 			mutex_enter(&ihp->hba_discovery_events_mutex);
1937 			ihp->hba_discovery_in_progress = B_FALSE;
1938 		}
1939 		mutex_exit(&ihp->hba_discovery_events_mutex);
1940 
1941 		/*
1942 		 * Return the correct list information based on the type
1943 		 */
1944 		switch (idl.tl_tgt_list_type) {
1945 		/* ISCSI_TGT_PARAM_OID_LIST - iscsiadm list target-params */
1946 		case ISCSI_TGT_PARAM_OID_LIST:
1947 			/* get params from persistent store */
1948 			iscsi_targetparam_lock_list(RW_READER);
1949 			curr_entry = iscsi_targetparam_get_next_entry(NULL);
1950 			while (curr_entry != NULL) {
1951 				if (idlp->tl_out_cnt < idlp->tl_in_cnt) {
1952 					idlp->tl_oid_list[idlp->tl_out_cnt] =
1953 					    curr_entry->target_oid;
1954 				}
1955 				idlp->tl_out_cnt++;
1956 				curr_entry = iscsi_targetparam_get_next_entry(
1957 				    curr_entry);
1958 			}
1959 			iscsi_targetparam_unlock_list();
1960 			break;
1961 
1962 		/* ISCSI_STATIC_TGT_OID_LIST - iscsiadm list static-config */
1963 		case ISCSI_STATIC_TGT_OID_LIST:
1964 		{
1965 			char *target_name = NULL;
1966 			void *v = NULL;
1967 
1968 			/* get static-config from persistent store */
1969 			target_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1970 			persistent_static_addr_lock();
1971 			while (persistent_static_addr_next(&v,
1972 			    (char *)target_name, &e) == B_TRUE) {
1973 
1974 				if (idlp->tl_out_cnt < idlp->tl_in_cnt) {
1975 					idlp->tl_oid_list[idlp->tl_out_cnt] =
1976 					    e.e_oid;
1977 				}
1978 				idlp->tl_out_cnt++;
1979 
1980 			}
1981 
1982 			persistent_static_addr_unlock();
1983 			kmem_free(target_name, ISCSI_MAX_NAME_LEN);
1984 			break;
1985 		}
1986 
1987 		/* ISCSI_TGT_OID_LIST - iscsiadm list target */
1988 		case ISCSI_TGT_OID_LIST:
1989 
1990 			/* get sessions from hba's session list */
1991 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1992 			for (isp = ihp->hba_sess_list; isp;
1993 			    isp = isp->sess_next) {
1994 
1995 				if (((isp->sess_state !=
1996 				    ISCSI_SESS_STATE_FREE) ||
1997 				    (isp->sess_discovered_by !=
1998 				    iSCSIDiscoveryMethodUnknown)) &&
1999 				    (isp->sess_type ==
2000 				    ISCSI_SESS_TYPE_NORMAL)) {
2001 					if (idlp->tl_out_cnt <
2002 					    idlp->tl_in_cnt) {
2003 						idlp->tl_oid_list[
2004 						    idlp->tl_out_cnt] =
2005 						    isp->sess_oid;
2006 					}
2007 					idlp->tl_out_cnt++;
2008 				}
2009 
2010 			}
2011 			rw_exit(&ihp->hba_sess_list_rwlock);
2012 			break;
2013 
2014 		default:
2015 			ASSERT(FALSE);
2016 		}
2017 
2018 		rtn = ddi_copyout(idlp, (caddr_t)arg, list_space, mode);
2019 		kmem_free(idlp, list_space);
2020 		break;
2021 
2022 	/*
2023 	 * ISCSI_TARGET_PROPS_GET -
2024 	 */
2025 	case ISCSI_TARGET_PROPS_GET:
2026 		/* ---- fall through sense the code is almost the same ---- */
2027 
2028 	/*
2029 	 * ISCSI_TARGET_PROPS_SET -
2030 	 */
2031 	case ISCSI_TARGET_PROPS_SET:
2032 		/* copyin user args */
2033 		ipp = (iscsi_property_t *)kmem_alloc(sizeof (*ipp),
2034 		    KM_SLEEP);
2035 		if (ddi_copyin((caddr_t)arg, ipp, sizeof (*ipp), mode)) {
2036 			rtn = EFAULT;
2037 			kmem_free(ipp, sizeof (*ipp));
2038 			break;
2039 		}
2040 
2041 		if (ipp->p_vers != ISCSI_INTERFACE_VERSION) {
2042 			rtn = EINVAL;
2043 			kmem_free(ipp, sizeof (*ipp));
2044 			break;
2045 		}
2046 
2047 		rtn = iscsi_target_prop_mod(ihp, ipp, cmd);
2048 		if (rtn == 0)
2049 			rtn = ddi_copyout(ipp, (caddr_t)arg,
2050 			    sizeof (*ipp), mode);
2051 		kmem_free(ipp, sizeof (*ipp));
2052 		break;
2053 
2054 	/*
2055 	 * ISCSI_TARGET_ADDRESS_GET -
2056 	 */
2057 	case ISCSI_TARGET_ADDRESS_GET:
2058 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2059 			rtn = EFAULT;
2060 			break;
2061 		}
2062 
2063 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2064 			rtn = EINVAL;
2065 			break;
2066 		}
2067 
2068 		/*
2069 		 * Find out how much space we need to malloc for the users
2070 		 * request.
2071 		 */
2072 		list_space = sizeof (iscsi_addr_list_t);
2073 		if (ial.al_in_cnt != 0) {
2074 			list_space += (sizeof (iscsi_addr_t) *
2075 			    (ial.al_in_cnt - 1));
2076 		}
2077 		ialp = (iscsi_addr_list_t *)kmem_zalloc(list_space, KM_SLEEP);
2078 
2079 		/* Copy in the header portion */
2080 		bcopy(&ial, ialp, sizeof (ial));
2081 
2082 		/* session */
2083 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2084 		rtn = iscsi_sess_get(ialp->al_oid, ihp, &isp);
2085 		if (rtn != 0) {
2086 			rw_exit(&ihp->hba_sess_list_rwlock);
2087 			rtn = EFAULT;
2088 			break;
2089 		}
2090 
2091 		ialp->al_out_cnt	= 0;
2092 		ialp->al_tpgt		= isp->sess_tpgt_conf;
2093 		rw_enter(&isp->sess_conn_list_rwlock, RW_READER);
2094 		for (icp = isp->sess_conn_list; icp; icp = icp->conn_next) {
2095 			if (icp->conn_state != ISCSI_CONN_STATE_LOGGED_IN) {
2096 				continue;
2097 			}
2098 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2099 				iscsi_addr_t		*ap;
2100 
2101 				ap = &ialp->al_addrs[ialp->al_out_cnt];
2102 				if (icp->conn_base_addr.sin.sa_family
2103 				    == AF_INET) {
2104 
2105 					struct sockaddr_in *addr_in =
2106 					    (struct sockaddr_in *)&icp->
2107 					    conn_base_addr.sin4;
2108 					ap->a_addr.i_insize =
2109 					    sizeof (struct in_addr);
2110 					bcopy(&addr_in->sin_addr.s_addr,
2111 					    &ap->a_addr.i_addr.in4.s_addr,
2112 					    sizeof (struct in_addr));
2113 					ap->a_port = addr_in->sin_port;
2114 
2115 				} else {
2116 
2117 					struct sockaddr_in6 *addr_in6 =
2118 					    (struct sockaddr_in6 *)&icp->
2119 					    conn_base_addr.sin6;
2120 					ap->a_addr.i_insize =
2121 					    sizeof (struct in6_addr);
2122 					bcopy(&addr_in6->sin6_addr.s6_addr,
2123 					    &ap->a_addr.i_addr.in6.s6_addr,
2124 					    sizeof (struct in6_addr));
2125 					ap->a_port = addr_in6->sin6_port;
2126 
2127 				}
2128 			}
2129 			ialp->al_out_cnt++;
2130 		}
2131 		rw_exit(&isp->sess_conn_list_rwlock);
2132 		rw_exit(&ihp->hba_sess_list_rwlock);
2133 
2134 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2135 		kmem_free(ialp, list_space);
2136 		break;
2137 
2138 	/*
2139 	 * ISCSI_CHAP_SET -
2140 	 */
2141 	case ISCSI_CHAP_SET:
2142 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2143 		    KM_SLEEP);
2144 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2145 			rtn = EFAULT;
2146 			kmem_free(chap, sizeof (*chap));
2147 			break;
2148 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2149 			rtn = EINVAL;
2150 			kmem_free(chap, sizeof (*chap));
2151 			break;
2152 		}
2153 
2154 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2155 		if (chap->c_oid == ihp->hba_oid)
2156 			name = ihp->hba_name;
2157 		else {
2158 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2159 			if (rtn != 0) {
2160 				rtn = iscsi_sess_get_by_target(
2161 				    chap->c_oid, ihp, &isp);
2162 			}
2163 
2164 			/*
2165 			 * If rtn is zero then we have found an
2166 			 * existing session.  Use the session name to
2167 			 * do param lookup.  If rtn is non-zero then
2168 			 * create a targetparam object and use its name
2169 			 * for param lookup.
2170 			 */
2171 			if (rtn == 0) {
2172 				name = isp->sess_name;
2173 			} else {
2174 				name =
2175 				    iscsi_targetparam_get_name(chap->c_oid);
2176 				rtn = 0;
2177 			}
2178 		}
2179 
2180 		if (name == NULL) {
2181 			rw_exit(
2182 			    &ihp->hba_sess_list_rwlock);
2183 			rtn = EFAULT;
2184 			kmem_free(chap, sizeof (*chap));
2185 			break;
2186 		}
2187 
2188 		if (persistent_chap_set((char *)name, chap) ==
2189 		    B_FALSE) {
2190 			rtn = EIO;
2191 		}
2192 		rw_exit(&ihp->hba_sess_list_rwlock);
2193 		kmem_free(chap, sizeof (*chap));
2194 		break;
2195 
2196 	/*
2197 	 * ISCSI_CHAP_GET -
2198 	 */
2199 	case ISCSI_CHAP_GET:
2200 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2201 		    KM_SLEEP);
2202 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2203 			kmem_free(chap, sizeof (*chap));
2204 			rtn = EFAULT;
2205 			break;
2206 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2207 			kmem_free(chap, sizeof (*chap));
2208 			rtn = EINVAL;
2209 			break;
2210 		}
2211 
2212 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2213 		if (chap->c_oid == ihp->hba_oid)
2214 			name = ihp->hba_name;
2215 		else {
2216 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2217 			if (rtn != 0) {
2218 				rtn = iscsi_sess_get_by_target(
2219 				    chap->c_oid, ihp, &isp);
2220 			}
2221 
2222 			/*
2223 			 * If rtn is zero then we have found an
2224 			 * existing session.  Use the session name to
2225 			 * do param lookup.  If rtn is non-zero then
2226 			 * create a targetparam object and use its name
2227 			 * for param lookup.
2228 			 */
2229 			if (rtn == 0) {
2230 				name = isp->sess_name;
2231 			} else {
2232 				rtn = 0;
2233 				name =
2234 				    iscsi_targetparam_get_name(chap->c_oid);
2235 			}
2236 
2237 			/*
2238 			 * Initialize the target-side chap name to the
2239 			 * session name if no chap settings have been
2240 			 * saved for the current session.
2241 			 */
2242 			if (persistent_chap_get((char *)name,
2243 			    chap) == B_FALSE) {
2244 				int name_len = strlen((char *)name);
2245 				iscsi_chap_props_t *chap = NULL;
2246 				chap = (iscsi_chap_props_t *)kmem_zalloc
2247 				    (sizeof (iscsi_chap_props_t), KM_SLEEP);
2248 				bcopy((char *)name, chap->c_user, name_len);
2249 				chap->c_user_len = name_len;
2250 				(void) (persistent_chap_set((char *)name,
2251 				    chap));
2252 				kmem_free(chap, sizeof (*chap));
2253 			}
2254 		}
2255 
2256 		if (name == NULL) {
2257 			rw_exit(
2258 			    &ihp->hba_sess_list_rwlock);
2259 			rtn = EFAULT;
2260 			break;
2261 		}
2262 
2263 		if (persistent_chap_get((char *)name, chap) == B_FALSE) {
2264 			rw_exit(&ihp->hba_sess_list_rwlock);
2265 			rtn = EIO;
2266 			break;
2267 		}
2268 		rw_exit(&ihp->hba_sess_list_rwlock);
2269 
2270 		rtn = ddi_copyout(chap, (caddr_t)arg, sizeof (*chap), mode);
2271 		kmem_free(chap, sizeof (*chap));
2272 		break;
2273 
2274 	/*
2275 	 * ISCSI_CHAP_CLEAR -
2276 	 */
2277 	case ISCSI_CHAP_CLEAR:
2278 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2279 		    KM_SLEEP);
2280 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2281 			rtn = EFAULT;
2282 			kmem_free(chap, sizeof (*chap));
2283 			break;
2284 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2285 			rtn = EINVAL;
2286 			kmem_free(chap, sizeof (*chap));
2287 			break;
2288 		}
2289 
2290 		if (chap->c_oid == ihp->hba_oid) {
2291 			iscsi_sess_t *sessp;
2292 
2293 			name = ihp->hba_name;
2294 
2295 			if (persistent_chap_clear(
2296 			    (char *)name) == B_FALSE) {
2297 				rtn = EIO;
2298 			}
2299 
2300 			/*
2301 			 * Loop through all sessions and memset their
2302 			 * (initiator's) passwords
2303 			 */
2304 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2305 			for (sessp = ihp->hba_sess_list; sessp;
2306 			    sessp = sessp->sess_next) {
2307 				(void) memset(sessp->sess_auth.password,
2308 				    0, iscsiAuthStringMaxLength);
2309 				sessp->sess_auth.password_length = 0;
2310 			}
2311 			rw_exit(&ihp->hba_sess_list_rwlock);
2312 
2313 		} else {
2314 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2315 			/*
2316 			 * If the oid does represent a session check to see
2317 			 * if it is a target oid.  If so, return the target's
2318 			 * associated session.
2319 			 */
2320 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2321 			if (rtn != 0) {
2322 				rtn = iscsi_sess_get_by_target(chap->c_oid,
2323 				    ihp, &isp);
2324 			}
2325 
2326 			rw_exit(&ihp->hba_sess_list_rwlock);
2327 
2328 			/*
2329 			 * If rtn is zero then we have found an
2330 			 * existing session.  Use the session name to
2331 			 * do param lookup.  If rtn is non-zero then
2332 			 * create a targetparam object and use its name
2333 			 * for param lookup.
2334 			 */
2335 			if (rtn == 0) {
2336 				name = isp->sess_name;
2337 			} else {
2338 				name =
2339 				    iscsi_targetparam_get_name(chap->c_oid);
2340 				rtn = 0;
2341 			}
2342 
2343 			if (name == NULL) {
2344 				rw_exit(
2345 				    &ihp->hba_sess_list_rwlock);
2346 				rtn = EFAULT;
2347 				break;
2348 			}
2349 
2350 			if (persistent_chap_clear(
2351 			    (char *)name) == B_FALSE) {
2352 				rtn = EIO;
2353 			}
2354 
2355 			/*
2356 			 * Clear out session chap password if we found a
2357 			 * session above.
2358 			 */
2359 			if (isp != NULL) {
2360 				(void) memset(isp->sess_auth.password_in,
2361 				    0, iscsiAuthStringMaxLength);
2362 				isp->sess_auth.password_length_in = 0;
2363 			}
2364 
2365 		}
2366 
2367 		kmem_free(chap, sizeof (*chap));
2368 		break;
2369 
2370 	/*
2371 	 * ISCSI_STATIC_GET -
2372 	 */
2373 	case ISCSI_STATIC_GET:
2374 		ispp = (iscsi_static_property_t *)kmem_alloc(
2375 		    sizeof (*ispp), KM_SLEEP);
2376 
2377 		if (ddi_copyin((caddr_t)arg, ispp, sizeof (*ispp), mode)) {
2378 			rtn = EFAULT;
2379 			kmem_free(ispp, sizeof (*ispp));
2380 			break;
2381 		}
2382 
2383 		if (ispp->p_vers != ISCSI_INTERFACE_VERSION) {
2384 			rtn = EINVAL;
2385 			kmem_free(ispp, sizeof (*ispp));
2386 			break;
2387 		}
2388 
2389 		{
2390 			void *v = NULL;
2391 			boolean_t found = B_FALSE;
2392 
2393 			persistent_static_addr_lock();
2394 			while (persistent_static_addr_next(&v,
2395 			    (char *)ispp->p_name, &e) == B_TRUE) {
2396 
2397 				if (ispp->p_oid == e.e_oid) {
2398 					/*
2399 					 * In case there are multiple
2400 					 * addresses associated with the
2401 					 * given target OID, pick the first
2402 					 * one.
2403 					 */
2404 					iscsi_addr_t *ap;
2405 
2406 					ap = &(ispp->p_addr_list.al_addrs[0]);
2407 					ap->a_port = e.e_port;
2408 					ap->a_addr.i_insize = e.e_insize;
2409 					bcopy(e.e_u.u_in6.s6_addr,
2410 					    ap->a_addr.i_addr.in6.s6_addr,
2411 					    e.e_insize);
2412 					ispp->p_name_len =
2413 					    strlen((char *)ispp->p_name);
2414 					ispp->p_addr_list.al_tpgt = e.e_tpgt;
2415 					ispp->p_addr_list.al_out_cnt = 1;
2416 
2417 					found = B_TRUE;
2418 					break;
2419 				}
2420 			}
2421 			persistent_static_addr_unlock();
2422 
2423 			if (found == B_TRUE) {
2424 				rtn = ddi_copyout(ispp, (caddr_t)arg,
2425 				    sizeof (*ispp), mode);
2426 			} else {
2427 				rtn = ENOENT;
2428 			}
2429 		}
2430 		kmem_free(ispp, sizeof (*ispp));
2431 
2432 		break;
2433 
2434 	/*
2435 	 * ISCSI_STATIC_SET -
2436 	 */
2437 	case ISCSI_STATIC_SET:
2438 		target = iscsi_ioctl_copyin((caddr_t)arg, mode,
2439 		    sizeof (*target));
2440 		if (target == NULL) {
2441 			rtn = EFAULT;
2442 			break;
2443 		}
2444 
2445 		if (target->te_entry.e_vers != ISCSI_INTERFACE_VERSION) {
2446 			kmem_free(target, sizeof (*target));
2447 			rtn = EINVAL;
2448 			break;
2449 		}
2450 
2451 		/* Check if the target's already been added */
2452 		{
2453 			boolean_t static_target_found = B_FALSE;
2454 			void *v = NULL;
2455 
2456 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2457 			persistent_static_addr_lock();
2458 			while (persistent_static_addr_next(&v, (char *)name,
2459 			    &e) == B_TRUE) {
2460 				/*
2461 				 * MC/S - Need to check IP address and port
2462 				 * number as well when we support MC/S.
2463 				 */
2464 				if ((strncmp((char *)name,
2465 				    (char *)target->te_name,
2466 				    ISCSI_MAX_NAME_LEN) == 0) &&
2467 				    (target->te_entry.e_tpgt == e.e_tpgt) &&
2468 				    (target->te_entry.e_insize == e.e_insize) &&
2469 				    (bcmp(&target->te_entry.e_u, &e.e_u,
2470 				    e.e_insize) == 0)) {
2471 					/*
2472 					 * We don't allow MC/S for now but
2473 					 * we do allow adding the same target
2474 					 * with different TPGTs (hence,
2475 					 * different sessions).
2476 					 */
2477 					static_target_found = B_TRUE;
2478 					break;
2479 				}
2480 			}
2481 			persistent_static_addr_unlock();
2482 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2483 
2484 			if (static_target_found == B_TRUE) {
2485 				/* Duplicate entry */
2486 				kmem_free(target, sizeof (*target));
2487 				rtn = EEXIST;
2488 				break;
2489 			}
2490 		}
2491 
2492 		if (target->te_entry.e_oid == ISCSI_OID_NOTSET) {
2493 			mutex_enter(&iscsi_oid_mutex);
2494 			target->te_entry.e_oid = iscsi_oid++;
2495 			mutex_exit(&iscsi_oid_mutex);
2496 		}
2497 
2498 		persistent_static_addr_lock();
2499 		if (persistent_static_addr_set((char *)target->te_name,
2500 		    &target->te_entry) == B_FALSE) {
2501 			persistent_static_addr_unlock();
2502 			kmem_free(target, sizeof (*target));
2503 			rtn = EIO;
2504 			break;
2505 		}
2506 		persistent_static_addr_unlock();
2507 
2508 		/*
2509 		 * If Static Targets discovery is enabled, then add
2510 		 * target to discovery queue. Otherwise, just create
2511 		 * the session for potential future use.
2512 		 */
2513 		method = persistent_disc_meth_get();
2514 		if (method & iSCSIDiscoveryMethodStatic) {
2515 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodStatic);
2516 			(void) iscsid_login_tgt(ihp, (char *)target->te_name,
2517 			    iSCSIDiscoveryMethodStatic, NULL);
2518 		}
2519 
2520 		rtn = iscsi_ioctl_copyout(target, sizeof (*target),
2521 		    (caddr_t)arg, mode);
2522 		break;
2523 
2524 	/*
2525 	 * ISCSI_STATIC_CLEAR -
2526 	 */
2527 	case ISCSI_STATIC_CLEAR:
2528 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2529 			rtn = EFAULT;
2530 			break;
2531 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2532 			rtn = EINVAL;
2533 			break;
2534 		}
2535 
2536 		{
2537 			boolean_t	found = B_FALSE;
2538 			void		*v = NULL;
2539 			entry_t		tmp_e;
2540 			char		*name = NULL;
2541 
2542 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2543 
2544 			/* Find name for matching static_tgt oid */
2545 			persistent_static_addr_lock();
2546 			while (persistent_static_addr_next(&v,
2547 			    (char *)name, &tmp_e) == B_TRUE) {
2548 				if (e.e_oid == tmp_e.e_oid) {
2549 					found = B_TRUE;
2550 					break;
2551 				}
2552 			}
2553 
2554 			/* If static_tgt found logout and remove it */
2555 			if (found == B_TRUE) {
2556 
2557 				iscsid_addr_to_sockaddr(tmp_e.e_insize,
2558 				    &tmp_e.e_u, tmp_e.e_port, &addr_dsc.sin);
2559 
2560 				/* Attempt to logout of target */
2561 				if (iscsid_del(ihp, (char *)name,
2562 				    iSCSIDiscoveryMethodStatic, &addr_dsc.sin)
2563 				    == B_TRUE) {
2564 					persistent_static_addr_unlock();
2565 
2566 					/* remove from persistent store */
2567 					if (persistent_static_addr_clear(
2568 					    e.e_oid) == B_FALSE) {
2569 						rtn = EIO;
2570 					}
2571 
2572 					iscsid_poke_discovery(ihp,
2573 					    iSCSIDiscoveryMethodStatic);
2574 					(void) iscsid_login_tgt(ihp,
2575 					    (char *)name,
2576 					    iSCSIDiscoveryMethodStatic,
2577 					    NULL);
2578 
2579 				} else {
2580 					persistent_static_addr_unlock();
2581 					rtn = EBUSY;
2582 				}
2583 			} else {
2584 				persistent_static_addr_unlock();
2585 				rtn = EIO;
2586 			}
2587 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2588 		}
2589 		break;
2590 
2591 	/*
2592 	 * ISCSI_ISNS_SERVER_ADDR_SET:
2593 	 */
2594 	case ISCSI_ISNS_SERVER_ADDR_SET:
2595 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2596 			rtn = EFAULT;
2597 			break;
2598 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2599 			rtn = EINVAL;
2600 			break;
2601 		}
2602 
2603 		if (persistent_isns_addr_set(&e) == B_FALSE) {
2604 			rtn = EIO;
2605 			break;
2606 		}
2607 
2608 		/*
2609 		 * If iSNS server discovery is enabled, then kickoff
2610 		 * discovery of the targets advertised by the recently
2611 		 * added iSNS server address.
2612 		 */
2613 		method = persistent_disc_meth_get();
2614 		if (method & iSCSIDiscoveryMethodISNS) {
2615 			initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN,
2616 			    KM_SLEEP);
2617 			if (persistent_initiator_name_get(initiator_node_name,
2618 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
2619 				kmem_free(initiator_node_name,
2620 				    ISCSI_MAX_NAME_LEN);
2621 				initiator_node_name = NULL;
2622 				rtn = EIO;
2623 				break;
2624 			}
2625 			if (strlen(initiator_node_name) == 0) {
2626 				kmem_free(initiator_node_name,
2627 				    ISCSI_MAX_NAME_LEN);
2628 				initiator_node_name = NULL;
2629 				rtn = EIO;
2630 				break;
2631 			}
2632 
2633 			initiator_node_alias = kmem_zalloc(ISCSI_MAX_NAME_LEN,
2634 			    KM_SLEEP);
2635 			if (persistent_alias_name_get(initiator_node_alias,
2636 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
2637 				initiator_node_alias[0] = '\0';
2638 			}
2639 
2640 			/*
2641 			 * Register this initiator node against this iSNS
2642 			 * server.
2643 			 */
2644 			(void) isns_reg_one_server(&e, ihp->hba_isid,
2645 			    (uint8_t *)initiator_node_name,
2646 			    ISCSI_MAX_NAME_LEN,
2647 			    (uint8_t *)initiator_node_alias,
2648 			    ISCSI_MAX_NAME_LEN,
2649 			    ISNS_INITIATOR_NODE_TYPE,
2650 			    isns_scn_callback);
2651 
2652 			iscsid_do_isns_query_one_server(ihp, &e);
2653 
2654 			iscsid_addr_to_sockaddr(e.e_insize,
2655 			    &e.e_u, e.e_port, &addr_dsc.sin);
2656 
2657 			(void) iscsid_login_tgt(ihp, NULL,
2658 			    iSCSIDiscoveryMethodISNS,
2659 			    &addr_dsc.sin);
2660 
2661 			/* Done using the name and alias - free them. */
2662 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
2663 			initiator_node_name = NULL;
2664 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
2665 			initiator_node_alias = NULL;
2666 		}
2667 		break;
2668 
2669 	/*
2670 	 * ISCSI_DISCOVERY_ADDR_SET:
2671 	 */
2672 	case ISCSI_DISCOVERY_ADDR_SET:
2673 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2674 			rtn = EFAULT;
2675 			break;
2676 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2677 			rtn = EINVAL;
2678 			break;
2679 		}
2680 
2681 		if (e.e_oid == ISCSI_OID_NOTSET) {
2682 			mutex_enter(&iscsi_oid_mutex);
2683 			e.e_oid = iscsi_oid++;
2684 			mutex_exit(&iscsi_oid_mutex);
2685 		}
2686 
2687 		if (persistent_disc_addr_set(&e) == B_FALSE) {
2688 			rtn = EIO;
2689 			break;
2690 		}
2691 
2692 		/*
2693 		 * If Send Targets discovery is enabled, then kickoff
2694 		 * discovery of the targets advertised by the recently
2695 		 * added discovery address.
2696 		 */
2697 		method = persistent_disc_meth_get();
2698 		if (method & iSCSIDiscoveryMethodSendTargets) {
2699 
2700 			iscsid_addr_to_sockaddr(e.e_insize,
2701 			    &e.e_u, e.e_port, &addr_dsc.sin);
2702 			iscsid_do_sendtgts(&e);
2703 			(void) iscsid_login_tgt(ihp, NULL,
2704 			    iSCSIDiscoveryMethodSendTargets,
2705 			    &addr_dsc.sin);
2706 
2707 		}
2708 		break;
2709 
2710 	/*
2711 	 * ISCSI_DISCOVERY_ADDR_LIST_GET
2712 	 */
2713 	case ISCSI_DISCOVERY_ADDR_LIST_GET:
2714 		/* copyin user args */
2715 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2716 			rtn = EFAULT;
2717 			break;
2718 		}
2719 
2720 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2721 			rtn = EINVAL;
2722 			break;
2723 		}
2724 
2725 		list_space = sizeof (iscsi_addr_list_t);
2726 		if (ial.al_in_cnt != 0) {
2727 			list_space += (sizeof (iscsi_addr_t) *
2728 			    (ial.al_in_cnt - 1));
2729 		}
2730 
2731 		ialp = kmem_zalloc(list_space, KM_SLEEP);
2732 		bcopy(&ial, ialp, sizeof (iscsi_addr_list_t));
2733 
2734 		void_p = NULL;
2735 		ialp->al_out_cnt = 0;
2736 		persistent_disc_addr_lock();
2737 		while (persistent_disc_addr_next(&void_p, &e) == B_TRUE) {
2738 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2739 				int		i = ialp->al_out_cnt;
2740 				iscsi_addr_t	*addr = &ialp->al_addrs[i];
2741 
2742 				addr->a_port = e.e_port;
2743 				addr->a_addr.i_insize = e.e_insize;
2744 				addr->a_oid = e.e_oid;
2745 
2746 				if (e.e_insize == sizeof (struct in_addr)) {
2747 					/* IPv4 */
2748 					addr->a_addr.i_addr.in4.s_addr =
2749 					    e.e_u.u_in4.s_addr;
2750 				} else if (e.e_insize ==
2751 					    sizeof (struct in6_addr)) {
2752 					/* IPv6 */
2753 					bcopy(e.e_u.u_in6.s6_addr,
2754 					    addr->a_addr.i_addr.in6.s6_addr,
2755 					    16);
2756 				}
2757 			}
2758 			ialp->al_out_cnt++;
2759 		}
2760 		persistent_disc_addr_unlock();
2761 
2762 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2763 		kmem_free(ialp, list_space);
2764 		break;
2765 
2766 	/*
2767 	 * ISCSI_ISNS_SERVER_ADDR_LIST_GET
2768 	 */
2769 	case ISCSI_ISNS_SERVER_ADDR_LIST_GET:
2770 		/* copyin user args */
2771 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2772 			rtn = EFAULT;
2773 			break;
2774 		}
2775 
2776 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2777 			rtn = EINVAL;
2778 			break;
2779 		}
2780 
2781 		list_space = sizeof (iscsi_addr_list_t);
2782 		if (ial.al_in_cnt != 0) {
2783 			list_space += (sizeof (iscsi_addr_t) *
2784 			    (ial.al_in_cnt - 1));
2785 		}
2786 
2787 		ialp = kmem_zalloc(list_space, KM_SLEEP);
2788 		bcopy(&ial, ialp, sizeof (iscsi_addr_list_t));
2789 
2790 		void_p = NULL;
2791 		ialp->al_out_cnt = 0;
2792 		persistent_isns_addr_lock();
2793 		while (persistent_isns_addr_next(&void_p, &e) == B_TRUE) {
2794 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2795 				int		i = ialp->al_out_cnt;
2796 				iscsi_addr_t	*addr = &ialp->al_addrs[i];
2797 
2798 				addr->a_port = e.e_port;
2799 				addr->a_addr.i_insize = e.e_insize;
2800 				if (e.e_insize == sizeof (struct in_addr)) {
2801 					/* IPv4 */
2802 					addr->a_addr.i_addr.in4.s_addr =
2803 					    e.e_u.u_in4.s_addr;
2804 				} else if (e.e_insize ==
2805 					    sizeof (struct in6_addr)) {
2806 					/* IPv6 */
2807 					bcopy(e.e_u.u_in6.s6_addr,
2808 					    addr->a_addr.i_addr.in6.s6_addr,
2809 					    16);
2810 				}
2811 			}
2812 			ialp->al_out_cnt++;
2813 		}
2814 		persistent_isns_addr_unlock();
2815 
2816 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2817 		kmem_free(ialp, list_space);
2818 		break;
2819 
2820 	/*
2821 	 * ISCSI_DISCOVERY_ADDR_CLEAR:
2822 	 */
2823 	case ISCSI_DISCOVERY_ADDR_CLEAR:
2824 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2825 			rtn = EFAULT;
2826 			break;
2827 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2828 			rtn = EINVAL;
2829 			break;
2830 		}
2831 
2832 		iscsid_addr_to_sockaddr(e.e_insize,
2833 		    &e.e_u, e.e_port, &addr_dsc.sin);
2834 
2835 		/* Attempt to logout of associated targets */
2836 		if (iscsid_del(ihp, NULL,
2837 		    iSCSIDiscoveryMethodSendTargets, &addr_dsc.sin) ==
2838 		    B_TRUE) {
2839 			/* Logout successful remove disc. addr. */
2840 			if (persistent_disc_addr_clear(&e) == B_FALSE) {
2841 				rtn = EIO;
2842 			}
2843 		} else {
2844 			rtn = EBUSY;
2845 		}
2846 		break;
2847 
2848 	/*
2849 	 * ISCSI_ISNS_SERVER_CLEAR:
2850 	 */
2851 	case ISCSI_ISNS_SERVER_ADDR_CLEAR:
2852 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2853 			rtn = EFAULT;
2854 			break;
2855 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2856 			rtn = EINVAL;
2857 			break;
2858 		}
2859 
2860 		iscsid_addr_to_sockaddr(e.e_insize,
2861 		    &e.e_u, e.e_port, &addr_dsc.sin);
2862 
2863 		/* Attempt logout of associated targets */
2864 		if (iscsid_del(ihp, NULL, iSCSIDiscoveryMethodISNS,
2865 		    &addr_dsc.sin) == B_TRUE) {
2866 			/* Logout successful */
2867 
2868 			if (persistent_isns_addr_clear(&e) == B_FALSE) {
2869 				rtn = EIO;
2870 				break;
2871 			}
2872 
2873 			method = persistent_disc_meth_get();
2874 			if (method & iSCSIDiscoveryMethodISNS) {
2875 				boolean_t is_last_isns_server_b =
2876 				    B_FALSE;
2877 				int isns_server_count = 0;
2878 				void *void_p = NULL;
2879 
2880 				/*
2881 				 * Check if the last iSNS server's been
2882 				 * removed.
2883 				 */
2884 				{
2885 					entry_t tmp_e;
2886 					persistent_isns_addr_lock();
2887 					while (persistent_isns_addr_next(
2888 					    &void_p, &tmp_e) == B_TRUE) {
2889 						isns_server_count++;
2890 					}
2891 				}
2892 				persistent_isns_addr_unlock();
2893 				if (isns_server_count == 0) {
2894 					is_last_isns_server_b = B_TRUE;
2895 				}
2896 
2897 				/*
2898 				 * Deregister this node from this iSNS
2899 				 * server.
2900 				 */
2901 				initiator_node_name = kmem_zalloc(
2902 				    ISCSI_MAX_NAME_LEN, KM_SLEEP);
2903 				if (persistent_initiator_name_get(
2904 				    initiator_node_name,
2905 				    ISCSI_MAX_NAME_LEN) == B_TRUE) {
2906 
2907 					if (strlen(initiator_node_name) > 0) {
2908 						(void) isns_dereg_one_server(
2909 						    &e, (uint8_t *)
2910 						    initiator_node_name,
2911 						    is_last_isns_server_b);
2912 					}
2913 				}
2914 				kmem_free(initiator_node_name,
2915 				    ISCSI_MAX_NAME_LEN);
2916 				initiator_node_name = NULL;
2917 			}
2918 		} else {
2919 			rtn = EBUSY;
2920 		}
2921 		break;
2922 
2923 	/*
2924 	 * ISCSI_DISCOVERY_SET -
2925 	 */
2926 	case ISCSI_DISCOVERY_SET:
2927 		if (ddi_copyin((caddr_t)arg, &method, sizeof (method), mode)) {
2928 			rtn = EFAULT;
2929 			break;
2930 		}
2931 
2932 		if (persistent_disc_meth_set(method) == B_FALSE) {
2933 			rtn = EIO;
2934 		} else {
2935 			(void) iscsid_enable_discovery(ihp, method, B_TRUE);
2936 			iscsid_poke_discovery(ihp, method);
2937 			(void) iscsid_login_tgt(ihp, NULL, method, NULL);
2938 		}
2939 		break;
2940 
2941 	/*
2942 	 * ISCSI_DISCOVERY_GET -
2943 	 */
2944 	case ISCSI_DISCOVERY_GET:
2945 		method = persistent_disc_meth_get();
2946 		rtn = ddi_copyout(&method, (caddr_t)arg,
2947 		    sizeof (method), mode);
2948 		break;
2949 
2950 	/*
2951 	 * ISCSI_DISCOVERY_CLEAR -
2952 	 */
2953 	case ISCSI_DISCOVERY_CLEAR:
2954 		if (ddi_copyin((caddr_t)arg, &method, sizeof (method), mode)) {
2955 			rtn = EFAULT;
2956 			break;
2957 		}
2958 
2959 		/* Attempt to logout of all associated targets first */
2960 		if (iscsid_disable_discovery(ihp, method) == B_FALSE) {
2961 			rtn = EBUSY;
2962 			break;
2963 		}
2964 
2965 		/*
2966 		 * Successfully logged out of targets, Update
2967 		 * Persistent store.
2968 		 */
2969 		if (persistent_disc_meth_clear(method) == B_FALSE) {
2970 			rtn = EIO;
2971 			break;
2972 		}
2973 		break;
2974 
2975 	/*
2976 	 * ISCSI_DISCOVERY_PROPS -
2977 	 */
2978 	case ISCSI_DISCOVERY_PROPS:
2979 		iscsid_props(&discovery_props);
2980 		if (ddi_copyout(&discovery_props, (caddr_t)arg,
2981 		    sizeof (discovery_props), mode))
2982 			rtn = EFAULT;
2983 		break;
2984 
2985 	/*
2986 	 * ISCSI_LUN_OID_LIST --
2987 	 */
2988 	case ISCSI_LUN_OID_LIST_GET:
2989 		ll = (iscsi_lun_list_t *)kmem_alloc(sizeof (*ll), KM_SLEEP);
2990 		if (ddi_copyin((caddr_t)arg, ll, sizeof (*ll), mode)) {
2991 			rtn = EFAULT;
2992 			kmem_free(ll, sizeof (*ll));
2993 			break;
2994 		}
2995 
2996 		if (ll->ll_vers != ISCSI_INTERFACE_VERSION) {
2997 			rtn = EINVAL;
2998 			kmem_free(ll, sizeof (*ll));
2999 			break;
3000 		}
3001 
3002 		/*
3003 		 * Find out how much space the user has allocated in their
3004 		 * structure. Match the same space for our structure.
3005 		 */
3006 		lun_sz = sizeof (iscsi_lun_list_t);
3007 		if (ll->ll_in_cnt > 0) {
3008 			lun_sz += (ll->ll_in_cnt - 1) * sizeof (iscsi_if_lun_t);
3009 		}
3010 
3011 		llp = kmem_zalloc(lun_sz, KM_SLEEP);
3012 		bcopy(ll, llp, sizeof (*ll));
3013 		kmem_free(ll, sizeof (*ll));
3014 
3015 		/*
3016 		 * Check to see if oid references a target-param oid.  If so,
3017 		 * find the associated  session oid before getting lu list.
3018 		 */
3019 		if (iscsi_targetparam_get_name(llp->ll_tgt_oid) != NULL) {
3020 			for (isp = ihp->hba_sess_list; isp;
3021 			    isp = isp->sess_next) {
3022 				if (isp->sess_target_oid == llp->ll_tgt_oid) {
3023 					target_oid  = isp->sess_oid;
3024 					break;
3025 				}
3026 			}
3027 		} else {
3028 			target_oid = llp->ll_tgt_oid;
3029 		}
3030 
3031 
3032 		/*
3033 		 * Look at the LUNs attached to the specified target. If there
3034 		 * is space in the user structure save that information locally.
3035 		 * Always add up the count to the total. By always adding
3036 		 * the count this code can be used if ll_in_cnt == 0 and
3037 		 * the user just wishes to know the appropriate size to
3038 		 * allocate.
3039 		 */
3040 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3041 		for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
3042 			if ((llp->ll_all_tgts == B_FALSE) &&
3043 			    (isp->sess_oid != target_oid)) {
3044 				continue;
3045 			}
3046 			rw_enter(&isp->sess_lun_list_rwlock, RW_READER);
3047 			for (ilp = isp->sess_lun_list; ilp;
3048 			    ilp = ilp->lun_next) {
3049 				if (ilp->lun_state ==
3050 				    ISCSI_LUN_STATE_ONLINE) {
3051 					if (llp->ll_out_cnt <
3052 					    llp->ll_in_cnt) {
3053 						iscsi_if_lun_t *lp;
3054 						lp = &llp->ll_luns[
3055 						    llp->ll_out_cnt];
3056 
3057 						lp->l_tgt_oid =
3058 						    isp->sess_oid;
3059 						lp->l_oid = ilp->lun_oid;
3060 						lp->l_num = ilp->lun_num;
3061 					}
3062 				llp->ll_out_cnt++;
3063 				}
3064 			}
3065 			rw_exit(&isp->sess_lun_list_rwlock);
3066 		}
3067 		rw_exit(&ihp->hba_sess_list_rwlock);
3068 
3069 		if (ddi_copyout(llp, (caddr_t)arg, lun_sz, mode)) {
3070 			rtn = EFAULT;
3071 		}
3072 
3073 		kmem_free(llp, lun_sz);
3074 		break;
3075 
3076 	/*
3077 	 * ISCSI_LUN_PROPS_GET --
3078 	 */
3079 	case ISCSI_LUN_PROPS_GET:
3080 		lun = (iscsi_lun_props_t *)kmem_zalloc(sizeof (*lun), KM_SLEEP);
3081 		if (ddi_copyin((caddr_t)arg, lun, sizeof (*lun), mode)) {
3082 			rtn = EFAULT;
3083 			kmem_free(lun, sizeof (*lun));
3084 			break;
3085 		}
3086 
3087 		if (lun->lp_vers != ISCSI_INTERFACE_VERSION) {
3088 			rtn = EINVAL;
3089 			kmem_free(lun, sizeof (*lun));
3090 			break;
3091 		}
3092 
3093 		/*
3094 		 * For the target specified, find the LUN specified and
3095 		 * return its properties
3096 		 */
3097 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3098 		rtn = iscsi_sess_get(lun->lp_tgt_oid, ihp, &isp);
3099 		if (rtn != 0) {
3100 			rw_exit(&ihp->hba_sess_list_rwlock);
3101 			rtn = EFAULT;
3102 			kmem_free(lun, sizeof (*lun));
3103 			break;
3104 		}
3105 		rtn = EINVAL;	/* Set bad rtn, correct only if found */
3106 		rw_enter(&isp->sess_lun_list_rwlock, RW_READER);
3107 		for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
3108 			if (ilp->lun_oid == lun->lp_oid) {
3109 				lun->lp_num	= ilp->lun_num;
3110 				lun->lp_status	= LunValid;
3111 				lun->lp_time_online = ilp->lun_time_online;
3112 
3113 				if (ilp->lun_pip != NULL) {
3114 					lun_dip = mdi_pi_get_client(
3115 					    ilp->lun_pip);
3116 				} else {
3117 					lun_dip = ilp->lun_dip;
3118 				}
3119 
3120 				if (lun_dip != NULL &&
3121 				    i_ddi_devi_attached(lun_dip)) {
3122 					(void) ddi_pathname(lun_dip,
3123 					    lun->lp_pathname);
3124 				} else {
3125 					/*
3126 					 * The LUN is not exported to the
3127 					 * OS yet.  It is in the process
3128 					 * of being added.
3129 					 */
3130 					lun->lp_status	= LunDoesNotExist;
3131 				}
3132 				bcopy(ilp->lun_vid, lun->lp_vid,
3133 				    sizeof (lun->lp_vid));
3134 				bcopy(ilp->lun_pid, lun->lp_pid,
3135 				    sizeof (lun->lp_pid));
3136 				rtn = ddi_copyout(lun, (caddr_t)arg,
3137 				    sizeof (*lun), mode);
3138 				if (rtn == -1) {
3139 					rtn = EFAULT;
3140 				}
3141 				break;
3142 			}
3143 		}
3144 		rw_exit(&isp->sess_lun_list_rwlock);
3145 		rw_exit(&ihp->hba_sess_list_rwlock);
3146 
3147 		kmem_free(lun, sizeof (*lun));
3148 		break;
3149 
3150 	/*
3151 	 * ISCSI_CONN_OID_LIST_GET --
3152 	 */
3153 #define	ISCSIIOCOLGC iscsi_ioctl_conn_oid_list_get_copyout
3154 	case ISCSI_CONN_OID_LIST_GET:
3155 		{
3156 			iscsi_conn_list_t	*cl;
3157 
3158 			/* Asuume the worst */
3159 			rtn = EFAULT;
3160 
3161 			/* Copy the input argument into kernel world. */
3162 			cl = iscsi_ioctl_conn_oid_list_get_copyin(
3163 			    (caddr_t)arg,
3164 			    mode);
3165 			if (cl != NULL) {
3166 				if (iscsi_ioctl_conn_oid_list_get(ihp, cl) ==
3167 				    B_TRUE) {
3168 					rtn =
3169 					    ISCSIIOCOLGC(
3170 					    cl, (caddr_t)arg, mode);
3171 				}
3172 			}
3173 			break;
3174 		}
3175 #undef ISCSIIOCOLGC
3176 	/*
3177 	 * ISCSI_CONN_OID_LIST_GET --
3178 	 */
3179 	case ISCSI_CONN_PROPS_GET:
3180 		{
3181 			iscsi_conn_props_t	*cp;
3182 
3183 			/* Asuume the worst */
3184 			rtn = EFAULT;
3185 
3186 			/* Copy the input argument into kernel world. */
3187 			cp = iscsi_ioctl_copyin(
3188 			    (caddr_t)arg,
3189 			    mode,
3190 			    sizeof (iscsi_conn_props_t));
3191 
3192 			if (cp != NULL) {
3193 				/* Get the propereties. */
3194 				if (iscsi_ioctl_conn_props_get(ihp, cp) ==
3195 				    B_TRUE) {
3196 					rtn =
3197 					    iscsi_ioctl_copyout(
3198 					    cp,
3199 					    sizeof (*cp),
3200 					    (caddr_t)arg,
3201 					    mode);
3202 				}
3203 			}
3204 			break;
3205 		}
3206 
3207 	/*
3208 	 * ISCSI_RADIUS_GET -
3209 	 */
3210 	case ISCSI_RADIUS_GET:
3211 	{
3212 		iscsi_nvfile_status_t	status;
3213 
3214 		radius = (iscsi_radius_props_t *)kmem_zalloc(sizeof (*radius),
3215 		    KM_SLEEP);
3216 		if (ddi_copyin((caddr_t)arg, radius, sizeof (*radius), mode)) {
3217 			kmem_free(radius, sizeof (*radius));
3218 			rtn = EFAULT;
3219 			break;
3220 		} else if (radius->r_vers != ISCSI_INTERFACE_VERSION) {
3221 			kmem_free(radius, sizeof (*radius));
3222 			rtn = EINVAL;
3223 			break;
3224 		}
3225 
3226 		old_oid = radius->r_oid;
3227 
3228 		if (radius->r_oid == ihp->hba_oid) {
3229 			name = ihp->hba_name;
3230 		} else {
3231 			/*
3232 			 * RADIUS configuration should be done on a per
3233 			 * initiator basis.
3234 			 */
3235 			kmem_free(radius, sizeof (*radius));
3236 			rtn = EINVAL;
3237 			break;
3238 		}
3239 
3240 		status = persistent_radius_get(radius);
3241 		if (status == ISCSI_NVFILE_SUCCESS) {
3242 			/*
3243 			 * Restore the value for overridden (and bogus) oid.
3244 			 */
3245 			radius->r_oid = old_oid;
3246 			rtn = ddi_copyout(radius, (caddr_t)arg,
3247 			    sizeof (*radius), mode);
3248 		} else if (status == ISCSI_NVFILE_NAMEVAL_NOT_FOUND) {
3249 			rtn = ENOENT;
3250 		} else {
3251 			rtn = EIO;
3252 		}
3253 		kmem_free(radius, sizeof (*radius));
3254 		break;
3255 	}
3256 
3257 	/*
3258 	 * ISCSI_RADIUS_SET -
3259 	 */
3260 	case ISCSI_RADIUS_SET:
3261 		radius = (iscsi_radius_props_t *)kmem_zalloc(sizeof (*radius),
3262 		    KM_SLEEP);
3263 		if (ddi_copyin((caddr_t)arg, radius, sizeof (*radius), mode)) {
3264 			rtn = EFAULT;
3265 			kmem_free(radius, sizeof (*radius));
3266 			break;
3267 		} else if (radius->r_vers != ISCSI_INTERFACE_VERSION) {
3268 			rtn = EINVAL;
3269 			kmem_free(radius, sizeof (*radius));
3270 			break;
3271 		}
3272 
3273 		if (radius->r_oid == ihp->hba_oid) {
3274 			name = ihp->hba_name;
3275 		} else {
3276 			/*
3277 			 * RADIUS configuration should be done on a per
3278 			 * initiator basis.
3279 			 */
3280 			kmem_free(radius, sizeof (*radius));
3281 			rtn = EINVAL;
3282 			break;
3283 		}
3284 
3285 		if (persistent_radius_set(radius) == B_FALSE) {
3286 			rtn = EIO;
3287 		}
3288 
3289 		kmem_free(radius, sizeof (*radius));
3290 		break;
3291 
3292 	/*
3293 	 *  ISCSI_AUTH_GET -
3294 	 */
3295 	case ISCSI_AUTH_GET:
3296 		auth = (iscsi_auth_props_t *)kmem_zalloc(sizeof (*auth),
3297 		    KM_SLEEP);
3298 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3299 			kmem_free(auth, sizeof (*auth));
3300 			rtn = EFAULT;
3301 			break;
3302 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3303 			kmem_free(auth, sizeof (*auth));
3304 			rtn = EINVAL;
3305 			break;
3306 		}
3307 
3308 		old_oid = auth->a_oid;
3309 
3310 		if (auth->a_oid == ihp->hba_oid) {
3311 			name = ihp->hba_name;
3312 		} else {
3313 
3314 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3315 			/*
3316 			 * If the oid does represent a session check to see
3317 			 * if it is a target oid.  If so, return the target's
3318 			 * associated session.
3319 			 */
3320 			rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3321 			if (rtn != 0) {
3322 				rtn = iscsi_sess_get_by_target(auth->a_oid,
3323 				    ihp, &isp);
3324 			}
3325 			rw_exit(&ihp->hba_sess_list_rwlock);
3326 
3327 			/*
3328 			 * If rtn is zero then we have found an
3329 			 * existing session.  Use the session name to
3330 			 * do param lookup.  If rtn is non-zero then
3331 			 * create a targetparam object and use its name
3332 			 * for param lookup.
3333 			 */
3334 			if (rtn == 0) {
3335 				name = isp->sess_name;
3336 			} else {
3337 				name =
3338 				    iscsi_targetparam_get_name(auth->a_oid);
3339 			}
3340 		}
3341 
3342 		if (name == NULL) {
3343 			rw_exit(
3344 			    &ihp->hba_sess_list_rwlock);
3345 			rtn = EFAULT;
3346 			break;
3347 		}
3348 
3349 		if (persistent_auth_get((char *)name, auth) == B_TRUE) {
3350 			/*
3351 			 * Restore the value for overridden (and bogus) oid.
3352 			 */
3353 			auth->a_oid = old_oid;
3354 			rtn = ddi_copyout(auth, (caddr_t)arg,
3355 			    sizeof (*auth), mode);
3356 		} else {
3357 			rtn = EIO;
3358 		}
3359 
3360 		kmem_free(auth, sizeof (*auth));
3361 		break;
3362 
3363 	/*
3364 	 *  ISCSI_AUTH_SET -
3365 	 */
3366 	case ISCSI_AUTH_SET:
3367 		auth = (iscsi_auth_props_t *)kmem_zalloc(sizeof (*auth),
3368 		    KM_SLEEP);
3369 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3370 			kmem_free(auth, sizeof (*auth));
3371 			rtn = EFAULT;
3372 			break;
3373 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3374 			kmem_free(auth, sizeof (*auth));
3375 			rtn = EINVAL;
3376 			break;
3377 		}
3378 
3379 		if (auth->a_oid == ihp->hba_oid) {
3380 			name = ihp->hba_name;
3381 		} else {
3382 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3383 			/*
3384 			 * If the oid does represent a session check to see
3385 			 * if it is a target oid.  If so, return the target's
3386 			 * associated session.
3387 			 */
3388 			rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3389 			if (rtn != 0) {
3390 				rtn = iscsi_sess_get_by_target(auth->a_oid,
3391 				    ihp, &isp);
3392 			}
3393 			rw_exit(&ihp->hba_sess_list_rwlock);
3394 
3395 			/*
3396 			 * If rtn is zero then we have found an
3397 			 * existing session.  Use the session name to
3398 			 * do param lookup.  If rtn is non-zero then
3399 			 * create a targetparam object and use its name
3400 			 * for param lookup.
3401 			 */
3402 			if (rtn == 0) {
3403 				name = isp->sess_name;
3404 			} else {
3405 				name =
3406 				    iscsi_targetparam_get_name(auth->a_oid);
3407 				rtn = 0;
3408 			}
3409 		}
3410 
3411 		if (persistent_auth_set((char *)name, auth) == B_FALSE) {
3412 			rtn = EIO;
3413 		}
3414 
3415 		kmem_free(auth, sizeof (*auth));
3416 		break;
3417 
3418 	/*
3419 	 *  ISCSI_AUTH_CLEAR -
3420 	 */
3421 	case ISCSI_AUTH_CLEAR:
3422 		auth = (iscsi_auth_props_t *)kmem_alloc(sizeof (*auth),
3423 		    KM_SLEEP);
3424 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3425 			kmem_free(auth, sizeof (*auth));
3426 			rtn = EFAULT;
3427 			break;
3428 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3429 			kmem_free(auth, sizeof (*auth));
3430 			rtn = EINVAL;
3431 			break;
3432 		}
3433 
3434 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3435 		/*
3436 		 * If the oid does represent a session check to see
3437 		 * if it is a target oid.  If so, return the target's
3438 		 * associated session.
3439 		 */
3440 		rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3441 		if (rtn != 0) {
3442 			rtn = iscsi_sess_get_by_target(auth->a_oid, ihp, &isp);
3443 		}
3444 		rw_exit(&ihp->hba_sess_list_rwlock);
3445 
3446 		/*
3447 		 * If rtn is zero then we have found an
3448 		 * existing session.  Use the session name to
3449 		 * do param lookup.  If rtn is non-zero then
3450 		 * create a targetparam object and use its name
3451 		 * for param lookup.
3452 		 */
3453 		if (rtn == 0) {
3454 			name = isp->sess_name;
3455 		} else {
3456 			name =
3457 			    iscsi_targetparam_get_name(auth->a_oid);
3458 			rtn = 0;
3459 		}
3460 
3461 		if (name == NULL) {
3462 			rw_exit(
3463 			    &ihp->hba_sess_list_rwlock);
3464 			rtn = EFAULT;
3465 			break;
3466 		}
3467 
3468 		if (persistent_auth_clear((char *)name) == B_FALSE) {
3469 			rtn = EIO;
3470 		}
3471 		kmem_free(auth, sizeof (*auth));
3472 		break;
3473 
3474 	/*
3475 	 * ISCSI_DB_RELOAD -
3476 	 */
3477 	case ISCSI_DB_RELOAD:
3478 		/* ---- database will be closed and reread ---- */
3479 		if (iscsid_init(ihp, B_TRUE) == B_FALSE) {
3480 			rtn = EFAULT;
3481 		}
3482 		break;
3483 
3484 	/*
3485 	 * ISCSI_DB_DUMP -
3486 	 */
3487 	case ISCSI_DB_DUMP:
3488 		persistent_dump_data();
3489 		break;
3490 
3491 	case ISCSI_USCSI:
3492 
3493 #ifdef _MULTI_DATAMODEL
3494 		model = ddi_model_convert_from(mode & FMODELS);
3495 		switch (model) {
3496 		case DDI_MODEL_ILP32:
3497 
3498 			if (ddi_copyin((caddr_t)arg, &iu32_caller,
3499 			    sizeof (iscsi_uscsi32_t), mode)) {
3500 				rtn = EFAULT;
3501 				break;
3502 			}
3503 
3504 			/* perform conversion from 32 -> 64 */
3505 			iu_caller.iu_vers = iu32_caller.iu_vers;
3506 			iu_caller.iu_oid = iu32_caller.iu_oid;
3507 			iu_caller.iu_tpgt = iu32_caller.iu_tpgt;
3508 			iu_caller.iu_len = iu32_caller.iu_len;
3509 			iu_caller.iu_lun = iu32_caller.iu_lun;
3510 			uscsi_cmd32touscsi_cmd((&iu32_caller.iu_ucmd),
3511 			    (&iu_caller.iu_ucmd));
3512 
3513 			break;
3514 		case DDI_MODEL_NONE:
3515 			if (ddi_copyin((caddr_t)arg, &iu_caller,
3516 			    sizeof (iscsi_uscsi_t), mode)) {
3517 				rtn = EFAULT;
3518 				break;
3519 			}
3520 			break;
3521 		default:
3522 			ASSERT(FALSE);
3523 			rtn = EINVAL;
3524 			break;
3525 		}
3526 #endif /* _MULTI_DATAMODEL */
3527 
3528 		/* If failures earlier break */
3529 		if (rtn != 0) {
3530 			break;
3531 		}
3532 
3533 		/* copy from caller to internel cmd */
3534 		bcopy(&iu_caller, &iu, sizeof (iu));
3535 
3536 		if (iu.iu_vers != ISCSI_INTERFACE_VERSION) {
3537 			rtn = EINVAL;
3538 			break;
3539 		}
3540 		/*
3541 		 * Check to see if oid references a target-param oid.  If so,
3542 		 * find the associated  session oid before getting lu list.
3543 		 */
3544 		if (iscsi_targetparam_get_name(iu.iu_oid) != NULL) {
3545 			for (isp = ihp->hba_sess_list; isp; isp =
3546 			    isp->sess_next) {
3547 				if (isp->sess_target_oid == iu.iu_oid) {
3548 					target_oid  = isp->sess_oid;
3549 					break;
3550 				}
3551 			}
3552 		} else {
3553 			target_oid = iu.iu_oid;
3554 		}
3555 
3556 		/* make sure we have a matching session for this command */
3557 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3558 		rtn = iscsi_sess_get(target_oid, ihp, &isp);
3559 		if (rtn != 0) {
3560 			rtn = iscsi_sess_get_by_target(target_oid, ihp,
3561 			    &isp);
3562 			if (rtn != 0) {
3563 				rw_exit(&ihp->hba_sess_list_rwlock);
3564 				rtn = EFAULT;
3565 				break;
3566 			}
3567 		}
3568 		/*
3569 		 * If a caller buffer is present allocate duplicate
3570 		 * kernel space and copyin caller memory.
3571 		 */
3572 		if (iu.iu_ucmd.uscsi_buflen > 0) {
3573 			iu.iu_ucmd.uscsi_bufaddr = (caddr_t)kmem_alloc(
3574 			    iu.iu_ucmd.uscsi_buflen, KM_SLEEP);
3575 			if (ddi_copyin(iu_caller.iu_ucmd.uscsi_bufaddr,
3576 			    iu.iu_ucmd.uscsi_bufaddr,
3577 			    iu.iu_ucmd.uscsi_buflen, mode)) {
3578 				rw_exit(&ihp->hba_sess_list_rwlock);
3579 				rtn = EFAULT;
3580 				break;
3581 			}
3582 		}
3583 
3584 		/*
3585 		 * If a caller cdb is present allocate duplicate
3586 		 * kernel space and copyin caller memory.
3587 		 */
3588 		if (iu.iu_ucmd.uscsi_cdblen > 0) {
3589 			iu.iu_ucmd.uscsi_cdb = (caddr_t)kmem_alloc(
3590 			    iu_caller.iu_ucmd.uscsi_cdblen, KM_SLEEP);
3591 			if (ddi_copyin(iu_caller.iu_ucmd.uscsi_cdb,
3592 			    iu.iu_ucmd.uscsi_cdb,
3593 			    iu.iu_ucmd.uscsi_cdblen, mode)) {
3594 				if (iu.iu_ucmd.uscsi_buflen > 0) {
3595 					kmem_free(iu.iu_ucmd.uscsi_bufaddr,
3596 					    iu_caller.iu_ucmd.uscsi_buflen);
3597 				}
3598 				rw_exit(&ihp->hba_sess_list_rwlock);
3599 				rtn = EFAULT;
3600 				break;
3601 			}
3602 		}
3603 
3604 		/*
3605 		 * If a caller request sense is present allocate
3606 		 * duplicate kernel space.  No need to copyin.
3607 		 */
3608 		if (iu.iu_ucmd.uscsi_rqlen > 0) {
3609 			iu.iu_ucmd.uscsi_rqbuf = (caddr_t)kmem_alloc(
3610 			    iu.iu_ucmd.uscsi_rqlen, KM_SLEEP);
3611 		}
3612 
3613 		/* issue passthru to io path handler */
3614 		rtn = iscsi_handle_passthru(isp, iu.iu_lun, &iu.iu_ucmd);
3615 		if (rtn != 0) {
3616 			rtn = EFAULT;
3617 		}
3618 
3619 		/*
3620 		 * If the caller had a buf we need to do a copyout
3621 		 * and free the kernel memory
3622 		 */
3623 		if (iu.iu_ucmd.uscsi_buflen > 0) {
3624 			if (ddi_copyout(iu.iu_ucmd.uscsi_bufaddr,
3625 			    iu_caller.iu_ucmd.uscsi_bufaddr,
3626 			    iu.iu_ucmd.uscsi_buflen, mode) != 0) {
3627 				rtn = EFAULT;
3628 			}
3629 			kmem_free(iu.iu_ucmd.uscsi_bufaddr,
3630 			    iu.iu_ucmd.uscsi_buflen);
3631 		}
3632 
3633 		/* We need to free kernel cdb, no need to copyout */
3634 		if (iu.iu_ucmd.uscsi_cdblen > 0) {
3635 			kmem_free(iu.iu_ucmd.uscsi_cdb,
3636 			    iu.iu_ucmd.uscsi_cdblen);
3637 		}
3638 
3639 		/*
3640 		 * If the caller had a request sense we need to
3641 		 * do a copyout and free the kernel memory
3642 		 */
3643 		if (iu.iu_ucmd.uscsi_rqlen > 0) {
3644 			if (ddi_copyout(iu.iu_ucmd.uscsi_rqbuf,
3645 			    iu_caller.iu_ucmd.uscsi_rqbuf,
3646 			    iu.iu_ucmd.uscsi_rqlen, mode) != 0) {
3647 				rtn = EFAULT;
3648 			}
3649 			kmem_free(iu.iu_ucmd.uscsi_rqbuf,
3650 			    iu.iu_ucmd.uscsi_rqlen);
3651 		}
3652 
3653 #ifdef _MULTI_DATAMODEL
3654 		if (iu.iu_ucmd.uscsi_status != 0) {
3655 			switch (model = ddi_model_convert_from(
3656 			    mode & FMODELS)) {
3657 			case DDI_MODEL_ILP32:
3658 				iu32_caller.iu_ucmd.uscsi_status =
3659 				    iu.iu_ucmd.uscsi_status;
3660 				if (ddi_copyout((void *)&iu32_caller,
3661 				    (caddr_t)arg, sizeof (iscsi_uscsi32_t),
3662 				    mode) != 0) {
3663 					rtn = EFAULT;
3664 				}
3665 				break;
3666 			case DDI_MODEL_NONE:
3667 				iu_caller.iu_ucmd.uscsi_status =
3668 				    iu.iu_ucmd.uscsi_status;
3669 				if (ddi_copyout((void *)&iu_caller,
3670 				    (caddr_t)arg, sizeof (iscsi_uscsi_t),
3671 				    mode) != 0) {
3672 					rtn = EFAULT;
3673 				}
3674 				break;
3675 			default:
3676 				ASSERT(FALSE);
3677 			}
3678 		}
3679 #endif /* _MULTI_DATAMODEL */
3680 		rw_exit(&ihp->hba_sess_list_rwlock);
3681 		break;
3682 
3683 	/*
3684 	 * ISCSI_DOOR_HANDLE_SET -
3685 	 */
3686 	case ISCSI_DOOR_HANDLE_SET:
3687 		if (ddi_copyin((caddr_t)arg, &did, sizeof (int), mode) != 0) {
3688 			rtn = EFAULT;
3689 		}
3690 		if (iscsi_door_bind(did) == B_FALSE) {
3691 			rtn = EFAULT;
3692 		}
3693 		break;
3694 
3695 	case ISCSI_DISCOVERY_EVENTS:
3696 		/*
3697 		 * If discovery has not been completed and not in progress,
3698 		 * poke the discovery methods
3699 		 */
3700 		mutex_enter(&ihp->hba_discovery_events_mutex);
3701 		method = ihp->hba_discovery_events;
3702 		if ((method != ISCSI_ALL_DISCOVERY_METHODS) &&
3703 		    (ihp->hba_discovery_in_progress == B_FALSE)) {
3704 			ihp->hba_discovery_in_progress = B_TRUE;
3705 			mutex_exit(&ihp->hba_discovery_events_mutex);
3706 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodUnknown);
3707 			mutex_enter(&ihp->hba_discovery_events_mutex);
3708 			ihp->hba_discovery_in_progress = B_FALSE;
3709 			method = ihp->hba_discovery_events;
3710 		}
3711 		mutex_exit(&ihp->hba_discovery_events_mutex);
3712 
3713 		if (ddi_copyout((void *)&method, (caddr_t)arg,
3714 		    sizeof (method), mode) != 0)
3715 			rtn = EFAULT;
3716 		break;
3717 
3718 	/*
3719 	 * ISCSI_SENDTGTS_GET --
3720 	 */
3721 	case ISCSI_SENDTGTS_GET:
3722 		stl_hdr = iscsi_ioctl_copyin((caddr_t)arg, mode,
3723 		    sizeof (*stl_hdr));
3724 		if (stl_hdr == NULL) {
3725 			rtn = EFAULT;
3726 			break;
3727 		}
3728 
3729 		if (stl_hdr->stl_entry.e_vers != ISCSI_INTERFACE_VERSION) {
3730 			rtn = EINVAL;
3731 			kmem_free(stl_hdr, sizeof (*stl_hdr));
3732 			break;
3733 		}
3734 
3735 		/* calculate how much memory user allocated for SendTgts */
3736 		stl_sz = sizeof (*stl_hdr);
3737 		if (stl_hdr->stl_in_cnt > 0) {
3738 			stl_sz += ((stl_hdr->stl_in_cnt - 1) *
3739 			    sizeof (iscsi_sendtgts_entry_t));
3740 		}
3741 
3742 		/* allocate local SendTgts list of the same size */
3743 		istl = kmem_zalloc(stl_sz, KM_SLEEP);
3744 		bcopy(stl_hdr, istl, sizeof (*stl_hdr));
3745 		kmem_free(stl_hdr, sizeof (*stl_hdr));
3746 
3747 		/* lock interface so only one SendTargets operation occurs */
3748 		sema_p(&ihp->hba_sendtgts_semaphore);
3749 
3750 		rtn = iscsi_ioctl_sendtgts_get(ihp, istl);
3751 
3752 		if (rtn == 0) {
3753 			rtn = iscsi_ioctl_copyout(istl, stl_sz,
3754 			    (caddr_t)arg, mode);
3755 		}
3756 
3757 		/* release lock to allow another SendTargets discovery */
3758 		sema_v(&ihp->hba_sendtgts_semaphore);
3759 
3760 		break;
3761 
3762 		/*
3763 		 * ISCSI_ISNS_SERVER_GET --
3764 		 */
3765 	case ISCSI_ISNS_SERVER_GET:
3766 		server_pg_list_hdr = iscsi_ioctl_copyin((caddr_t)arg, mode,
3767 		    sizeof (*server_pg_list_hdr));
3768 		if (server_pg_list_hdr == NULL) {
3769 			rtn = EFAULT;
3770 			break;
3771 		}
3772 
3773 		/* If iSNS discovery mode is not set, return with zero entry */
3774 		method = persistent_disc_meth_get();
3775 		if ((method & iSCSIDiscoveryMethodISNS) == 0) {
3776 			rtn = EACCES;
3777 			break;
3778 		}
3779 
3780 		initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
3781 		if (persistent_initiator_name_get(initiator_node_name,
3782 		    ISCSI_MAX_NAME_LEN) != B_TRUE) {
3783 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
3784 			initiator_node_name = NULL;
3785 			kmem_free(server_pg_list_hdr,
3786 			    sizeof (*server_pg_list_hdr));
3787 			rtn = EIO;
3788 			break;
3789 		}
3790 		if (strlen(initiator_node_name) == 0) {
3791 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
3792 			initiator_node_name = NULL;
3793 			kmem_free(server_pg_list_hdr,
3794 			    sizeof (*server_pg_list_hdr));
3795 			rtn = EIO;
3796 			break;
3797 		}
3798 
3799 		initiator_node_alias = kmem_zalloc(
3800 		    ISCSI_MAX_NAME_LEN, KM_SLEEP);
3801 		if (persistent_alias_name_get(initiator_node_alias,
3802 		    ISCSI_MAX_NAME_LEN) != B_TRUE) {
3803 			initiator_node_alias[0] = '\0';
3804 		}
3805 		rtn = isns_query_one_server(&(server_pg_list_hdr->addr),
3806 		    ihp->hba_isid,
3807 		    (uint8_t *)initiator_node_name,
3808 		    (uint8_t *)initiator_node_alias,
3809 		    ISNS_INITIATOR_NODE_TYPE,
3810 		    &pg_list);
3811 		if (rtn != isns_ok || pg_list == NULL) {
3812 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
3813 			initiator_node_name = NULL;
3814 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
3815 			initiator_node_alias = NULL;
3816 			kmem_free(server_pg_list_hdr,
3817 			    sizeof (*server_pg_list_hdr));
3818 			server_pg_list_hdr = NULL;
3819 			rtn = EIO;
3820 			break;
3821 		}
3822 
3823 		/*
3824 		 * pg_list_sz is the size of the pg_list returned from the
3825 		 *	isns_query_all
3826 		 *
3827 		 * pg_sz_copy_out is the size of the pg_list we are going to
3828 		 *	return back to the caller
3829 		 *
3830 		 * server_pg_list_sz is total amount of data we are returning
3831 		 *	back to the caller
3832 		 */
3833 		pg_list->pg_in_cnt =
3834 		    server_pg_list_hdr->addr_port_list.pg_in_cnt;
3835 		pg_list_sz = sizeof (isns_portal_group_list_t);
3836 		if (pg_list->pg_out_cnt > 0) {
3837 			pg_list_sz += (pg_list->pg_out_cnt - 1) *
3838 			    sizeof (isns_portal_group_t);
3839 		}
3840 		/*
3841 		 * check if caller passed in a buffer with enough space
3842 		 * if there isn't enough space, fill the caller's buffer with
3843 		 * as much information as possible.
3844 		 *
3845 		 * if pg_out_cnt > pg_in_cnt, pg_out_cnt will be returned with
3846 		 * the total number of targets found
3847 		 *
3848 		 * if pg_out_cnt < pg_in_cnt, pg_out_cnt will be the number
3849 		 * of targets returned
3850 		 */
3851 		if (pg_list->pg_in_cnt < pg_list->pg_out_cnt) {
3852 			pg_sz_copy_out = sizeof (isns_portal_group_list_t);
3853 			if (pg_list->pg_in_cnt > 0) {
3854 				pg_sz_copy_out += (pg_list->pg_in_cnt - 1) *
3855 				    sizeof (isns_portal_group_t);
3856 			}
3857 			server_pg_list_sz =
3858 			    sizeof (isns_server_portal_group_list_t);
3859 			if (pg_list->pg_in_cnt > 0) {
3860 				server_pg_list_sz += (pg_list->pg_in_cnt - 1) *
3861 				    sizeof (isns_portal_group_t);
3862 			}
3863 		} else {
3864 			pg_sz_copy_out = pg_list_sz;
3865 			server_pg_list_sz =
3866 			    sizeof (isns_server_portal_group_list_t);
3867 			if (pg_list->pg_out_cnt > 0) {
3868 				server_pg_list_sz += (pg_list->pg_out_cnt - 1) *
3869 				    sizeof (isns_portal_group_t);
3870 			}
3871 		}
3872 
3873 		server_pg_list = (isns_server_portal_group_list_t *)kmem_zalloc(
3874 		    server_pg_list_sz, KM_SLEEP);
3875 
3876 		bcopy(&(server_pg_list_hdr->addr), &(server_pg_list->addr),
3877 		    sizeof (server_pg_list->addr));
3878 		bcopy(pg_list, &server_pg_list->addr_port_list, pg_sz_copy_out);
3879 
3880 		if (ddi_copyout(server_pg_list, (caddr_t)arg, server_pg_list_sz,
3881 		    mode) != 0) {
3882 			rtn = EFAULT;
3883 		}
3884 		DTRACE_PROBE1(iscsi_ioctl_iscsi_isns_server_get_pg_sz,
3885 		    int, pg_list_sz);
3886 		kmem_free(pg_list, pg_list_sz);
3887 		kmem_free(server_pg_list, server_pg_list_sz);
3888 		kmem_free(server_pg_list_hdr, sizeof (*server_pg_list_hdr));
3889 		break;
3890 
3891 	/*
3892 	 * ISCSI_GET_CONFIG_SESSIONS --
3893 	 */
3894 	case ISCSI_GET_CONFIG_SESSIONS:
3895 		/* FALLTHRU */
3896 
3897 	case ISCSI_SET_CONFIG_SESSIONS:
3898 		size = sizeof (*ics);
3899 		ics = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
3900 		if (ics == NULL) {
3901 			rtn = EFAULT;
3902 			break;
3903 		}
3904 
3905 		/* verify version infomration */
3906 		if (ics->ics_ver != ISCSI_INTERFACE_VERSION) {
3907 			rtn = EINVAL;
3908 			kmem_free(ics, size);
3909 			break;
3910 		}
3911 
3912 		/* Check to see if we need to copy in more memory */
3913 		if (ics->ics_in > 1) {
3914 			/* record correct size */
3915 			size = ISCSI_SESSION_CONFIG_SIZE(ics->ics_in);
3916 			/* free old buffer */
3917 			kmem_free(ics, sizeof (*ics));
3918 
3919 			/* copy in complete buffer size */
3920 			ics = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
3921 			if (ics == NULL) {
3922 				rtn = EFAULT;
3923 				break;
3924 			}
3925 		}
3926 
3927 		/* switch action based on get or set */
3928 		if (cmd == ISCSI_GET_CONFIG_SESSIONS) {
3929 			/* get */
3930 			rtn = iscsi_ioctl_get_config_sess(ihp, ics);
3931 			if (rtn == 0) {
3932 				/* copyout data for gets */
3933 				rtn = iscsi_ioctl_copyout(ics, size,
3934 				    (caddr_t)arg, mode);
3935 			}
3936 		} else {
3937 			/* set */
3938 			rtn = iscsi_ioctl_set_config_sess(ihp, ics);
3939 		}
3940 		break;
3941 
3942 	default:
3943 		rtn = ENOTTY;
3944 		cmn_err(CE_NOTE, "unrecognized ioctl 0x%x", cmd);
3945 	} /* end of ioctl type switch/cases */
3946 
3947 	return (rtn);
3948 }
3949 
3950 /*
3951  * +--------------------------------------------------------------------+
3952  * | End of cb_ops routines					     |
3953  * +--------------------------------------------------------------------+
3954  */
3955 
3956 
3957 /*
3958  * +--------------------------------------------------------------------+
3959  * | Common scsi_tran support routines				  |
3960  * +--------------------------------------------------------------------+
3961  */
3962 
3963 /*
3964  * iscsi_i_commoncap -- SCSA host adapter get/set capability routines.
3965  *
3966  * Need to determine if any of these can be determined through the iSCSI
3967  * protocol. For now just return error on most.
3968  */
3969 /* ARGSUSED */
3970 static int
3971 iscsi_i_commoncap(struct scsi_address *ap, char *cap, int val,
3972     int tgtonly, int doset)
3973 {
3974 	int		rtn;
3975 	int		cidx;
3976 	iscsi_lun_t	*ilp;
3977 
3978 	ASSERT((ap)->a_hba_tran->tran_hba_private != NULL);
3979 	ilp	= (iscsi_lun_t *)((ap)->a_hba_tran->tran_tgt_private);
3980 	ASSERT(ilp != NULL);
3981 
3982 	if (cap == (char *)0) {
3983 		return (FALSE);
3984 	}
3985 
3986 	cidx = scsi_hba_lookup_capstr(cap);
3987 	if (cidx == -1) {
3988 		return (cidx);
3989 	}
3990 
3991 	/*
3992 	 * Process setcap request.
3993 	 */
3994 	if (doset) {
3995 		/*
3996 		 * At present, we can only set binary (0/1) values
3997 		 */
3998 		switch (cidx) {
3999 		case SCSI_CAP_LUN_RESET:
4000 			if (val) {
4001 				ilp->lun_cap |= ISCSI_LUN_CAP_RESET;
4002 			} else {
4003 				ilp->lun_cap &= ~ISCSI_LUN_CAP_RESET;
4004 			}
4005 			rtn = TRUE;
4006 			break;
4007 		default:
4008 			/*
4009 			 * None of these are settable via
4010 			 * the capability interface.
4011 			 */
4012 			rtn = FALSE;
4013 			break;
4014 		}
4015 
4016 		/*
4017 		 * Process getcap request.
4018 		 */
4019 	} else {
4020 		switch (cidx) {
4021 		case SCSI_CAP_DMA_MAX:
4022 			/* no DMA, Psuedo value */
4023 			rtn = INT32_MAX;
4024 			break;
4025 		case SCSI_CAP_INITIATOR_ID:
4026 			rtn = 7;
4027 			break;
4028 		case SCSI_CAP_ARQ:
4029 		case SCSI_CAP_RESET_NOTIFICATION:
4030 		case SCSI_CAP_TAGGED_QING:
4031 			rtn = TRUE;
4032 			break;
4033 		case SCSI_CAP_SCSI_VERSION:
4034 			rtn = SCSI_VERSION_3;
4035 			break;
4036 		case SCSI_CAP_INTERCONNECT_TYPE:
4037 			rtn = INTERCONNECT_FABRIC;
4038 			break;
4039 		case SCSI_CAP_LUN_RESET:
4040 			rtn = ((ilp->lun_cap & ISCSI_LUN_CAP_RESET) != 0) ?
4041 			    TRUE : FALSE;
4042 			break;
4043 		case SCSI_CAP_CDB_LEN:
4044 			/*
4045 			 * iSCSI RFC 3720 defines a default 16 byte
4046 			 * CDB as part of the Basic Header Segment
4047 			 * (BHS) (10.2.1) and allows for an Additional
4048 			 * Header Segment (AHS) Length of 255 * 4
4049 			 * (10.2.1.5).  The AHS length can be used
4050 			 * for different purposes two of which are
4051 			 * Extended CDB ADS (10.2.2.3) and Bidirectional
4052 			 * Expected Read-Data Length AHS (10.2.2.4).
4053 			 * The largest header of these consumes is
4054 			 * 32 bytes.  So the total Max CDB Length is
4055 			 * 16 + ((255 * 4 ) - 32) = 1004.
4056 			 */
4057 			rtn = 1004;
4058 			break;
4059 		default:
4060 			rtn = UNDEFINED;
4061 			break;
4062 		}
4063 	}
4064 	return (rtn);
4065 }
4066 
4067 /*
4068  * iscsi_virt_lun_init - attempts to complete a mdi/scsi_vhci binding
4069  *
4070  * This routine is used to associate the tran_tgt_private to our ilp
4071  * structure.  This function is indirectly called from our
4072  * iscsi_lun_create_xxx routines.  These routines must prevent
4073  * the session and lun lists from changing during this call.
4074  */
4075 /* ARGSUSED */
4076 static int
4077 iscsi_virt_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
4078     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
4079 {
4080 	iscsi_lun_t	*ilp		= NULL;
4081 	iscsi_lun_t	*ilp_check	= NULL;
4082 	iscsi_sess_t	*isp		= NULL;
4083 	char		*lun_guid	= NULL;
4084 	mdi_pathinfo_t	*pip		= NULL;
4085 	iscsi_hba_t	*ihp    = (iscsi_hba_t *)hba_tran->tran_hba_private;
4086 	char		target_port_name[MAX_NAME_PROP_SIZE];
4087 
4088 	/*
4089 	 * Here's a nice little piece of undocumented stuff.
4090 	 */
4091 	if ((pip = (mdi_pathinfo_t *)sd->sd_private) == NULL) {
4092 		/*
4093 		 * Very bad news if this occurs. Somehow SCSI_vhci has
4094 		 * lost the pathinfo node for this target.
4095 		 */
4096 		return (DDI_NOT_WELL_FORMED);
4097 	}
4098 
4099 	ilp = (iscsi_lun_t *)mdi_pi_get_phci_private(pip);
4100 
4101 	/*
4102 	 * +----------------------------------------------------+
4103 	 * | Looking to find the target device via the property |
4104 	 * | is not required since the driver can easily get    |
4105 	 * | this information from the mdi_phci_get_private()   |
4106 	 * | call above.  This is just a consistency check	|
4107 	 * | which can be removed.				|
4108 	 */
4109 	if (mdi_prop_lookup_string(pip, MDI_GUID, &lun_guid) !=
4110 	    DDI_PROP_SUCCESS) {
4111 		return (DDI_NOT_WELL_FORMED);
4112 	}
4113 
4114 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
4115 
4116 		/* If this isn't the matching session continue */
4117 		if (ilp->lun_sess != isp) {
4118 			continue;
4119 		}
4120 
4121 		/*
4122 		 * We are already holding the lun list rwlock
4123 		 * for this thread on the callers side of mdi_pi_online
4124 		 * or ndi_devi_online.  Which lead to this functions
4125 		 * call.
4126 		 */
4127 		for (ilp_check = isp->sess_lun_list; ilp_check;
4128 		    ilp_check = ilp_check->lun_next) {
4129 
4130 			/*
4131 			 * If this is the matching LUN and contains
4132 			 * the same LUN GUID then break we found our
4133 			 * match.
4134 			 */
4135 			if ((ilp == ilp_check) &&
4136 			    (strcmp(lun_guid, ilp_check->lun_guid) == 0)) {
4137 				break;
4138 			}
4139 		}
4140 		if (ilp_check != NULL) {
4141 			break;
4142 		}
4143 	}
4144 
4145 	/*
4146 	 * Free resource that's no longer required.
4147 	 */
4148 	if (lun_guid != NULL)
4149 		(void) mdi_prop_free(lun_guid);
4150 
4151 	if (ilp_check == NULL) {
4152 		/*
4153 		 * Failed to find iSCSI LUN in HBA chain based
4154 		 * on the GUID that was stored as a property on
4155 		 * the pathinfo node.
4156 		 */
4157 		return (DDI_NOT_WELL_FORMED);
4158 	}
4159 
4160 	if (ilp != ilp_check) {
4161 		/*
4162 		 * The iSCSI target that we found on the HBA link is
4163 		 * different than the iSCSI target that was stored as
4164 		 * private data on the pathinfo node.
4165 		 */
4166 		return (DDI_NOT_WELL_FORMED);
4167 	}
4168 	/*
4169 	 * | End of consistency check				|
4170 	 * +----------------------------------------------------+
4171 	 */
4172 
4173 	hba_tran->tran_tgt_private = ilp;
4174 
4175 	target_port_name[0] = '\0';
4176 	if (ilp->lun_sess->sess_tpgt_conf == ISCSI_DEFAULT_TPGT) {
4177 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4178 		    "%02x%02x%02x%02x%02x%02x,%s",
4179 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4180 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4181 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4182 		    ilp->lun_sess->sess_name);
4183 	} else {
4184 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4185 		    "%02x%02x%02x%02x%02x%02x,%s,%d",
4186 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4187 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4188 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4189 		    ilp->lun_sess->sess_name, ilp->lun_sess->sess_tpgt_conf);
4190 	}
4191 
4192 	if (mdi_prop_update_string(pip, "target-port",
4193 	    target_port_name) != DDI_PROP_SUCCESS) {
4194 		cmn_err(CE_WARN, "iscsi_virt_lun_init: Creating 'target-port' "
4195 		"property on Path(%p) for Target(%s), Lun(%d) Failed",
4196 		    (void *)pip, ilp->lun_sess->sess_name, ilp->lun_num);
4197 	}
4198 
4199 	return (DDI_SUCCESS);
4200 }
4201 
4202 /*
4203  * iscsi_phys_lun_init - attempts to complete a ndi binding
4204  *
4205  * This routine is used to associate the tran_tgt_private to our
4206  * ilp structure.  This function is indirectly called from our
4207  * iscsi_lun_create_xxx routines.  These routines must prevent
4208  * the session and lun lists from changing during this call.
4209  */
4210 static int
4211 iscsi_phys_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
4212     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
4213 {
4214 	int		rtn	= DDI_SUCCESS;
4215 	iscsi_hba_t	*ihp	= NULL;
4216 	iscsi_sess_t	*isp	= NULL;
4217 	iscsi_lun_t	*ilp	= NULL;
4218 	char		target_port_name[MAX_NAME_PROP_SIZE];
4219 	int		*words = NULL;
4220 	uint_t		nwords = 0;
4221 
4222 	ASSERT(hba_dip);
4223 	ASSERT(lun_dip);
4224 	ASSERT(hba_tran);
4225 	ASSERT(sd);
4226 	ihp = (iscsi_hba_t *)hba_tran->tran_hba_private;
4227 	ASSERT(ihp);
4228 
4229 	if (ddi_prop_lookup_int_array(DDI_DEV_T_ANY, lun_dip,
4230 	    DDI_PROP_DONTPASS, LUN_PROP, &words, &nwords) != DDI_PROP_SUCCESS) {
4231 		cmn_err(CE_WARN, "iscsi_phys_lun_init: Returning DDI_FAILURE:"
4232 		    "lun for %s (instance %d)", ddi_get_name(lun_dip),
4233 		    ddi_get_instance(lun_dip));
4234 		return (DDI_FAILURE);
4235 	}
4236 
4237 	if (nwords == 0) {
4238 		ddi_prop_free(words);
4239 		return (DDI_FAILURE);
4240 	}
4241 
4242 	ASSERT(words != NULL);
4243 
4244 	/* See if we already created this session */
4245 
4246 	/* Walk the HBA's session list */
4247 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
4248 		/* compare target name as the unique identifier */
4249 		if (sd->sd_address.a_target == isp->sess_oid) {
4250 			/* found match */
4251 			break;
4252 		}
4253 	}
4254 
4255 	/* If we found matching session continue searching for tgt */
4256 	if (isp != NULL) {
4257 		/*
4258 		 * Search for the matching iscsi lun structure.  We don't
4259 		 * need to hold the READER for the lun list at this point.
4260 		 * because the tran_get_name is being called from the online
4261 		 * function which is already holding a reader on the lun
4262 		 * list.
4263 		 */
4264 		for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
4265 			if (*words == ilp->lun_num) {
4266 				/* found match */
4267 				break;
4268 			}
4269 		}
4270 
4271 		if (ilp != NULL) {
4272 			/*
4273 			 * tgt found path it to the tran_lun_private
4274 			 * this is used later for fast access on
4275 			 * init_pkt and start
4276 			 */
4277 			hba_tran->tran_tgt_private = ilp;
4278 		} else {
4279 			/* tgt not found */
4280 			ddi_prop_free(words);
4281 			return (DDI_FAILURE);
4282 		}
4283 	} else {
4284 		/* sess not found */
4285 		ddi_prop_free(words);
4286 		return (DDI_FAILURE);
4287 	}
4288 	ddi_prop_free(words);
4289 
4290 	target_port_name[0] = '\0';
4291 	if (ilp->lun_sess->sess_tpgt_conf == ISCSI_DEFAULT_TPGT) {
4292 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4293 		    "%02x%02x%02x%02x%02x%02x,%s",
4294 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4295 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4296 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4297 		    ilp->lun_sess->sess_name);
4298 	} else {
4299 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4300 		    "%02x%02x%02x%02x%02x%02x,%s,%d",
4301 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4302 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4303 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4304 		    ilp->lun_sess->sess_name, ilp->lun_sess->sess_tpgt_conf);
4305 	}
4306 
4307 	if (ddi_prop_update_string(DDI_DEV_T_NONE, lun_dip,
4308 	    "target-port", target_port_name) != DDI_PROP_SUCCESS) {
4309 		cmn_err(CE_WARN, "iscsi_phys_lun_init: Creating 'target-port' "
4310 		    "property on Target(%s), Lun(%d) Failed",
4311 		    ilp->lun_sess->sess_name, ilp->lun_num);
4312 	}
4313 
4314 	return (rtn);
4315 }
4316 
4317 /*
4318  * +--------------------------------------------------------------------+
4319  * | End of scsi_tran support routines					|
4320  * +--------------------------------------------------------------------+
4321  */
4322 
4323 /*
4324  * +--------------------------------------------------------------------+
4325  * | Begin of struct utility routines					|
4326  * +--------------------------------------------------------------------+
4327  */
4328 
4329 
4330 /*
4331  * iscsi_set_default_login_params - This function sets the
4332  * driver default login params.  This is using during the
4333  * creation of our iSCSI HBA structure initialization by
4334  * could be used at other times to reset back to the defaults.
4335  */
4336 void
4337 iscsi_set_default_login_params(iscsi_login_params_t *params)
4338 {
4339 	params->immediate_data		= ISCSI_DEFAULT_IMMEDIATE_DATA;
4340 	params->initial_r2t		= ISCSI_DEFAULT_INITIALR2T;
4341 	params->first_burst_length	= ISCSI_DEFAULT_FIRST_BURST_LENGTH;
4342 	params->max_burst_length	= ISCSI_DEFAULT_MAX_BURST_LENGTH;
4343 	params->data_pdu_in_order	= ISCSI_DEFAULT_DATA_PDU_IN_ORDER;
4344 	params->data_sequence_in_order	= ISCSI_DEFAULT_DATA_SEQUENCE_IN_ORDER;
4345 	params->default_time_to_wait	= ISCSI_DEFAULT_TIME_TO_WAIT;
4346 	params->default_time_to_retain	= ISCSI_DEFAULT_TIME_TO_RETAIN;
4347 	params->header_digest		= ISCSI_DEFAULT_HEADER_DIGEST;
4348 	params->data_digest		= ISCSI_DEFAULT_DATA_DIGEST;
4349 	params->max_recv_data_seg_len	= ISCSI_DEFAULT_MAX_RECV_SEG_LEN;
4350 	params->max_xmit_data_seg_len	= ISCSI_DEFAULT_MAX_XMIT_SEG_LEN;
4351 	params->max_connections		= ISCSI_DEFAULT_MAX_CONNECTIONS;
4352 	params->max_outstanding_r2t	= ISCSI_DEFAULT_MAX_OUT_R2T;
4353 	params->error_recovery_level	= ISCSI_DEFAULT_ERROR_RECOVERY_LEVEL;
4354 	params->ifmarker		= ISCSI_DEFAULT_IFMARKER;
4355 	params->ofmarker		= ISCSI_DEFAULT_OFMARKER;
4356 }
4357 
4358 
4359 /*
4360  * +--------------------------------------------------------------------+
4361  * | End of struct utility routines				     |
4362  * +--------------------------------------------------------------------+
4363  */
4364 
4365 /*
4366  * +--------------------------------------------------------------------+
4367  * | Begin of ioctl utility routines				    |
4368  * +--------------------------------------------------------------------+
4369  */
4370 
4371 /*
4372  * iscsi_get_param - This function is a helper to ISCSI_GET_PARAM
4373  * IOCTL
4374  */
4375 int
4376 iscsi_get_param(iscsi_login_params_t *params, boolean_t valid_flag,
4377     iscsi_param_get_t *ipgp) {
4378 	int rtn = 0;
4379 
4380 	/* ---- Default to settable, possibly changed later ---- */
4381 	ipgp->g_value.v_valid    = valid_flag;
4382 	ipgp->g_value.v_settable = B_TRUE;
4383 
4384 	switch (ipgp->g_param) {
4385 	/*
4386 	 * Boolean parameters
4387 	 */
4388 	case ISCSI_LOGIN_PARAM_DATA_SEQUENCE_IN_ORDER:
4389 		ipgp->g_value.v_bool.b_current =
4390 		    params->data_sequence_in_order;
4391 		ipgp->g_value.v_bool.b_default =
4392 		    ISCSI_DEFAULT_DATA_SEQUENCE_IN_ORDER;
4393 		break;
4394 	case ISCSI_LOGIN_PARAM_IMMEDIATE_DATA:
4395 		ipgp->g_value.v_bool.b_current =
4396 		    params->immediate_data;
4397 		ipgp->g_value.v_bool.b_default =
4398 		    ISCSI_DEFAULT_IMMEDIATE_DATA;
4399 		break;
4400 	case ISCSI_LOGIN_PARAM_INITIAL_R2T:
4401 		ipgp->g_value.v_bool.b_current =
4402 		    params->initial_r2t;
4403 		ipgp->g_value.v_bool.b_default =
4404 		    ISCSI_DEFAULT_IMMEDIATE_DATA;
4405 		break;
4406 	case ISCSI_LOGIN_PARAM_DATA_PDU_IN_ORDER:
4407 		ipgp->g_value.v_bool.b_current =
4408 		    params->data_pdu_in_order;
4409 		ipgp->g_value.v_bool.b_default =
4410 		    ISCSI_DEFAULT_DATA_PDU_IN_ORDER;
4411 		break;
4412 
4413 	/*
4414 	 * Integer parameters
4415 	 */
4416 	case ISCSI_LOGIN_PARAM_HEADER_DIGEST:
4417 		ipgp->g_value.v_integer.i_current = params->header_digest;
4418 		ipgp->g_value.v_integer.i_default = ISCSI_DEFAULT_HEADER_DIGEST;
4419 		ipgp->g_value.v_integer.i_min = 0;
4420 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_HEADER_DIGEST;
4421 		ipgp->g_value.v_integer.i_incr = 1;
4422 		break;
4423 	case ISCSI_LOGIN_PARAM_DATA_DIGEST:
4424 		ipgp->g_value.v_integer.i_current = params->data_digest;
4425 		ipgp->g_value.v_integer.i_default = ISCSI_DEFAULT_DATA_DIGEST;
4426 		ipgp->g_value.v_integer.i_min = 0;
4427 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_DATA_DIGEST;
4428 		ipgp->g_value.v_integer.i_incr = 1;
4429 		break;
4430 	case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_RETAIN:
4431 		ipgp->g_value.v_integer.i_current =
4432 		    params->default_time_to_retain;
4433 		ipgp->g_value.v_integer.i_default =
4434 		    ISCSI_DEFAULT_TIME_TO_RETAIN;
4435 		ipgp->g_value.v_integer.i_min = 0;
4436 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_TIME2RETAIN;
4437 		ipgp->g_value.v_integer.i_incr = 1;
4438 		break;
4439 	case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_WAIT:
4440 		ipgp->g_value.v_integer.i_current =
4441 		    params->default_time_to_wait;
4442 		ipgp->g_value.v_integer.i_default =
4443 		    ISCSI_DEFAULT_TIME_TO_WAIT;
4444 		ipgp->g_value.v_integer.i_min = 0;
4445 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_TIME2WAIT;
4446 		ipgp->g_value.v_integer.i_incr = 1;
4447 		break;
4448 	case ISCSI_LOGIN_PARAM_ERROR_RECOVERY_LEVEL:
4449 		ipgp->g_value.v_integer.i_current =
4450 		    params->error_recovery_level;
4451 		ipgp->g_value.v_integer.i_default =
4452 		    ISCSI_DEFAULT_ERROR_RECOVERY_LEVEL;
4453 		ipgp->g_value.v_integer.i_min = 0;
4454 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_ERROR_RECOVERY_LEVEL;
4455 		ipgp->g_value.v_integer.i_incr = 1;
4456 		ipgp->g_value.v_settable = B_FALSE;
4457 		break;
4458 	case ISCSI_LOGIN_PARAM_FIRST_BURST_LENGTH:
4459 		ipgp->g_value.v_integer.i_current =
4460 		    params->first_burst_length;
4461 		ipgp->g_value.v_integer.i_default =
4462 		    ISCSI_DEFAULT_FIRST_BURST_LENGTH;
4463 		ipgp->g_value.v_integer.i_min = 512;
4464 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_FIRST_BURST_LENGTH;
4465 		ipgp->g_value.v_integer.i_incr = 1;
4466 		break;
4467 	case ISCSI_LOGIN_PARAM_MAX_BURST_LENGTH:
4468 		ipgp->g_value.v_integer.i_current =
4469 		    params->max_burst_length;
4470 		ipgp->g_value.v_integer.i_default =
4471 		    ISCSI_DEFAULT_MAX_BURST_LENGTH;
4472 		ipgp->g_value.v_integer.i_min = 512;
4473 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_BURST_LENGTH;
4474 		ipgp->g_value.v_integer.i_incr = 1;
4475 		break;
4476 	case ISCSI_LOGIN_PARAM_MAX_CONNECTIONS:
4477 		ipgp->g_value.v_integer.i_current =
4478 		    params->max_connections;
4479 		ipgp->g_value.v_settable = B_FALSE;
4480 		ipgp->g_value.v_integer.i_default =
4481 		    ISCSI_DEFAULT_MAX_CONNECTIONS;
4482 		ipgp->g_value.v_integer.i_min = 1;
4483 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_CONNECTIONS;
4484 		ipgp->g_value.v_integer.i_incr = 1;
4485 		break;
4486 	case ISCSI_LOGIN_PARAM_OUTSTANDING_R2T:
4487 		ipgp->g_value.v_integer.i_current =
4488 		    params->max_outstanding_r2t;
4489 		ipgp->g_value.v_settable = B_FALSE;
4490 		ipgp->g_value.v_integer.i_default =
4491 		    ISCSI_DEFAULT_MAX_OUT_R2T;
4492 		ipgp->g_value.v_integer.i_min = 1;
4493 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_OUTSTANDING_R2T;
4494 		ipgp->g_value.v_integer.i_incr = 1;
4495 		break;
4496 	case ISCSI_LOGIN_PARAM_MAX_RECV_DATA_SEGMENT_LENGTH:
4497 		ipgp->g_value.v_integer.i_current =
4498 		    params->max_recv_data_seg_len;
4499 		ipgp->g_value.v_integer.i_default =
4500 		    ISCSI_DEFAULT_MAX_RECV_SEG_LEN;
4501 		ipgp->g_value.v_integer.i_min = 512;
4502 		ipgp->g_value.v_integer.i_max =
4503 		    ISCSI_MAX_RECV_DATA_SEGMENT_LENGTH;
4504 		ipgp->g_value.v_integer.i_incr = 1;
4505 		break;
4506 	default:
4507 		rtn = EINVAL;
4508 	}
4509 
4510 	return (rtn);
4511 }
4512 
4513 /*
4514  * +--------------------------------------------------------------------+
4515  * | End of ioctl utility routines                                      |
4516  * +--------------------------------------------------------------------+
4517  */
4518 
4519 /*
4520  * iscsi_get_name_from_iqn - Translates a normal iqn/eui into a
4521  * IEEE safe address.  IEEE addresses have a number of characters
4522  * set aside as reserved.
4523  */
4524 static void
4525 iscsi_get_name_from_iqn(char *name, int name_max_len)
4526 {
4527 	char	*tmp		= NULL;
4528 	char	*oldch		= NULL;
4529 	char	*newch		= NULL;
4530 
4531 	tmp = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
4532 
4533 	for (oldch = &name[0], newch = &tmp[0]; *oldch != '\0';
4534 	    oldch++, newch++) {
4535 		switch (*oldch) {
4536 		case ':':
4537 			*newch++ = '%';
4538 			*newch++ = '3';
4539 			*newch = 'A';
4540 			break;
4541 		case ' ':
4542 			*newch++ = '%';
4543 			*newch++ = '2';
4544 			*newch = '0';
4545 			break;
4546 		case '@':
4547 			*newch++ = '%';
4548 			*newch++ = '4';
4549 			*newch = '0';
4550 			break;
4551 		case '/':
4552 			*newch++ = '%';
4553 			*newch++ = '2';
4554 			*newch = 'F';
4555 			break;
4556 		default:
4557 			*newch = *oldch;
4558 		}
4559 	}
4560 	(void) strncpy(name, tmp, name_max_len);
4561 	kmem_free(tmp, MAX_GET_NAME_SIZE);
4562 }
4563 
4564 /*
4565  * iscsi_get_name_to_iqn - Converts IEEE safe address back
4566  * into a iscsi iqn/eui.
4567  */
4568 static void
4569 iscsi_get_name_to_iqn(char *name, int name_max_len)
4570 {
4571 	char	*tmp		= NULL;
4572 	char	*oldch		= NULL;
4573 	char	*newch		= NULL;
4574 
4575 	tmp = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
4576 
4577 	for (oldch = &name[0], newch = &tmp[0]; *oldch != '\0';
4578 	    oldch++, newch++) {
4579 		if (*oldch == '%') {
4580 			switch (*(oldch+1)) {
4581 			case '2':
4582 				if (*(oldch+2) == '0') {
4583 					*newch = ' ';
4584 					oldch += 2;
4585 				} else if (*(oldch+2) == 'F') {
4586 					*newch = '/';
4587 					oldch += 2;
4588 				} else {
4589 					*newch = *oldch;
4590 				}
4591 				break;
4592 			case '3':
4593 				if (*(oldch+2) == 'A') {
4594 					*newch = ':';
4595 					oldch += 2;
4596 				} else {
4597 					*newch = *oldch;
4598 				}
4599 				break;
4600 			case '4':
4601 				if (*(oldch+2) == '0') {
4602 					*newch = '@';
4603 					oldch += 2;
4604 				} else {
4605 					*newch = *oldch;
4606 				}
4607 				break;
4608 			default:
4609 				*newch = *oldch;
4610 			}
4611 		} else {
4612 			*newch = *oldch;
4613 		}
4614 	}
4615 	(void) strncpy(name, tmp, name_max_len);
4616 	kmem_free(tmp, MAX_GET_NAME_SIZE);
4617 }
4618 
4619 /*
4620  * iscsi_get_persisted_param * - a helper to ISCSI_GET_PARAM ioctl
4621  *
4622  * On return 0 means persisted parameter found
4623  */
4624 int
4625 iscsi_get_persisted_param(uchar_t *name, iscsi_param_get_t *ipgp,
4626     iscsi_login_params_t *params)
4627 {
4628 	int rtn = 1;
4629 	persistent_param_t *pparam;
4630 
4631 	if (name == NULL || strlen((char *)name) == 0) {
4632 		return (rtn);
4633 	}
4634 
4635 	pparam = (persistent_param_t *)kmem_zalloc(sizeof (*pparam), KM_SLEEP);
4636 
4637 	if (persistent_param_get((char *)name, pparam) == B_TRUE) {
4638 		if (pparam->p_bitmap & (1 << ipgp->g_param)) {
4639 			/* Found configured parameter. */
4640 			bcopy(&pparam->p_params, params, sizeof (*params));
4641 			rtn = 0;
4642 		}
4643 	}
4644 
4645 	kmem_free(pparam, sizeof (*pparam));
4646 
4647 	return (rtn);
4648 }
4649 
4650 /*
4651  * iscsi_override_target_default - helper function set the target's default
4652  * login parameter if there is a configured initiator parameter.
4653  *
4654  */
4655 static void
4656 iscsi_override_target_default(iscsi_hba_t *ihp, iscsi_param_get_t *ipg)
4657 {
4658 	persistent_param_t *pp;
4659 	iscsi_login_params_t *params;
4660 
4661 	pp = (persistent_param_t *)kmem_zalloc(sizeof (*pp), KM_SLEEP);
4662 	if (persistent_param_get((char *)ihp->hba_name, pp) == B_TRUE) {
4663 		if (pp->p_bitmap & (1 << ipg->g_param)) {
4664 			params = &pp->p_params;
4665 			switch (ipg->g_param) {
4666 			case ISCSI_LOGIN_PARAM_DATA_SEQUENCE_IN_ORDER:
4667 				ipg->g_value.v_bool.b_default =
4668 				    params->data_sequence_in_order;
4669 				break;
4670 			case ISCSI_LOGIN_PARAM_IMMEDIATE_DATA:
4671 				ipg->g_value.v_bool.b_default =
4672 				    params->immediate_data;
4673 				break;
4674 			case ISCSI_LOGIN_PARAM_INITIAL_R2T:
4675 				ipg->g_value.v_bool.b_default =
4676 				    params->initial_r2t;
4677 				break;
4678 			case ISCSI_LOGIN_PARAM_DATA_PDU_IN_ORDER:
4679 				ipg->g_value.v_bool.b_default =
4680 				    params->data_pdu_in_order;
4681 				break;
4682 			case ISCSI_LOGIN_PARAM_HEADER_DIGEST:
4683 				ipg->g_value.v_integer.i_default =
4684 				    params->header_digest;
4685 				break;
4686 			case ISCSI_LOGIN_PARAM_DATA_DIGEST:
4687 				ipg->g_value.v_integer.i_default =
4688 				    params->data_digest;
4689 				break;
4690 			case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_RETAIN:
4691 				ipg->g_value.v_integer.i_default =
4692 				    params->default_time_to_retain;
4693 				break;
4694 			case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_WAIT:
4695 				ipg->g_value.v_integer.i_default =
4696 				    params->default_time_to_wait;
4697 				break;
4698 			case ISCSI_LOGIN_PARAM_ERROR_RECOVERY_LEVEL:
4699 				ipg->g_value.v_integer.i_default =
4700 				    params->error_recovery_level;
4701 				break;
4702 			case ISCSI_LOGIN_PARAM_FIRST_BURST_LENGTH:
4703 				ipg->g_value.v_integer.i_default =
4704 				    params->first_burst_length;
4705 				break;
4706 			case ISCSI_LOGIN_PARAM_MAX_BURST_LENGTH:
4707 				ipg->g_value.v_integer.i_default =
4708 				    params->max_burst_length;
4709 				break;
4710 			case ISCSI_LOGIN_PARAM_MAX_CONNECTIONS:
4711 				ipg->g_value.v_integer.i_default =
4712 				    params->max_connections;
4713 				break;
4714 			case ISCSI_LOGIN_PARAM_OUTSTANDING_R2T:
4715 				ipg->g_value.v_integer.i_default =
4716 				    params->max_outstanding_r2t;
4717 				break;
4718 			case ISCSI_LOGIN_PARAM_MAX_RECV_DATA_SEGMENT_LENGTH:
4719 				ipg->g_value.v_integer.i_default =
4720 				    params->max_xmit_data_seg_len;
4721 				break;
4722 			default:
4723 				break;
4724 			}
4725 		}
4726 	}
4727 	kmem_free(pp, sizeof (*pp));
4728 }
4729