xref: /illumos-gate/usr/src/uts/common/io/scsi/adapters/iscsi/iscsi.c (revision abddfefb3168362a915cd681eb5a6498ec6c9e09)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2000 by Cisco Systems, Inc.  All rights reserved.
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  *
26  * iSCSI Software Initiator
27  */
28 
29 /*
30  * Framework interface routines for iSCSI
31  */
32 
33 #include "iscsi.h"				/* main header */
34 #include <sys/iscsi_protocol.h>	/* protocol structs */
35 #include <sys/scsi/adapters/iscsi_if.h>		/* ioctl interfaces */
36 #include "iscsi_targetparam.h"
37 #include "persistent.h"
38 #include <sys/scsi/adapters/iscsi_door.h>
39 #include <sys/dlpi.h>
40 #include <sys/utsname.h>
41 #include "isns_client.h"
42 #include "isns_protocol.h"
43 #include <sys/bootprops.h>
44 #include <sys/types.h>
45 #include <sys/bootconf.h>
46 
47 #define	ISCSI_NAME_VERSION	"iSCSI Initiator v-1.55"
48 
49 #define	MAX_GET_NAME_SIZE	1024
50 #define	MAX_NAME_PROP_SIZE	256
51 #define	UNDEFINED		-1
52 
53 /*
54  * +--------------------------------------------------------------------+
55  * | iscsi globals                                                      |
56  * +--------------------------------------------------------------------+
57  */
58 void		*iscsi_state;
59 kmutex_t	iscsi_oid_mutex;
60 uint32_t	iscsi_oid;
61 int		iscsi_nop_delay		= ISCSI_DEFAULT_NOP_DELAY;
62 int		iscsi_rx_window		= ISCSI_DEFAULT_RX_WINDOW;
63 int		iscsi_rx_max_window	= ISCSI_DEFAULT_RX_MAX_WINDOW;
64 boolean_t	iscsi_logging		= B_FALSE;
65 
66 extern ib_boot_prop_t	*iscsiboot_prop;
67 extern int		modrootloaded;
68 extern struct bootobj	rootfs;
69 
70 /*
71  * +--------------------------------------------------------------------+
72  * | iscsi.c prototypes							|
73  * +--------------------------------------------------------------------+
74  */
75 static int iscsi_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd,
76     void *arg, void **result);
77 static int iscsi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd);
78 static int iscsi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd);
79 
80 /* scsi_tran prototypes */
81 static int iscsi_tran_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
82     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
83 static int iscsi_tran_lun_probe(struct scsi_device *sd, int (*callback) ());
84 static struct scsi_pkt *iscsi_tran_init_pkt(struct scsi_address *ap,
85     struct scsi_pkt *pkt, struct buf *bp, int cmdlen, int statuslen,
86     int tgtlen, int flags, int (*callback) (), caddr_t arg);
87 static void iscsi_tran_lun_free(dev_info_t *hba_dip, dev_info_t *lun_dip,
88     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
89 static int iscsi_tran_start(struct scsi_address *ap, struct scsi_pkt *pkt);
90 static int iscsi_tran_abort(struct scsi_address *ap, struct scsi_pkt *pkt);
91 static int iscsi_tran_reset(struct scsi_address *ap, int level);
92 static int iscsi_tran_getcap(struct scsi_address *ap, char *cap, int whom);
93 static int iscsi_tran_setcap(struct scsi_address *ap, char *cap,
94     int value, int whom);
95 static void iscsi_tran_destroy_pkt(struct scsi_address *ap,
96     struct scsi_pkt *pkt);
97 static void iscsi_tran_dmafree(struct scsi_address *ap,
98     struct scsi_pkt *pkt);
99 static void iscsi_tran_sync_pkt(struct scsi_address *ap,
100     struct scsi_pkt *pkt);
101 static void iscsi_tran_sync_pkt(struct scsi_address *ap,
102     struct scsi_pkt *pkt);
103 static int iscsi_tran_reset_notify(struct scsi_address *ap, int flag,
104     void (*callback) (caddr_t), caddr_t arg);
105 static int iscsi_tran_bus_config(dev_info_t *parent, uint_t flags,
106     ddi_bus_config_op_t op, void *arg, dev_info_t **childp);
107 static int iscsi_tran_bus_unconfig(dev_info_t *parent, uint_t flags,
108     ddi_bus_config_op_t op, void *arg);
109 static int iscsi_tran_get_name(struct scsi_device *sd, char *name, int len);
110 static int iscsi_tran_get_bus_addr(struct scsi_device *sd, char *name, int len);
111 
112 /* bus_ops prototypes */
113 /* LINTED E_STATIC_UNUSED */
114 static ddi_intrspec_t iscsi_get_intrspec(dev_info_t *dip, dev_info_t *rdip,
115     uint_t inumber);
116 /* LINTED E_STATIC_UNUSED */
117 static int iscsi_add_intrspec(dev_info_t *dip, dev_info_t *rdip,
118     ddi_intrspec_t intrspec, ddi_iblock_cookie_t *iblock_cookiep,
119     ddi_idevice_cookie_t *idevice_cookiep, uint_t (*int_handler)(caddr_t
120     int_handler_arg), caddr_t int_handler_arg, int kind);
121 /* LINTED E_STATIC_UNUSED */
122 static void iscsi_remove_intrspec(dev_info_t *dip, dev_info_t *rdip,
123     ddi_intrspec_t intrspec, ddi_iblock_cookie_t iblock_cookie);
124 /* LINTED E_STATIC_UNUSED */
125 static int iscsi_ctl(dev_info_t *dip, dev_info_t *rdip, ddi_ctl_enum_t ctlop,
126     void *arg, void *result);
127 
128 /* cb_ops prototypes */
129 static int iscsi_open(dev_t *devp, int flags, int otyp, cred_t *credp);
130 static int iscsi_close(dev_t dev, int flag, int otyp, cred_t *credp);
131 static int iscsi_ioctl(dev_t dev, int cmd, intptr_t arg, int mode,
132     cred_t *credp, int *rvalp);
133 
134 int iscsi_get_persisted_param(uchar_t *name,
135     iscsi_param_get_t *ipgp,
136     iscsi_login_params_t *params);
137 static void iscsi_override_target_default(iscsi_hba_t *ihp,
138     iscsi_param_get_t *ipg);
139 
140 /* scsi_tran helpers */
141 static int iscsi_virt_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
142     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
143 static int iscsi_phys_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
144     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
145 static int iscsi_i_commoncap(struct scsi_address *ap, char *cap,
146     int val, int lunonly, int doset);
147 static void iscsi_get_name_to_iqn(char *name, int name_max_len);
148 static void iscsi_get_name_from_iqn(char *name, int name_max_len);
149 static boolean_t iscsi_cmp_boot_sess_oid(iscsi_hba_t *ihp, uint32_t oid);
150 
151 /* iscsi initiator service helpers */
152 static boolean_t iscsi_enter_service_zone(iscsi_hba_t *ihp, uint32_t status);
153 static void iscsi_exit_service_zone(iscsi_hba_t *ihp, uint32_t status);
154 static void iscsi_check_miniroot(iscsi_hba_t *ihp);
155 
156 /* struct helpers prototypes */
157 
158 /*
159  * At this point this driver doesn't need this structure because nothing
160  * is done during the open, close or ioctl. Code put in place because
161  * some admin related work might be done in the ioctl routine.
162  */
163 static struct cb_ops iscsi_cb_ops = {
164 	iscsi_open,			/* open */
165 	iscsi_close,			/* close */
166 	nodev,				/* strategy */
167 	nodev,				/* print */
168 	nodev,				/* dump */
169 	nodev,				/* read */
170 	nodev,				/* write */
171 	iscsi_ioctl,			/* ioctl */
172 	nodev,				/* devmap */
173 	nodev,				/* mmap */
174 	nodev,				/* segmap */
175 	nochpoll,			/* poll */
176 	ddi_prop_op,			/* prop_op */
177 	NULL,				/* streamtab */
178 	D_NEW | D_MP | D_HOTPLUG,	/* flags */
179 	CB_REV,				/* cb_rev */
180 	nodev,				/* aread */
181 	nodev,				/* awrite */
182 };
183 
184 static struct dev_ops iscsi_dev_ops = {
185 	DEVO_REV,		/* devo_rev */
186 	0,			/* refcnt */
187 	iscsi_getinfo,		/* getinfo */
188 	nulldev,		/* identify */
189 	nulldev,		/* probe */
190 	iscsi_attach,		/* attach */
191 	iscsi_detach,		/* detach */
192 	nodev,			/* reset */
193 	&iscsi_cb_ops,		/* driver operations */
194 	NULL,			/* bus ops */
195 	NULL,			/* power management */
196 	ddi_quiesce_not_needed,	/* quiesce */
197 };
198 
199 static struct modldrv modldrv = {
200 	&mod_driverops,		/* drv_modops */
201 	ISCSI_NAME_VERSION,	/* drv_linkinfo */
202 	&iscsi_dev_ops		/* drv_dev_ops */
203 };
204 
205 static struct modlinkage modlinkage = {
206 	MODREV_1,		/* ml_rev */
207 	&modldrv,		/* ml_linkage[] */
208 	NULL			/* NULL termination */
209 };
210 
211 /*
212  * This structure is bogus. scsi_hba_attach_setup() requires, as in the kernel
213  * will panic if you don't pass this in to the routine, this information.
214  * Need to determine what the actual impact to the system is by providing
215  * this information if any. Since dma allocation is done in pkt_init it may
216  * not have any impact. These values are straight from the Writing Device
217  * Driver manual.
218  */
219 static ddi_dma_attr_t iscsi_dma_attr = {
220 	DMA_ATTR_V0,	/* ddi_dma_attr version */
221 	0,		/* low address */
222 	0xffffffff,	/* high address */
223 	0x00ffffff,	/* counter upper bound */
224 	1,		/* alignment requirements */
225 	0x3f,		/* burst sizes */
226 	1,		/* minimum DMA access */
227 	0xffffffff,	/* maximum DMA access */
228 	(1 << 24) - 1,	/* segment boundary restrictions */
229 	1,		/* scater/gather list length */
230 	512,		/* device granularity */
231 	0		/* DMA flags */
232 };
233 
234 /*
235  * _init - General driver init entry
236  */
237 int
238 _init(void)
239 {
240 	int rval = 0;
241 
242 	iscsi_net_init();
243 
244 	mutex_init(&iscsi_oid_mutex, NULL, MUTEX_DRIVER, NULL);
245 	iscsi_oid = ISCSI_INITIATOR_OID;
246 
247 	/*
248 	 * Set up the soft state structures. If this driver is actually
249 	 * being attached to the system then we'll have at least one
250 	 * HBA/NIC used.
251 	 */
252 	rval = ddi_soft_state_init(&iscsi_state,
253 	    sizeof (iscsi_hba_t), 1);
254 	if (rval != 0) {
255 		iscsi_net_fini();
256 		goto init_done;
257 	}
258 
259 	rval = scsi_hba_init(&modlinkage);
260 	if (rval != 0) {
261 		ddi_soft_state_fini(&iscsi_state);
262 		iscsi_net_fini();
263 		goto init_done;
264 	}
265 
266 	rval = mod_install(&modlinkage);
267 	if (rval != 0) {
268 		ddi_soft_state_fini(&iscsi_state);
269 		scsi_hba_fini(&modlinkage);
270 		iscsi_net_fini();
271 		goto init_done;
272 	}
273 	(void) iscsi_door_ini();
274 
275 init_done:
276 	return (rval);
277 }
278 
279 /*
280  * _fini - General driver destructor entry
281  */
282 int
283 _fini(void)
284 {
285 	int rval = 0;
286 
287 	rval = mod_remove(&modlinkage);
288 	if (rval == 0) {
289 		scsi_hba_fini(&modlinkage);
290 		ddi_soft_state_fini(&iscsi_state);
291 		mutex_destroy(&iscsi_oid_mutex);
292 		(void) iscsi_door_term();
293 		iscsi_net_fini();
294 	}
295 	return (rval);
296 }
297 
298 /*
299  * _info - General driver info entry
300  */
301 int
302 _info(struct modinfo *mp)
303 {
304 	int rval = 0;
305 
306 	rval = mod_info(&modlinkage, mp);
307 
308 	return (rval);
309 }
310 
311 
312 /*
313  * +--------------------------------------------------------------------+
314  * | Start of dev_ops routines					  |
315  * +--------------------------------------------------------------------+
316  */
317 
318 /*
319  * iscsi_getinfo - returns general driver information
320  */
321 /* ARGSUSED */
322 static int
323 iscsi_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd,
324     void *arg, void **result)
325 {
326 	int		rval		= DDI_SUCCESS;
327 	int		instance	= getminor((dev_t)arg);
328 	iscsi_hba_t	*ip;
329 
330 	switch (infocmd) {
331 	case DDI_INFO_DEVT2DEVINFO:
332 		if ((ip = ddi_get_soft_state(iscsi_state, instance)) == NULL) {
333 			return (DDI_FAILURE);
334 		}
335 		*result = ip->hba_dip;
336 		if (ip->hba_dip == NULL)
337 			rval = DDI_FAILURE;
338 		else
339 			rval = DDI_SUCCESS;
340 		break;
341 
342 	case DDI_INFO_DEVT2INSTANCE:
343 		*result = (void *)(uintptr_t)instance;
344 		rval = DDI_SUCCESS;
345 		break;
346 
347 	default:
348 		rval = DDI_FAILURE;
349 		break;
350 	}
351 	return (rval);
352 }
353 
354 
355 /*
356  * iscsi_attach -- Attach instance of an iSCSI HBA.  We
357  * will attempt to create our HBA and register it with
358  * scsi_vhci.  If it's not possible to create the HBA
359  * or register with vhci we will fail the attach.
360  */
361 static int
362 iscsi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
363 {
364 	int			rval		= DDI_SUCCESS;
365 	int			instance	= ddi_get_instance(dip);
366 	iscsi_hba_t		*ihp		= NULL;
367 	scsi_hba_tran_t		*tran		= NULL;
368 	char			init_port_name[MAX_NAME_PROP_SIZE];
369 
370 	switch (cmd) {
371 	case DDI_ATTACH:
372 		/* create iSCSH HBA devctl device node */
373 		if (ddi_create_minor_node(dip, ISCSI_DEVCTL, S_IFCHR, 0,
374 		    DDI_PSEUDO, 0) == DDI_SUCCESS) {
375 
376 			/* allocate HBA soft state */
377 			if (ddi_soft_state_zalloc(iscsi_state, instance) !=
378 			    DDI_SUCCESS) {
379 				ddi_remove_minor_node(dip, NULL);
380 				rval = DDI_FAILURE;
381 				break;
382 			}
383 
384 			/* get reference to soft state */
385 			if ((ihp = (iscsi_hba_t *)ddi_get_soft_state(
386 			    iscsi_state, instance)) == NULL) {
387 				ddi_remove_minor_node(dip, NULL);
388 				ddi_soft_state_free(iscsi_state, instance);
389 				rval = DDI_FAILURE;
390 				break;
391 			}
392 
393 			/* init HBA mutex used to protect discovery events */
394 			mutex_init(&ihp->hba_discovery_events_mutex, NULL,
395 			    MUTEX_DRIVER, NULL);
396 
397 			/* Get LDI ident */
398 			rval = ldi_ident_from_dip(dip, &ihp->hba_li);
399 			ASSERT(rval == 0); /* Failure indicates invalid arg */
400 
401 			/* init HBA mutex used to protect service status */
402 			mutex_init(&ihp->hba_service_lock, NULL,
403 			    MUTEX_DRIVER, NULL);
404 			cv_init(&ihp->hba_service_cv, NULL, CV_DRIVER, NULL);
405 
406 			/*
407 			 * init SendTargets semaphore that is used to allow
408 			 * only one operation at a time
409 			 */
410 			sema_init(&ihp->hba_sendtgts_semaphore, 1, NULL,
411 			    SEMA_DRIVER, NULL);
412 
413 			ihp->hba_sess_list = NULL;
414 			rw_init(&ihp->hba_sess_list_rwlock, NULL,
415 			    RW_DRIVER, NULL);
416 
417 			/* allocate scsi_hba_tran */
418 			if ((tran = scsi_hba_tran_alloc(dip, SCSI_HBA_CANSLEEP))
419 			    == NULL) {
420 				ddi_remove_minor_node(dip, NULL);
421 				goto iscsi_attach_failed2;
422 			}
423 
424 			/* soft state setup */
425 			ihp->hba_sig	= ISCSI_SIG_HBA;
426 			ihp->hba_tran	= tran;
427 			ihp->hba_dip	= dip;
428 			ihp->hba_service_status = ISCSI_SERVICE_DISABLED;
429 			ihp->hba_service_client_count = 0;
430 
431 			mutex_enter(&iscsi_oid_mutex);
432 			ihp->hba_oid		  = iscsi_oid++;
433 			mutex_exit(&iscsi_oid_mutex);
434 
435 			ihp->hba_name[0]	  = '\0';
436 			ihp->hba_name_length	  = 0;
437 			ihp->hba_alias_length	  = 0;
438 			ihp->hba_alias[0]	  = '\0';
439 
440 			iscsi_net->tweaks.rcvbuf = ddi_prop_get_int(
441 			    DDI_DEV_T_ANY, ihp->hba_dip, 0, "so-rcvbuf",
442 			    ISCSI_SOCKET_RCVBUF_SIZE);
443 
444 			iscsi_net->tweaks.sndbuf = ddi_prop_get_int(
445 			    DDI_DEV_T_ANY, ihp->hba_dip, 0, "so-sndbuf",
446 			    ISCSI_SOCKET_SNDBUF_SIZE);
447 
448 			iscsi_net->tweaks.nodelay = ddi_prop_get_int(
449 			    DDI_DEV_T_ANY, ihp->hba_dip, 0, "tcp-nodelay",
450 			    ISCSI_TCP_NODELAY_DEFAULT);
451 
452 			iscsi_net->tweaks.conn_notify_threshold =
453 			    ddi_prop_get_int(DDI_DEV_T_ANY,
454 			    ihp->hba_dip, 0, "tcp-conn-notify-threshold",
455 			    ISCSI_TCP_CNOTIFY_THRESHOLD_DEFAULT);
456 
457 			iscsi_net->tweaks.conn_abort_threshold =
458 			    ddi_prop_get_int(DDI_DEV_T_ANY, ihp->hba_dip,
459 			    0, "tcp-conn-abort-threshold",
460 			    ISCSI_TCP_CABORT_THRESHOLD_DEFAULT);
461 
462 			iscsi_net->tweaks.abort_threshold = ddi_prop_get_int(
463 			    DDI_DEV_T_ANY, ihp->hba_dip, 0,
464 			    "tcp-abort-threshold",
465 			    ISCSI_TCP_ABORT_THRESHOLD_DEFAULT);
466 
467 			ihp->hba_config_storm_delay = ddi_prop_get_int(
468 			    DDI_DEV_T_ANY, ihp->hba_dip, 0,
469 			    "config-storm-delay",
470 			    ISCSI_CONFIG_STORM_DELAY_DEFAULT);
471 
472 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
473 			    "so-rcvbuf", iscsi_net->tweaks.rcvbuf);
474 
475 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
476 			    "so-sndbuf", iscsi_net->tweaks.sndbuf);
477 
478 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
479 			    "tcp-nodelay", iscsi_net->tweaks.nodelay);
480 
481 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
482 			    "tcp-conn-notify-threshold",
483 			    iscsi_net->tweaks.conn_notify_threshold);
484 
485 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
486 			    "tcp-conn-abort-threshold",
487 			    iscsi_net->tweaks.conn_abort_threshold);
488 
489 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
490 			    "tcp-abort-threshold",
491 			    iscsi_net->tweaks.abort_threshold);
492 
493 			(void) ddi_prop_update_int(DDI_DEV_T_NONE, ihp->hba_dip,
494 			    "config-storm-delay",
495 			    ihp->hba_config_storm_delay);
496 
497 			/* setup hba defaults */
498 			iscsi_set_default_login_params(&ihp->hba_params);
499 
500 			/* setup minimal initiator params */
501 			iscsid_set_default_initiator_node_settings(ihp, B_TRUE);
502 
503 			/* hba set up */
504 			tran->tran_hba_private  = ihp;
505 			tran->tran_tgt_private  = NULL;
506 			tran->tran_tgt_init	= iscsi_tran_lun_init;
507 			tran->tran_tgt_probe	= iscsi_tran_lun_probe;
508 			tran->tran_tgt_free	= iscsi_tran_lun_free;
509 			tran->tran_start	= iscsi_tran_start;
510 			tran->tran_abort	= iscsi_tran_abort;
511 			tran->tran_reset	= iscsi_tran_reset;
512 			tran->tran_getcap	= iscsi_tran_getcap;
513 			tran->tran_setcap	= iscsi_tran_setcap;
514 			tran->tran_init_pkt	= iscsi_tran_init_pkt;
515 			tran->tran_destroy_pkt	= iscsi_tran_destroy_pkt;
516 			tran->tran_dmafree	= iscsi_tran_dmafree;
517 			tran->tran_sync_pkt	= iscsi_tran_sync_pkt;
518 			tran->tran_reset_notify	= iscsi_tran_reset_notify;
519 			tran->tran_bus_config	= iscsi_tran_bus_config;
520 			tran->tran_bus_unconfig	= iscsi_tran_bus_unconfig;
521 
522 			tran->tran_get_name	= iscsi_tran_get_name;
523 			tran->tran_get_bus_addr	= iscsi_tran_get_bus_addr;
524 			tran->tran_interconnect_type = INTERCONNECT_ISCSI;
525 
526 			/* register scsi hba with scsa */
527 			if (scsi_hba_attach_setup(dip, &iscsi_dma_attr,
528 			    tran, SCSI_HBA_TRAN_CLONE) != DDI_SUCCESS) {
529 				goto iscsi_attach_failed1;
530 			}
531 
532 			/* register scsi hba with mdi (MPxIO/vhci) */
533 			if (mdi_phci_register(MDI_HCI_CLASS_SCSI, dip, 0) !=
534 			    MDI_SUCCESS) {
535 				ihp->hba_mpxio_enabled = B_FALSE;
536 			} else {
537 				ihp->hba_mpxio_enabled = B_TRUE;
538 			}
539 
540 			(void) iscsi_hba_kstat_init(ihp);
541 
542 			/* Initialize targetparam list */
543 			iscsi_targetparam_init();
544 
545 			/* Initialize ISID */
546 			ihp->hba_isid[0] = ISCSI_SUN_ISID_0;
547 			ihp->hba_isid[1] = ISCSI_SUN_ISID_1;
548 			ihp->hba_isid[2] = ISCSI_SUN_ISID_2;
549 			ihp->hba_isid[3] = ISCSI_SUN_ISID_3;
550 			ihp->hba_isid[4] = ISCSI_SUN_ISID_4;
551 			ihp->hba_isid[5] = ISCSI_SUN_ISID_5;
552 
553 			/* Setup iSNS transport services and client */
554 			isns_client_init();
555 
556 			/*
557 			 * initialize persistent store,
558 			 * or boot target info in case of iscsi boot
559 			 */
560 			ihp->hba_persistent_loaded = B_FALSE;
561 			if (iscsid_init(ihp) == B_FALSE) {
562 				goto iscsi_attach_failed0;
563 			}
564 
565 			/* Setup init_port_name for MPAPI */
566 			(void) snprintf(init_port_name, MAX_NAME_PROP_SIZE,
567 			    "%s,%02x%02x%02x%02x%02x%02x",
568 			    (char *)ihp->hba_name, ihp->hba_isid[0],
569 			    ihp->hba_isid[1], ihp->hba_isid[2],
570 			    ihp->hba_isid[3], ihp->hba_isid[4],
571 			    ihp->hba_isid[5]);
572 
573 			if (ddi_prop_update_string(DDI_DEV_T_NONE, dip,
574 			    "initiator-port", init_port_name) !=
575 			    DDI_PROP_SUCCESS) {
576 				cmn_err(CE_WARN, "iscsi_attach: Creating "
577 				    "initiator-port property on iSCSI "
578 				    "HBA(%s) with dip(%d) Failed",
579 				    (char *)ihp->hba_name,
580 				    ddi_get_instance(dip));
581 			}
582 
583 			ddi_report_dev(dip);
584 		} else {
585 			rval = DDI_FAILURE;
586 		}
587 		break;
588 
589 iscsi_attach_failed0:
590 		isns_client_cleanup();
591 		if (ihp->stats.ks) {
592 			(void) iscsi_hba_kstat_term(ihp);
593 		}
594 		if (ihp->hba_mpxio_enabled == B_TRUE) {
595 			(void) mdi_phci_unregister(dip, 0);
596 		}
597 		(void) scsi_hba_detach(ihp->hba_dip);
598 iscsi_attach_failed1:
599 		ddi_remove_minor_node(dip, NULL);
600 		ddi_prop_remove_all(ihp->hba_dip);
601 		scsi_hba_tran_free(tran);
602 iscsi_attach_failed2:
603 		cv_destroy(&ihp->hba_service_cv);
604 		mutex_destroy(&ihp->hba_service_lock);
605 		mutex_destroy(&ihp->hba_discovery_events_mutex);
606 		sema_destroy(&ihp->hba_sendtgts_semaphore);
607 		rw_destroy(&ihp->hba_sess_list_rwlock);
608 		ddi_soft_state_free(iscsi_state, instance);
609 		rval = DDI_FAILURE;
610 		break;
611 
612 	case DDI_RESUME:
613 		break;
614 
615 	default:
616 		rval = DDI_FAILURE;
617 	}
618 
619 	if (rval != DDI_SUCCESS) {
620 		cmn_err(CE_WARN, "iscsi driver unable to attach "
621 		    "hba instance %d", instance);
622 	}
623 
624 	return (rval);
625 }
626 
627 /*
628  * iscsi_detach - called on unload of hba instance
629  */
630 static int
631 iscsi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
632 {
633 	int			rval		= DDI_SUCCESS;
634 	scsi_hba_tran_t		*tran		= NULL;
635 	iscsi_hba_t		*ihp		= NULL;
636 	iscsi_hba_t		*ihp_check	= NULL;
637 	int			instance;
638 	char			*init_node_name;
639 
640 	instance = ddi_get_instance(dip);
641 
642 	switch (cmd) {
643 	case DDI_DETACH:
644 		if (!(tran = (scsi_hba_tran_t *)ddi_get_driver_private(dip))) {
645 			rval = DDI_SUCCESS;
646 			break;
647 		}
648 
649 		if ((ihp = (iscsi_hba_t *)tran->tran_hba_private) == NULL) {
650 			rval =  DDI_FAILURE;
651 			break;
652 		}
653 
654 		/*
655 		 * Validate that what is stored by the DDI framework is still
656 		 * the same state structure referenced by the SCSI framework
657 		 */
658 		ihp_check = ddi_get_soft_state(iscsi_state, instance);
659 		if (ihp_check != ihp) {
660 			rval = DDI_FAILURE;
661 			break;
662 		}
663 
664 		/* If a session exists we can't safely detach */
665 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
666 		if (ihp->hba_sess_list != NULL) {
667 			rw_exit(&ihp->hba_sess_list_rwlock);
668 			rval = DDI_FAILURE;
669 			break;
670 		}
671 		rw_exit(&ihp->hba_sess_list_rwlock);
672 
673 		/* Disable all discovery services */
674 		if (iscsid_disable_discovery(ihp,
675 		    ISCSI_ALL_DISCOVERY_METHODS) == B_FALSE) {
676 			/* Disable failed.  Fail detach */
677 			rval = DDI_FAILURE;
678 			break;
679 		}
680 
681 		/* Deregister from iSNS server(s). */
682 		init_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
683 		if (persistent_initiator_name_get(init_node_name,
684 		    ISCSI_MAX_NAME_LEN) == B_TRUE) {
685 			if (strlen(init_node_name) > 0) {
686 				(void) isns_dereg(ihp->hba_isid,
687 				    (uint8_t *)init_node_name);
688 			}
689 		}
690 		kmem_free(init_node_name, ISCSI_MAX_NAME_LEN);
691 		init_node_name = NULL;
692 
693 		/* Cleanup iSNS Client */
694 		isns_client_cleanup();
695 
696 		iscsi_targetparam_cleanup();
697 
698 		/* Cleanup iscsid resources */
699 		iscsid_fini();
700 
701 		if (rval != DDI_SUCCESS) {
702 			break;
703 		}
704 		/* kstat hba. destroy */
705 		KSTAT_DEC_HBA_CNTR_SESS(ihp);
706 
707 		if (ihp->hba_mpxio_enabled == B_TRUE) {
708 			(void) mdi_phci_unregister(dip, 0);
709 		}
710 		ddi_remove_minor_node(dip, NULL);
711 
712 		ddi_prop_remove_all(ihp->hba_dip);
713 
714 		ldi_ident_release(ihp->hba_li);
715 
716 		cv_destroy(&ihp->hba_service_cv);
717 		mutex_destroy(&ihp->hba_service_lock);
718 		mutex_destroy(&ihp->hba_discovery_events_mutex);
719 		rw_destroy(&ihp->hba_sess_list_rwlock);
720 		(void) iscsi_hba_kstat_term(ihp);
721 
722 		(void) scsi_hba_detach(dip);
723 		if (tran != NULL) {
724 			scsi_hba_tran_free(tran);
725 		}
726 		ddi_soft_state_free(iscsi_state, instance);
727 		break;
728 	default:
729 		break;
730 	}
731 
732 	if (rval != DDI_SUCCESS) {
733 		cmn_err(CE_WARN, "iscsi driver unable to "
734 		    "detach hba instance %d", instance);
735 	}
736 
737 	return (rval);
738 }
739 
740 /*
741  * +--------------------------------------------------------------------+
742  * | End of dev_ops routines						|
743  * +--------------------------------------------------------------------+
744  */
745 
746 /*
747  * +--------------------------------------------------------------------+
748  * | scsi_tran(9E) routines						|
749  * +--------------------------------------------------------------------+
750  */
751 
752 /*
753  * iscsi_tran_lun_init - Find target device based on SCSI device
754  * Based on the information given (SCSI device, target dev_info) find
755  * the target iSCSI device and put a pointer to that information in
756  * the scsi_hba_tran_t structure.
757  */
758 static int
759 iscsi_tran_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
760     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
761 {
762 	int		rval	= 0;
763 	int		type	= 0;
764 
765 	ASSERT(hba_tran->tran_hba_private != NULL);
766 
767 	/*
768 	 * Child node is getting initialized.  Look at the mpxio component
769 	 * type on the child device to see if this device is mpxio managed
770 	 * or not.
771 	 */
772 	type = mdi_get_component_type(lun_dip);
773 	if (type != MDI_COMPONENT_CLIENT) {
774 		rval = iscsi_phys_lun_init(hba_dip, lun_dip, hba_tran, sd);
775 	} else {
776 		rval = iscsi_virt_lun_init(hba_dip, lun_dip, hba_tran, sd);
777 	}
778 
779 	return (rval);
780 }
781 
782 /*
783  * iscsi_tran_lun_probe - This function didn't need to be implemented.
784  * We could have left NULL in the tran table.  Since this isn't a
785  * performance path this seems safe.  We are just wrappering the
786  * function so we can see the call go through if we have debugging
787  * enabled.
788  */
789 static int
790 iscsi_tran_lun_probe(struct scsi_device *sd, int (*callback) ())
791 {
792 	int rval = 0;
793 
794 	rval = scsi_hba_probe(sd, callback);
795 
796 	return (rval);
797 }
798 
799 /*
800  * iscsi_init_pkt - Allocate SCSI packet and fill in required info.
801  */
802 /* ARGSUSED */
803 static struct scsi_pkt *
804 iscsi_tran_init_pkt(struct scsi_address *ap, struct scsi_pkt *pkt,
805     struct buf *bp, int cmdlen, int statuslen, int tgtlen, int flags,
806     int (*callback) (), caddr_t arg)
807 {
808 	iscsi_lun_t *ilp;
809 	iscsi_cmd_t *icmdp;
810 
811 	ASSERT(ap != NULL);
812 	ASSERT(callback == NULL_FUNC || callback == SLEEP_FUNC);
813 
814 	/*
815 	 * The software stack doesn't have DMA which means the iSCSI
816 	 * protocol layer will be doing a bcopy from bp to outgoing
817 	 * streams buffers. Make sure that the buffer is mapped in
818 	 * so that the copy won't panic the system.
819 	 */
820 	if (bp && (bp->b_bcount != 0) &&
821 	    bp_mapin_common(bp, (callback == NULL_FUNC) ?
822 	    VM_NOSLEEP : VM_SLEEP) == NULL) {
823 		return (NULL);
824 	}
825 
826 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
827 	ASSERT(ilp != NULL);
828 
829 	if (pkt == NULL) {
830 		pkt = scsi_hba_pkt_alloc(ilp->lun_sess->sess_hba->hba_dip,
831 		    ap, cmdlen, statuslen, tgtlen, sizeof (iscsi_cmd_t),
832 		    callback, arg);
833 		if (pkt == NULL) {
834 			return (NULL);
835 		}
836 		icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
837 		icmdp->cmd_sig			= ISCSI_SIG_CMD;
838 		icmdp->cmd_state		= ISCSI_CMD_STATE_FREE;
839 		icmdp->cmd_lun			= ilp;
840 		icmdp->cmd_type			= ISCSI_CMD_TYPE_SCSI;
841 		/* add the report lun addressing type on to the lun */
842 		icmdp->cmd_un.scsi.lun		= ilp->lun_addr_type << 14;
843 		icmdp->cmd_un.scsi.lun		= icmdp->cmd_un.scsi.lun |
844 		    ilp->lun_num;
845 		icmdp->cmd_un.scsi.pkt		= pkt;
846 		icmdp->cmd_un.scsi.bp		= bp;
847 		icmdp->cmd_un.scsi.cmdlen	= cmdlen;
848 		icmdp->cmd_un.scsi.statuslen	= statuslen;
849 		icmdp->cmd_crc_error_seen	= B_FALSE;
850 		icmdp->cmd_misc_flags		= 0;
851 		if (flags & PKT_XARQ) {
852 			icmdp->cmd_misc_flags |= ISCSI_CMD_MISCFLAG_XARQ;
853 		}
854 
855 
856 		idm_sm_audit_init(&icmdp->cmd_state_audit);
857 
858 		mutex_init(&icmdp->cmd_mutex, NULL, MUTEX_DRIVER, NULL);
859 		cv_init(&icmdp->cmd_completion, NULL, CV_DRIVER, NULL);
860 
861 		pkt->pkt_address		= *ap;
862 		pkt->pkt_comp			= (void (*)())NULL;
863 		pkt->pkt_flags			= 0;
864 		pkt->pkt_time			= 0;
865 		pkt->pkt_resid			= 0;
866 		pkt->pkt_statistics		= 0;
867 		pkt->pkt_reason			= 0;
868 	}
869 	return (pkt);
870 }
871 
872 /*
873  * iscsi_tran_lun_free - Free a SCSI LUN
874  */
875 static void
876 iscsi_tran_lun_free(dev_info_t *hba_dip, dev_info_t *lun_dip,
877     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
878 {
879 	iscsi_lun_t *ilp = NULL;
880 
881 	ASSERT(hba_dip != NULL);
882 	ASSERT(lun_dip != NULL);
883 	ASSERT(hba_tran != NULL);
884 	ASSERT(sd != NULL);
885 	ilp = (iscsi_lun_t *)hba_tran->tran_tgt_private;
886 	ASSERT(ilp != NULL);
887 
888 	(void) mdi_prop_remove(ilp->lun_pip, NULL);
889 }
890 
891 /*
892  * iscsi_start -- Start a SCSI transaction based on the packet
893  * This will attempt to add the icmdp to the pending queue
894  * for the connection and kick the queue.  If the enqueue
895  * fails that means the queue is full.
896  */
897 static int
898 iscsi_tran_start(struct scsi_address *ap, struct scsi_pkt *pkt)
899 {
900 	iscsi_lun_t	*ilp		= NULL;
901 	iscsi_sess_t	*isp		= NULL;
902 	iscsi_cmd_t	*icmdp		= NULL;
903 	uint_t		flags;
904 
905 	ASSERT(ap != NULL);
906 	ASSERT(pkt != NULL);
907 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
908 	isp = (iscsi_sess_t *)ilp->lun_sess;
909 	icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
910 	flags = pkt->pkt_flags;
911 	ASSERT(ilp != NULL);
912 	ASSERT(isp != NULL);
913 	ASSERT(icmdp != NULL);
914 
915 	/*
916 	 * If the session is in the FREE state then
917 	 * all connections are down and retries have
918 	 * been exhausted.  Fail command with fatal error.
919 	 */
920 	mutex_enter(&isp->sess_state_mutex);
921 	if (isp->sess_state == ISCSI_SESS_STATE_FREE) {
922 		mutex_exit(&isp->sess_state_mutex);
923 		return (TRAN_FATAL_ERROR);
924 	}
925 
926 	/*
927 	 * If the session is not in LOGGED_IN then we have
928 	 * no connections LOGGED_IN, but we haven't exhuasted
929 	 * our retries.  Fail the command with busy so the
930 	 * caller might try again later.  Once retries are
931 	 * exhausted the state machine will move us to FREE.
932 	 */
933 	if (isp->sess_state != ISCSI_SESS_STATE_LOGGED_IN) {
934 		mutex_exit(&isp->sess_state_mutex);
935 		return (TRAN_BUSY);
936 	}
937 
938 	/*
939 	 * If we haven't received data from the target in the
940 	 * max specified period something is wrong with the
941 	 * transport.  Fail IO with FATAL_ERROR.
942 	 */
943 	if (isp->sess_rx_lbolt + SEC_TO_TICK(iscsi_rx_max_window) <
944 	    ddi_get_lbolt()) {
945 		mutex_exit(&isp->sess_state_mutex);
946 		return (TRAN_FATAL_ERROR);
947 	}
948 
949 	/*
950 	 * If we haven't received data from the target in the
951 	 * specified period something is probably wrong with
952 	 * the transport.  Just return back BUSY until either
953 	 * the problem is resolved of the transport fails.
954 	 */
955 	if (isp->sess_rx_lbolt + SEC_TO_TICK(iscsi_rx_window) <
956 	    ddi_get_lbolt()) {
957 		mutex_exit(&isp->sess_state_mutex);
958 		return (TRAN_BUSY);
959 	}
960 
961 
962 	/* reset cmd values in case upper level driver is retrying cmd */
963 	icmdp->cmd_prev = icmdp->cmd_next = NULL;
964 	icmdp->cmd_crc_error_seen = B_FALSE;
965 	icmdp->cmd_lbolt_pending = icmdp->cmd_lbolt_active =
966 	    icmdp->cmd_lbolt_aborting = icmdp->cmd_lbolt_timeout =
967 	    (clock_t)NULL;
968 	icmdp->cmd_itt = icmdp->cmd_ttt = 0;
969 	icmdp->cmd_un.scsi.abort_icmdp = NULL;
970 
971 	mutex_enter(&isp->sess_queue_pending.mutex);
972 	iscsi_cmd_state_machine(icmdp, ISCSI_CMD_EVENT_E1, isp);
973 	mutex_exit(&isp->sess_queue_pending.mutex);
974 	mutex_exit(&isp->sess_state_mutex);
975 
976 	/*
977 	 * If this packet doesn't have FLAG_NOINTR set, it could have
978 	 * already run to completion (and the memory freed) at this
979 	 * point, so check our local copy of pkt_flags.  Otherwise we
980 	 * have to wait for completion before returning to the caller.
981 	 */
982 	if (flags & FLAG_NOINTR) {
983 		mutex_enter(&icmdp->cmd_mutex);
984 		while ((icmdp->cmd_state != ISCSI_CMD_STATE_COMPLETED) ||
985 		    (icmdp->cmd_un.scsi.r2t_icmdp != NULL) ||
986 		    (icmdp->cmd_un.scsi.abort_icmdp != NULL) ||
987 		    (icmdp->cmd_un.scsi.r2t_more == B_TRUE)) {
988 			cv_wait(&icmdp->cmd_completion, &icmdp->cmd_mutex);
989 		}
990 		icmdp->cmd_state = ISCSI_CMD_STATE_FREE;
991 		mutex_exit(&icmdp->cmd_mutex);
992 	}
993 
994 	return (TRAN_ACCEPT);
995 }
996 
997 /*
998  * iscsi_tran_abort - Called when an upper level application
999  * or driver wants to kill a scsi_pkt that was already sent to
1000  * this driver.
1001  */
1002 /* ARGSUSED */
1003 static int
1004 iscsi_tran_abort(struct scsi_address *ap, struct scsi_pkt *pkt)
1005 {
1006 	return (0);
1007 }
1008 
1009 /*
1010  * iscsi_tran_reset - Reset target at either BUS, TARGET, or LUN
1011  * level.  This will require the issuing of a task management
1012  * command down to the target/lun.
1013  */
1014 static int
1015 iscsi_tran_reset(struct scsi_address *ap, int level)
1016 {
1017 	int		rval    = ISCSI_STATUS_INTERNAL_ERROR;
1018 	iscsi_sess_t	*isp    = NULL;
1019 	iscsi_lun_t	*ilp    = NULL;
1020 
1021 	ilp = (iscsi_lun_t *)ap->a_hba_tran->tran_tgt_private;
1022 	ASSERT(ilp != NULL);
1023 	isp = ilp->lun_sess;
1024 	ASSERT(isp != NULL);
1025 
1026 	switch (level) {
1027 	case RESET_LUN:
1028 		/* reset attempt will block until attempt is complete */
1029 		rval = iscsi_handle_reset(isp, level, ilp);
1030 		break;
1031 	case RESET_BUS:
1032 		/*
1033 		 * What are we going to realy reset the ethernet
1034 		 * network!?  Just fall through to a target reset.
1035 		 */
1036 	case RESET_TARGET:
1037 		/* reset attempt will block until attempt is complete */
1038 		rval = iscsi_handle_reset(isp, level, NULL);
1039 		break;
1040 	case RESET_ALL:
1041 	default:
1042 		break;
1043 	}
1044 
1045 	return (ISCSI_SUCCESS(rval) ? 1 : 0);
1046 }
1047 
1048 /*
1049  * iscsi_tran_getcap - Get target/lun capabilities.
1050  */
1051 static int
1052 iscsi_tran_getcap(struct scsi_address *ap, char *cap, int whom)
1053 {
1054 	return (iscsi_i_commoncap(ap, cap, 0, whom, 0));
1055 }
1056 
1057 
1058 /*
1059  * iscsi_tran_setcap - Set target/lun capabilities.
1060  */
1061 /* ARGSUSED */
1062 static int
1063 iscsi_tran_setcap(struct scsi_address *ap, char *cap, int value, int whom)
1064 {
1065 	return (iscsi_i_commoncap(ap, cap, 0, whom, 1));
1066 }
1067 
1068 
1069 /*
1070  * iscsi_tran_destroy_pkt - Clean up packet
1071  */
1072 static void
1073 iscsi_tran_destroy_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
1074 {
1075 	iscsi_cmd_t	*icmdp;
1076 
1077 	icmdp = (iscsi_cmd_t *)pkt->pkt_ha_private;
1078 
1079 	ASSERT(icmdp != NULL);
1080 	ASSERT(icmdp->cmd_sig == ISCSI_SIG_CMD);
1081 	ASSERT(icmdp->cmd_state == ISCSI_CMD_STATE_FREE);
1082 
1083 	mutex_destroy(&icmdp->cmd_mutex);
1084 	cv_destroy(&icmdp->cmd_completion);
1085 	scsi_hba_pkt_free(ap, pkt);
1086 }
1087 
1088 /*
1089  * iscsi_tran_dmafree - This is a software driver, NO DMA
1090  */
1091 /* ARGSUSED */
1092 static void
1093 iscsi_tran_dmafree(struct scsi_address *ap, struct scsi_pkt *pkt)
1094 {
1095 	/*
1096 	 * The iSCSI interface doesn't deal with DMA
1097 	 */
1098 }
1099 
1100 /*
1101  * iscsi_tran_sync_pkt - This is a software driver, NO DMA
1102  */
1103 /* ARGSUSED */
1104 static void
1105 iscsi_tran_sync_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
1106 {
1107 	/*
1108 	 * The iSCSI interface doesn't deal with DMA
1109 	 */
1110 }
1111 
1112 /*
1113  * iscsi_tran_reset_notify - We don't support BUS_RESET so there
1114  * is no point in support callback.
1115  */
1116 /* ARGSUSED */
1117 static int
1118 iscsi_tran_reset_notify(struct scsi_address *ap, int flag,
1119     void (*callback) (caddr_t), caddr_t arg)
1120 {
1121 
1122 	/*
1123 	 * We never do BUS_RESETS so allowing this call
1124 	 * back to register has no point?
1125 	 */
1126 	return (DDI_SUCCESS);
1127 }
1128 
1129 
1130 /*
1131  * iscsi_tran_bus_config - on demand device configuration
1132  *
1133  * iscsi_tran_bus_config is called by the NDI layer at the completion
1134  * of a dev_node creation.  There are two primary cases defined in this
1135  * function.  The first is BUS_CONFIG_ALL.  In this case the NDI is trying
1136  * to identify that targets/luns are available configured at that point
1137  * in time.  It is safe to just complete the process succcessfully.  The
1138  * second case is a new case that was defined in S10 for devfs.  BUS_CONFIG_ONE
1139  * this is to help driver the top down discovery instead of bottom up.  If
1140  * we receive a BUS_CONFIG_ONE we should check to see if the <addr> exists
1141  * if so complete successfull processing.  Otherwise we should call the
1142  * deamon and see if we can plumb the <addr>.  If it is possible to plumb the
1143  * <addr> block until plumbing is complete.  In both cases of being able to
1144  * plumb <addr> or not continue with successfull processing.
1145  */
1146 static int
1147 iscsi_tran_bus_config(dev_info_t *parent, uint_t flags,
1148     ddi_bus_config_op_t op, void *arg, dev_info_t **childp)
1149 {
1150 	int		rval	= NDI_SUCCESS;
1151 	iscsi_hba_t	*ihp	= NULL;
1152 	int		iflags	= flags;
1153 	char		*name	= NULL;
1154 	char		*ptr	= NULL;
1155 	boolean_t	config_root = B_FALSE;
1156 
1157 	/* get reference to soft state */
1158 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1159 	    ddi_get_instance(parent));
1160 	if (ihp == NULL) {
1161 		return (NDI_FAILURE);
1162 	}
1163 
1164 	iscsi_check_miniroot(ihp);
1165 	if ((modrootloaded == 0) && (iscsiboot_prop != NULL)) {
1166 		config_root = B_TRUE;
1167 	}
1168 
1169 	if (config_root == B_FALSE) {
1170 		if (iscsi_client_request_service(ihp) == B_FALSE) {
1171 			return (NDI_FAILURE);
1172 		}
1173 	}
1174 
1175 	/* lock so only one config operation occrs */
1176 	sema_p(&iscsid_config_semaphore);
1177 
1178 	switch (op) {
1179 	case BUS_CONFIG_ONE:
1180 		/* parse target name out of name given */
1181 		if ((ptr = strchr((char *)arg, '@')) == NULL) {
1182 			rval = NDI_FAILURE;
1183 			break;
1184 		}
1185 		ptr++;		/* move past '@' */
1186 		name = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
1187 		(void) strncpy(name, ptr, MAX_GET_NAME_SIZE);
1188 		/* We need to strip the LUN */
1189 		if ((ptr = strchr(name, ',')) == NULL) {
1190 			rval = NDI_FAILURE;
1191 			kmem_free(name, MAX_GET_NAME_SIZE);
1192 			name = NULL;
1193 			break;
1194 		}
1195 		/* We also need to strip the 4 bytes of hex TPGT */
1196 		ptr -= 4;
1197 		if (ptr <= name) {
1198 			rval = NDI_FAILURE;
1199 			kmem_free(name, MAX_GET_NAME_SIZE);
1200 			name = NULL;
1201 			break;
1202 		}
1203 		*ptr = '\0';		/* NULL terminate */
1204 
1205 		/* translate name back to original iSCSI name */
1206 		iscsi_get_name_to_iqn(name, MAX_GET_NAME_SIZE);
1207 
1208 		/* configure target, skip 4 byte ISID */
1209 		iscsid_config_one(ihp, (name+4), B_TRUE);
1210 
1211 		kmem_free(name, MAX_GET_NAME_SIZE);
1212 		name = NULL;
1213 
1214 		/*
1215 		 * DDI group instructed us to use this flag.
1216 		 */
1217 		iflags |= NDI_MDI_FALLBACK;
1218 		break;
1219 	case BUS_CONFIG_DRIVER:
1220 		/* FALLTHRU */
1221 	case BUS_CONFIG_ALL:
1222 		iscsid_config_all(ihp, B_TRUE);
1223 		break;
1224 	default:
1225 		rval = NDI_FAILURE;
1226 		break;
1227 	}
1228 
1229 	if (rval == NDI_SUCCESS) {
1230 		rval = ndi_busop_bus_config(parent, iflags,
1231 		    op, arg, childp, 0);
1232 	}
1233 	sema_v(&iscsid_config_semaphore);
1234 
1235 	if (config_root == B_FALSE) {
1236 		iscsi_client_release_service(ihp);
1237 	}
1238 
1239 	return (rval);
1240 }
1241 
1242 /*
1243  * iscsi_tran_bus_unconfig - on demand device unconfiguration
1244  *
1245  * Called by the os framework under low resource situations.
1246  * It will attempt to unload our minor nodes (logical units
1247  * ndi/mdi nodes).
1248  */
1249 static int
1250 iscsi_tran_bus_unconfig(dev_info_t *parent, uint_t flag,
1251     ddi_bus_config_op_t op, void *arg)
1252 {
1253 	int		rval = NDI_SUCCESS;
1254 	iscsi_hba_t	*ihp = NULL;
1255 
1256 	/* get reference to soft state */
1257 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1258 	    ddi_get_instance(parent));
1259 	if (ihp == NULL) {
1260 		return (NDI_FAILURE);
1261 	}
1262 
1263 	if (iscsi_client_request_service(ihp) == B_FALSE) {
1264 		return (NDI_FAILURE);
1265 	}
1266 
1267 	rval = ndi_busop_bus_unconfig(parent, flag, op, arg);
1268 
1269 	iscsi_client_release_service(ihp);
1270 
1271 	return (rval);
1272 }
1273 
1274 
1275 /*
1276  * iscsi_tran_get_name - create private /devices name for LUN
1277  *
1278  * This creates the <addr> in /devices/iscsi/<driver>@<addr>
1279  * path.  For this <addr> we return the <session/target_name>,<lun num>
1280  * Where <target_name> is an <iqn/eui/...> as defined by the iSCSI
1281  * specification.  We do modify the name slightly so that it still
1282  * complies with the IEEE <addr> naming scheme.  This means that we
1283  * will substitute out the ':', '@', ... and other reserved characters
1284  * defined in the IEEE definition with '%<hex value of special char>'
1285  * This routine is indirectly called by iscsi_lun_create_xxx.  These
1286  * calling routines must prevent the session and lun lists from changing
1287  * during this routine.
1288  */
1289 static int
1290 iscsi_tran_get_name(struct scsi_device *sd, char *name, int len)
1291 {
1292 	int		target		= 0;
1293 	int		lun		= 0;
1294 	iscsi_hba_t	*ihp		= NULL;
1295 	iscsi_sess_t	*isp		= NULL;
1296 	iscsi_lun_t	*ilp		= NULL;
1297 	dev_info_t	*lun_dip	= NULL;
1298 
1299 	ASSERT(sd != NULL);
1300 	ASSERT(name != NULL);
1301 	lun_dip = sd->sd_dev;
1302 	ASSERT(lun_dip != NULL);
1303 
1304 	/* get reference to soft state */
1305 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state,
1306 	    ddi_get_instance(ddi_get_parent(lun_dip)));
1307 	if (ihp == NULL) {
1308 		name[0] = '\0';
1309 		return (0);
1310 	}
1311 
1312 	/* Get the target num */
1313 	target = ddi_prop_get_int(DDI_DEV_T_ANY, sd->sd_dev,
1314 	    DDI_PROP_DONTPASS, TARGET_PROP, 0);
1315 
1316 	/* Get the target num */
1317 	lun = ddi_prop_get_int(DDI_DEV_T_ANY, sd->sd_dev,
1318 	    DDI_PROP_DONTPASS, LUN_PROP, 0);
1319 
1320 	/*
1321 	 * Now we need to find our ilp by walking the lists
1322 	 * off the ihp and isp.
1323 	 */
1324 	/* See if we already created this session */
1325 
1326 	/* Walk the HBA's session list */
1327 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
1328 		/* compare target name as the unique identifier */
1329 		if (target == isp->sess_oid) {
1330 			/* found match */
1331 			break;
1332 		}
1333 	}
1334 
1335 	/* If we found matching session continue searching for tgt */
1336 	if (isp == NULL) {
1337 		/* sess not found */
1338 		name[0] = '\0';
1339 		return (0);
1340 	}
1341 
1342 	/*
1343 	 * Search for the matching iscsi lun structure.  We don't
1344 	 * need to hold the READER for the lun list at this point.
1345 	 * because the tran_get_name is being called from the online
1346 	 * function which is already holding a reader on the lun
1347 	 * list.
1348 	 */
1349 	for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
1350 		if (lun == ilp->lun_num) {
1351 			/* found match */
1352 			break;
1353 		}
1354 	}
1355 
1356 	if (ilp == NULL) {
1357 		/* tgt not found */
1358 		name[0] = '\0';
1359 		return (0);
1360 	}
1361 
1362 	/* Ensure enough space for lun_addr is available */
1363 	ASSERT(ilp->lun_addr != NULL);
1364 	if ((strlen(ilp->lun_addr) + 1) > len) {
1365 		return (0);
1366 	}
1367 
1368 	/* copy lun_addr name */
1369 	(void) strcpy(name, ilp->lun_addr);
1370 
1371 	/*
1372 	 * Based on IEEE-1275 we can't have any ':', ' ', '@', or '/'
1373 	 * characters in our naming.  So replace all those characters
1374 	 * with '-'
1375 	 */
1376 	iscsi_get_name_from_iqn(name, len);
1377 
1378 	return (1);
1379 }
1380 
1381 /*
1382  * iscsi_tran_get_bus_addr - This returns a human readable string
1383  * for the bus address.  Examining most other drivers fcp, etc.  They
1384  * all just return the same string as tran_get_name.  In our case
1385  * our tran get name is already some what usable so leave alone.
1386  */
1387 static int
1388 iscsi_tran_get_bus_addr(struct scsi_device *sd, char *name, int len)
1389 {
1390 	return (iscsi_tran_get_name(sd, name, len));
1391 }
1392 
1393 
1394 /*
1395  * +--------------------------------------------------------------------+
1396  * | End of scsi_tran routines					  |
1397  * +--------------------------------------------------------------------+
1398  */
1399 
1400 /*
1401  * +--------------------------------------------------------------------+
1402  * | Start of cb_ops routines					   |
1403  * +--------------------------------------------------------------------+
1404  */
1405 
1406 /*
1407  * iscsi_open - Driver should be made IOCTL MT safe.  Otherwise
1408  * this function needs updated.
1409  */
1410 /* ARGSUSED */
1411 static int
1412 iscsi_open(dev_t *devp, int flags, int otyp, cred_t *credp)
1413 {
1414 	return (0);
1415 }
1416 
1417 /*
1418  * iscsi_close -
1419  */
1420 /* ARGSUSED */
1421 static int
1422 iscsi_close(dev_t dev, int flags, int otyp, cred_t *credp)
1423 {
1424 	return (0);
1425 }
1426 
1427 /*
1428  * iscsi_ioctl -
1429  */
1430 /* ARGSUSED */
1431 static int
1432 iscsi_ioctl(dev_t dev, int cmd, intptr_t arg, int mode,
1433     cred_t *credp, int *rvalp)
1434 {
1435 	int			rtn		= 0;
1436 	int			instance	= 0;
1437 	int			list_space	= 0;
1438 	int			lun_sz		= 0;
1439 	int			did;
1440 	int			retry;
1441 	iscsi_hba_t		*ihp		= NULL;
1442 	iscsi_sess_t		*isp		= NULL;
1443 	iscsi_conn_t		*icp		= NULL;
1444 	iscsi_login_params_t	*params		= NULL;
1445 	iscsi_login_params_t	*tmpParams	= NULL;
1446 	uchar_t			*name		= NULL;
1447 	dev_info_t		*lun_dip	= NULL;
1448 
1449 	entry_t			    e;
1450 	iscsi_oid_t		    oid;
1451 	iscsi_property_t	    *ipp;
1452 	iscsi_static_property_t	    *ispp;
1453 	iscsi_param_get_t	    *ilg;
1454 	iscsi_param_set_t	    *ils;
1455 	iscsi_target_list_t	    idl, *idlp		= NULL;
1456 	iscsi_addr_list_t	    ial, *ialp		= NULL;
1457 	iscsi_chap_props_t	    *chap		= NULL;
1458 	iscsi_radius_props_t	    *radius		= NULL;
1459 	iscsi_auth_props_t	    *auth		= NULL;
1460 	iscsi_lun_list_t	    *ll, *llp		= NULL;
1461 	iscsi_lun_props_t	    *lun		= NULL;
1462 	iscsi_lun_t		    *ilp 		= NULL;
1463 	iSCSIDiscoveryMethod_t	    method;
1464 	iSCSIDiscoveryProperties_t  discovery_props;
1465 	iscsi_uscsi_t		    iu;
1466 	iscsi_uscsi_t		    iu_caller;
1467 #ifdef _MULTI_DATAMODEL
1468 	/* For use when a 32 bit app makes a call into a 64 bit ioctl */
1469 	iscsi_uscsi32_t		    iu32_caller;
1470 	model_t			    model;
1471 #endif /* _MULTI_DATAMODEL */
1472 	void			    *void_p;
1473 	iscsi_sendtgts_list_t	*stl_hdr;
1474 	iscsi_sendtgts_list_t	*istl;
1475 	int			stl_sz;
1476 	iscsi_target_entry_t	*target;
1477 	uint32_t		old_oid;
1478 	uint32_t		target_oid;
1479 	iscsi_targetparam_entry_t *curr_entry;
1480 	char			*initiator_node_name;
1481 	char			*initiator_node_alias;
1482 	isns_portal_group_list_t    *pg_list = NULL;
1483 	isns_server_portal_group_list_t    *server_pg_list_hdr = NULL;
1484 	isns_server_portal_group_list_t    *server_pg_list = NULL;
1485 	int			pg_list_sz, pg_sz_copy_out, server_pg_list_sz;
1486 	iscsi_config_sess_t	*ics;
1487 	int			size;
1488 	boolean_t		rval;
1489 	char			init_port_name[MAX_NAME_PROP_SIZE];
1490 	iscsi_sockaddr_t	addr_dsc;
1491 	iscsi_boot_property_t	*bootProp;
1492 	boolean_t		discovered = B_TRUE;
1493 
1494 	instance = getminor(dev);
1495 	ihp = (iscsi_hba_t *)ddi_get_soft_state(iscsi_state, instance);
1496 	if (ihp == NULL)
1497 		return (EFAULT);
1498 
1499 	iscsi_check_miniroot(ihp);
1500 	if ((cmd != ISCSI_SMF_ONLINE) && (cmd != ISCSI_SMF_OFFLINE) &&
1501 	    (cmd != ISCSI_SMF_GET)) {
1502 		/* other cmd needs to acquire the service */
1503 		if (iscsi_client_request_service(ihp) == B_FALSE) {
1504 			return (EFAULT);
1505 		}
1506 	}
1507 
1508 	switch (cmd) {
1509 	/*
1510 	 * ISCSI_CREATE_OID - Create a Object IDentifier for a TargetName
1511 	 */
1512 	case ISCSI_CREATE_OID:
1513 		if (ddi_copyin((caddr_t)arg, &oid, sizeof (oid), mode)) {
1514 			rtn = EFAULT;
1515 			break;
1516 		}
1517 		if (oid.o_vers != ISCSI_INTERFACE_VERSION) {
1518 			rtn = EINVAL;
1519 			break;
1520 		}
1521 
1522 		/* Set the target that this session is associated with */
1523 		oid.o_oid = iscsi_targetparam_get_oid(oid.o_name);
1524 
1525 		if (ddi_copyout(&oid, (caddr_t)arg, sizeof (oid), mode)) {
1526 			rtn = EFAULT;
1527 			break;
1528 		}
1529 		break;
1530 	/*
1531 	 * ISCSI_PARAM_GET - Get param for specified
1532 	 * connection/session.
1533 	 */
1534 	case ISCSI_PARAM_GET:
1535 		/* copyin user args */
1536 		ilg = (iscsi_param_get_t *)kmem_alloc(sizeof (*ilg), KM_SLEEP);
1537 		if (ddi_copyin((caddr_t)arg, ilg, sizeof (*ilg), mode)) {
1538 			rtn = EFAULT;
1539 			kmem_free(ilg, sizeof (*ilg));
1540 			break;
1541 		}
1542 
1543 		if (ilg->g_vers != ISCSI_INTERFACE_VERSION) {
1544 			rtn = EINVAL;
1545 			kmem_free(ilg, sizeof (*ilg));
1546 			break;
1547 		}
1548 
1549 		/* handle special case for Initiator name */
1550 		if (ilg->g_param == ISCSI_LOGIN_PARAM_INITIATOR_NAME) {
1551 			(void) strlcpy((char *)ilg->g_value.v_name,
1552 			    (char *)ihp->hba_name, ISCSI_MAX_NAME_LEN);
1553 		} else if (ilg->g_param == ISCSI_LOGIN_PARAM_INITIATOR_ALIAS) {
1554 			if (ihp->hba_alias_length == 0) {
1555 				rtn = EINVAL;
1556 			} else {
1557 				(void) strlcpy((char *)ilg->g_value.v_name,
1558 				    (char *)ihp->hba_alias, ISCSI_MAX_NAME_LEN);
1559 			}
1560 		} else {
1561 			/* To describe the validity of the requested param */
1562 			boolean_t valid_flag = B_TRUE;
1563 
1564 			name = NULL;
1565 
1566 			/*
1567 			 * switch login based if looking for initiator
1568 			 * params
1569 			 */
1570 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1571 			if (ilg->g_oid == ihp->hba_oid) {
1572 				/* initiator */
1573 				params = &ihp->hba_params;
1574 				name = ihp->hba_name;
1575 				if (iscsi_get_persisted_param(name,
1576 				    ilg, params) != 0) {
1577 					valid_flag = B_FALSE;
1578 				}
1579 			} else {
1580 				/*
1581 				 * If the oid does represent a session check
1582 				 * to see if it is a target oid.  If so,
1583 				 * return the target's associated session.
1584 				 */
1585 				rtn = iscsi_sess_get(ilg->g_oid, ihp, &isp);
1586 				if (rtn != 0) {
1587 					rtn = iscsi_sess_get_by_target(
1588 					    ilg->g_oid, ihp, &isp);
1589 				}
1590 
1591 				/*
1592 				 * If rtn is zero then we have found an
1593 				 * existing session.  Use the session name to
1594 				 * do param lookup.  If rtn is non-zero then
1595 				 * create a targetparam object and use its name
1596 				 * for param lookup.
1597 				 */
1598 				if (rtn == 0) {
1599 					name = isp->sess_name;
1600 					params = &isp->sess_params;
1601 				} else {
1602 					name =
1603 					    iscsi_targetparam_get_name(
1604 					    ilg->g_oid);
1605 					if (ilg->g_param_type ==
1606 					    ISCSI_SESS_PARAM) {
1607 						tmpParams =
1608 						    (iscsi_login_params_t *)
1609 						    kmem_alloc(
1610 						    sizeof (*tmpParams),
1611 						    KM_SLEEP);
1612 						params = tmpParams;
1613 					}
1614 					rtn = 0;
1615 				}
1616 
1617 				if (name == NULL) {
1618 					rw_exit(
1619 					    &ihp->hba_sess_list_rwlock);
1620 					rtn = EFAULT;
1621 					kmem_free(ilg, sizeof (*ilg));
1622 					if (tmpParams != NULL)
1623 						kmem_free(tmpParams,
1624 						    sizeof (*tmpParams));
1625 
1626 					break;
1627 				}
1628 
1629 				if (ilg->g_param_type == ISCSI_SESS_PARAM) {
1630 					/* session */
1631 					/*
1632 					 * Update sess_params with the
1633 					 * latest params from the
1634 					 * persistent store.
1635 					 */
1636 					if (iscsi_get_persisted_param(name,
1637 					    ilg, params) != 0) {
1638 						/*
1639 						 * If the parameter in
1640 						 * question is not
1641 						 * overriden, no effect
1642 						 * on existing session
1643 						 * parameters. However,
1644 						 * the parameter is
1645 						 * marked invalid
1646 						 * (from the standpoint
1647 						 * of whether it is
1648 						 * overriden).
1649 						 */
1650 						valid_flag = B_FALSE;
1651 					}
1652 				} else if (ilg->g_param_type ==
1653 				    ISCSI_CONN_PARAM && isp != NULL) {
1654 					/* connection */
1655 					rw_enter(&isp->sess_conn_list_rwlock,
1656 					    RW_READER);
1657 					/* Assuming 1 conn per sess. */
1658 					/*
1659 					 * MC/S - Need to be modified to
1660 					 * take g_conn_cid into account when
1661 					 * we go multi-connection.
1662 					 */
1663 					if ((isp->sess_conn_act != NULL) &&
1664 					    (isp->sess_conn_act->conn_state ==
1665 					    ISCSI_CONN_STATE_LOGGED_IN)) {
1666 						params = &(isp->
1667 						    sess_conn_act->
1668 						    conn_params);
1669 					} else {
1670 						valid_flag = B_FALSE;
1671 					}
1672 					rw_exit(&isp->sess_conn_list_rwlock);
1673 				}
1674 			}
1675 
1676 			/* make sure we have params to get info from */
1677 			if (params) {
1678 				rtn = iscsi_get_param(params, valid_flag, ilg);
1679 
1680 				/*
1681 				 * for target parameters, check if any
1682 				 * parameters were overridden at the initiator
1683 				 * level. If so, then change the default value
1684 				 * to the initiator's overridden value
1685 				 */
1686 				if ((rtn == 0) &&
1687 				    (ilg->g_oid != ihp->hba_oid)) {
1688 					iscsi_override_target_default(ihp,
1689 					    ilg);
1690 				}
1691 			}
1692 			rw_exit(&ihp->hba_sess_list_rwlock);
1693 		}
1694 
1695 		if (rtn == 0) {
1696 			rtn = ddi_copyout(ilg, (caddr_t)arg,
1697 			    sizeof (iscsi_param_get_t), mode);
1698 		}
1699 		kmem_free(ilg, sizeof (*ilg));
1700 		if (tmpParams != NULL)
1701 			kmem_free(tmpParams, sizeof (*tmpParams));
1702 		break;
1703 
1704 	/*
1705 	 * ISCSI_INIT_NODE_NAME_SET - Change the initiator-node name for
1706 	 * the specified connection/session.
1707 	 */
1708 	case ISCSI_INIT_NODE_NAME_SET:
1709 		/* copyin user args */
1710 		ils = (iscsi_param_set_t *)kmem_alloc(sizeof (*ils), KM_SLEEP);
1711 		if (ddi_copyin((caddr_t)arg, ils, sizeof (*ils), mode)) {
1712 			rtn = EFAULT;
1713 			kmem_free(ils, sizeof (*ils));
1714 			break;
1715 		}
1716 
1717 		if (ils->s_vers != ISCSI_INTERFACE_VERSION) {
1718 			rtn = EINVAL;
1719 			kmem_free(ils, sizeof (*ils));
1720 			break;
1721 		}
1722 
1723 		/* saving off the old initiator-node name */
1724 		initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1725 		rval = persistent_initiator_name_get(initiator_node_name,
1726 		    ISCSI_MAX_NAME_LEN);
1727 
1728 		rtn = iscsi_set_params(ils, ihp, B_TRUE);
1729 		kmem_free(ils, sizeof (*ils));
1730 		if (rtn != 0) {
1731 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
1732 			break;
1733 		}
1734 
1735 		(void) snprintf(init_port_name, MAX_NAME_PROP_SIZE,
1736 		    "%s,%02x%02x%02x%02x%02x%02x",
1737 		    (char *)ihp->hba_name, ihp->hba_isid[0],
1738 		    ihp->hba_isid[1], ihp->hba_isid[2],
1739 		    ihp->hba_isid[3], ihp->hba_isid[4],
1740 		    ihp->hba_isid[5]);
1741 
1742 		if (ddi_prop_update_string(DDI_DEV_T_NONE,
1743 		    ihp->hba_dip, "initiator-port",
1744 		    init_port_name) != DDI_PROP_SUCCESS) {
1745 			cmn_err(CE_WARN, "iscsi_ioctl: Updating "
1746 			    "initiator-port property on iSCSI "
1747 			    "HBA(%s) with dip(%d) Failed",
1748 			    (char *)ihp->hba_name,
1749 			    ddi_get_instance(ihp->hba_dip));
1750 		}
1751 
1752 		/*
1753 		 * Deregister the old initiator-node name from the iSNS
1754 		 * server
1755 		 * Register the new initiator-node name with the iSNS server
1756 		 */
1757 		method = persistent_disc_meth_get();
1758 		if (method & iSCSIDiscoveryMethodISNS) {
1759 			if (rval == B_TRUE) {
1760 				if (strlen(initiator_node_name) > 0) {
1761 				/*
1762 				 * we will attempt to offline the targets.
1763 				 * if logouts fail, we will still continue
1764 				 */
1765 #define	STRING_INNO "initiator-node name - Offline "
1766 #define	STRING_FFOMD "failed for one or more devices"
1767 					if ((iscsid_del(
1768 					    ihp, NULL, method, NULL))
1769 					    != B_TRUE) {
1770 						cmn_err(CE_NOTE,
1771 						    "Attempting to change "
1772 						    STRING_INNO
1773 						    STRING_FFOMD);
1774 					}
1775 					(void) isns_dereg(ihp->hba_isid,
1776 					    (uint8_t *)initiator_node_name);
1777 #undef STRING_INNO
1778 #undef STRING_FFOMD
1779 				}
1780 			}
1781 			if (persistent_initiator_name_get(initiator_node_name,
1782 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
1783 				kmem_free(initiator_node_name,
1784 				    ISCSI_MAX_NAME_LEN);
1785 				initiator_node_name = NULL;
1786 				rtn = EIO;
1787 				break;
1788 			}
1789 			if (strlen(initiator_node_name) == 0) {
1790 				kmem_free(initiator_node_name,
1791 				    ISCSI_MAX_NAME_LEN);
1792 				initiator_node_name = NULL;
1793 				rtn = EIO;
1794 				break;
1795 			}
1796 
1797 			initiator_node_alias = kmem_zalloc(ISCSI_MAX_NAME_LEN,
1798 			    KM_SLEEP);
1799 			if (persistent_alias_name_get(initiator_node_alias,
1800 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
1801 				initiator_node_alias[0] = '\0';
1802 			}
1803 
1804 			(void) isns_reg(ihp->hba_isid,
1805 			    (uint8_t *)initiator_node_name,
1806 			    ISCSI_MAX_NAME_LEN,
1807 			    (uint8_t *)initiator_node_alias,
1808 			    ISCSI_MAX_NAME_LEN,
1809 			    ISNS_INITIATOR_NODE_TYPE,
1810 			    isns_scn_callback);
1811 			iscsid_do_isns_query(ihp);
1812 
1813 			/* Done using the name and alias - free them. */
1814 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
1815 			initiator_node_name = NULL;
1816 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
1817 			initiator_node_alias = NULL;
1818 		}
1819 		break;
1820 
1821 	/*
1822 	 * ISCSI_PARAM_SET - Set param for specified connection/session.
1823 	 */
1824 	case ISCSI_PARAM_SET:
1825 		/* copyin user args */
1826 		ils = (iscsi_param_set_t *)kmem_alloc(sizeof (*ils), KM_SLEEP);
1827 		if (ddi_copyin((caddr_t)arg, ils, sizeof (*ils), mode)) {
1828 			rtn = EFAULT;
1829 			kmem_free(ils, sizeof (*ils));
1830 			break;
1831 		}
1832 
1833 		if (ils->s_vers != ISCSI_INTERFACE_VERSION) {
1834 			rtn = EINVAL;
1835 			kmem_free(ils, sizeof (*ils));
1836 			break;
1837 		}
1838 		rtn = iscsi_set_params(ils, ihp, B_TRUE);
1839 		if (iscsiboot_prop) {
1840 			if (iscsi_cmp_boot_sess_oid(ihp, ils->s_oid)) {
1841 				/*
1842 				 * found active session for this object
1843 				 * or this is initiator's object
1844 				 * with mpxio enabled
1845 				 */
1846 				if (!iscsi_reconfig_boot_sess(ihp)) {
1847 					rtn = EINVAL;
1848 					kmem_free(ils, sizeof (*ils));
1849 					break;
1850 				}
1851 			}
1852 		}
1853 		kmem_free(ils, sizeof (*ils));
1854 		break;
1855 
1856 	/*
1857 	 * ISCSI_TARGET_PARAM_CLEAR
1858 	 * - remove custom parameter settings for a target.
1859 	 */
1860 	case ISCSI_TARGET_PARAM_CLEAR:
1861 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
1862 			rtn = EFAULT;
1863 			break;
1864 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
1865 			rtn = EINVAL;
1866 			break;
1867 		}
1868 
1869 		if ((e.e_oid != ihp->hba_oid) &&
1870 		    (e.e_oid != ISCSI_OID_NOTSET)) {
1871 			uchar_t	    *t_name;
1872 			iscsi_sess_t *t_isp;
1873 
1874 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
1875 			/*
1876 			 * If the oid does represent a session check to see
1877 			 * if it is a target oid.  If so, return the target's
1878 			 * associated session.
1879 			 */
1880 			rtn = iscsi_sess_get(e.e_oid, ihp, &isp);
1881 			if (rtn != 0) {
1882 				rtn = iscsi_sess_get_by_target(e.e_oid, ihp,
1883 				    &isp);
1884 			}
1885 
1886 			/*
1887 			 * If rtn is zero then we have found an
1888 			 * existing session.  Use the session name to
1889 			 * do param lookup.  If rtn is non-zero then
1890 			 * create a targetparam object and use its name
1891 			 * for param lookup.
1892 			 */
1893 			if (rtn == 0) {
1894 				t_name = isp->sess_name;
1895 			} else {
1896 				t_name = iscsi_targetparam_get_name(e.e_oid);
1897 				rtn = 0;
1898 			}
1899 
1900 			if (t_name == NULL) {
1901 				rw_exit(&ihp->hba_sess_list_rwlock);
1902 				rtn = EFAULT;
1903 				break;
1904 			}
1905 
1906 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
1907 			(void) strncpy((char *)name, (char *)t_name,
1908 			    ISCSI_MAX_NAME_LEN);
1909 
1910 			if (persistent_param_clear((char *)name) == B_FALSE) {
1911 				kmem_free(name, ISCSI_MAX_NAME_LEN);
1912 				rw_exit(&ihp->hba_sess_list_rwlock);
1913 				rtn = EIO;
1914 				break;
1915 			}
1916 
1917 			ics = kmem_zalloc(sizeof (*ics), KM_SLEEP);
1918 			ics->ics_ver = ISCSI_INTERFACE_VERSION;
1919 			ics->ics_oid = ISCSI_INITIATOR_OID;
1920 			ics->ics_in  = 1;
1921 
1922 			/*
1923 			 * We may have multiple sessions with different
1924 			 * tpgt values.  So we need to loop through
1925 			 * the sessions and update all sessions.
1926 			 */
1927 			for (isp = ihp->hba_sess_list; isp;
1928 			    isp = t_isp) {
1929 				t_isp = isp->sess_next;
1930 
1931 				if (strncmp((char *)isp->sess_name,
1932 				    (char *)name, ISCSI_MAX_NAME_LEN) == 0) {
1933 					/*
1934 					 * When removing target-params we need
1935 					 * slightly different actions depending
1936 					 * on if the session should still exist.
1937 					 * Get the initiator-node value for
1938 					 * MS/T.  If there is no initiator
1939 					 * value then assume the default value
1940 					 * of 1.  If the initiator value is
1941 					 * less than this ISID then we need to
1942 					 * destroy the session.  Otherwise
1943 					 * update the session information and
1944 					 * resync (N7 event).
1945 					 */
1946 					rtn = iscsi_ioctl_get_config_sess(
1947 					    ihp, ics);
1948 					if (((rtn != 0) &&
1949 					    (isp->sess_isid[5] > 0)) ||
1950 					    ((rtn == 0) &&
1951 					    (ics->ics_out <=
1952 					    isp->sess_isid[5]))) {
1953 
1954 						/*
1955 						 * This session should no
1956 						 * longer exist.  Remove
1957 						 * session.
1958 						 */
1959 						if (!ISCSI_SUCCESS(
1960 						    iscsi_sess_destroy(isp))) {
1961 							kmem_free(ics,
1962 							    sizeof (*ics));
1963 							kmem_free(name,
1964 							    ISCSI_MAX_NAME_LEN);
1965 						rw_exit(&ihp->
1966 						    hba_sess_list_rwlock);
1967 							rtn = EBUSY;
1968 							break;
1969 						}
1970 						isp = ihp->hba_sess_list;
1971 					} else {
1972 						/*
1973 						 * Reset the session
1974 						 * parameters.
1975 						 */
1976 						bcopy(&(isp->sess_hba->
1977 						    hba_params),
1978 						    &(isp->sess_params),
1979 						    sizeof (isp->sess_params));
1980 						if (iscsiboot_prop &&
1981 						    isp->sess_boot) {
1982 							/*
1983 							 * reconfig boot
1984 							 * session later
1985 							 */
1986 							continue;
1987 						}
1988 						/*
1989 						 * Notify the session that the
1990 						 * login parameters have
1991 						 * changed.
1992 						 */
1993 						mutex_enter(&isp->
1994 						    sess_state_mutex);
1995 						iscsi_sess_state_machine(isp,
1996 						    ISCSI_SESS_EVENT_N7);
1997 						mutex_exit(&isp->
1998 						    sess_state_mutex);
1999 					}
2000 				}
2001 			}
2002 			kmem_free(ics, sizeof (*ics));
2003 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2004 			rw_exit(&ihp->hba_sess_list_rwlock);
2005 			if (iscsiboot_prop) {
2006 				if (iscsi_cmp_boot_sess_oid(ihp, e.e_oid)) {
2007 					/*
2008 					 * found active session for this object
2009 					 * or this is initiator object
2010 					 * with mpxio enabled
2011 					 */
2012 					if (!iscsi_reconfig_boot_sess(ihp)) {
2013 						rtn = EINVAL;
2014 						break;
2015 					}
2016 				}
2017 			}
2018 		}
2019 		break;
2020 
2021 	/*
2022 	 * ISCSI_TARGET_OID_LIST_GET -
2023 	 */
2024 	case ISCSI_TARGET_OID_LIST_GET:
2025 		/* copyin user args */
2026 		if (ddi_copyin((caddr_t)arg, &idl,
2027 		    sizeof (idl), mode)) {
2028 			rtn = EFAULT;
2029 			break;
2030 		}
2031 
2032 		if (idl.tl_vers != ISCSI_INTERFACE_VERSION) {
2033 			rtn = EINVAL;
2034 			break;
2035 		}
2036 
2037 		list_space = sizeof (iscsi_target_list_t);
2038 		if (idl.tl_in_cnt != 0)
2039 			list_space += (sizeof (uint32_t) *
2040 			    (idl.tl_in_cnt - 1));
2041 
2042 		idlp = kmem_zalloc(list_space, KM_SLEEP);
2043 		bcopy(&idl, idlp, sizeof (idl));
2044 		idlp->tl_out_cnt = 0;
2045 
2046 		/*
2047 		 * If target list type is ISCSI_TGT_OID_LIST and discovery
2048 		 * has not been completed or in progress, poke the discovery
2049 		 * methods so target information is returned
2050 		 */
2051 		mutex_enter(&ihp->hba_discovery_events_mutex);
2052 		method = ihp->hba_discovery_events;
2053 		if ((idl.tl_tgt_list_type == ISCSI_TGT_OID_LIST) &&
2054 		    (method != ISCSI_ALL_DISCOVERY_METHODS) &&
2055 		    (ihp->hba_discovery_in_progress == B_FALSE)) {
2056 			ihp->hba_discovery_in_progress = B_TRUE;
2057 			mutex_exit(&ihp->hba_discovery_events_mutex);
2058 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodUnknown);
2059 			mutex_enter(&ihp->hba_discovery_events_mutex);
2060 			ihp->hba_discovery_in_progress = B_FALSE;
2061 		}
2062 		mutex_exit(&ihp->hba_discovery_events_mutex);
2063 
2064 		/*
2065 		 * Return the correct list information based on the type
2066 		 */
2067 		switch (idl.tl_tgt_list_type) {
2068 		/* ISCSI_TGT_PARAM_OID_LIST - iscsiadm list target-params */
2069 		case ISCSI_TGT_PARAM_OID_LIST:
2070 			/* get params from persistent store */
2071 			iscsi_targetparam_lock_list(RW_READER);
2072 			curr_entry = iscsi_targetparam_get_next_entry(NULL);
2073 			while (curr_entry != NULL) {
2074 				if (idlp->tl_out_cnt < idlp->tl_in_cnt) {
2075 					idlp->tl_oid_list[idlp->tl_out_cnt] =
2076 					    curr_entry->target_oid;
2077 				}
2078 				idlp->tl_out_cnt++;
2079 				curr_entry = iscsi_targetparam_get_next_entry(
2080 				    curr_entry);
2081 			}
2082 			iscsi_targetparam_unlock_list();
2083 			break;
2084 
2085 		/* ISCSI_STATIC_TGT_OID_LIST - iscsiadm list static-config */
2086 		case ISCSI_STATIC_TGT_OID_LIST:
2087 		{
2088 			char *target_name = NULL;
2089 			void *v = NULL;
2090 
2091 			/* get static-config from persistent store */
2092 			target_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2093 			persistent_static_addr_lock();
2094 			while (persistent_static_addr_next(&v,
2095 			    (char *)target_name, &e) == B_TRUE) {
2096 
2097 				if (idlp->tl_out_cnt < idlp->tl_in_cnt) {
2098 					idlp->tl_oid_list[idlp->tl_out_cnt] =
2099 					    e.e_oid;
2100 				}
2101 				idlp->tl_out_cnt++;
2102 
2103 			}
2104 
2105 			persistent_static_addr_unlock();
2106 			kmem_free(target_name, ISCSI_MAX_NAME_LEN);
2107 			break;
2108 		}
2109 
2110 		/* ISCSI_TGT_OID_LIST - iscsiadm list target */
2111 		case ISCSI_TGT_OID_LIST:
2112 
2113 			/* get sessions from hba's session list */
2114 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2115 			for (isp = ihp->hba_sess_list; isp;
2116 			    isp = isp->sess_next) {
2117 
2118 				if (((isp->sess_state !=
2119 				    ISCSI_SESS_STATE_FREE) ||
2120 				    (isp->sess_discovered_by !=
2121 				    iSCSIDiscoveryMethodUnknown)) &&
2122 				    (isp->sess_type ==
2123 				    ISCSI_SESS_TYPE_NORMAL)) {
2124 					if (idlp->tl_out_cnt <
2125 					    idlp->tl_in_cnt) {
2126 						idlp->tl_oid_list[
2127 						    idlp->tl_out_cnt] =
2128 						    isp->sess_oid;
2129 					}
2130 					idlp->tl_out_cnt++;
2131 				}
2132 
2133 			}
2134 			rw_exit(&ihp->hba_sess_list_rwlock);
2135 			break;
2136 
2137 		default:
2138 			ASSERT(FALSE);
2139 		}
2140 
2141 		rtn = ddi_copyout(idlp, (caddr_t)arg, list_space, mode);
2142 		kmem_free(idlp, list_space);
2143 		break;
2144 
2145 	/*
2146 	 * ISCSI_TARGET_PROPS_GET -
2147 	 */
2148 	case ISCSI_TARGET_PROPS_GET:
2149 		/* ---- fall through sense the code is almost the same ---- */
2150 
2151 	/*
2152 	 * ISCSI_TARGET_PROPS_SET -
2153 	 */
2154 	case ISCSI_TARGET_PROPS_SET:
2155 		/* copyin user args */
2156 		ipp = (iscsi_property_t *)kmem_alloc(sizeof (*ipp),
2157 		    KM_SLEEP);
2158 		if (ddi_copyin((caddr_t)arg, ipp, sizeof (*ipp), mode)) {
2159 			rtn = EFAULT;
2160 			kmem_free(ipp, sizeof (*ipp));
2161 			break;
2162 		}
2163 
2164 		if (ipp->p_vers != ISCSI_INTERFACE_VERSION) {
2165 			rtn = EINVAL;
2166 			kmem_free(ipp, sizeof (*ipp));
2167 			break;
2168 		}
2169 
2170 		rtn = iscsi_target_prop_mod(ihp, ipp, cmd);
2171 		if (rtn == 0)
2172 			rtn = ddi_copyout(ipp, (caddr_t)arg,
2173 			    sizeof (*ipp), mode);
2174 		kmem_free(ipp, sizeof (*ipp));
2175 		break;
2176 
2177 	/*
2178 	 * ISCSI_TARGET_ADDRESS_GET -
2179 	 */
2180 	case ISCSI_TARGET_ADDRESS_GET:
2181 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2182 			rtn = EFAULT;
2183 			break;
2184 		}
2185 
2186 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2187 			rtn = EINVAL;
2188 			break;
2189 		}
2190 
2191 		/*
2192 		 * Find out how much space we need to malloc for the users
2193 		 * request.
2194 		 */
2195 		list_space = sizeof (iscsi_addr_list_t);
2196 		if (ial.al_in_cnt != 0) {
2197 			list_space += (sizeof (iscsi_addr_t) *
2198 			    (ial.al_in_cnt - 1));
2199 		}
2200 		ialp = (iscsi_addr_list_t *)kmem_zalloc(list_space, KM_SLEEP);
2201 
2202 		/* Copy in the header portion */
2203 		bcopy(&ial, ialp, sizeof (ial));
2204 
2205 		/* session */
2206 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2207 		rtn = iscsi_sess_get(ialp->al_oid, ihp, &isp);
2208 		if (rtn != 0) {
2209 			rw_exit(&ihp->hba_sess_list_rwlock);
2210 			rtn = EFAULT;
2211 			break;
2212 		}
2213 
2214 		ialp->al_out_cnt	= 0;
2215 		ialp->al_tpgt		= isp->sess_tpgt_conf;
2216 		rw_enter(&isp->sess_conn_list_rwlock, RW_READER);
2217 		for (icp = isp->sess_conn_list; icp; icp = icp->conn_next) {
2218 			if (icp->conn_state != ISCSI_CONN_STATE_LOGGED_IN) {
2219 				continue;
2220 			}
2221 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2222 				iscsi_addr_t		*ap;
2223 
2224 				ap = &ialp->al_addrs[ialp->al_out_cnt];
2225 				if (icp->conn_base_addr.sin.sa_family
2226 				    == AF_INET) {
2227 
2228 					struct sockaddr_in *addr_in =
2229 					    (struct sockaddr_in *)&icp->
2230 					    conn_base_addr.sin4;
2231 					ap->a_addr.i_insize =
2232 					    sizeof (struct in_addr);
2233 					bcopy(&addr_in->sin_addr.s_addr,
2234 					    &ap->a_addr.i_addr.in4.s_addr,
2235 					    sizeof (struct in_addr));
2236 					ap->a_port = addr_in->sin_port;
2237 
2238 				} else {
2239 
2240 					struct sockaddr_in6 *addr_in6 =
2241 					    (struct sockaddr_in6 *)&icp->
2242 					    conn_base_addr.sin6;
2243 					ap->a_addr.i_insize =
2244 					    sizeof (struct in6_addr);
2245 					bcopy(&addr_in6->sin6_addr.s6_addr,
2246 					    &ap->a_addr.i_addr.in6.s6_addr,
2247 					    sizeof (struct in6_addr));
2248 					ap->a_port = addr_in6->sin6_port;
2249 
2250 				}
2251 			}
2252 			ialp->al_out_cnt++;
2253 		}
2254 		rw_exit(&isp->sess_conn_list_rwlock);
2255 		rw_exit(&ihp->hba_sess_list_rwlock);
2256 
2257 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2258 		kmem_free(ialp, list_space);
2259 		break;
2260 
2261 	/*
2262 	 * ISCSI_CHAP_SET -
2263 	 */
2264 	case ISCSI_CHAP_SET:
2265 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2266 		    KM_SLEEP);
2267 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2268 			rtn = EFAULT;
2269 			kmem_free(chap, sizeof (*chap));
2270 			break;
2271 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2272 			rtn = EINVAL;
2273 			kmem_free(chap, sizeof (*chap));
2274 			break;
2275 		}
2276 
2277 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2278 		if (chap->c_oid == ihp->hba_oid)
2279 			name = ihp->hba_name;
2280 		else {
2281 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2282 			if (rtn != 0) {
2283 				rtn = iscsi_sess_get_by_target(
2284 				    chap->c_oid, ihp, &isp);
2285 			}
2286 
2287 			/*
2288 			 * If rtn is zero then we have found an
2289 			 * existing session.  Use the session name to
2290 			 * do param lookup.  If rtn is non-zero then
2291 			 * create a targetparam object and use its name
2292 			 * for param lookup.
2293 			 */
2294 			if (rtn == 0) {
2295 				name = isp->sess_name;
2296 			} else {
2297 				name =
2298 				    iscsi_targetparam_get_name(chap->c_oid);
2299 				rtn = 0;
2300 			}
2301 		}
2302 
2303 		if (name == NULL) {
2304 			rw_exit(
2305 			    &ihp->hba_sess_list_rwlock);
2306 			rtn = EFAULT;
2307 			kmem_free(chap, sizeof (*chap));
2308 			break;
2309 		}
2310 
2311 		if (persistent_chap_set((char *)name, chap) ==
2312 		    B_FALSE) {
2313 			rtn = EIO;
2314 		}
2315 		rw_exit(&ihp->hba_sess_list_rwlock);
2316 		kmem_free(chap, sizeof (*chap));
2317 		break;
2318 
2319 	/*
2320 	 * ISCSI_CHAP_GET -
2321 	 */
2322 	case ISCSI_CHAP_GET:
2323 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2324 		    KM_SLEEP);
2325 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2326 			kmem_free(chap, sizeof (*chap));
2327 			rtn = EFAULT;
2328 			break;
2329 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2330 			kmem_free(chap, sizeof (*chap));
2331 			rtn = EINVAL;
2332 			break;
2333 		}
2334 
2335 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2336 		if (chap->c_oid == ihp->hba_oid)
2337 			name = ihp->hba_name;
2338 		else {
2339 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2340 			if (rtn != 0) {
2341 				rtn = iscsi_sess_get_by_target(
2342 				    chap->c_oid, ihp, &isp);
2343 			}
2344 
2345 			/*
2346 			 * If rtn is zero then we have found an
2347 			 * existing session.  Use the session name to
2348 			 * do param lookup.  If rtn is non-zero then
2349 			 * create a targetparam object and use its name
2350 			 * for param lookup.
2351 			 */
2352 			if (rtn == 0) {
2353 				name = isp->sess_name;
2354 			} else {
2355 				rtn = 0;
2356 				name =
2357 				    iscsi_targetparam_get_name(chap->c_oid);
2358 			}
2359 
2360 			if (name == NULL) {
2361 				rw_exit(&ihp->hba_sess_list_rwlock);
2362 				rtn = EFAULT;
2363 				break;
2364 			}
2365 			/*
2366 			 * Initialize the target-side chap name to the
2367 			 * session name if no chap settings have been
2368 			 * saved for the current session.
2369 			 */
2370 			if (persistent_chap_get((char *)name,
2371 			    chap) == B_FALSE) {
2372 				int name_len = strlen((char *)name);
2373 				iscsi_chap_props_t *chap = NULL;
2374 				chap = (iscsi_chap_props_t *)kmem_zalloc
2375 				    (sizeof (iscsi_chap_props_t), KM_SLEEP);
2376 				bcopy((char *)name, chap->c_user, name_len);
2377 				chap->c_user_len = name_len;
2378 				(void) (persistent_chap_set((char *)name,
2379 				    chap));
2380 				kmem_free(chap, sizeof (*chap));
2381 			}
2382 		}
2383 
2384 		if (name == NULL) {
2385 			rw_exit(
2386 			    &ihp->hba_sess_list_rwlock);
2387 			rtn = EFAULT;
2388 			break;
2389 		}
2390 
2391 		if (persistent_chap_get((char *)name, chap) == B_FALSE) {
2392 			rw_exit(&ihp->hba_sess_list_rwlock);
2393 			rtn = EIO;
2394 			break;
2395 		}
2396 		rw_exit(&ihp->hba_sess_list_rwlock);
2397 
2398 		rtn = ddi_copyout(chap, (caddr_t)arg, sizeof (*chap), mode);
2399 		kmem_free(chap, sizeof (*chap));
2400 		break;
2401 
2402 	/*
2403 	 * ISCSI_CHAP_CLEAR -
2404 	 */
2405 	case ISCSI_CHAP_CLEAR:
2406 		chap = (iscsi_chap_props_t *)kmem_zalloc(sizeof (*chap),
2407 		    KM_SLEEP);
2408 		if (ddi_copyin((caddr_t)arg, chap, sizeof (*chap), mode)) {
2409 			rtn = EFAULT;
2410 			kmem_free(chap, sizeof (*chap));
2411 			break;
2412 		} else if (chap->c_vers != ISCSI_INTERFACE_VERSION) {
2413 			rtn = EINVAL;
2414 			kmem_free(chap, sizeof (*chap));
2415 			break;
2416 		}
2417 
2418 		if (chap->c_oid == ihp->hba_oid) {
2419 			iscsi_sess_t *sessp;
2420 
2421 			name = ihp->hba_name;
2422 
2423 			if (persistent_chap_clear(
2424 			    (char *)name) == B_FALSE) {
2425 				rtn = EIO;
2426 			}
2427 
2428 			/*
2429 			 * Loop through all sessions and memset their
2430 			 * (initiator's) passwords
2431 			 */
2432 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2433 			for (sessp = ihp->hba_sess_list; sessp;
2434 			    sessp = sessp->sess_next) {
2435 				(void) memset(sessp->sess_auth.password,
2436 				    0, iscsiAuthStringMaxLength);
2437 				sessp->sess_auth.password_length = 0;
2438 			}
2439 			rw_exit(&ihp->hba_sess_list_rwlock);
2440 
2441 		} else {
2442 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
2443 			/*
2444 			 * If the oid does represent a session check to see
2445 			 * if it is a target oid.  If so, return the target's
2446 			 * associated session.
2447 			 */
2448 			rtn = iscsi_sess_get(chap->c_oid, ihp, &isp);
2449 			if (rtn != 0) {
2450 				rtn = iscsi_sess_get_by_target(chap->c_oid,
2451 				    ihp, &isp);
2452 			}
2453 
2454 			rw_exit(&ihp->hba_sess_list_rwlock);
2455 
2456 			/*
2457 			 * If rtn is zero then we have found an
2458 			 * existing session.  Use the session name to
2459 			 * do param lookup.  If rtn is non-zero then
2460 			 * create a targetparam object and use its name
2461 			 * for param lookup.
2462 			 */
2463 			if (rtn == 0) {
2464 				name = isp->sess_name;
2465 			} else {
2466 				name =
2467 				    iscsi_targetparam_get_name(chap->c_oid);
2468 				rtn = 0;
2469 			}
2470 
2471 			if (name == NULL) {
2472 				rw_exit(
2473 				    &ihp->hba_sess_list_rwlock);
2474 				rtn = EFAULT;
2475 				break;
2476 			}
2477 
2478 			if (persistent_chap_clear(
2479 			    (char *)name) == B_FALSE) {
2480 				rtn = EIO;
2481 			}
2482 
2483 			/*
2484 			 * Clear out session chap password if we found a
2485 			 * session above.
2486 			 */
2487 			if (isp != NULL) {
2488 				(void) memset(isp->sess_auth.password_in,
2489 				    0, iscsiAuthStringMaxLength);
2490 				isp->sess_auth.password_length_in = 0;
2491 			}
2492 
2493 		}
2494 
2495 		kmem_free(chap, sizeof (*chap));
2496 		break;
2497 
2498 	/*
2499 	 * ISCSI_STATIC_GET -
2500 	 */
2501 	case ISCSI_STATIC_GET:
2502 		ispp = (iscsi_static_property_t *)kmem_alloc(
2503 		    sizeof (*ispp), KM_SLEEP);
2504 
2505 		if (ddi_copyin((caddr_t)arg, ispp, sizeof (*ispp), mode)) {
2506 			rtn = EFAULT;
2507 			kmem_free(ispp, sizeof (*ispp));
2508 			break;
2509 		}
2510 
2511 		if (ispp->p_vers != ISCSI_INTERFACE_VERSION) {
2512 			rtn = EINVAL;
2513 			kmem_free(ispp, sizeof (*ispp));
2514 			break;
2515 		}
2516 
2517 		{
2518 			void *v = NULL;
2519 			boolean_t found = B_FALSE;
2520 
2521 			persistent_static_addr_lock();
2522 			while (persistent_static_addr_next(&v,
2523 			    (char *)ispp->p_name, &e) == B_TRUE) {
2524 
2525 				if (ispp->p_oid == e.e_oid) {
2526 					/*
2527 					 * In case there are multiple
2528 					 * addresses associated with the
2529 					 * given target OID, pick the first
2530 					 * one.
2531 					 */
2532 					iscsi_addr_t *ap;
2533 
2534 					ap = &(ispp->p_addr_list.al_addrs[0]);
2535 					ap->a_port = e.e_port;
2536 					ap->a_addr.i_insize = e.e_insize;
2537 					bcopy(e.e_u.u_in6.s6_addr,
2538 					    ap->a_addr.i_addr.in6.s6_addr,
2539 					    e.e_insize);
2540 					ispp->p_name_len =
2541 					    strlen((char *)ispp->p_name);
2542 					ispp->p_addr_list.al_tpgt = e.e_tpgt;
2543 					ispp->p_addr_list.al_out_cnt = 1;
2544 
2545 					found = B_TRUE;
2546 					break;
2547 				}
2548 			}
2549 			persistent_static_addr_unlock();
2550 
2551 			if (found == B_TRUE) {
2552 				rtn = ddi_copyout(ispp, (caddr_t)arg,
2553 				    sizeof (*ispp), mode);
2554 			} else {
2555 				rtn = ENOENT;
2556 			}
2557 		}
2558 		kmem_free(ispp, sizeof (*ispp));
2559 
2560 		break;
2561 
2562 	/*
2563 	 * ISCSI_STATIC_SET -
2564 	 */
2565 	case ISCSI_STATIC_SET:
2566 		target = iscsi_ioctl_copyin((caddr_t)arg, mode,
2567 		    sizeof (*target));
2568 		if (target == NULL) {
2569 			rtn = EFAULT;
2570 			break;
2571 		}
2572 
2573 		if (target->te_entry.e_vers != ISCSI_INTERFACE_VERSION) {
2574 			kmem_free(target, sizeof (*target));
2575 			rtn = EINVAL;
2576 			break;
2577 		}
2578 
2579 		/* Check if the target's already been added */
2580 		{
2581 			boolean_t static_target_found = B_FALSE;
2582 			void *v = NULL;
2583 
2584 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2585 			persistent_static_addr_lock();
2586 			while (persistent_static_addr_next(&v, (char *)name,
2587 			    &e) == B_TRUE) {
2588 				/*
2589 				 * MC/S - Need to check IP address and port
2590 				 * number as well when we support MC/S.
2591 				 */
2592 				if ((strncmp((char *)name,
2593 				    (char *)target->te_name,
2594 				    ISCSI_MAX_NAME_LEN) == 0) &&
2595 				    (target->te_entry.e_tpgt == e.e_tpgt) &&
2596 				    (target->te_entry.e_insize == e.e_insize) &&
2597 				    (bcmp(&target->te_entry.e_u, &e.e_u,
2598 				    e.e_insize) == 0)) {
2599 					/*
2600 					 * We don't allow MC/S for now but
2601 					 * we do allow adding the same target
2602 					 * with different TPGTs (hence,
2603 					 * different sessions).
2604 					 */
2605 					static_target_found = B_TRUE;
2606 					break;
2607 				}
2608 			}
2609 			persistent_static_addr_unlock();
2610 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2611 
2612 			if (static_target_found == B_TRUE) {
2613 				/* Duplicate entry */
2614 				kmem_free(target, sizeof (*target));
2615 				rtn = EEXIST;
2616 				break;
2617 			}
2618 		}
2619 
2620 		if (target->te_entry.e_oid == ISCSI_OID_NOTSET) {
2621 			mutex_enter(&iscsi_oid_mutex);
2622 			target->te_entry.e_oid = iscsi_oid++;
2623 			mutex_exit(&iscsi_oid_mutex);
2624 		}
2625 
2626 		persistent_static_addr_lock();
2627 		if (persistent_static_addr_set((char *)target->te_name,
2628 		    &target->te_entry) == B_FALSE) {
2629 			persistent_static_addr_unlock();
2630 			kmem_free(target, sizeof (*target));
2631 			rtn = EIO;
2632 			break;
2633 		}
2634 		persistent_static_addr_unlock();
2635 
2636 		/*
2637 		 * If Static Targets discovery is enabled, then add
2638 		 * target to discovery queue. Otherwise, just create
2639 		 * the session for potential future use.
2640 		 */
2641 		method = persistent_disc_meth_get();
2642 		if (method & iSCSIDiscoveryMethodStatic) {
2643 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodStatic);
2644 			(void) iscsid_login_tgt(ihp, (char *)target->te_name,
2645 			    iSCSIDiscoveryMethodStatic, NULL);
2646 		}
2647 
2648 		rtn = iscsi_ioctl_copyout(target, sizeof (*target),
2649 		    (caddr_t)arg, mode);
2650 		break;
2651 
2652 	/*
2653 	 * ISCSI_STATIC_CLEAR -
2654 	 */
2655 	case ISCSI_STATIC_CLEAR:
2656 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2657 			rtn = EFAULT;
2658 			break;
2659 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2660 			rtn = EINVAL;
2661 			break;
2662 		}
2663 
2664 		{
2665 			boolean_t	found = B_FALSE;
2666 			void		*v = NULL;
2667 			entry_t		tmp_e;
2668 			char		*name = NULL;
2669 
2670 			name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
2671 
2672 			/* Find name for matching static_tgt oid */
2673 			persistent_static_addr_lock();
2674 			while (persistent_static_addr_next(&v,
2675 			    (char *)name, &tmp_e) == B_TRUE) {
2676 				if (e.e_oid == tmp_e.e_oid) {
2677 					found = B_TRUE;
2678 					break;
2679 				}
2680 			}
2681 
2682 			/* If static_tgt found logout and remove it */
2683 			if (found == B_TRUE) {
2684 
2685 				iscsid_addr_to_sockaddr(tmp_e.e_insize,
2686 				    &tmp_e.e_u, tmp_e.e_port, &addr_dsc.sin);
2687 
2688 				/* Attempt to logout of target */
2689 				if (iscsid_del(ihp, (char *)name,
2690 				    iSCSIDiscoveryMethodStatic, &addr_dsc.sin)
2691 				    == B_TRUE) {
2692 					persistent_static_addr_unlock();
2693 
2694 					/* remove from persistent store */
2695 					if (persistent_static_addr_clear(
2696 					    e.e_oid) == B_FALSE) {
2697 						rtn = EIO;
2698 					}
2699 
2700 					iscsid_poke_discovery(ihp,
2701 					    iSCSIDiscoveryMethodStatic);
2702 					(void) iscsid_login_tgt(ihp,
2703 					    (char *)name,
2704 					    iSCSIDiscoveryMethodStatic,
2705 					    NULL);
2706 
2707 				} else {
2708 					persistent_static_addr_unlock();
2709 					rtn = EBUSY;
2710 				}
2711 			} else {
2712 				persistent_static_addr_unlock();
2713 				rtn = EIO;
2714 			}
2715 			kmem_free(name, ISCSI_MAX_NAME_LEN);
2716 		}
2717 		break;
2718 
2719 	/*
2720 	 * ISCSI_ISNS_SERVER_ADDR_SET:
2721 	 */
2722 	case ISCSI_ISNS_SERVER_ADDR_SET:
2723 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2724 			rtn = EFAULT;
2725 			break;
2726 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2727 			rtn = EINVAL;
2728 			break;
2729 		}
2730 
2731 		if (persistent_isns_addr_set(&e) == B_FALSE) {
2732 			rtn = EIO;
2733 			break;
2734 		}
2735 
2736 		/*
2737 		 * If iSNS server discovery is enabled, then kickoff
2738 		 * discovery of the targets advertised by the recently
2739 		 * added iSNS server address.
2740 		 */
2741 		method = persistent_disc_meth_get();
2742 		if (method & iSCSIDiscoveryMethodISNS) {
2743 			initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN,
2744 			    KM_SLEEP);
2745 			if (persistent_initiator_name_get(initiator_node_name,
2746 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
2747 				kmem_free(initiator_node_name,
2748 				    ISCSI_MAX_NAME_LEN);
2749 				initiator_node_name = NULL;
2750 				rtn = EIO;
2751 				break;
2752 			}
2753 			if (strlen(initiator_node_name) == 0) {
2754 				kmem_free(initiator_node_name,
2755 				    ISCSI_MAX_NAME_LEN);
2756 				initiator_node_name = NULL;
2757 				rtn = EIO;
2758 				break;
2759 			}
2760 
2761 			initiator_node_alias = kmem_zalloc(ISCSI_MAX_NAME_LEN,
2762 			    KM_SLEEP);
2763 			if (persistent_alias_name_get(initiator_node_alias,
2764 			    ISCSI_MAX_NAME_LEN) != B_TRUE) {
2765 				initiator_node_alias[0] = '\0';
2766 			}
2767 
2768 			/*
2769 			 * Register this initiator node against this iSNS
2770 			 * server.
2771 			 */
2772 			(void) isns_reg_one_server(&e, ihp->hba_isid,
2773 			    (uint8_t *)initiator_node_name,
2774 			    ISCSI_MAX_NAME_LEN,
2775 			    (uint8_t *)initiator_node_alias,
2776 			    ISCSI_MAX_NAME_LEN,
2777 			    ISNS_INITIATOR_NODE_TYPE,
2778 			    isns_scn_callback);
2779 
2780 			iscsid_do_isns_query_one_server(ihp, &e);
2781 
2782 			iscsid_addr_to_sockaddr(e.e_insize,
2783 			    &e.e_u, e.e_port, &addr_dsc.sin);
2784 
2785 			(void) iscsid_login_tgt(ihp, NULL,
2786 			    iSCSIDiscoveryMethodISNS,
2787 			    &addr_dsc.sin);
2788 
2789 			/* Done using the name and alias - free them. */
2790 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
2791 			initiator_node_name = NULL;
2792 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
2793 			initiator_node_alias = NULL;
2794 		}
2795 		break;
2796 
2797 	/*
2798 	 * ISCSI_DISCOVERY_ADDR_SET:
2799 	 */
2800 	case ISCSI_DISCOVERY_ADDR_SET:
2801 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2802 			rtn = EFAULT;
2803 			break;
2804 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2805 			rtn = EINVAL;
2806 			break;
2807 		}
2808 
2809 		if (e.e_oid == ISCSI_OID_NOTSET) {
2810 			mutex_enter(&iscsi_oid_mutex);
2811 			e.e_oid = iscsi_oid++;
2812 			mutex_exit(&iscsi_oid_mutex);
2813 		}
2814 
2815 		if (persistent_disc_addr_set(&e) == B_FALSE) {
2816 			rtn = EIO;
2817 			break;
2818 		}
2819 
2820 		/*
2821 		 * If Send Targets discovery is enabled, then kickoff
2822 		 * discovery of the targets advertised by the recently
2823 		 * added discovery address.
2824 		 */
2825 		method = persistent_disc_meth_get();
2826 		if (method & iSCSIDiscoveryMethodSendTargets) {
2827 
2828 			iscsid_addr_to_sockaddr(e.e_insize,
2829 			    &e.e_u, e.e_port, &addr_dsc.sin);
2830 			iscsid_do_sendtgts(&e);
2831 			(void) iscsid_login_tgt(ihp, NULL,
2832 			    iSCSIDiscoveryMethodSendTargets,
2833 			    &addr_dsc.sin);
2834 
2835 		}
2836 		break;
2837 
2838 	/*
2839 	 * ISCSI_DISCOVERY_ADDR_LIST_GET
2840 	 */
2841 	case ISCSI_DISCOVERY_ADDR_LIST_GET:
2842 		/* copyin user args */
2843 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2844 			rtn = EFAULT;
2845 			break;
2846 		}
2847 
2848 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2849 			rtn = EINVAL;
2850 			break;
2851 		}
2852 
2853 		list_space = sizeof (iscsi_addr_list_t);
2854 		if (ial.al_in_cnt != 0) {
2855 			list_space += (sizeof (iscsi_addr_t) *
2856 			    (ial.al_in_cnt - 1));
2857 		}
2858 
2859 		ialp = kmem_zalloc(list_space, KM_SLEEP);
2860 		bcopy(&ial, ialp, sizeof (iscsi_addr_list_t));
2861 
2862 		void_p = NULL;
2863 		ialp->al_out_cnt = 0;
2864 		persistent_disc_addr_lock();
2865 		while (persistent_disc_addr_next(&void_p, &e) == B_TRUE) {
2866 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2867 				int		i = ialp->al_out_cnt;
2868 				iscsi_addr_t	*addr = &ialp->al_addrs[i];
2869 
2870 				addr->a_port = e.e_port;
2871 				addr->a_addr.i_insize = e.e_insize;
2872 				addr->a_oid = e.e_oid;
2873 
2874 				if (e.e_insize == sizeof (struct in_addr)) {
2875 					/* IPv4 */
2876 					addr->a_addr.i_addr.in4.s_addr =
2877 					    e.e_u.u_in4.s_addr;
2878 				} else if (e.e_insize ==
2879 					    sizeof (struct in6_addr)) {
2880 					/* IPv6 */
2881 					bcopy(e.e_u.u_in6.s6_addr,
2882 					    addr->a_addr.i_addr.in6.s6_addr,
2883 					    16);
2884 				}
2885 			}
2886 			ialp->al_out_cnt++;
2887 		}
2888 		persistent_disc_addr_unlock();
2889 
2890 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2891 		kmem_free(ialp, list_space);
2892 		break;
2893 
2894 	/*
2895 	 * ISCSI_ISNS_SERVER_ADDR_LIST_GET
2896 	 */
2897 	case ISCSI_ISNS_SERVER_ADDR_LIST_GET:
2898 		/* copyin user args */
2899 		if (ddi_copyin((caddr_t)arg, &ial, sizeof (ial), mode)) {
2900 			rtn = EFAULT;
2901 			break;
2902 		}
2903 
2904 		if (ial.al_vers != ISCSI_INTERFACE_VERSION) {
2905 			rtn = EINVAL;
2906 			break;
2907 		}
2908 
2909 		list_space = sizeof (iscsi_addr_list_t);
2910 		if (ial.al_in_cnt != 0) {
2911 			list_space += (sizeof (iscsi_addr_t) *
2912 			    (ial.al_in_cnt - 1));
2913 		}
2914 
2915 		ialp = kmem_zalloc(list_space, KM_SLEEP);
2916 		bcopy(&ial, ialp, sizeof (iscsi_addr_list_t));
2917 
2918 		void_p = NULL;
2919 		ialp->al_out_cnt = 0;
2920 		persistent_isns_addr_lock();
2921 		while (persistent_isns_addr_next(&void_p, &e) == B_TRUE) {
2922 			if (ialp->al_out_cnt < ialp->al_in_cnt) {
2923 				int		i = ialp->al_out_cnt;
2924 				iscsi_addr_t	*addr = &ialp->al_addrs[i];
2925 
2926 				addr->a_port = e.e_port;
2927 				addr->a_addr.i_insize = e.e_insize;
2928 				if (e.e_insize == sizeof (struct in_addr)) {
2929 					/* IPv4 */
2930 					addr->a_addr.i_addr.in4.s_addr =
2931 					    e.e_u.u_in4.s_addr;
2932 				} else if (e.e_insize ==
2933 					    sizeof (struct in6_addr)) {
2934 					/* IPv6 */
2935 					bcopy(e.e_u.u_in6.s6_addr,
2936 					    addr->a_addr.i_addr.in6.s6_addr,
2937 					    16);
2938 				}
2939 			}
2940 			ialp->al_out_cnt++;
2941 		}
2942 		persistent_isns_addr_unlock();
2943 
2944 		rtn = ddi_copyout(ialp, (caddr_t)arg, list_space, mode);
2945 		kmem_free(ialp, list_space);
2946 		break;
2947 
2948 	/*
2949 	 * ISCSI_DISCOVERY_ADDR_CLEAR:
2950 	 */
2951 	case ISCSI_DISCOVERY_ADDR_CLEAR:
2952 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2953 			rtn = EFAULT;
2954 			break;
2955 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2956 			rtn = EINVAL;
2957 			break;
2958 		}
2959 
2960 		iscsid_addr_to_sockaddr(e.e_insize,
2961 		    &e.e_u, e.e_port, &addr_dsc.sin);
2962 
2963 		/* Attempt to logout of associated targets */
2964 		if (iscsid_del(ihp, NULL,
2965 		    iSCSIDiscoveryMethodSendTargets, &addr_dsc.sin) ==
2966 		    B_TRUE) {
2967 			/* Logout successful remove disc. addr. */
2968 			if (persistent_disc_addr_clear(&e) == B_FALSE) {
2969 				rtn = EIO;
2970 			}
2971 		} else {
2972 			rtn = EBUSY;
2973 		}
2974 		break;
2975 
2976 	/*
2977 	 * ISCSI_ISNS_SERVER_CLEAR:
2978 	 */
2979 	case ISCSI_ISNS_SERVER_ADDR_CLEAR:
2980 		if (ddi_copyin((caddr_t)arg, &e, sizeof (e), mode)) {
2981 			rtn = EFAULT;
2982 			break;
2983 		} else if (e.e_vers != ISCSI_INTERFACE_VERSION) {
2984 			rtn = EINVAL;
2985 			break;
2986 		}
2987 
2988 		iscsid_addr_to_sockaddr(e.e_insize,
2989 		    &e.e_u, e.e_port, &addr_dsc.sin);
2990 
2991 		/* Attempt logout of associated targets */
2992 		if (iscsid_del(ihp, NULL, iSCSIDiscoveryMethodISNS,
2993 		    &addr_dsc.sin) == B_TRUE) {
2994 			/* Logout successful */
2995 
2996 			if (persistent_isns_addr_clear(&e) == B_FALSE) {
2997 				rtn = EIO;
2998 				break;
2999 			}
3000 
3001 			method = persistent_disc_meth_get();
3002 			if (method & iSCSIDiscoveryMethodISNS) {
3003 				boolean_t is_last_isns_server_b =
3004 				    B_FALSE;
3005 				int isns_server_count = 0;
3006 				void *void_p = NULL;
3007 
3008 				/*
3009 				 * Check if the last iSNS server's been
3010 				 * removed.
3011 				 */
3012 				{
3013 					entry_t tmp_e;
3014 					persistent_isns_addr_lock();
3015 					while (persistent_isns_addr_next(
3016 					    &void_p, &tmp_e) == B_TRUE) {
3017 						isns_server_count++;
3018 					}
3019 				}
3020 				persistent_isns_addr_unlock();
3021 				if (isns_server_count == 0) {
3022 					is_last_isns_server_b = B_TRUE;
3023 				}
3024 
3025 				/*
3026 				 * Deregister this node from this iSNS
3027 				 * server.
3028 				 */
3029 				initiator_node_name = kmem_zalloc(
3030 				    ISCSI_MAX_NAME_LEN, KM_SLEEP);
3031 				if (persistent_initiator_name_get(
3032 				    initiator_node_name,
3033 				    ISCSI_MAX_NAME_LEN) == B_TRUE) {
3034 
3035 					if (strlen(initiator_node_name) > 0) {
3036 						(void) isns_dereg_one_server(
3037 						    &e, (uint8_t *)
3038 						    initiator_node_name,
3039 						    is_last_isns_server_b);
3040 					}
3041 				}
3042 				kmem_free(initiator_node_name,
3043 				    ISCSI_MAX_NAME_LEN);
3044 				initiator_node_name = NULL;
3045 			}
3046 		} else {
3047 			rtn = EBUSY;
3048 		}
3049 		break;
3050 
3051 	/*
3052 	 * ISCSI_DISCOVERY_SET -
3053 	 */
3054 	case ISCSI_DISCOVERY_SET:
3055 		if (ddi_copyin((caddr_t)arg, &method, sizeof (method), mode)) {
3056 			rtn = EFAULT;
3057 			break;
3058 		}
3059 
3060 		if (persistent_disc_meth_set(method) == B_FALSE) {
3061 			rtn = EIO;
3062 		} else {
3063 			(void) iscsid_enable_discovery(ihp, method, B_FALSE);
3064 			iscsid_poke_discovery(ihp, method);
3065 			(void) iscsid_login_tgt(ihp, NULL, method, NULL);
3066 		}
3067 		break;
3068 
3069 	/*
3070 	 * ISCSI_DISCOVERY_GET -
3071 	 */
3072 	case ISCSI_DISCOVERY_GET:
3073 		method = persistent_disc_meth_get();
3074 		rtn = ddi_copyout(&method, (caddr_t)arg,
3075 		    sizeof (method), mode);
3076 		break;
3077 
3078 	/*
3079 	 * ISCSI_DISCOVERY_CLEAR -
3080 	 */
3081 #define	ISCSI_DISCOVERY_DELAY 2	/* seconds */
3082 	case ISCSI_DISCOVERY_CLEAR:
3083 		if (ddi_copyin((caddr_t)arg, &method, sizeof (method), mode)) {
3084 			rtn = EFAULT;
3085 			break;
3086 		}
3087 
3088 		/* If discovery in progress, try few times before return busy */
3089 		retry = 0;
3090 		mutex_enter(&ihp->hba_discovery_events_mutex);
3091 		while (ihp->hba_discovery_in_progress == B_TRUE) {
3092 			if (++retry == 5) {
3093 				rtn = EBUSY;
3094 				break;
3095 			}
3096 			mutex_exit(&ihp->hba_discovery_events_mutex);
3097 			delay(SEC_TO_TICK(ISCSI_DISCOVERY_DELAY));
3098 			mutex_enter(&ihp->hba_discovery_events_mutex);
3099 		}
3100 #undef	ISCSI_DISCOVERY_DELAY
3101 
3102 		/*
3103 		 * Clear discovery first, so that any bus config or
3104 		 * discovery requests will ignore this discovery method
3105 		 */
3106 		if (rtn == 0 && persistent_disc_meth_clear(method) == B_FALSE) {
3107 			rtn = EIO;
3108 		}
3109 		mutex_exit(&ihp->hba_discovery_events_mutex);
3110 
3111 		if (rtn != 0) {
3112 			break;
3113 		}
3114 
3115 		/* Attempt to logout from all associated targets */
3116 		if (iscsid_disable_discovery(ihp, method) == B_FALSE) {
3117 			/* Failure!, reset the discovery */
3118 			if (persistent_disc_meth_set(method) == B_FALSE) {
3119 				cmn_err(CE_WARN, "Failed to reset discovery "
3120 				    "method after discovery disable failure.");
3121 			}
3122 			rtn = EBUSY;
3123 		}
3124 		break;
3125 
3126 	/*
3127 	 * ISCSI_DISCOVERY_PROPS -
3128 	 */
3129 	case ISCSI_DISCOVERY_PROPS:
3130 		iscsid_props(&discovery_props);
3131 		if (ddi_copyout(&discovery_props, (caddr_t)arg,
3132 		    sizeof (discovery_props), mode))
3133 			rtn = EFAULT;
3134 		break;
3135 
3136 	/*
3137 	 * ISCSI_LUN_OID_LIST --
3138 	 */
3139 	case ISCSI_LUN_OID_LIST_GET:
3140 		ll = (iscsi_lun_list_t *)kmem_alloc(sizeof (*ll), KM_SLEEP);
3141 		if (ddi_copyin((caddr_t)arg, ll, sizeof (*ll), mode)) {
3142 			rtn = EFAULT;
3143 			kmem_free(ll, sizeof (*ll));
3144 			break;
3145 		}
3146 
3147 		if (ll->ll_vers != ISCSI_INTERFACE_VERSION) {
3148 			rtn = EINVAL;
3149 			kmem_free(ll, sizeof (*ll));
3150 			break;
3151 		}
3152 
3153 		/*
3154 		 * Find out how much space the user has allocated in their
3155 		 * structure. Match the same space for our structure.
3156 		 */
3157 		lun_sz = sizeof (iscsi_lun_list_t);
3158 		if (ll->ll_in_cnt > 0) {
3159 			lun_sz += (ll->ll_in_cnt - 1) * sizeof (iscsi_if_lun_t);
3160 		}
3161 
3162 		llp = kmem_zalloc(lun_sz, KM_SLEEP);
3163 		bcopy(ll, llp, sizeof (*ll));
3164 		kmem_free(ll, sizeof (*ll));
3165 
3166 		/*
3167 		 * Check to see if oid references a target-param oid.  If so,
3168 		 * find the associated  session oid before getting lu list.
3169 		 */
3170 		if (iscsi_targetparam_get_name(llp->ll_tgt_oid) != NULL) {
3171 			for (isp = ihp->hba_sess_list; isp;
3172 			    isp = isp->sess_next) {
3173 				if (isp->sess_target_oid == llp->ll_tgt_oid) {
3174 					target_oid  = isp->sess_oid;
3175 					break;
3176 				}
3177 			}
3178 		} else {
3179 			target_oid = llp->ll_tgt_oid;
3180 		}
3181 
3182 
3183 		/*
3184 		 * Look at the LUNs attached to the specified target. If there
3185 		 * is space in the user structure save that information locally.
3186 		 * Always add up the count to the total. By always adding
3187 		 * the count this code can be used if ll_in_cnt == 0 and
3188 		 * the user just wishes to know the appropriate size to
3189 		 * allocate.
3190 		 */
3191 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3192 		for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
3193 			if ((llp->ll_all_tgts == B_FALSE) &&
3194 			    (isp->sess_oid != target_oid)) {
3195 				continue;
3196 			}
3197 			rw_enter(&isp->sess_lun_list_rwlock, RW_READER);
3198 			for (ilp = isp->sess_lun_list; ilp;
3199 			    ilp = ilp->lun_next) {
3200 				if ((ilp->lun_state &
3201 				    ISCSI_LUN_STATE_ONLINE) &&
3202 				    !(ilp->lun_state &
3203 				    ISCSI_LUN_STATE_INVALID)) {
3204 					if (llp->ll_out_cnt <
3205 					    llp->ll_in_cnt) {
3206 						iscsi_if_lun_t *lp;
3207 						lp = &llp->ll_luns[
3208 						    llp->ll_out_cnt];
3209 
3210 						lp->l_tgt_oid =
3211 						    isp->sess_oid;
3212 						lp->l_oid = ilp->lun_oid;
3213 						lp->l_num = ilp->lun_num;
3214 					}
3215 				llp->ll_out_cnt++;
3216 				}
3217 			}
3218 			rw_exit(&isp->sess_lun_list_rwlock);
3219 		}
3220 		rw_exit(&ihp->hba_sess_list_rwlock);
3221 
3222 		if (ddi_copyout(llp, (caddr_t)arg, lun_sz, mode)) {
3223 			rtn = EFAULT;
3224 		}
3225 
3226 		kmem_free(llp, lun_sz);
3227 		break;
3228 
3229 	/*
3230 	 * ISCSI_LUN_PROPS_GET --
3231 	 */
3232 	case ISCSI_LUN_PROPS_GET:
3233 		lun = (iscsi_lun_props_t *)kmem_zalloc(sizeof (*lun), KM_SLEEP);
3234 		if (ddi_copyin((caddr_t)arg, lun, sizeof (*lun), mode)) {
3235 			rtn = EFAULT;
3236 			kmem_free(lun, sizeof (*lun));
3237 			break;
3238 		}
3239 
3240 		if (lun->lp_vers != ISCSI_INTERFACE_VERSION) {
3241 			rtn = EINVAL;
3242 			kmem_free(lun, sizeof (*lun));
3243 			break;
3244 		}
3245 
3246 		/*
3247 		 * For the target specified, find the LUN specified and
3248 		 * return its properties
3249 		 */
3250 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3251 		rtn = iscsi_sess_get(lun->lp_tgt_oid, ihp, &isp);
3252 		if (rtn != 0) {
3253 			rw_exit(&ihp->hba_sess_list_rwlock);
3254 			rtn = EFAULT;
3255 			kmem_free(lun, sizeof (*lun));
3256 			break;
3257 		}
3258 		rtn = EINVAL;	/* Set bad rtn, correct only if found */
3259 		rw_enter(&isp->sess_lun_list_rwlock, RW_READER);
3260 		for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
3261 			if (ilp->lun_oid == lun->lp_oid) {
3262 				lun->lp_num	= ilp->lun_num;
3263 				lun->lp_status	= LunValid;
3264 				lun->lp_time_online = ilp->lun_time_online;
3265 
3266 				if (ilp->lun_pip != NULL) {
3267 					lun_dip = mdi_pi_get_client(
3268 					    ilp->lun_pip);
3269 				} else {
3270 					lun_dip = ilp->lun_dip;
3271 				}
3272 
3273 				if (lun_dip != NULL &&
3274 				    ((i_ddi_devi_attached(lun_dip)) ||
3275 				    (ddi_get_devstate(lun_dip) ==
3276 				    DDI_DEVSTATE_UP))) {
3277 					(void) ddi_pathname(lun_dip,
3278 					    lun->lp_pathname);
3279 				} else {
3280 					/*
3281 					 * The LUN is not exported to the
3282 					 * OS yet.  It is in the process
3283 					 * of being added.
3284 					 */
3285 					lun->lp_status	= LunDoesNotExist;
3286 				}
3287 				bcopy(ilp->lun_vid, lun->lp_vid,
3288 				    sizeof (lun->lp_vid));
3289 				bcopy(ilp->lun_pid, lun->lp_pid,
3290 				    sizeof (lun->lp_pid));
3291 				rtn = ddi_copyout(lun, (caddr_t)arg,
3292 				    sizeof (*lun), mode);
3293 				if (rtn == -1) {
3294 					rtn = EFAULT;
3295 				}
3296 				break;
3297 			}
3298 		}
3299 		rw_exit(&isp->sess_lun_list_rwlock);
3300 		rw_exit(&ihp->hba_sess_list_rwlock);
3301 
3302 		kmem_free(lun, sizeof (*lun));
3303 		break;
3304 
3305 	/*
3306 	 * ISCSI_CONN_OID_LIST_GET --
3307 	 */
3308 #define	ISCSIIOCOLGC iscsi_ioctl_conn_oid_list_get_copyout
3309 	case ISCSI_CONN_OID_LIST_GET:
3310 		{
3311 			iscsi_conn_list_t	*cl;
3312 
3313 			/* Asuume the worst */
3314 			rtn = EFAULT;
3315 
3316 			/* Copy the input argument into kernel world. */
3317 			cl = iscsi_ioctl_conn_oid_list_get_copyin(
3318 			    (caddr_t)arg,
3319 			    mode);
3320 			if (cl != NULL) {
3321 				if (iscsi_ioctl_conn_oid_list_get(ihp, cl) ==
3322 				    B_TRUE) {
3323 					rtn =
3324 					    ISCSIIOCOLGC(
3325 					    cl, (caddr_t)arg, mode);
3326 				}
3327 			}
3328 			break;
3329 		}
3330 #undef ISCSIIOCOLGC
3331 	/*
3332 	 * ISCSI_CONN_OID_LIST_GET --
3333 	 */
3334 	case ISCSI_CONN_PROPS_GET:
3335 		{
3336 			iscsi_conn_props_t	*cp;
3337 
3338 			/* Asuume the worst */
3339 			rtn = EFAULT;
3340 
3341 			/* Copy the input argument into kernel world. */
3342 			cp = iscsi_ioctl_copyin(
3343 			    (caddr_t)arg,
3344 			    mode,
3345 			    sizeof (iscsi_conn_props_t));
3346 
3347 			if (cp != NULL) {
3348 				/* Get the propereties. */
3349 				if (iscsi_ioctl_conn_props_get(ihp, cp) ==
3350 				    B_TRUE) {
3351 					rtn =
3352 					    iscsi_ioctl_copyout(
3353 					    cp,
3354 					    sizeof (*cp),
3355 					    (caddr_t)arg,
3356 					    mode);
3357 				} else {
3358 					kmem_free(cp, sizeof (*cp));
3359 					cp = NULL;
3360 				}
3361 			}
3362 			break;
3363 		}
3364 
3365 	/*
3366 	 * ISCSI_RADIUS_GET -
3367 	 */
3368 	case ISCSI_RADIUS_GET:
3369 	{
3370 		iscsi_nvfile_status_t	status;
3371 
3372 		radius = (iscsi_radius_props_t *)kmem_zalloc(sizeof (*radius),
3373 		    KM_SLEEP);
3374 		if (ddi_copyin((caddr_t)arg, radius, sizeof (*radius), mode)) {
3375 			kmem_free(radius, sizeof (*radius));
3376 			rtn = EFAULT;
3377 			break;
3378 		} else if (radius->r_vers != ISCSI_INTERFACE_VERSION) {
3379 			kmem_free(radius, sizeof (*radius));
3380 			rtn = EINVAL;
3381 			break;
3382 		}
3383 
3384 		old_oid = radius->r_oid;
3385 
3386 		if (radius->r_oid == ihp->hba_oid) {
3387 			name = ihp->hba_name;
3388 		} else {
3389 			/*
3390 			 * RADIUS configuration should be done on a per
3391 			 * initiator basis.
3392 			 */
3393 			kmem_free(radius, sizeof (*radius));
3394 			rtn = EINVAL;
3395 			break;
3396 		}
3397 
3398 		status = persistent_radius_get(radius);
3399 		if (status == ISCSI_NVFILE_SUCCESS) {
3400 			/*
3401 			 * Restore the value for overridden (and bogus) oid.
3402 			 */
3403 			radius->r_oid = old_oid;
3404 			rtn = ddi_copyout(radius, (caddr_t)arg,
3405 			    sizeof (*radius), mode);
3406 		} else if (status == ISCSI_NVFILE_NAMEVAL_NOT_FOUND) {
3407 			rtn = ENOENT;
3408 		} else {
3409 			rtn = EIO;
3410 		}
3411 		kmem_free(radius, sizeof (*radius));
3412 		break;
3413 	}
3414 
3415 	/*
3416 	 * ISCSI_RADIUS_SET -
3417 	 */
3418 	case ISCSI_RADIUS_SET:
3419 		radius = (iscsi_radius_props_t *)kmem_zalloc(sizeof (*radius),
3420 		    KM_SLEEP);
3421 		if (ddi_copyin((caddr_t)arg, radius, sizeof (*radius), mode)) {
3422 			rtn = EFAULT;
3423 			kmem_free(radius, sizeof (*radius));
3424 			break;
3425 		} else if (radius->r_vers != ISCSI_INTERFACE_VERSION) {
3426 			rtn = EINVAL;
3427 			kmem_free(radius, sizeof (*radius));
3428 			break;
3429 		}
3430 
3431 		if (radius->r_oid == ihp->hba_oid) {
3432 			name = ihp->hba_name;
3433 		} else {
3434 			/*
3435 			 * RADIUS configuration should be done on a per
3436 			 * initiator basis.
3437 			 */
3438 			kmem_free(radius, sizeof (*radius));
3439 			rtn = EINVAL;
3440 			break;
3441 		}
3442 
3443 		if (persistent_radius_set(radius) == B_FALSE) {
3444 			rtn = EIO;
3445 		}
3446 
3447 		kmem_free(radius, sizeof (*radius));
3448 		break;
3449 
3450 	/*
3451 	 *  ISCSI_AUTH_GET -
3452 	 */
3453 	case ISCSI_AUTH_GET:
3454 		auth = (iscsi_auth_props_t *)kmem_zalloc(sizeof (*auth),
3455 		    KM_SLEEP);
3456 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3457 			kmem_free(auth, sizeof (*auth));
3458 			rtn = EFAULT;
3459 			break;
3460 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3461 			kmem_free(auth, sizeof (*auth));
3462 			rtn = EINVAL;
3463 			break;
3464 		}
3465 
3466 		old_oid = auth->a_oid;
3467 
3468 		if (auth->a_oid == ihp->hba_oid) {
3469 			name = ihp->hba_name;
3470 		} else {
3471 
3472 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3473 			/*
3474 			 * If the oid does represent a session check to see
3475 			 * if it is a target oid.  If so, return the target's
3476 			 * associated session.
3477 			 */
3478 			rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3479 			if (rtn != 0) {
3480 				rtn = iscsi_sess_get_by_target(auth->a_oid,
3481 				    ihp, &isp);
3482 			}
3483 			rw_exit(&ihp->hba_sess_list_rwlock);
3484 
3485 			/*
3486 			 * If rtn is zero then we have found an
3487 			 * existing session.  Use the session name to
3488 			 * do param lookup.  If rtn is non-zero then
3489 			 * create a targetparam object and use its name
3490 			 * for param lookup.
3491 			 */
3492 			if (rtn == 0) {
3493 				name = isp->sess_name;
3494 			} else {
3495 				name =
3496 				    iscsi_targetparam_get_name(auth->a_oid);
3497 			}
3498 		}
3499 
3500 		if (name == NULL) {
3501 			rw_exit(
3502 			    &ihp->hba_sess_list_rwlock);
3503 			rtn = EFAULT;
3504 			break;
3505 		}
3506 
3507 		if (persistent_auth_get((char *)name, auth) == B_TRUE) {
3508 			/*
3509 			 * Restore the value for overridden (and bogus) oid.
3510 			 */
3511 			auth->a_oid = old_oid;
3512 			rtn = ddi_copyout(auth, (caddr_t)arg,
3513 			    sizeof (*auth), mode);
3514 		} else {
3515 			rtn = EIO;
3516 		}
3517 
3518 		kmem_free(auth, sizeof (*auth));
3519 		break;
3520 
3521 	/*
3522 	 *  ISCSI_AUTH_SET -
3523 	 */
3524 	case ISCSI_AUTH_SET:
3525 		auth = (iscsi_auth_props_t *)kmem_zalloc(sizeof (*auth),
3526 		    KM_SLEEP);
3527 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3528 			kmem_free(auth, sizeof (*auth));
3529 			rtn = EFAULT;
3530 			break;
3531 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3532 			kmem_free(auth, sizeof (*auth));
3533 			rtn = EINVAL;
3534 			break;
3535 		}
3536 
3537 		if (auth->a_oid == ihp->hba_oid) {
3538 			name = ihp->hba_name;
3539 		} else {
3540 			rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3541 			/*
3542 			 * If the oid does represent a session check to see
3543 			 * if it is a target oid.  If so, return the target's
3544 			 * associated session.
3545 			 */
3546 			rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3547 			if (rtn != 0) {
3548 				rtn = iscsi_sess_get_by_target(auth->a_oid,
3549 				    ihp, &isp);
3550 			}
3551 			rw_exit(&ihp->hba_sess_list_rwlock);
3552 
3553 			/*
3554 			 * If rtn is zero then we have found an
3555 			 * existing session.  Use the session name to
3556 			 * do param lookup.  If rtn is non-zero then
3557 			 * create a targetparam object and use its name
3558 			 * for param lookup.
3559 			 */
3560 			if (rtn == 0) {
3561 				name = isp->sess_name;
3562 			} else {
3563 				name =
3564 				    iscsi_targetparam_get_name(auth->a_oid);
3565 				rtn = 0;
3566 			}
3567 		}
3568 
3569 		if (name == NULL) {
3570 			rtn = EFAULT;
3571 		} else if (persistent_auth_set((char *)name, auth)
3572 		    == B_FALSE) {
3573 			rtn = EIO;
3574 		}
3575 
3576 		kmem_free(auth, sizeof (*auth));
3577 		break;
3578 
3579 	/*
3580 	 *  ISCSI_AUTH_CLEAR -
3581 	 */
3582 	case ISCSI_AUTH_CLEAR:
3583 		auth = (iscsi_auth_props_t *)kmem_alloc(sizeof (*auth),
3584 		    KM_SLEEP);
3585 		if (ddi_copyin((caddr_t)arg, auth, sizeof (*auth), mode)) {
3586 			kmem_free(auth, sizeof (*auth));
3587 			rtn = EFAULT;
3588 			break;
3589 		} else if (auth->a_vers != ISCSI_INTERFACE_VERSION) {
3590 			kmem_free(auth, sizeof (*auth));
3591 			rtn = EINVAL;
3592 			break;
3593 		}
3594 
3595 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3596 		/*
3597 		 * If the oid does represent a session check to see
3598 		 * if it is a target oid.  If so, return the target's
3599 		 * associated session.
3600 		 */
3601 		rtn = iscsi_sess_get(auth->a_oid, ihp, &isp);
3602 		if (rtn != 0) {
3603 			rtn = iscsi_sess_get_by_target(auth->a_oid, ihp, &isp);
3604 		}
3605 		rw_exit(&ihp->hba_sess_list_rwlock);
3606 
3607 		/*
3608 		 * If rtn is zero then we have found an
3609 		 * existing session.  Use the session name to
3610 		 * do param lookup.  If rtn is non-zero then
3611 		 * create a targetparam object and use its name
3612 		 * for param lookup.
3613 		 */
3614 		if (rtn == 0) {
3615 			name = isp->sess_name;
3616 		} else {
3617 			name =
3618 			    iscsi_targetparam_get_name(auth->a_oid);
3619 			rtn = 0;
3620 			discovered = B_FALSE;
3621 		}
3622 
3623 		if (name == NULL) {
3624 			rw_exit(
3625 			    &ihp->hba_sess_list_rwlock);
3626 			rtn = EFAULT;
3627 			break;
3628 		}
3629 
3630 		if (persistent_auth_clear((char *)name) == B_FALSE) {
3631 			rtn = EIO;
3632 		}
3633 
3634 		/*
3635 		 * ISCSI_TARGET_PARAM_CLEAR, ISCSI_CHAP_CLEAR and
3636 		 * ISCSI_AUTH_CLEAR ioctl are called sequentially to remove
3637 		 * target parameters. Here, the target that is not discovered
3638 		 * by initiator should be removed from the iscsi_targets list
3639 		 * residing in the memory.
3640 		 */
3641 		if (discovered == B_FALSE) {
3642 			(void) iscsi_targetparam_remove_target(auth->a_oid);
3643 		}
3644 
3645 		kmem_free(auth, sizeof (*auth));
3646 		break;
3647 
3648 	/*
3649 	 * ISCSI_DB_DUMP -
3650 	 */
3651 	case ISCSI_DB_DUMP:
3652 		persistent_dump_data();
3653 		break;
3654 
3655 	case ISCSI_USCSI:
3656 
3657 #ifdef _MULTI_DATAMODEL
3658 		model = ddi_model_convert_from(mode & FMODELS);
3659 		switch (model) {
3660 		case DDI_MODEL_ILP32:
3661 
3662 			if (ddi_copyin((caddr_t)arg, &iu32_caller,
3663 			    sizeof (iscsi_uscsi32_t), mode)) {
3664 				rtn = EFAULT;
3665 				break;
3666 			}
3667 
3668 			/* perform conversion from 32 -> 64 */
3669 			iu_caller.iu_vers = iu32_caller.iu_vers;
3670 			iu_caller.iu_oid = iu32_caller.iu_oid;
3671 			iu_caller.iu_tpgt = iu32_caller.iu_tpgt;
3672 			iu_caller.iu_len = iu32_caller.iu_len;
3673 			iu_caller.iu_lun = iu32_caller.iu_lun;
3674 			uscsi_cmd32touscsi_cmd((&iu32_caller.iu_ucmd),
3675 			    (&iu_caller.iu_ucmd));
3676 
3677 			break;
3678 		case DDI_MODEL_NONE:
3679 			if (ddi_copyin((caddr_t)arg, &iu_caller,
3680 			    sizeof (iscsi_uscsi_t), mode)) {
3681 				rtn = EFAULT;
3682 				break;
3683 			}
3684 			break;
3685 		default:
3686 			ASSERT(FALSE);
3687 			rtn = EINVAL;
3688 			break;
3689 		}
3690 #endif /* _MULTI_DATAMODEL */
3691 
3692 		/* If failures earlier break */
3693 		if (rtn != 0) {
3694 			break;
3695 		}
3696 
3697 		/* copy from caller to internel cmd */
3698 		bcopy(&iu_caller, &iu, sizeof (iu));
3699 
3700 		if (iu.iu_vers != ISCSI_INTERFACE_VERSION) {
3701 			rtn = EINVAL;
3702 			break;
3703 		}
3704 		/*
3705 		 * Check to see if oid references a target-param oid.  If so,
3706 		 * find the associated  session oid before getting lu list.
3707 		 */
3708 		if (iscsi_targetparam_get_name(iu.iu_oid) != NULL) {
3709 			for (isp = ihp->hba_sess_list; isp; isp =
3710 			    isp->sess_next) {
3711 				if (isp->sess_target_oid == iu.iu_oid) {
3712 					target_oid  = isp->sess_oid;
3713 					break;
3714 				}
3715 			}
3716 		} else {
3717 			target_oid = iu.iu_oid;
3718 		}
3719 
3720 		/* make sure we have a matching session for this command */
3721 		rw_enter(&ihp->hba_sess_list_rwlock, RW_READER);
3722 		rtn = iscsi_sess_get(target_oid, ihp, &isp);
3723 		if (rtn != 0) {
3724 			rtn = iscsi_sess_get_by_target(target_oid, ihp,
3725 			    &isp);
3726 			if (rtn != 0) {
3727 				rw_exit(&ihp->hba_sess_list_rwlock);
3728 				rtn = EFAULT;
3729 				break;
3730 			}
3731 		}
3732 		/*
3733 		 * If a caller buffer is present allocate duplicate
3734 		 * kernel space and copyin caller memory.
3735 		 */
3736 		if (iu.iu_ucmd.uscsi_buflen > 0) {
3737 			iu.iu_ucmd.uscsi_bufaddr = (caddr_t)kmem_alloc(
3738 			    iu.iu_ucmd.uscsi_buflen, KM_SLEEP);
3739 			if (ddi_copyin(iu_caller.iu_ucmd.uscsi_bufaddr,
3740 			    iu.iu_ucmd.uscsi_bufaddr,
3741 			    iu.iu_ucmd.uscsi_buflen, mode)) {
3742 				rw_exit(&ihp->hba_sess_list_rwlock);
3743 				rtn = EFAULT;
3744 				break;
3745 			}
3746 		}
3747 
3748 		/*
3749 		 * If a caller cdb is present allocate duplicate
3750 		 * kernel space and copyin caller memory.
3751 		 */
3752 		if (iu.iu_ucmd.uscsi_cdblen > 0) {
3753 			iu.iu_ucmd.uscsi_cdb = (caddr_t)kmem_alloc(
3754 			    iu_caller.iu_ucmd.uscsi_cdblen, KM_SLEEP);
3755 			if (ddi_copyin(iu_caller.iu_ucmd.uscsi_cdb,
3756 			    iu.iu_ucmd.uscsi_cdb,
3757 			    iu.iu_ucmd.uscsi_cdblen, mode)) {
3758 				if (iu.iu_ucmd.uscsi_buflen > 0) {
3759 					kmem_free(iu.iu_ucmd.uscsi_bufaddr,
3760 					    iu_caller.iu_ucmd.uscsi_buflen);
3761 				}
3762 				rw_exit(&ihp->hba_sess_list_rwlock);
3763 				rtn = EFAULT;
3764 				break;
3765 			}
3766 		}
3767 
3768 		/*
3769 		 * If a caller request sense is present allocate
3770 		 * duplicate kernel space.  No need to copyin.
3771 		 */
3772 		if (iu.iu_ucmd.uscsi_rqlen > 0) {
3773 			iu.iu_ucmd.uscsi_rqbuf = (caddr_t)kmem_alloc(
3774 			    iu.iu_ucmd.uscsi_rqlen, KM_SLEEP);
3775 		}
3776 
3777 		/* issue passthru to io path handler */
3778 		rtn = iscsi_handle_passthru(isp, iu.iu_lun, &iu.iu_ucmd);
3779 		if (rtn != 0) {
3780 			rtn = EFAULT;
3781 		}
3782 
3783 		/*
3784 		 * If the caller had a buf we need to do a copyout
3785 		 * and free the kernel memory
3786 		 */
3787 		if (iu.iu_ucmd.uscsi_buflen > 0) {
3788 			if (ddi_copyout(iu.iu_ucmd.uscsi_bufaddr,
3789 			    iu_caller.iu_ucmd.uscsi_bufaddr,
3790 			    iu.iu_ucmd.uscsi_buflen, mode) != 0) {
3791 				rtn = EFAULT;
3792 			}
3793 			kmem_free(iu.iu_ucmd.uscsi_bufaddr,
3794 			    iu.iu_ucmd.uscsi_buflen);
3795 		}
3796 
3797 		/* We need to free kernel cdb, no need to copyout */
3798 		if (iu.iu_ucmd.uscsi_cdblen > 0) {
3799 			kmem_free(iu.iu_ucmd.uscsi_cdb,
3800 			    iu.iu_ucmd.uscsi_cdblen);
3801 		}
3802 
3803 		/*
3804 		 * If the caller had a request sense we need to
3805 		 * do a copyout and free the kernel memory
3806 		 */
3807 		if (iu.iu_ucmd.uscsi_rqlen > 0) {
3808 			if (ddi_copyout(iu.iu_ucmd.uscsi_rqbuf,
3809 			    iu_caller.iu_ucmd.uscsi_rqbuf,
3810 			    iu.iu_ucmd.uscsi_rqlen, mode) != 0) {
3811 				rtn = EFAULT;
3812 			}
3813 			kmem_free(iu.iu_ucmd.uscsi_rqbuf,
3814 			    iu.iu_ucmd.uscsi_rqlen);
3815 		}
3816 
3817 #ifdef _MULTI_DATAMODEL
3818 		if (iu.iu_ucmd.uscsi_status != 0) {
3819 			switch (model = ddi_model_convert_from(
3820 			    mode & FMODELS)) {
3821 			case DDI_MODEL_ILP32:
3822 				iu32_caller.iu_ucmd.uscsi_status =
3823 				    iu.iu_ucmd.uscsi_status;
3824 				if (ddi_copyout((void *)&iu32_caller,
3825 				    (caddr_t)arg, sizeof (iscsi_uscsi32_t),
3826 				    mode) != 0) {
3827 					rtn = EFAULT;
3828 				}
3829 				break;
3830 			case DDI_MODEL_NONE:
3831 				iu_caller.iu_ucmd.uscsi_status =
3832 				    iu.iu_ucmd.uscsi_status;
3833 				if (ddi_copyout((void *)&iu_caller,
3834 				    (caddr_t)arg, sizeof (iscsi_uscsi_t),
3835 				    mode) != 0) {
3836 					rtn = EFAULT;
3837 				}
3838 				break;
3839 			default:
3840 				ASSERT(FALSE);
3841 			}
3842 		}
3843 #endif /* _MULTI_DATAMODEL */
3844 		rw_exit(&ihp->hba_sess_list_rwlock);
3845 		break;
3846 
3847 	case ISCSI_SMF_ONLINE:
3848 		if (ddi_copyin((caddr_t)arg, &did, sizeof (int), mode) != 0) {
3849 			rtn = EFAULT;
3850 			break;
3851 		}
3852 		/* just a theoretical case */
3853 		if (ihp->hba_persistent_loaded == B_FALSE) {
3854 			rtn = EFAULT;
3855 			break;
3856 		}
3857 
3858 		if (iscsi_enter_service_zone(ihp, ISCSI_SERVICE_ENABLED) ==
3859 		    B_FALSE) {
3860 			break;
3861 		}
3862 
3863 		rval = iscsi_door_bind(did);
3864 		if (rval == B_TRUE) {
3865 			rval = iscsid_start(ihp);
3866 			if (rval == B_FALSE) {
3867 				iscsi_door_unbind();
3868 			}
3869 		}
3870 
3871 		if (rval == B_TRUE) {
3872 			iscsi_exit_service_zone(ihp, ISCSI_SERVICE_ENABLED);
3873 		} else {
3874 			iscsi_exit_service_zone(ihp, ISCSI_SERVICE_DISABLED);
3875 			rtn = EFAULT;
3876 		}
3877 
3878 		break;
3879 
3880 	case ISCSI_SMF_OFFLINE:
3881 		if (iscsi_enter_service_zone(ihp, ISCSI_SERVICE_DISABLED)
3882 		    == B_FALSE) {
3883 			break;
3884 		}
3885 
3886 		rval = iscsid_stop(ihp);
3887 
3888 		if (rval == B_TRUE) {
3889 			iscsi_exit_service_zone(ihp, ISCSI_SERVICE_DISABLED);
3890 			iscsi_door_unbind();
3891 		} else {
3892 			iscsi_exit_service_zone(ihp, ISCSI_SERVICE_ENABLED);
3893 			rtn = EFAULT;
3894 		}
3895 		break;
3896 
3897 	case ISCSI_SMF_GET:
3898 		mutex_enter(&ihp->hba_service_lock);
3899 		while (ihp->hba_service_status ==
3900 		    ISCSI_SERVICE_TRANSITION) {
3901 			cv_wait(&ihp->hba_service_cv,
3902 			    &ihp->hba_service_lock);
3903 		}
3904 		if (ddi_copyout((void *)&ihp->hba_service_status,
3905 		    (caddr_t)arg, sizeof (boolean_t), mode) != 0) {
3906 			rtn = EFAULT;
3907 		}
3908 		mutex_exit(&ihp->hba_service_lock);
3909 		break;
3910 
3911 	case ISCSI_DISCOVERY_EVENTS:
3912 		/*
3913 		 * If discovery has not been completed and not in progress,
3914 		 * poke the discovery methods
3915 		 */
3916 		mutex_enter(&ihp->hba_discovery_events_mutex);
3917 		method = ihp->hba_discovery_events;
3918 		if ((method != ISCSI_ALL_DISCOVERY_METHODS) &&
3919 		    (ihp->hba_discovery_in_progress == B_FALSE)) {
3920 			ihp->hba_discovery_in_progress = B_TRUE;
3921 			mutex_exit(&ihp->hba_discovery_events_mutex);
3922 			iscsid_poke_discovery(ihp, iSCSIDiscoveryMethodUnknown);
3923 			mutex_enter(&ihp->hba_discovery_events_mutex);
3924 			ihp->hba_discovery_in_progress = B_FALSE;
3925 			method = ihp->hba_discovery_events;
3926 		}
3927 		mutex_exit(&ihp->hba_discovery_events_mutex);
3928 
3929 		if (ddi_copyout((void *)&method, (caddr_t)arg,
3930 		    sizeof (method), mode) != 0)
3931 			rtn = EFAULT;
3932 		break;
3933 
3934 	/*
3935 	 * ISCSI_SENDTGTS_GET --
3936 	 */
3937 	case ISCSI_SENDTGTS_GET:
3938 		stl_hdr = iscsi_ioctl_copyin((caddr_t)arg, mode,
3939 		    sizeof (*stl_hdr));
3940 		if (stl_hdr == NULL) {
3941 			rtn = EFAULT;
3942 			break;
3943 		}
3944 
3945 		if (stl_hdr->stl_entry.e_vers != ISCSI_INTERFACE_VERSION) {
3946 			rtn = EINVAL;
3947 			kmem_free(stl_hdr, sizeof (*stl_hdr));
3948 			break;
3949 		}
3950 
3951 		/* calculate how much memory user allocated for SendTgts */
3952 		stl_sz = sizeof (*stl_hdr);
3953 		if (stl_hdr->stl_in_cnt > 0) {
3954 			stl_sz += ((stl_hdr->stl_in_cnt - 1) *
3955 			    sizeof (iscsi_sendtgts_entry_t));
3956 		}
3957 
3958 		/* allocate local SendTgts list of the same size */
3959 		istl = kmem_zalloc(stl_sz, KM_SLEEP);
3960 		bcopy(stl_hdr, istl, sizeof (*stl_hdr));
3961 		kmem_free(stl_hdr, sizeof (*stl_hdr));
3962 
3963 		/* lock interface so only one SendTargets operation occurs */
3964 		sema_p(&ihp->hba_sendtgts_semaphore);
3965 
3966 		rtn = iscsi_ioctl_sendtgts_get(ihp, istl);
3967 
3968 		if (rtn == 0) {
3969 			rtn = iscsi_ioctl_copyout(istl, stl_sz,
3970 			    (caddr_t)arg, mode);
3971 		}
3972 
3973 		/* release lock to allow another SendTargets discovery */
3974 		sema_v(&ihp->hba_sendtgts_semaphore);
3975 
3976 		break;
3977 
3978 		/*
3979 		 * ISCSI_ISNS_SERVER_GET --
3980 		 */
3981 	case ISCSI_ISNS_SERVER_GET:
3982 		server_pg_list_hdr = iscsi_ioctl_copyin((caddr_t)arg, mode,
3983 		    sizeof (*server_pg_list_hdr));
3984 		if (server_pg_list_hdr == NULL) {
3985 			rtn = EFAULT;
3986 			break;
3987 		}
3988 
3989 		/* If iSNS discovery mode is not set, return with zero entry */
3990 		method = persistent_disc_meth_get();
3991 		if ((method & iSCSIDiscoveryMethodISNS) == 0) {
3992 			kmem_free(server_pg_list_hdr,
3993 			    sizeof (*server_pg_list_hdr));
3994 			server_pg_list_hdr = NULL;
3995 			rtn = EACCES;
3996 			break;
3997 		}
3998 
3999 		initiator_node_name = kmem_zalloc(ISCSI_MAX_NAME_LEN, KM_SLEEP);
4000 		if (persistent_initiator_name_get(initiator_node_name,
4001 		    ISCSI_MAX_NAME_LEN) != B_TRUE) {
4002 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4003 			initiator_node_name = NULL;
4004 			kmem_free(server_pg_list_hdr,
4005 			    sizeof (*server_pg_list_hdr));
4006 			server_pg_list_hdr = NULL;
4007 			rtn = EIO;
4008 			break;
4009 		}
4010 		if (strlen(initiator_node_name) == 0) {
4011 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4012 			initiator_node_name = NULL;
4013 			kmem_free(server_pg_list_hdr,
4014 			    sizeof (*server_pg_list_hdr));
4015 			server_pg_list_hdr = NULL;
4016 			rtn = EIO;
4017 			break;
4018 		}
4019 
4020 		initiator_node_alias = kmem_zalloc(
4021 		    ISCSI_MAX_NAME_LEN, KM_SLEEP);
4022 		if (persistent_alias_name_get(initiator_node_alias,
4023 		    ISCSI_MAX_NAME_LEN) != B_TRUE) {
4024 			initiator_node_alias[0] = '\0';
4025 		}
4026 		rtn = isns_query_one_server(&(server_pg_list_hdr->addr),
4027 		    ihp->hba_isid,
4028 		    (uint8_t *)initiator_node_name,
4029 		    (uint8_t *)initiator_node_alias,
4030 		    ISNS_INITIATOR_NODE_TYPE,
4031 		    &pg_list);
4032 		if (rtn != isns_ok || pg_list == NULL) {
4033 			kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4034 			initiator_node_name = NULL;
4035 			kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
4036 			initiator_node_alias = NULL;
4037 			kmem_free(server_pg_list_hdr,
4038 			    sizeof (*server_pg_list_hdr));
4039 			server_pg_list_hdr = NULL;
4040 			rtn = EIO;
4041 			break;
4042 		}
4043 
4044 		/*
4045 		 * pg_list_sz is the size of the pg_list returned from the
4046 		 *	isns_query_all
4047 		 *
4048 		 * pg_sz_copy_out is the size of the pg_list we are going to
4049 		 *	return back to the caller
4050 		 *
4051 		 * server_pg_list_sz is total amount of data we are returning
4052 		 *	back to the caller
4053 		 */
4054 		pg_list->pg_in_cnt =
4055 		    server_pg_list_hdr->addr_port_list.pg_in_cnt;
4056 		pg_list_sz = sizeof (isns_portal_group_list_t);
4057 		if (pg_list->pg_out_cnt > 0) {
4058 			pg_list_sz += (pg_list->pg_out_cnt - 1) *
4059 			    sizeof (isns_portal_group_t);
4060 		}
4061 		/*
4062 		 * check if caller passed in a buffer with enough space
4063 		 * if there isn't enough space, fill the caller's buffer with
4064 		 * as much information as possible.
4065 		 *
4066 		 * if pg_out_cnt > pg_in_cnt, pg_out_cnt will be returned with
4067 		 * the total number of targets found
4068 		 *
4069 		 * if pg_out_cnt < pg_in_cnt, pg_out_cnt will be the number
4070 		 * of targets returned
4071 		 */
4072 		if (pg_list->pg_in_cnt < pg_list->pg_out_cnt) {
4073 			pg_sz_copy_out = sizeof (isns_portal_group_list_t);
4074 			if (pg_list->pg_in_cnt > 0) {
4075 				pg_sz_copy_out += (pg_list->pg_in_cnt - 1) *
4076 				    sizeof (isns_portal_group_t);
4077 			}
4078 			server_pg_list_sz =
4079 			    sizeof (isns_server_portal_group_list_t);
4080 			if (pg_list->pg_in_cnt > 0) {
4081 				server_pg_list_sz += (pg_list->pg_in_cnt - 1) *
4082 				    sizeof (isns_portal_group_t);
4083 			}
4084 		} else {
4085 			pg_sz_copy_out = pg_list_sz;
4086 			server_pg_list_sz =
4087 			    sizeof (isns_server_portal_group_list_t);
4088 			if (pg_list->pg_out_cnt > 0) {
4089 				server_pg_list_sz += (pg_list->pg_out_cnt - 1) *
4090 				    sizeof (isns_portal_group_t);
4091 			}
4092 		}
4093 
4094 		server_pg_list = (isns_server_portal_group_list_t *)kmem_zalloc(
4095 		    server_pg_list_sz, KM_SLEEP);
4096 
4097 		bcopy(&(server_pg_list_hdr->addr), &(server_pg_list->addr),
4098 		    sizeof (server_pg_list->addr));
4099 		bcopy(pg_list, &server_pg_list->addr_port_list, pg_sz_copy_out);
4100 
4101 		if (ddi_copyout(server_pg_list, (caddr_t)arg, server_pg_list_sz,
4102 		    mode) != 0) {
4103 			rtn = EFAULT;
4104 		}
4105 		DTRACE_PROBE1(iscsi_ioctl_iscsi_isns_server_get_pg_sz,
4106 		    int, pg_list_sz);
4107 		kmem_free(initiator_node_name, ISCSI_MAX_NAME_LEN);
4108 		initiator_node_name = NULL;
4109 		kmem_free(initiator_node_alias, ISCSI_MAX_NAME_LEN);
4110 		initiator_node_alias = NULL;
4111 		kmem_free(pg_list, pg_list_sz);
4112 		pg_list = NULL;
4113 		kmem_free(server_pg_list, server_pg_list_sz);
4114 		server_pg_list = NULL;
4115 		kmem_free(server_pg_list_hdr, sizeof (*server_pg_list_hdr));
4116 		server_pg_list_hdr = NULL;
4117 		break;
4118 
4119 	/*
4120 	 * ISCSI_GET_CONFIG_SESSIONS --
4121 	 */
4122 	case ISCSI_GET_CONFIG_SESSIONS:
4123 		/* FALLTHRU */
4124 
4125 	case ISCSI_SET_CONFIG_SESSIONS:
4126 		size = sizeof (*ics);
4127 		ics = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
4128 		if (ics == NULL) {
4129 			rtn = EFAULT;
4130 			break;
4131 		}
4132 
4133 		/* verify version infomration */
4134 		if (ics->ics_ver != ISCSI_INTERFACE_VERSION) {
4135 			rtn = EINVAL;
4136 			kmem_free(ics, size);
4137 			ics = NULL;
4138 			break;
4139 		}
4140 
4141 		/* Check to see if we need to copy in more memory */
4142 		if (ics->ics_in > 1) {
4143 			/* record correct size */
4144 			size = ISCSI_SESSION_CONFIG_SIZE(ics->ics_in);
4145 			/* free old buffer */
4146 			kmem_free(ics, sizeof (*ics));
4147 
4148 			/* copy in complete buffer size */
4149 			ics = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
4150 			if (ics == NULL) {
4151 				rtn = EFAULT;
4152 				break;
4153 			}
4154 		}
4155 
4156 		/* switch action based on get or set */
4157 		if (cmd == ISCSI_GET_CONFIG_SESSIONS) {
4158 			/* get */
4159 			rtn = iscsi_ioctl_get_config_sess(ihp, ics);
4160 			if (rtn == 0) {
4161 				/* copyout data for gets */
4162 				rtn = iscsi_ioctl_copyout(ics, size,
4163 				    (caddr_t)arg, mode);
4164 			} else {
4165 				kmem_free(ics, size);
4166 				ics = NULL;
4167 			}
4168 		} else {
4169 			/* set */
4170 			rtn = iscsi_ioctl_set_config_sess(ihp, ics);
4171 			if (iscsiboot_prop) {
4172 				if (iscsi_cmp_boot_sess_oid(ihp,
4173 				    ics->ics_oid)) {
4174 					/*
4175 					 * found active session for this object
4176 					 * or this is initiator object
4177 					 * with mpxio enabled
4178 					 */
4179 					if (!iscsi_reconfig_boot_sess(ihp)) {
4180 						kmem_free(ics, size);
4181 						ics = NULL;
4182 						rtn = EINVAL;
4183 						break;
4184 					}
4185 				}
4186 			}
4187 			kmem_free(ics, size);
4188 			ics = NULL;
4189 		}
4190 		break;
4191 
4192 	case ISCSI_IS_ACTIVE:
4193 		/*
4194 		 * dhcpagent calls here to check if there are
4195 		 * active iSCSI sessions
4196 		 */
4197 		instance = 0;
4198 		if (iscsiboot_prop) {
4199 			instance = 1;
4200 		}
4201 		if (!instance) {
4202 			rw_enter(&ihp->hba_sess_list_rwlock,
4203 			    RW_READER);
4204 			for (isp = ihp->hba_sess_list; isp;
4205 			    isp = isp->sess_next) {
4206 				if ((isp->sess_state ==
4207 				    ISCSI_SESS_STATE_LOGGED_IN) &&
4208 				    (isp->sess_lun_list !=
4209 				    NULL)) {
4210 					instance = 1;
4211 					break;
4212 				}
4213 			}
4214 			rw_exit(&ihp->hba_sess_list_rwlock);
4215 		}
4216 		size = sizeof (instance);
4217 		if (ddi_copyout(&instance, (caddr_t)arg, size,
4218 		    mode) != 0) {
4219 			rtn = EFAULT;
4220 		}
4221 		break;
4222 
4223 	case ISCSI_BOOTPROP_GET:
4224 		size = sizeof (*bootProp);
4225 		bootProp = iscsi_ioctl_copyin((caddr_t)arg, mode, size);
4226 		if (bootProp == NULL) {
4227 			rtn = EFAULT;
4228 			break;
4229 		}
4230 		bootProp->hba_mpxio_enabled =
4231 		    iscsi_chk_bootlun_mpxio(ihp);
4232 		if (iscsiboot_prop == NULL) {
4233 			bootProp->iscsiboot = 0;
4234 			rtn = iscsi_ioctl_copyout(bootProp, size,
4235 			    (caddr_t)arg, mode);
4236 			break;
4237 		} else {
4238 			bootProp->iscsiboot = 1;
4239 		}
4240 
4241 		if (iscsiboot_prop->boot_init.ini_name != NULL) {
4242 			(void) strncpy((char *)bootProp->ini_name.n_name,
4243 			    (char *)iscsiboot_prop->boot_init.ini_name,
4244 			    ISCSI_MAX_NAME_LEN);
4245 		}
4246 		if (iscsiboot_prop->boot_init.ini_chap_name != NULL) {
4247 			bootProp->auth.a_auth_method = authMethodCHAP;
4248 			(void) strncpy((char *)bootProp->ini_chap.c_user,
4249 			    (char *)iscsiboot_prop->boot_init.ini_chap_name,
4250 			    ISCSI_MAX_NAME_LEN);
4251 			(void) strncpy((char *)bootProp->ini_chap.c_secret,
4252 			    (char *)iscsiboot_prop->boot_init.ini_chap_sec,
4253 			    ISCSI_CHAP_SECRET_LEN);
4254 			if (iscsiboot_prop->boot_tgt.tgt_chap_name !=
4255 			    NULL) {
4256 				bootProp->auth.a_bi_auth = B_TRUE;
4257 			} else {
4258 				bootProp->auth.a_bi_auth = B_FALSE;
4259 			}
4260 		}
4261 		if (iscsiboot_prop->boot_tgt.tgt_name != NULL) {
4262 			(void) strncpy((char *)bootProp->tgt_name.n_name,
4263 			    (char *)iscsiboot_prop->boot_tgt.tgt_name,
4264 			    ISCSI_MAX_NAME_LEN);
4265 		}
4266 		if (iscsiboot_prop->boot_tgt.tgt_chap_name != NULL) {
4267 			(void) strncpy((char *)bootProp->tgt_chap.c_user,
4268 			    (char *)iscsiboot_prop->boot_tgt.tgt_chap_name,
4269 			    ISCSI_MAX_NAME_LEN);
4270 			(void) strncpy((char *)bootProp->tgt_chap.c_secret,
4271 			    (char *)iscsiboot_prop->boot_tgt.tgt_chap_sec,
4272 			    ISCSI_CHAP_SECRET_LEN);
4273 		}
4274 
4275 		rtn = iscsi_ioctl_copyout(bootProp, size, (caddr_t)arg, mode);
4276 		break;
4277 
4278 	default:
4279 		rtn = ENOTTY;
4280 		cmn_err(CE_NOTE, "unrecognized ioctl 0x%x", cmd);
4281 	} /* end of ioctl type switch/cases */
4282 
4283 	if ((cmd != ISCSI_SMF_ONLINE) && (cmd != ISCSI_SMF_OFFLINE) &&
4284 	    (cmd != ISCSI_SMF_GET)) {
4285 		/* other cmds need to release the service */
4286 		iscsi_client_release_service(ihp);
4287 	}
4288 
4289 	return (rtn);
4290 }
4291 
4292 /*
4293  * +--------------------------------------------------------------------+
4294  * | End of cb_ops routines					     |
4295  * +--------------------------------------------------------------------+
4296  */
4297 
4298 
4299 /*
4300  * +--------------------------------------------------------------------+
4301  * | Common scsi_tran support routines				  |
4302  * +--------------------------------------------------------------------+
4303  */
4304 
4305 /*
4306  * iscsi_i_commoncap -- SCSA host adapter get/set capability routines.
4307  *
4308  * Need to determine if any of these can be determined through the iSCSI
4309  * protocol. For now just return error on most.
4310  */
4311 /* ARGSUSED */
4312 static int
4313 iscsi_i_commoncap(struct scsi_address *ap, char *cap, int val,
4314     int tgtonly, int doset)
4315 {
4316 	int		rtn;
4317 	int		cidx;
4318 	iscsi_lun_t	*ilp;
4319 
4320 	ASSERT((ap)->a_hba_tran->tran_hba_private != NULL);
4321 	ilp	= (iscsi_lun_t *)((ap)->a_hba_tran->tran_tgt_private);
4322 	ASSERT(ilp != NULL);
4323 
4324 	if (cap == (char *)0) {
4325 		return (FALSE);
4326 	}
4327 
4328 	cidx = scsi_hba_lookup_capstr(cap);
4329 	if (cidx == -1) {
4330 		return (cidx);
4331 	}
4332 
4333 	/*
4334 	 * Process setcap request.
4335 	 */
4336 	if (doset) {
4337 		/*
4338 		 * At present, we can only set binary (0/1) values
4339 		 */
4340 		switch (cidx) {
4341 		case SCSI_CAP_LUN_RESET:
4342 			if (val) {
4343 				ilp->lun_cap |= ISCSI_LUN_CAP_RESET;
4344 			} else {
4345 				ilp->lun_cap &= ~ISCSI_LUN_CAP_RESET;
4346 			}
4347 			rtn = TRUE;
4348 			break;
4349 		default:
4350 			/*
4351 			 * None of these are settable via
4352 			 * the capability interface.
4353 			 */
4354 			rtn = FALSE;
4355 			break;
4356 		}
4357 
4358 		/*
4359 		 * Process getcap request.
4360 		 */
4361 	} else {
4362 		switch (cidx) {
4363 		case SCSI_CAP_DMA_MAX:
4364 			/* no DMA, Psuedo value */
4365 			rtn = INT32_MAX;
4366 			break;
4367 		case SCSI_CAP_INITIATOR_ID:
4368 			rtn = 7;
4369 			break;
4370 		case SCSI_CAP_ARQ:
4371 		case SCSI_CAP_RESET_NOTIFICATION:
4372 		case SCSI_CAP_TAGGED_QING:
4373 			rtn = TRUE;
4374 			break;
4375 		case SCSI_CAP_SCSI_VERSION:
4376 			rtn = SCSI_VERSION_3;
4377 			break;
4378 		case SCSI_CAP_INTERCONNECT_TYPE:
4379 			rtn = INTERCONNECT_FABRIC;
4380 			break;
4381 		case SCSI_CAP_LUN_RESET:
4382 			rtn = ((ilp->lun_cap & ISCSI_LUN_CAP_RESET) != 0) ?
4383 			    TRUE : FALSE;
4384 			break;
4385 		case SCSI_CAP_CDB_LEN:
4386 			/*
4387 			 * iSCSI RFC 3720 defines a default 16 byte
4388 			 * CDB as part of the Basic Header Segment
4389 			 * (BHS) (10.2.1) and allows for an Additional
4390 			 * Header Segment (AHS) Length of 255 * 4
4391 			 * (10.2.1.5).  The AHS length can be used
4392 			 * for different purposes two of which are
4393 			 * Extended CDB ADS (10.2.2.3) and Bidirectional
4394 			 * Expected Read-Data Length AHS (10.2.2.4).
4395 			 * The largest header of these consumes is
4396 			 * 32 bytes.  So the total Max CDB Length is
4397 			 * 16 + ((255 * 4 ) - 32) = 1004.
4398 			 */
4399 			rtn = 1004;
4400 			break;
4401 		default:
4402 			rtn = UNDEFINED;
4403 			break;
4404 		}
4405 	}
4406 	return (rtn);
4407 }
4408 
4409 /*
4410  * iscsi_virt_lun_init - attempts to complete a mdi/scsi_vhci binding
4411  *
4412  * This routine is used to associate the tran_tgt_private to our ilp
4413  * structure.  This function is indirectly called from our
4414  * iscsi_lun_create_xxx routines.  These routines must prevent
4415  * the session and lun lists from changing during this call.
4416  */
4417 /* ARGSUSED */
4418 static int
4419 iscsi_virt_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
4420     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
4421 {
4422 	iscsi_lun_t	*ilp		= NULL;
4423 	iscsi_lun_t	*ilp_check	= NULL;
4424 	iscsi_sess_t	*isp		= NULL;
4425 	char		*lun_guid	= NULL;
4426 	mdi_pathinfo_t	*pip		= NULL;
4427 	iscsi_hba_t	*ihp    = (iscsi_hba_t *)hba_tran->tran_hba_private;
4428 	char		target_port_name[MAX_NAME_PROP_SIZE];
4429 
4430 	/*
4431 	 * Here's a nice little piece of undocumented stuff.
4432 	 */
4433 	if ((pip = (mdi_pathinfo_t *)sd->sd_private) == NULL) {
4434 		/*
4435 		 * Very bad news if this occurs. Somehow SCSI_vhci has
4436 		 * lost the pathinfo node for this target.
4437 		 */
4438 		return (DDI_NOT_WELL_FORMED);
4439 	}
4440 
4441 	ilp = (iscsi_lun_t *)mdi_pi_get_phci_private(pip);
4442 
4443 	/*
4444 	 * +----------------------------------------------------+
4445 	 * | Looking to find the target device via the property |
4446 	 * | is not required since the driver can easily get    |
4447 	 * | this information from the mdi_phci_get_private()   |
4448 	 * | call above.  This is just a consistency check	|
4449 	 * | which can be removed.				|
4450 	 */
4451 	if (mdi_prop_lookup_string(pip, MDI_GUID, &lun_guid) !=
4452 	    DDI_PROP_SUCCESS) {
4453 		return (DDI_NOT_WELL_FORMED);
4454 	}
4455 
4456 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
4457 
4458 		/* If this isn't the matching session continue */
4459 		if (ilp->lun_sess != isp) {
4460 			continue;
4461 		}
4462 
4463 		/*
4464 		 * We are already holding the lun list rwlock
4465 		 * for this thread on the callers side of mdi_pi_online
4466 		 * or ndi_devi_online.  Which lead to this functions
4467 		 * call.
4468 		 */
4469 		for (ilp_check = isp->sess_lun_list; ilp_check;
4470 		    ilp_check = ilp_check->lun_next) {
4471 
4472 			/*
4473 			 * If this is the matching LUN and contains
4474 			 * the same LUN GUID then break we found our
4475 			 * match.
4476 			 */
4477 			if ((ilp == ilp_check) &&
4478 			    (strcmp(lun_guid, ilp_check->lun_guid) == 0)) {
4479 				break;
4480 			}
4481 		}
4482 		if (ilp_check != NULL) {
4483 			break;
4484 		}
4485 	}
4486 
4487 	/*
4488 	 * Free resource that's no longer required.
4489 	 */
4490 	if (lun_guid != NULL)
4491 		(void) mdi_prop_free(lun_guid);
4492 
4493 	if (ilp_check == NULL) {
4494 		/*
4495 		 * Failed to find iSCSI LUN in HBA chain based
4496 		 * on the GUID that was stored as a property on
4497 		 * the pathinfo node.
4498 		 */
4499 		return (DDI_NOT_WELL_FORMED);
4500 	}
4501 
4502 	if (ilp != ilp_check) {
4503 		/*
4504 		 * The iSCSI target that we found on the HBA link is
4505 		 * different than the iSCSI target that was stored as
4506 		 * private data on the pathinfo node.
4507 		 */
4508 		return (DDI_NOT_WELL_FORMED);
4509 	}
4510 	/*
4511 	 * | End of consistency check				|
4512 	 * +----------------------------------------------------+
4513 	 */
4514 
4515 	hba_tran->tran_tgt_private = ilp;
4516 
4517 	target_port_name[0] = '\0';
4518 	if (ilp->lun_sess->sess_tpgt_conf == ISCSI_DEFAULT_TPGT) {
4519 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4520 		    "%02x%02x%02x%02x%02x%02x,%s",
4521 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4522 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4523 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4524 		    ilp->lun_sess->sess_name);
4525 	} else {
4526 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4527 		    "%02x%02x%02x%02x%02x%02x,%s,%d",
4528 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4529 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4530 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4531 		    ilp->lun_sess->sess_name, ilp->lun_sess->sess_tpgt_conf);
4532 	}
4533 
4534 	if (mdi_prop_update_string(pip, "target-port",
4535 	    target_port_name) != DDI_PROP_SUCCESS) {
4536 		cmn_err(CE_WARN, "iscsi_virt_lun_init: Creating 'target-port' "
4537 		"property on Path(%p) for Target(%s), Lun(%d) Failed",
4538 		    (void *)pip, ilp->lun_sess->sess_name, ilp->lun_num);
4539 	}
4540 
4541 	return (DDI_SUCCESS);
4542 }
4543 
4544 /*
4545  * iscsi_phys_lun_init - attempts to complete a ndi binding
4546  *
4547  * This routine is used to associate the tran_tgt_private to our
4548  * ilp structure.  This function is indirectly called from our
4549  * iscsi_lun_create_xxx routines.  These routines must prevent
4550  * the session and lun lists from changing during this call.
4551  */
4552 static int
4553 iscsi_phys_lun_init(dev_info_t *hba_dip, dev_info_t *lun_dip,
4554     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
4555 {
4556 	int		rtn	= DDI_SUCCESS;
4557 	iscsi_hba_t	*ihp	= NULL;
4558 	iscsi_sess_t	*isp	= NULL;
4559 	iscsi_lun_t	*ilp	= NULL;
4560 	char		target_port_name[MAX_NAME_PROP_SIZE];
4561 	int		*words = NULL;
4562 	uint_t		nwords = 0;
4563 
4564 	ASSERT(hba_dip);
4565 	ASSERT(lun_dip);
4566 	ASSERT(hba_tran);
4567 	ASSERT(sd);
4568 	ihp = (iscsi_hba_t *)hba_tran->tran_hba_private;
4569 	ASSERT(ihp);
4570 
4571 	if (ddi_prop_lookup_int_array(DDI_DEV_T_ANY, lun_dip,
4572 	    DDI_PROP_DONTPASS, LUN_PROP, &words, &nwords) != DDI_PROP_SUCCESS) {
4573 		cmn_err(CE_WARN, "iscsi_phys_lun_init: Returning DDI_FAILURE:"
4574 		    "lun for %s (instance %d)", ddi_get_name(lun_dip),
4575 		    ddi_get_instance(lun_dip));
4576 		return (DDI_FAILURE);
4577 	}
4578 
4579 	if (nwords == 0) {
4580 		ddi_prop_free(words);
4581 		return (DDI_FAILURE);
4582 	}
4583 
4584 	ASSERT(words != NULL);
4585 
4586 	/* See if we already created this session */
4587 
4588 	/* Walk the HBA's session list */
4589 	for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
4590 		/* compare target name as the unique identifier */
4591 		if (sd->sd_address.a_target == isp->sess_oid) {
4592 			/* found match */
4593 			break;
4594 		}
4595 	}
4596 
4597 	/* If we found matching session continue searching for tgt */
4598 	if (isp != NULL) {
4599 		/*
4600 		 * Search for the matching iscsi lun structure.  We don't
4601 		 * need to hold the READER for the lun list at this point.
4602 		 * because the tran_get_name is being called from the online
4603 		 * function which is already holding a reader on the lun
4604 		 * list.
4605 		 */
4606 		for (ilp = isp->sess_lun_list; ilp; ilp = ilp->lun_next) {
4607 			if (*words == ilp->lun_num) {
4608 				/* found match */
4609 				break;
4610 			}
4611 		}
4612 
4613 		if (ilp != NULL) {
4614 			/*
4615 			 * tgt found path it to the tran_lun_private
4616 			 * this is used later for fast access on
4617 			 * init_pkt and start
4618 			 */
4619 			hba_tran->tran_tgt_private = ilp;
4620 		} else {
4621 			/* tgt not found */
4622 			ddi_prop_free(words);
4623 			return (DDI_FAILURE);
4624 		}
4625 	} else {
4626 		/* sess not found */
4627 		ddi_prop_free(words);
4628 		return (DDI_FAILURE);
4629 	}
4630 	ddi_prop_free(words);
4631 
4632 	target_port_name[0] = '\0';
4633 	if (ilp->lun_sess->sess_tpgt_conf == ISCSI_DEFAULT_TPGT) {
4634 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4635 		    "%02x%02x%02x%02x%02x%02x,%s",
4636 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4637 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4638 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4639 		    ilp->lun_sess->sess_name);
4640 	} else {
4641 		(void) snprintf(target_port_name, MAX_NAME_PROP_SIZE,
4642 		    "%02x%02x%02x%02x%02x%02x,%s,%d",
4643 		    ilp->lun_sess->sess_isid[0], ilp->lun_sess->sess_isid[1],
4644 		    ilp->lun_sess->sess_isid[2], ilp->lun_sess->sess_isid[3],
4645 		    ilp->lun_sess->sess_isid[4], ilp->lun_sess->sess_isid[5],
4646 		    ilp->lun_sess->sess_name, ilp->lun_sess->sess_tpgt_conf);
4647 	}
4648 
4649 	if (ddi_prop_update_string(DDI_DEV_T_NONE, lun_dip,
4650 	    "target-port", target_port_name) != DDI_PROP_SUCCESS) {
4651 		cmn_err(CE_WARN, "iscsi_phys_lun_init: Creating 'target-port' "
4652 		    "property on Target(%s), Lun(%d) Failed",
4653 		    ilp->lun_sess->sess_name, ilp->lun_num);
4654 	}
4655 
4656 	return (rtn);
4657 }
4658 
4659 /*
4660  * +--------------------------------------------------------------------+
4661  * | End of scsi_tran support routines					|
4662  * +--------------------------------------------------------------------+
4663  */
4664 
4665 /*
4666  * +--------------------------------------------------------------------+
4667  * | Begin of struct utility routines					|
4668  * +--------------------------------------------------------------------+
4669  */
4670 
4671 
4672 /*
4673  * iscsi_set_default_login_params - This function sets the
4674  * driver default login params.  This is using during the
4675  * creation of our iSCSI HBA structure initialization by
4676  * could be used at other times to reset back to the defaults.
4677  */
4678 void
4679 iscsi_set_default_login_params(iscsi_login_params_t *params)
4680 {
4681 	params->immediate_data		= ISCSI_DEFAULT_IMMEDIATE_DATA;
4682 	params->initial_r2t		= ISCSI_DEFAULT_INITIALR2T;
4683 	params->first_burst_length	= ISCSI_DEFAULT_FIRST_BURST_LENGTH;
4684 	params->max_burst_length	= ISCSI_DEFAULT_MAX_BURST_LENGTH;
4685 	params->data_pdu_in_order	= ISCSI_DEFAULT_DATA_PDU_IN_ORDER;
4686 	params->data_sequence_in_order	= ISCSI_DEFAULT_DATA_SEQUENCE_IN_ORDER;
4687 	params->default_time_to_wait	= ISCSI_DEFAULT_TIME_TO_WAIT;
4688 	params->default_time_to_retain	= ISCSI_DEFAULT_TIME_TO_RETAIN;
4689 	params->header_digest		= ISCSI_DEFAULT_HEADER_DIGEST;
4690 	params->data_digest		= ISCSI_DEFAULT_DATA_DIGEST;
4691 	params->max_recv_data_seg_len	= ISCSI_DEFAULT_MAX_RECV_SEG_LEN;
4692 	params->max_xmit_data_seg_len	= ISCSI_DEFAULT_MAX_XMIT_SEG_LEN;
4693 	params->max_connections		= ISCSI_DEFAULT_MAX_CONNECTIONS;
4694 	params->max_outstanding_r2t	= ISCSI_DEFAULT_MAX_OUT_R2T;
4695 	params->error_recovery_level	= ISCSI_DEFAULT_ERROR_RECOVERY_LEVEL;
4696 	params->ifmarker		= ISCSI_DEFAULT_IFMARKER;
4697 	params->ofmarker		= ISCSI_DEFAULT_OFMARKER;
4698 }
4699 
4700 
4701 /*
4702  * +--------------------------------------------------------------------+
4703  * | End of struct utility routines				     |
4704  * +--------------------------------------------------------------------+
4705  */
4706 
4707 /*
4708  * +--------------------------------------------------------------------+
4709  * | Begin of ioctl utility routines				    |
4710  * +--------------------------------------------------------------------+
4711  */
4712 
4713 /*
4714  * iscsi_get_param - This function is a helper to ISCSI_GET_PARAM
4715  * IOCTL
4716  */
4717 int
4718 iscsi_get_param(iscsi_login_params_t *params, boolean_t valid_flag,
4719     iscsi_param_get_t *ipgp) {
4720 	int rtn = 0;
4721 
4722 	/* ---- Default to settable, possibly changed later ---- */
4723 	ipgp->g_value.v_valid    = valid_flag;
4724 	ipgp->g_value.v_settable = B_TRUE;
4725 
4726 	switch (ipgp->g_param) {
4727 	/*
4728 	 * Boolean parameters
4729 	 */
4730 	case ISCSI_LOGIN_PARAM_DATA_SEQUENCE_IN_ORDER:
4731 		ipgp->g_value.v_bool.b_current =
4732 		    params->data_sequence_in_order;
4733 		ipgp->g_value.v_bool.b_default =
4734 		    ISCSI_DEFAULT_DATA_SEQUENCE_IN_ORDER;
4735 		break;
4736 	case ISCSI_LOGIN_PARAM_IMMEDIATE_DATA:
4737 		ipgp->g_value.v_bool.b_current =
4738 		    params->immediate_data;
4739 		ipgp->g_value.v_bool.b_default =
4740 		    ISCSI_DEFAULT_IMMEDIATE_DATA;
4741 		break;
4742 	case ISCSI_LOGIN_PARAM_INITIAL_R2T:
4743 		ipgp->g_value.v_bool.b_current =
4744 		    params->initial_r2t;
4745 		ipgp->g_value.v_bool.b_default =
4746 		    ISCSI_DEFAULT_IMMEDIATE_DATA;
4747 		break;
4748 	case ISCSI_LOGIN_PARAM_DATA_PDU_IN_ORDER:
4749 		ipgp->g_value.v_bool.b_current =
4750 		    params->data_pdu_in_order;
4751 		ipgp->g_value.v_bool.b_default =
4752 		    ISCSI_DEFAULT_DATA_PDU_IN_ORDER;
4753 		break;
4754 
4755 	/*
4756 	 * Integer parameters
4757 	 */
4758 	case ISCSI_LOGIN_PARAM_HEADER_DIGEST:
4759 		ipgp->g_value.v_integer.i_current = params->header_digest;
4760 		ipgp->g_value.v_integer.i_default = ISCSI_DEFAULT_HEADER_DIGEST;
4761 		ipgp->g_value.v_integer.i_min = 0;
4762 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_HEADER_DIGEST;
4763 		ipgp->g_value.v_integer.i_incr = 1;
4764 		break;
4765 	case ISCSI_LOGIN_PARAM_DATA_DIGEST:
4766 		ipgp->g_value.v_integer.i_current = params->data_digest;
4767 		ipgp->g_value.v_integer.i_default = ISCSI_DEFAULT_DATA_DIGEST;
4768 		ipgp->g_value.v_integer.i_min = 0;
4769 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_DATA_DIGEST;
4770 		ipgp->g_value.v_integer.i_incr = 1;
4771 		break;
4772 	case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_RETAIN:
4773 		ipgp->g_value.v_integer.i_current =
4774 		    params->default_time_to_retain;
4775 		ipgp->g_value.v_integer.i_default =
4776 		    ISCSI_DEFAULT_TIME_TO_RETAIN;
4777 		ipgp->g_value.v_integer.i_min = 0;
4778 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_TIME2RETAIN;
4779 		ipgp->g_value.v_integer.i_incr = 1;
4780 		break;
4781 	case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_WAIT:
4782 		ipgp->g_value.v_integer.i_current =
4783 		    params->default_time_to_wait;
4784 		ipgp->g_value.v_integer.i_default =
4785 		    ISCSI_DEFAULT_TIME_TO_WAIT;
4786 		ipgp->g_value.v_integer.i_min = 0;
4787 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_TIME2WAIT;
4788 		ipgp->g_value.v_integer.i_incr = 1;
4789 		break;
4790 	case ISCSI_LOGIN_PARAM_ERROR_RECOVERY_LEVEL:
4791 		ipgp->g_value.v_integer.i_current =
4792 		    params->error_recovery_level;
4793 		ipgp->g_value.v_integer.i_default =
4794 		    ISCSI_DEFAULT_ERROR_RECOVERY_LEVEL;
4795 		ipgp->g_value.v_integer.i_min = 0;
4796 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_ERROR_RECOVERY_LEVEL;
4797 		ipgp->g_value.v_integer.i_incr = 1;
4798 		ipgp->g_value.v_settable = B_FALSE;
4799 		break;
4800 	case ISCSI_LOGIN_PARAM_FIRST_BURST_LENGTH:
4801 		ipgp->g_value.v_integer.i_current =
4802 		    params->first_burst_length;
4803 		ipgp->g_value.v_integer.i_default =
4804 		    ISCSI_DEFAULT_FIRST_BURST_LENGTH;
4805 		ipgp->g_value.v_integer.i_min = 512;
4806 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_FIRST_BURST_LENGTH;
4807 		ipgp->g_value.v_integer.i_incr = 1;
4808 		break;
4809 	case ISCSI_LOGIN_PARAM_MAX_BURST_LENGTH:
4810 		ipgp->g_value.v_integer.i_current =
4811 		    params->max_burst_length;
4812 		ipgp->g_value.v_integer.i_default =
4813 		    ISCSI_DEFAULT_MAX_BURST_LENGTH;
4814 		ipgp->g_value.v_integer.i_min = 512;
4815 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_BURST_LENGTH;
4816 		ipgp->g_value.v_integer.i_incr = 1;
4817 		break;
4818 	case ISCSI_LOGIN_PARAM_MAX_CONNECTIONS:
4819 		ipgp->g_value.v_integer.i_current =
4820 		    params->max_connections;
4821 		ipgp->g_value.v_settable = B_FALSE;
4822 		ipgp->g_value.v_integer.i_default =
4823 		    ISCSI_DEFAULT_MAX_CONNECTIONS;
4824 		ipgp->g_value.v_integer.i_min = 1;
4825 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_CONNECTIONS;
4826 		ipgp->g_value.v_integer.i_incr = 1;
4827 		break;
4828 	case ISCSI_LOGIN_PARAM_OUTSTANDING_R2T:
4829 		ipgp->g_value.v_integer.i_current =
4830 		    params->max_outstanding_r2t;
4831 		ipgp->g_value.v_settable = B_FALSE;
4832 		ipgp->g_value.v_integer.i_default =
4833 		    ISCSI_DEFAULT_MAX_OUT_R2T;
4834 		ipgp->g_value.v_integer.i_min = 1;
4835 		ipgp->g_value.v_integer.i_max = ISCSI_MAX_OUTSTANDING_R2T;
4836 		ipgp->g_value.v_integer.i_incr = 1;
4837 		break;
4838 	case ISCSI_LOGIN_PARAM_MAX_RECV_DATA_SEGMENT_LENGTH:
4839 		ipgp->g_value.v_integer.i_current =
4840 		    params->max_recv_data_seg_len;
4841 		ipgp->g_value.v_integer.i_default =
4842 		    ISCSI_DEFAULT_MAX_RECV_SEG_LEN;
4843 		ipgp->g_value.v_integer.i_min = 512;
4844 		ipgp->g_value.v_integer.i_max =
4845 		    ISCSI_MAX_RECV_DATA_SEGMENT_LENGTH;
4846 		ipgp->g_value.v_integer.i_incr = 1;
4847 		break;
4848 	default:
4849 		rtn = EINVAL;
4850 	}
4851 
4852 	return (rtn);
4853 }
4854 
4855 /*
4856  * +--------------------------------------------------------------------+
4857  * | End of ioctl utility routines                                      |
4858  * +--------------------------------------------------------------------+
4859  */
4860 
4861 /*
4862  * iscsi_get_name_from_iqn - Translates a normal iqn/eui into a
4863  * IEEE safe address.  IEEE addresses have a number of characters
4864  * set aside as reserved.
4865  */
4866 static void
4867 iscsi_get_name_from_iqn(char *name, int name_max_len)
4868 {
4869 	char	*tmp		= NULL;
4870 	char	*oldch		= NULL;
4871 	char	*newch		= NULL;
4872 
4873 	tmp = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
4874 
4875 	for (oldch = &name[0], newch = &tmp[0]; *oldch != '\0';
4876 	    oldch++, newch++) {
4877 		switch (*oldch) {
4878 		case ':':
4879 			*newch++ = '%';
4880 			*newch++ = '3';
4881 			*newch = 'A';
4882 			break;
4883 		case ' ':
4884 			*newch++ = '%';
4885 			*newch++ = '2';
4886 			*newch = '0';
4887 			break;
4888 		case '@':
4889 			*newch++ = '%';
4890 			*newch++ = '4';
4891 			*newch = '0';
4892 			break;
4893 		case '/':
4894 			*newch++ = '%';
4895 			*newch++ = '2';
4896 			*newch = 'F';
4897 			break;
4898 		default:
4899 			*newch = *oldch;
4900 		}
4901 	}
4902 	(void) strncpy(name, tmp, name_max_len);
4903 	kmem_free(tmp, MAX_GET_NAME_SIZE);
4904 }
4905 
4906 /*
4907  * iscsi_get_name_to_iqn - Converts IEEE safe address back
4908  * into a iscsi iqn/eui.
4909  */
4910 static void
4911 iscsi_get_name_to_iqn(char *name, int name_max_len)
4912 {
4913 	char	*tmp		= NULL;
4914 	char	*oldch		= NULL;
4915 	char	*newch		= NULL;
4916 
4917 	tmp = kmem_zalloc(MAX_GET_NAME_SIZE, KM_SLEEP);
4918 
4919 	for (oldch = &name[0], newch = &tmp[0]; *oldch != '\0';
4920 	    oldch++, newch++) {
4921 		if (*oldch == '%') {
4922 			switch (*(oldch+1)) {
4923 			case '2':
4924 				if (*(oldch+2) == '0') {
4925 					*newch = ' ';
4926 					oldch += 2;
4927 				} else if (*(oldch+2) == 'F') {
4928 					*newch = '/';
4929 					oldch += 2;
4930 				} else {
4931 					*newch = *oldch;
4932 				}
4933 				break;
4934 			case '3':
4935 				if (*(oldch+2) == 'A') {
4936 					*newch = ':';
4937 					oldch += 2;
4938 				} else {
4939 					*newch = *oldch;
4940 				}
4941 				break;
4942 			case '4':
4943 				if (*(oldch+2) == '0') {
4944 					*newch = '@';
4945 					oldch += 2;
4946 				} else {
4947 					*newch = *oldch;
4948 				}
4949 				break;
4950 			default:
4951 				*newch = *oldch;
4952 			}
4953 		} else {
4954 			*newch = *oldch;
4955 		}
4956 	}
4957 	(void) strncpy(name, tmp, name_max_len);
4958 	kmem_free(tmp, MAX_GET_NAME_SIZE);
4959 }
4960 
4961 /*
4962  * iscsi_get_persisted_param * - a helper to ISCSI_GET_PARAM ioctl
4963  *
4964  * On return 0 means persisted parameter found
4965  */
4966 int
4967 iscsi_get_persisted_param(uchar_t *name, iscsi_param_get_t *ipgp,
4968     iscsi_login_params_t *params)
4969 {
4970 	int rtn = 1;
4971 	persistent_param_t *pparam;
4972 
4973 	if (name == NULL || strlen((char *)name) == 0) {
4974 		return (rtn);
4975 	}
4976 
4977 	pparam = (persistent_param_t *)kmem_zalloc(sizeof (*pparam), KM_SLEEP);
4978 
4979 	if (persistent_param_get((char *)name, pparam) == B_TRUE) {
4980 		if (pparam->p_bitmap & (1 << ipgp->g_param)) {
4981 			/* Found configured parameter. */
4982 			bcopy(&pparam->p_params, params, sizeof (*params));
4983 			rtn = 0;
4984 		}
4985 	}
4986 
4987 	kmem_free(pparam, sizeof (*pparam));
4988 
4989 	return (rtn);
4990 }
4991 
4992 /*
4993  * iscsi_override_target_default - helper function set the target's default
4994  * login parameter if there is a configured initiator parameter.
4995  *
4996  */
4997 static void
4998 iscsi_override_target_default(iscsi_hba_t *ihp, iscsi_param_get_t *ipg)
4999 {
5000 	persistent_param_t *pp;
5001 	iscsi_login_params_t *params;
5002 
5003 	pp = (persistent_param_t *)kmem_zalloc(sizeof (*pp), KM_SLEEP);
5004 	if (persistent_param_get((char *)ihp->hba_name, pp) == B_TRUE) {
5005 		if (pp->p_bitmap & (1 << ipg->g_param)) {
5006 			params = &pp->p_params;
5007 			switch (ipg->g_param) {
5008 			case ISCSI_LOGIN_PARAM_DATA_SEQUENCE_IN_ORDER:
5009 				ipg->g_value.v_bool.b_default =
5010 				    params->data_sequence_in_order;
5011 				break;
5012 			case ISCSI_LOGIN_PARAM_IMMEDIATE_DATA:
5013 				ipg->g_value.v_bool.b_default =
5014 				    params->immediate_data;
5015 				break;
5016 			case ISCSI_LOGIN_PARAM_INITIAL_R2T:
5017 				ipg->g_value.v_bool.b_default =
5018 				    params->initial_r2t;
5019 				break;
5020 			case ISCSI_LOGIN_PARAM_DATA_PDU_IN_ORDER:
5021 				ipg->g_value.v_bool.b_default =
5022 				    params->data_pdu_in_order;
5023 				break;
5024 			case ISCSI_LOGIN_PARAM_HEADER_DIGEST:
5025 				ipg->g_value.v_integer.i_default =
5026 				    params->header_digest;
5027 				break;
5028 			case ISCSI_LOGIN_PARAM_DATA_DIGEST:
5029 				ipg->g_value.v_integer.i_default =
5030 				    params->data_digest;
5031 				break;
5032 			case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_RETAIN:
5033 				ipg->g_value.v_integer.i_default =
5034 				    params->default_time_to_retain;
5035 				break;
5036 			case ISCSI_LOGIN_PARAM_DEFAULT_TIME_2_WAIT:
5037 				ipg->g_value.v_integer.i_default =
5038 				    params->default_time_to_wait;
5039 				break;
5040 			case ISCSI_LOGIN_PARAM_ERROR_RECOVERY_LEVEL:
5041 				ipg->g_value.v_integer.i_default =
5042 				    params->error_recovery_level;
5043 				break;
5044 			case ISCSI_LOGIN_PARAM_FIRST_BURST_LENGTH:
5045 				ipg->g_value.v_integer.i_default =
5046 				    params->first_burst_length;
5047 				break;
5048 			case ISCSI_LOGIN_PARAM_MAX_BURST_LENGTH:
5049 				ipg->g_value.v_integer.i_default =
5050 				    params->max_burst_length;
5051 				break;
5052 			case ISCSI_LOGIN_PARAM_MAX_CONNECTIONS:
5053 				ipg->g_value.v_integer.i_default =
5054 				    params->max_connections;
5055 				break;
5056 			case ISCSI_LOGIN_PARAM_OUTSTANDING_R2T:
5057 				ipg->g_value.v_integer.i_default =
5058 				    params->max_outstanding_r2t;
5059 				break;
5060 			case ISCSI_LOGIN_PARAM_MAX_RECV_DATA_SEGMENT_LENGTH:
5061 				ipg->g_value.v_integer.i_default =
5062 				    params->max_xmit_data_seg_len;
5063 				break;
5064 			default:
5065 				break;
5066 			}
5067 		}
5068 	}
5069 	kmem_free(pp, sizeof (*pp));
5070 }
5071 
5072 static boolean_t
5073 iscsi_cmp_boot_sess_oid(iscsi_hba_t *ihp, uint32_t oid)
5074 {
5075 	iscsi_sess_t *isp = NULL;
5076 
5077 	if (iscsi_chk_bootlun_mpxio(ihp)) {
5078 		for (isp = ihp->hba_sess_list; isp; isp = isp->sess_next) {
5079 			if ((isp->sess_oid == oid) && isp->sess_boot) {
5080 				/* oid is session object */
5081 				break;
5082 			}
5083 			if ((isp->sess_target_oid == oid) && isp->sess_boot) {
5084 				/*
5085 				 * oid is target object while
5086 				 * this session is boot session
5087 				 */
5088 				break;
5089 			}
5090 		}
5091 		if (oid == ihp->hba_oid) {
5092 			/* oid is initiator object id */
5093 			return (B_TRUE);
5094 		} else if ((isp != NULL) && (isp->sess_boot)) {
5095 			/* oid is boot session object id */
5096 			return (B_TRUE);
5097 		}
5098 	}
5099 	return (B_FALSE);
5100 }
5101 
5102 /*
5103  * iscsi_client_request_service - request the iSCSI service
5104  *     returns true if the service is enabled and increases the count
5105  *     returns false if the service is disabled
5106  *     blocks until the service status is either enabled or disabled
5107  */
5108 boolean_t
5109 iscsi_client_request_service(iscsi_hba_t *ihp) {
5110 	boolean_t	rval = B_TRUE;
5111 
5112 	mutex_enter(&ihp->hba_service_lock);
5113 	while ((ihp->hba_service_status == ISCSI_SERVICE_TRANSITION) ||
5114 	    (ihp->hba_service_client_count == UINT_MAX)) {
5115 		cv_wait(&ihp->hba_service_cv, &ihp->hba_service_lock);
5116 	}
5117 	if (ihp->hba_service_status == ISCSI_SERVICE_ENABLED) {
5118 		ihp->hba_service_client_count++;
5119 	} else {
5120 		rval = B_FALSE;
5121 	}
5122 	mutex_exit(&ihp->hba_service_lock);
5123 
5124 	return (rval);
5125 }
5126 
5127 /*
5128  * iscsi_client_release_service - decrease the count and wake up
5129  *     blocking threads if the count reaches zero
5130  */
5131 void
5132 iscsi_client_release_service(iscsi_hba_t *ihp) {
5133 	mutex_enter(&ihp->hba_service_lock);
5134 	ASSERT(ihp->hba_service_client_count > 0);
5135 	ihp->hba_service_client_count--;
5136 	if (ihp->hba_service_client_count == 0) {
5137 		cv_broadcast(&ihp->hba_service_cv);
5138 	}
5139 	mutex_exit(&ihp->hba_service_lock);
5140 }
5141 
5142 /*
5143  * iscsi_enter_service_zone - enter the service zone, should be called
5144  * before doing any modifications to the service status
5145  * return TRUE if the zone is entered
5146  *	  FALSE if no need to enter the zone
5147  */
5148 static boolean_t
5149 iscsi_enter_service_zone(iscsi_hba_t *ihp, uint32_t status) {
5150 	if ((status != ISCSI_SERVICE_ENABLED) &&
5151 	    (status != ISCSI_SERVICE_DISABLED)) {
5152 		return (B_FALSE);
5153 	}
5154 
5155 	mutex_enter(&ihp->hba_service_lock);
5156 	while (ihp->hba_service_status == ISCSI_SERVICE_TRANSITION) {
5157 		cv_wait(&ihp->hba_service_cv, &ihp->hba_service_lock);
5158 	}
5159 	if (ihp->hba_service_status == status) {
5160 		mutex_exit(&ihp->hba_service_lock);
5161 		return (B_FALSE);
5162 	}
5163 	ihp->hba_service_status = ISCSI_SERVICE_TRANSITION;
5164 	while (ihp->hba_service_client_count > 0) {
5165 		cv_wait(&ihp->hba_service_cv, &ihp->hba_service_lock);
5166 	}
5167 	mutex_exit(&ihp->hba_service_lock);
5168 	return (B_TRUE);
5169 }
5170 
5171 /*
5172  * iscsi_exit_service_zone - exits the service zone and wakes up waiters
5173  */
5174 static void
5175 iscsi_exit_service_zone(iscsi_hba_t *ihp, uint32_t status) {
5176 	if ((status != ISCSI_SERVICE_ENABLED) &&
5177 	    (status != ISCSI_SERVICE_DISABLED)) {
5178 		return;
5179 	}
5180 
5181 	mutex_enter(&ihp->hba_service_lock);
5182 	ASSERT(ihp->hba_service_status == ISCSI_SERVICE_TRANSITION);
5183 	ihp->hba_service_status = status;
5184 	cv_broadcast(&ihp->hba_service_cv);
5185 	mutex_exit(&ihp->hba_service_lock);
5186 }
5187 
5188 static void
5189 iscsi_check_miniroot(iscsi_hba_t *ihp) {
5190 	if (strncmp(rootfs.bo_name, "/ramdisk", 8) == 0) {
5191 		/*
5192 		 * in miniroot we don't have the persistent store
5193 		 * so just to need to ensure an enabled status
5194 		 */
5195 		ihp->hba_service_status = ISCSI_SERVICE_ENABLED;
5196 	}
5197 }
5198