1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * NVMe over Fabrics TCP target. 4 * Copyright (c) 2018 Lightbits Labs. All rights reserved. 5 */ 6 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7 #include <linux/module.h> 8 #include <linux/init.h> 9 #include <linux/slab.h> 10 #include <linux/err.h> 11 #include <linux/key.h> 12 #include <linux/nvme-tcp.h> 13 #include <linux/nvme-keyring.h> 14 #include <net/sock.h> 15 #include <net/tcp.h> 16 #include <net/tls.h> 17 #include <net/tls_prot.h> 18 #include <net/handshake.h> 19 #include <linux/inet.h> 20 #include <linux/llist.h> 21 #include <crypto/hash.h> 22 #include <trace/events/sock.h> 23 24 #include "nvmet.h" 25 26 #define NVMET_TCP_DEF_INLINE_DATA_SIZE (4 * PAGE_SIZE) 27 #define NVMET_TCP_MAXH2CDATA 0x400000 /* 16M arbitrary limit */ 28 #define NVMET_TCP_BACKLOG 128 29 30 static int param_store_val(const char *str, int *val, int min, int max) 31 { 32 int ret, new_val; 33 34 ret = kstrtoint(str, 10, &new_val); 35 if (ret) 36 return -EINVAL; 37 38 if (new_val < min || new_val > max) 39 return -EINVAL; 40 41 *val = new_val; 42 return 0; 43 } 44 45 static int set_params(const char *str, const struct kernel_param *kp) 46 { 47 return param_store_val(str, kp->arg, 0, INT_MAX); 48 } 49 50 static const struct kernel_param_ops set_param_ops = { 51 .set = set_params, 52 .get = param_get_int, 53 }; 54 55 /* Define the socket priority to use for connections were it is desirable 56 * that the NIC consider performing optimized packet processing or filtering. 57 * A non-zero value being sufficient to indicate general consideration of any 58 * possible optimization. Making it a module param allows for alternative 59 * values that may be unique for some NIC implementations. 60 */ 61 static int so_priority; 62 device_param_cb(so_priority, &set_param_ops, &so_priority, 0644); 63 MODULE_PARM_DESC(so_priority, "nvmet tcp socket optimize priority: Default 0"); 64 65 /* Define a time period (in usecs) that io_work() shall sample an activated 66 * queue before determining it to be idle. This optional module behavior 67 * can enable NIC solutions that support socket optimized packet processing 68 * using advanced interrupt moderation techniques. 69 */ 70 static int idle_poll_period_usecs; 71 device_param_cb(idle_poll_period_usecs, &set_param_ops, 72 &idle_poll_period_usecs, 0644); 73 MODULE_PARM_DESC(idle_poll_period_usecs, 74 "nvmet tcp io_work poll till idle time period in usecs: Default 0"); 75 76 #ifdef CONFIG_NVME_TARGET_TCP_TLS 77 /* 78 * TLS handshake timeout 79 */ 80 static int tls_handshake_timeout = 10; 81 module_param(tls_handshake_timeout, int, 0644); 82 MODULE_PARM_DESC(tls_handshake_timeout, 83 "nvme TLS handshake timeout in seconds (default 10)"); 84 #endif 85 86 #define NVMET_TCP_RECV_BUDGET 8 87 #define NVMET_TCP_SEND_BUDGET 8 88 #define NVMET_TCP_IO_WORK_BUDGET 64 89 90 enum nvmet_tcp_send_state { 91 NVMET_TCP_SEND_DATA_PDU, 92 NVMET_TCP_SEND_DATA, 93 NVMET_TCP_SEND_R2T, 94 NVMET_TCP_SEND_DDGST, 95 NVMET_TCP_SEND_RESPONSE 96 }; 97 98 enum nvmet_tcp_recv_state { 99 NVMET_TCP_RECV_PDU, 100 NVMET_TCP_RECV_DATA, 101 NVMET_TCP_RECV_DDGST, 102 NVMET_TCP_RECV_ERR, 103 }; 104 105 enum { 106 NVMET_TCP_F_INIT_FAILED = (1 << 0), 107 }; 108 109 struct nvmet_tcp_cmd { 110 struct nvmet_tcp_queue *queue; 111 struct nvmet_req req; 112 113 struct nvme_tcp_cmd_pdu *cmd_pdu; 114 struct nvme_tcp_rsp_pdu *rsp_pdu; 115 struct nvme_tcp_data_pdu *data_pdu; 116 struct nvme_tcp_r2t_pdu *r2t_pdu; 117 118 u32 rbytes_done; 119 u32 wbytes_done; 120 121 u32 pdu_len; 122 u32 pdu_recv; 123 int sg_idx; 124 char recv_cbuf[CMSG_LEN(sizeof(char))]; 125 struct msghdr recv_msg; 126 struct bio_vec *iov; 127 u32 flags; 128 129 struct list_head entry; 130 struct llist_node lentry; 131 132 /* send state */ 133 u32 offset; 134 struct scatterlist *cur_sg; 135 enum nvmet_tcp_send_state state; 136 137 __le32 exp_ddgst; 138 __le32 recv_ddgst; 139 }; 140 141 enum nvmet_tcp_queue_state { 142 NVMET_TCP_Q_CONNECTING, 143 NVMET_TCP_Q_TLS_HANDSHAKE, 144 NVMET_TCP_Q_LIVE, 145 NVMET_TCP_Q_DISCONNECTING, 146 NVMET_TCP_Q_FAILED, 147 }; 148 149 struct nvmet_tcp_queue { 150 struct socket *sock; 151 struct nvmet_tcp_port *port; 152 struct work_struct io_work; 153 struct nvmet_cq nvme_cq; 154 struct nvmet_sq nvme_sq; 155 struct kref kref; 156 157 /* send state */ 158 struct nvmet_tcp_cmd *cmds; 159 unsigned int nr_cmds; 160 struct list_head free_list; 161 struct llist_head resp_list; 162 struct list_head resp_send_list; 163 int send_list_len; 164 struct nvmet_tcp_cmd *snd_cmd; 165 166 /* recv state */ 167 int offset; 168 int left; 169 enum nvmet_tcp_recv_state rcv_state; 170 struct nvmet_tcp_cmd *cmd; 171 union nvme_tcp_pdu pdu; 172 173 /* digest state */ 174 bool hdr_digest; 175 bool data_digest; 176 struct ahash_request *snd_hash; 177 struct ahash_request *rcv_hash; 178 179 /* TLS state */ 180 key_serial_t tls_pskid; 181 struct delayed_work tls_handshake_tmo_work; 182 183 unsigned long poll_end; 184 185 spinlock_t state_lock; 186 enum nvmet_tcp_queue_state state; 187 188 struct sockaddr_storage sockaddr; 189 struct sockaddr_storage sockaddr_peer; 190 struct work_struct release_work; 191 192 int idx; 193 struct list_head queue_list; 194 195 struct nvmet_tcp_cmd connect; 196 197 struct page_frag_cache pf_cache; 198 199 void (*data_ready)(struct sock *); 200 void (*state_change)(struct sock *); 201 void (*write_space)(struct sock *); 202 }; 203 204 struct nvmet_tcp_port { 205 struct socket *sock; 206 struct work_struct accept_work; 207 struct nvmet_port *nport; 208 struct sockaddr_storage addr; 209 void (*data_ready)(struct sock *); 210 }; 211 212 static DEFINE_IDA(nvmet_tcp_queue_ida); 213 static LIST_HEAD(nvmet_tcp_queue_list); 214 static DEFINE_MUTEX(nvmet_tcp_queue_mutex); 215 216 static struct workqueue_struct *nvmet_tcp_wq; 217 static const struct nvmet_fabrics_ops nvmet_tcp_ops; 218 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c); 219 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd); 220 221 static inline u16 nvmet_tcp_cmd_tag(struct nvmet_tcp_queue *queue, 222 struct nvmet_tcp_cmd *cmd) 223 { 224 if (unlikely(!queue->nr_cmds)) { 225 /* We didn't allocate cmds yet, send 0xffff */ 226 return USHRT_MAX; 227 } 228 229 return cmd - queue->cmds; 230 } 231 232 static inline bool nvmet_tcp_has_data_in(struct nvmet_tcp_cmd *cmd) 233 { 234 return nvme_is_write(cmd->req.cmd) && 235 cmd->rbytes_done < cmd->req.transfer_len; 236 } 237 238 static inline bool nvmet_tcp_need_data_in(struct nvmet_tcp_cmd *cmd) 239 { 240 return nvmet_tcp_has_data_in(cmd) && !cmd->req.cqe->status; 241 } 242 243 static inline bool nvmet_tcp_need_data_out(struct nvmet_tcp_cmd *cmd) 244 { 245 return !nvme_is_write(cmd->req.cmd) && 246 cmd->req.transfer_len > 0 && 247 !cmd->req.cqe->status; 248 } 249 250 static inline bool nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd *cmd) 251 { 252 return nvme_is_write(cmd->req.cmd) && cmd->pdu_len && 253 !cmd->rbytes_done; 254 } 255 256 static inline struct nvmet_tcp_cmd * 257 nvmet_tcp_get_cmd(struct nvmet_tcp_queue *queue) 258 { 259 struct nvmet_tcp_cmd *cmd; 260 261 cmd = list_first_entry_or_null(&queue->free_list, 262 struct nvmet_tcp_cmd, entry); 263 if (!cmd) 264 return NULL; 265 list_del_init(&cmd->entry); 266 267 cmd->rbytes_done = cmd->wbytes_done = 0; 268 cmd->pdu_len = 0; 269 cmd->pdu_recv = 0; 270 cmd->iov = NULL; 271 cmd->flags = 0; 272 return cmd; 273 } 274 275 static inline void nvmet_tcp_put_cmd(struct nvmet_tcp_cmd *cmd) 276 { 277 if (unlikely(cmd == &cmd->queue->connect)) 278 return; 279 280 list_add_tail(&cmd->entry, &cmd->queue->free_list); 281 } 282 283 static inline int queue_cpu(struct nvmet_tcp_queue *queue) 284 { 285 return queue->sock->sk->sk_incoming_cpu; 286 } 287 288 static inline u8 nvmet_tcp_hdgst_len(struct nvmet_tcp_queue *queue) 289 { 290 return queue->hdr_digest ? NVME_TCP_DIGEST_LENGTH : 0; 291 } 292 293 static inline u8 nvmet_tcp_ddgst_len(struct nvmet_tcp_queue *queue) 294 { 295 return queue->data_digest ? NVME_TCP_DIGEST_LENGTH : 0; 296 } 297 298 static inline void nvmet_tcp_hdgst(struct ahash_request *hash, 299 void *pdu, size_t len) 300 { 301 struct scatterlist sg; 302 303 sg_init_one(&sg, pdu, len); 304 ahash_request_set_crypt(hash, &sg, pdu + len, len); 305 crypto_ahash_digest(hash); 306 } 307 308 static int nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue *queue, 309 void *pdu, size_t len) 310 { 311 struct nvme_tcp_hdr *hdr = pdu; 312 __le32 recv_digest; 313 __le32 exp_digest; 314 315 if (unlikely(!(hdr->flags & NVME_TCP_F_HDGST))) { 316 pr_err("queue %d: header digest enabled but no header digest\n", 317 queue->idx); 318 return -EPROTO; 319 } 320 321 recv_digest = *(__le32 *)(pdu + hdr->hlen); 322 nvmet_tcp_hdgst(queue->rcv_hash, pdu, len); 323 exp_digest = *(__le32 *)(pdu + hdr->hlen); 324 if (recv_digest != exp_digest) { 325 pr_err("queue %d: header digest error: recv %#x expected %#x\n", 326 queue->idx, le32_to_cpu(recv_digest), 327 le32_to_cpu(exp_digest)); 328 return -EPROTO; 329 } 330 331 return 0; 332 } 333 334 static int nvmet_tcp_check_ddgst(struct nvmet_tcp_queue *queue, void *pdu) 335 { 336 struct nvme_tcp_hdr *hdr = pdu; 337 u8 digest_len = nvmet_tcp_hdgst_len(queue); 338 u32 len; 339 340 len = le32_to_cpu(hdr->plen) - hdr->hlen - 341 (hdr->flags & NVME_TCP_F_HDGST ? digest_len : 0); 342 343 if (unlikely(len && !(hdr->flags & NVME_TCP_F_DDGST))) { 344 pr_err("queue %d: data digest flag is cleared\n", queue->idx); 345 return -EPROTO; 346 } 347 348 return 0; 349 } 350 351 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd) 352 { 353 kfree(cmd->iov); 354 sgl_free(cmd->req.sg); 355 cmd->iov = NULL; 356 cmd->req.sg = NULL; 357 } 358 359 static void nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd *cmd) 360 { 361 struct bio_vec *iov = cmd->iov; 362 struct scatterlist *sg; 363 u32 length, offset, sg_offset; 364 int nr_pages; 365 366 length = cmd->pdu_len; 367 nr_pages = DIV_ROUND_UP(length, PAGE_SIZE); 368 offset = cmd->rbytes_done; 369 cmd->sg_idx = offset / PAGE_SIZE; 370 sg_offset = offset % PAGE_SIZE; 371 sg = &cmd->req.sg[cmd->sg_idx]; 372 373 while (length) { 374 u32 iov_len = min_t(u32, length, sg->length - sg_offset); 375 376 bvec_set_page(iov, sg_page(sg), iov_len, 377 sg->offset + sg_offset); 378 379 length -= iov_len; 380 sg = sg_next(sg); 381 iov++; 382 sg_offset = 0; 383 } 384 385 iov_iter_bvec(&cmd->recv_msg.msg_iter, ITER_DEST, cmd->iov, 386 nr_pages, cmd->pdu_len); 387 } 388 389 static void nvmet_tcp_fatal_error(struct nvmet_tcp_queue *queue) 390 { 391 queue->rcv_state = NVMET_TCP_RECV_ERR; 392 if (queue->nvme_sq.ctrl) 393 nvmet_ctrl_fatal_error(queue->nvme_sq.ctrl); 394 else 395 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 396 } 397 398 static void nvmet_tcp_socket_error(struct nvmet_tcp_queue *queue, int status) 399 { 400 queue->rcv_state = NVMET_TCP_RECV_ERR; 401 if (status == -EPIPE || status == -ECONNRESET) 402 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 403 else 404 nvmet_tcp_fatal_error(queue); 405 } 406 407 static int nvmet_tcp_map_data(struct nvmet_tcp_cmd *cmd) 408 { 409 struct nvme_sgl_desc *sgl = &cmd->req.cmd->common.dptr.sgl; 410 u32 len = le32_to_cpu(sgl->length); 411 412 if (!len) 413 return 0; 414 415 if (sgl->type == ((NVME_SGL_FMT_DATA_DESC << 4) | 416 NVME_SGL_FMT_OFFSET)) { 417 if (!nvme_is_write(cmd->req.cmd)) 418 return NVME_SC_INVALID_FIELD | NVME_SC_DNR; 419 420 if (len > cmd->req.port->inline_data_size) 421 return NVME_SC_SGL_INVALID_OFFSET | NVME_SC_DNR; 422 cmd->pdu_len = len; 423 } 424 cmd->req.transfer_len += len; 425 426 cmd->req.sg = sgl_alloc(len, GFP_KERNEL, &cmd->req.sg_cnt); 427 if (!cmd->req.sg) 428 return NVME_SC_INTERNAL; 429 cmd->cur_sg = cmd->req.sg; 430 431 if (nvmet_tcp_has_data_in(cmd)) { 432 cmd->iov = kmalloc_array(cmd->req.sg_cnt, 433 sizeof(*cmd->iov), GFP_KERNEL); 434 if (!cmd->iov) 435 goto err; 436 } 437 438 return 0; 439 err: 440 nvmet_tcp_free_cmd_buffers(cmd); 441 return NVME_SC_INTERNAL; 442 } 443 444 static void nvmet_tcp_calc_ddgst(struct ahash_request *hash, 445 struct nvmet_tcp_cmd *cmd) 446 { 447 ahash_request_set_crypt(hash, cmd->req.sg, 448 (void *)&cmd->exp_ddgst, cmd->req.transfer_len); 449 crypto_ahash_digest(hash); 450 } 451 452 static void nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd *cmd) 453 { 454 struct nvme_tcp_data_pdu *pdu = cmd->data_pdu; 455 struct nvmet_tcp_queue *queue = cmd->queue; 456 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 457 u8 ddgst = nvmet_tcp_ddgst_len(cmd->queue); 458 459 cmd->offset = 0; 460 cmd->state = NVMET_TCP_SEND_DATA_PDU; 461 462 pdu->hdr.type = nvme_tcp_c2h_data; 463 pdu->hdr.flags = NVME_TCP_F_DATA_LAST | (queue->nvme_sq.sqhd_disabled ? 464 NVME_TCP_F_DATA_SUCCESS : 0); 465 pdu->hdr.hlen = sizeof(*pdu); 466 pdu->hdr.pdo = pdu->hdr.hlen + hdgst; 467 pdu->hdr.plen = 468 cpu_to_le32(pdu->hdr.hlen + hdgst + 469 cmd->req.transfer_len + ddgst); 470 pdu->command_id = cmd->req.cqe->command_id; 471 pdu->data_length = cpu_to_le32(cmd->req.transfer_len); 472 pdu->data_offset = cpu_to_le32(cmd->wbytes_done); 473 474 if (queue->data_digest) { 475 pdu->hdr.flags |= NVME_TCP_F_DDGST; 476 nvmet_tcp_calc_ddgst(queue->snd_hash, cmd); 477 } 478 479 if (cmd->queue->hdr_digest) { 480 pdu->hdr.flags |= NVME_TCP_F_HDGST; 481 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu)); 482 } 483 } 484 485 static void nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd *cmd) 486 { 487 struct nvme_tcp_r2t_pdu *pdu = cmd->r2t_pdu; 488 struct nvmet_tcp_queue *queue = cmd->queue; 489 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 490 491 cmd->offset = 0; 492 cmd->state = NVMET_TCP_SEND_R2T; 493 494 pdu->hdr.type = nvme_tcp_r2t; 495 pdu->hdr.flags = 0; 496 pdu->hdr.hlen = sizeof(*pdu); 497 pdu->hdr.pdo = 0; 498 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst); 499 500 pdu->command_id = cmd->req.cmd->common.command_id; 501 pdu->ttag = nvmet_tcp_cmd_tag(cmd->queue, cmd); 502 pdu->r2t_length = cpu_to_le32(cmd->req.transfer_len - cmd->rbytes_done); 503 pdu->r2t_offset = cpu_to_le32(cmd->rbytes_done); 504 if (cmd->queue->hdr_digest) { 505 pdu->hdr.flags |= NVME_TCP_F_HDGST; 506 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu)); 507 } 508 } 509 510 static void nvmet_setup_response_pdu(struct nvmet_tcp_cmd *cmd) 511 { 512 struct nvme_tcp_rsp_pdu *pdu = cmd->rsp_pdu; 513 struct nvmet_tcp_queue *queue = cmd->queue; 514 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 515 516 cmd->offset = 0; 517 cmd->state = NVMET_TCP_SEND_RESPONSE; 518 519 pdu->hdr.type = nvme_tcp_rsp; 520 pdu->hdr.flags = 0; 521 pdu->hdr.hlen = sizeof(*pdu); 522 pdu->hdr.pdo = 0; 523 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst); 524 if (cmd->queue->hdr_digest) { 525 pdu->hdr.flags |= NVME_TCP_F_HDGST; 526 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu)); 527 } 528 } 529 530 static void nvmet_tcp_process_resp_list(struct nvmet_tcp_queue *queue) 531 { 532 struct llist_node *node; 533 struct nvmet_tcp_cmd *cmd; 534 535 for (node = llist_del_all(&queue->resp_list); node; node = node->next) { 536 cmd = llist_entry(node, struct nvmet_tcp_cmd, lentry); 537 list_add(&cmd->entry, &queue->resp_send_list); 538 queue->send_list_len++; 539 } 540 } 541 542 static struct nvmet_tcp_cmd *nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue *queue) 543 { 544 queue->snd_cmd = list_first_entry_or_null(&queue->resp_send_list, 545 struct nvmet_tcp_cmd, entry); 546 if (!queue->snd_cmd) { 547 nvmet_tcp_process_resp_list(queue); 548 queue->snd_cmd = 549 list_first_entry_or_null(&queue->resp_send_list, 550 struct nvmet_tcp_cmd, entry); 551 if (unlikely(!queue->snd_cmd)) 552 return NULL; 553 } 554 555 list_del_init(&queue->snd_cmd->entry); 556 queue->send_list_len--; 557 558 if (nvmet_tcp_need_data_out(queue->snd_cmd)) 559 nvmet_setup_c2h_data_pdu(queue->snd_cmd); 560 else if (nvmet_tcp_need_data_in(queue->snd_cmd)) 561 nvmet_setup_r2t_pdu(queue->snd_cmd); 562 else 563 nvmet_setup_response_pdu(queue->snd_cmd); 564 565 return queue->snd_cmd; 566 } 567 568 static void nvmet_tcp_queue_response(struct nvmet_req *req) 569 { 570 struct nvmet_tcp_cmd *cmd = 571 container_of(req, struct nvmet_tcp_cmd, req); 572 struct nvmet_tcp_queue *queue = cmd->queue; 573 struct nvme_sgl_desc *sgl; 574 u32 len; 575 576 if (unlikely(cmd == queue->cmd)) { 577 sgl = &cmd->req.cmd->common.dptr.sgl; 578 len = le32_to_cpu(sgl->length); 579 580 /* 581 * Wait for inline data before processing the response. 582 * Avoid using helpers, this might happen before 583 * nvmet_req_init is completed. 584 */ 585 if (queue->rcv_state == NVMET_TCP_RECV_PDU && 586 len && len <= cmd->req.port->inline_data_size && 587 nvme_is_write(cmd->req.cmd)) 588 return; 589 } 590 591 llist_add(&cmd->lentry, &queue->resp_list); 592 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &cmd->queue->io_work); 593 } 594 595 static void nvmet_tcp_execute_request(struct nvmet_tcp_cmd *cmd) 596 { 597 if (unlikely(cmd->flags & NVMET_TCP_F_INIT_FAILED)) 598 nvmet_tcp_queue_response(&cmd->req); 599 else 600 cmd->req.execute(&cmd->req); 601 } 602 603 static int nvmet_try_send_data_pdu(struct nvmet_tcp_cmd *cmd) 604 { 605 struct msghdr msg = { 606 .msg_flags = MSG_DONTWAIT | MSG_MORE | MSG_SPLICE_PAGES, 607 }; 608 struct bio_vec bvec; 609 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 610 int left = sizeof(*cmd->data_pdu) - cmd->offset + hdgst; 611 int ret; 612 613 bvec_set_virt(&bvec, (void *)cmd->data_pdu + cmd->offset, left); 614 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 615 ret = sock_sendmsg(cmd->queue->sock, &msg); 616 if (ret <= 0) 617 return ret; 618 619 cmd->offset += ret; 620 left -= ret; 621 622 if (left) 623 return -EAGAIN; 624 625 cmd->state = NVMET_TCP_SEND_DATA; 626 cmd->offset = 0; 627 return 1; 628 } 629 630 static int nvmet_try_send_data(struct nvmet_tcp_cmd *cmd, bool last_in_batch) 631 { 632 struct nvmet_tcp_queue *queue = cmd->queue; 633 int ret; 634 635 while (cmd->cur_sg) { 636 struct msghdr msg = { 637 .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, 638 }; 639 struct page *page = sg_page(cmd->cur_sg); 640 struct bio_vec bvec; 641 u32 left = cmd->cur_sg->length - cmd->offset; 642 643 if ((!last_in_batch && cmd->queue->send_list_len) || 644 cmd->wbytes_done + left < cmd->req.transfer_len || 645 queue->data_digest || !queue->nvme_sq.sqhd_disabled) 646 msg.msg_flags |= MSG_MORE; 647 648 bvec_set_page(&bvec, page, left, cmd->offset); 649 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 650 ret = sock_sendmsg(cmd->queue->sock, &msg); 651 if (ret <= 0) 652 return ret; 653 654 cmd->offset += ret; 655 cmd->wbytes_done += ret; 656 657 /* Done with sg?*/ 658 if (cmd->offset == cmd->cur_sg->length) { 659 cmd->cur_sg = sg_next(cmd->cur_sg); 660 cmd->offset = 0; 661 } 662 } 663 664 if (queue->data_digest) { 665 cmd->state = NVMET_TCP_SEND_DDGST; 666 cmd->offset = 0; 667 } else { 668 if (queue->nvme_sq.sqhd_disabled) { 669 cmd->queue->snd_cmd = NULL; 670 nvmet_tcp_put_cmd(cmd); 671 } else { 672 nvmet_setup_response_pdu(cmd); 673 } 674 } 675 676 if (queue->nvme_sq.sqhd_disabled) 677 nvmet_tcp_free_cmd_buffers(cmd); 678 679 return 1; 680 681 } 682 683 static int nvmet_try_send_response(struct nvmet_tcp_cmd *cmd, 684 bool last_in_batch) 685 { 686 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, }; 687 struct bio_vec bvec; 688 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 689 int left = sizeof(*cmd->rsp_pdu) - cmd->offset + hdgst; 690 int ret; 691 692 if (!last_in_batch && cmd->queue->send_list_len) 693 msg.msg_flags |= MSG_MORE; 694 else 695 msg.msg_flags |= MSG_EOR; 696 697 bvec_set_virt(&bvec, (void *)cmd->rsp_pdu + cmd->offset, left); 698 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 699 ret = sock_sendmsg(cmd->queue->sock, &msg); 700 if (ret <= 0) 701 return ret; 702 cmd->offset += ret; 703 left -= ret; 704 705 if (left) 706 return -EAGAIN; 707 708 nvmet_tcp_free_cmd_buffers(cmd); 709 cmd->queue->snd_cmd = NULL; 710 nvmet_tcp_put_cmd(cmd); 711 return 1; 712 } 713 714 static int nvmet_try_send_r2t(struct nvmet_tcp_cmd *cmd, bool last_in_batch) 715 { 716 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, }; 717 struct bio_vec bvec; 718 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue); 719 int left = sizeof(*cmd->r2t_pdu) - cmd->offset + hdgst; 720 int ret; 721 722 if (!last_in_batch && cmd->queue->send_list_len) 723 msg.msg_flags |= MSG_MORE; 724 else 725 msg.msg_flags |= MSG_EOR; 726 727 bvec_set_virt(&bvec, (void *)cmd->r2t_pdu + cmd->offset, left); 728 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left); 729 ret = sock_sendmsg(cmd->queue->sock, &msg); 730 if (ret <= 0) 731 return ret; 732 cmd->offset += ret; 733 left -= ret; 734 735 if (left) 736 return -EAGAIN; 737 738 cmd->queue->snd_cmd = NULL; 739 return 1; 740 } 741 742 static int nvmet_try_send_ddgst(struct nvmet_tcp_cmd *cmd, bool last_in_batch) 743 { 744 struct nvmet_tcp_queue *queue = cmd->queue; 745 int left = NVME_TCP_DIGEST_LENGTH - cmd->offset; 746 struct msghdr msg = { .msg_flags = MSG_DONTWAIT }; 747 struct kvec iov = { 748 .iov_base = (u8 *)&cmd->exp_ddgst + cmd->offset, 749 .iov_len = left 750 }; 751 int ret; 752 753 if (!last_in_batch && cmd->queue->send_list_len) 754 msg.msg_flags |= MSG_MORE; 755 else 756 msg.msg_flags |= MSG_EOR; 757 758 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len); 759 if (unlikely(ret <= 0)) 760 return ret; 761 762 cmd->offset += ret; 763 left -= ret; 764 765 if (left) 766 return -EAGAIN; 767 768 if (queue->nvme_sq.sqhd_disabled) { 769 cmd->queue->snd_cmd = NULL; 770 nvmet_tcp_put_cmd(cmd); 771 } else { 772 nvmet_setup_response_pdu(cmd); 773 } 774 return 1; 775 } 776 777 static int nvmet_tcp_try_send_one(struct nvmet_tcp_queue *queue, 778 bool last_in_batch) 779 { 780 struct nvmet_tcp_cmd *cmd = queue->snd_cmd; 781 int ret = 0; 782 783 if (!cmd || queue->state == NVMET_TCP_Q_DISCONNECTING) { 784 cmd = nvmet_tcp_fetch_cmd(queue); 785 if (unlikely(!cmd)) 786 return 0; 787 } 788 789 if (cmd->state == NVMET_TCP_SEND_DATA_PDU) { 790 ret = nvmet_try_send_data_pdu(cmd); 791 if (ret <= 0) 792 goto done_send; 793 } 794 795 if (cmd->state == NVMET_TCP_SEND_DATA) { 796 ret = nvmet_try_send_data(cmd, last_in_batch); 797 if (ret <= 0) 798 goto done_send; 799 } 800 801 if (cmd->state == NVMET_TCP_SEND_DDGST) { 802 ret = nvmet_try_send_ddgst(cmd, last_in_batch); 803 if (ret <= 0) 804 goto done_send; 805 } 806 807 if (cmd->state == NVMET_TCP_SEND_R2T) { 808 ret = nvmet_try_send_r2t(cmd, last_in_batch); 809 if (ret <= 0) 810 goto done_send; 811 } 812 813 if (cmd->state == NVMET_TCP_SEND_RESPONSE) 814 ret = nvmet_try_send_response(cmd, last_in_batch); 815 816 done_send: 817 if (ret < 0) { 818 if (ret == -EAGAIN) 819 return 0; 820 return ret; 821 } 822 823 return 1; 824 } 825 826 static int nvmet_tcp_try_send(struct nvmet_tcp_queue *queue, 827 int budget, int *sends) 828 { 829 int i, ret = 0; 830 831 for (i = 0; i < budget; i++) { 832 ret = nvmet_tcp_try_send_one(queue, i == budget - 1); 833 if (unlikely(ret < 0)) { 834 nvmet_tcp_socket_error(queue, ret); 835 goto done; 836 } else if (ret == 0) { 837 break; 838 } 839 (*sends)++; 840 } 841 done: 842 return ret; 843 } 844 845 static void nvmet_prepare_receive_pdu(struct nvmet_tcp_queue *queue) 846 { 847 queue->offset = 0; 848 queue->left = sizeof(struct nvme_tcp_hdr); 849 queue->cmd = NULL; 850 queue->rcv_state = NVMET_TCP_RECV_PDU; 851 } 852 853 static void nvmet_tcp_free_crypto(struct nvmet_tcp_queue *queue) 854 { 855 struct crypto_ahash *tfm = crypto_ahash_reqtfm(queue->rcv_hash); 856 857 ahash_request_free(queue->rcv_hash); 858 ahash_request_free(queue->snd_hash); 859 crypto_free_ahash(tfm); 860 } 861 862 static int nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue *queue) 863 { 864 struct crypto_ahash *tfm; 865 866 tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC); 867 if (IS_ERR(tfm)) 868 return PTR_ERR(tfm); 869 870 queue->snd_hash = ahash_request_alloc(tfm, GFP_KERNEL); 871 if (!queue->snd_hash) 872 goto free_tfm; 873 ahash_request_set_callback(queue->snd_hash, 0, NULL, NULL); 874 875 queue->rcv_hash = ahash_request_alloc(tfm, GFP_KERNEL); 876 if (!queue->rcv_hash) 877 goto free_snd_hash; 878 ahash_request_set_callback(queue->rcv_hash, 0, NULL, NULL); 879 880 return 0; 881 free_snd_hash: 882 ahash_request_free(queue->snd_hash); 883 free_tfm: 884 crypto_free_ahash(tfm); 885 return -ENOMEM; 886 } 887 888 889 static int nvmet_tcp_handle_icreq(struct nvmet_tcp_queue *queue) 890 { 891 struct nvme_tcp_icreq_pdu *icreq = &queue->pdu.icreq; 892 struct nvme_tcp_icresp_pdu *icresp = &queue->pdu.icresp; 893 struct msghdr msg = {}; 894 struct kvec iov; 895 int ret; 896 897 if (le32_to_cpu(icreq->hdr.plen) != sizeof(struct nvme_tcp_icreq_pdu)) { 898 pr_err("bad nvme-tcp pdu length (%d)\n", 899 le32_to_cpu(icreq->hdr.plen)); 900 nvmet_tcp_fatal_error(queue); 901 } 902 903 if (icreq->pfv != NVME_TCP_PFV_1_0) { 904 pr_err("queue %d: bad pfv %d\n", queue->idx, icreq->pfv); 905 return -EPROTO; 906 } 907 908 if (icreq->hpda != 0) { 909 pr_err("queue %d: unsupported hpda %d\n", queue->idx, 910 icreq->hpda); 911 return -EPROTO; 912 } 913 914 queue->hdr_digest = !!(icreq->digest & NVME_TCP_HDR_DIGEST_ENABLE); 915 queue->data_digest = !!(icreq->digest & NVME_TCP_DATA_DIGEST_ENABLE); 916 if (queue->hdr_digest || queue->data_digest) { 917 ret = nvmet_tcp_alloc_crypto(queue); 918 if (ret) 919 return ret; 920 } 921 922 memset(icresp, 0, sizeof(*icresp)); 923 icresp->hdr.type = nvme_tcp_icresp; 924 icresp->hdr.hlen = sizeof(*icresp); 925 icresp->hdr.pdo = 0; 926 icresp->hdr.plen = cpu_to_le32(icresp->hdr.hlen); 927 icresp->pfv = cpu_to_le16(NVME_TCP_PFV_1_0); 928 icresp->maxdata = cpu_to_le32(NVMET_TCP_MAXH2CDATA); 929 icresp->cpda = 0; 930 if (queue->hdr_digest) 931 icresp->digest |= NVME_TCP_HDR_DIGEST_ENABLE; 932 if (queue->data_digest) 933 icresp->digest |= NVME_TCP_DATA_DIGEST_ENABLE; 934 935 iov.iov_base = icresp; 936 iov.iov_len = sizeof(*icresp); 937 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len); 938 if (ret < 0) { 939 queue->state = NVMET_TCP_Q_FAILED; 940 return ret; /* queue removal will cleanup */ 941 } 942 943 queue->state = NVMET_TCP_Q_LIVE; 944 nvmet_prepare_receive_pdu(queue); 945 return 0; 946 } 947 948 static void nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue *queue, 949 struct nvmet_tcp_cmd *cmd, struct nvmet_req *req) 950 { 951 size_t data_len = le32_to_cpu(req->cmd->common.dptr.sgl.length); 952 int ret; 953 954 /* 955 * This command has not been processed yet, hence we are trying to 956 * figure out if there is still pending data left to receive. If 957 * we don't, we can simply prepare for the next pdu and bail out, 958 * otherwise we will need to prepare a buffer and receive the 959 * stale data before continuing forward. 960 */ 961 if (!nvme_is_write(cmd->req.cmd) || !data_len || 962 data_len > cmd->req.port->inline_data_size) { 963 nvmet_prepare_receive_pdu(queue); 964 return; 965 } 966 967 ret = nvmet_tcp_map_data(cmd); 968 if (unlikely(ret)) { 969 pr_err("queue %d: failed to map data\n", queue->idx); 970 nvmet_tcp_fatal_error(queue); 971 return; 972 } 973 974 queue->rcv_state = NVMET_TCP_RECV_DATA; 975 nvmet_tcp_build_pdu_iovec(cmd); 976 cmd->flags |= NVMET_TCP_F_INIT_FAILED; 977 } 978 979 static int nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue *queue) 980 { 981 struct nvme_tcp_data_pdu *data = &queue->pdu.data; 982 struct nvmet_tcp_cmd *cmd; 983 unsigned int exp_data_len; 984 985 if (likely(queue->nr_cmds)) { 986 if (unlikely(data->ttag >= queue->nr_cmds)) { 987 pr_err("queue %d: received out of bound ttag %u, nr_cmds %u\n", 988 queue->idx, data->ttag, queue->nr_cmds); 989 goto err_proto; 990 } 991 cmd = &queue->cmds[data->ttag]; 992 } else { 993 cmd = &queue->connect; 994 } 995 996 if (le32_to_cpu(data->data_offset) != cmd->rbytes_done) { 997 pr_err("ttag %u unexpected data offset %u (expected %u)\n", 998 data->ttag, le32_to_cpu(data->data_offset), 999 cmd->rbytes_done); 1000 goto err_proto; 1001 } 1002 1003 exp_data_len = le32_to_cpu(data->hdr.plen) - 1004 nvmet_tcp_hdgst_len(queue) - 1005 nvmet_tcp_ddgst_len(queue) - 1006 sizeof(*data); 1007 1008 cmd->pdu_len = le32_to_cpu(data->data_length); 1009 if (unlikely(cmd->pdu_len != exp_data_len || 1010 cmd->pdu_len == 0 || 1011 cmd->pdu_len > NVMET_TCP_MAXH2CDATA)) { 1012 pr_err("H2CData PDU len %u is invalid\n", cmd->pdu_len); 1013 goto err_proto; 1014 } 1015 cmd->pdu_recv = 0; 1016 nvmet_tcp_build_pdu_iovec(cmd); 1017 queue->cmd = cmd; 1018 queue->rcv_state = NVMET_TCP_RECV_DATA; 1019 1020 return 0; 1021 1022 err_proto: 1023 /* FIXME: use proper transport errors */ 1024 nvmet_tcp_fatal_error(queue); 1025 return -EPROTO; 1026 } 1027 1028 static int nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue *queue) 1029 { 1030 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr; 1031 struct nvme_command *nvme_cmd = &queue->pdu.cmd.cmd; 1032 struct nvmet_req *req; 1033 int ret; 1034 1035 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) { 1036 if (hdr->type != nvme_tcp_icreq) { 1037 pr_err("unexpected pdu type (%d) before icreq\n", 1038 hdr->type); 1039 nvmet_tcp_fatal_error(queue); 1040 return -EPROTO; 1041 } 1042 return nvmet_tcp_handle_icreq(queue); 1043 } 1044 1045 if (unlikely(hdr->type == nvme_tcp_icreq)) { 1046 pr_err("queue %d: received icreq pdu in state %d\n", 1047 queue->idx, queue->state); 1048 nvmet_tcp_fatal_error(queue); 1049 return -EPROTO; 1050 } 1051 1052 if (hdr->type == nvme_tcp_h2c_data) { 1053 ret = nvmet_tcp_handle_h2c_data_pdu(queue); 1054 if (unlikely(ret)) 1055 return ret; 1056 return 0; 1057 } 1058 1059 queue->cmd = nvmet_tcp_get_cmd(queue); 1060 if (unlikely(!queue->cmd)) { 1061 /* This should never happen */ 1062 pr_err("queue %d: out of commands (%d) send_list_len: %d, opcode: %d", 1063 queue->idx, queue->nr_cmds, queue->send_list_len, 1064 nvme_cmd->common.opcode); 1065 nvmet_tcp_fatal_error(queue); 1066 return -ENOMEM; 1067 } 1068 1069 req = &queue->cmd->req; 1070 memcpy(req->cmd, nvme_cmd, sizeof(*nvme_cmd)); 1071 1072 if (unlikely(!nvmet_req_init(req, &queue->nvme_cq, 1073 &queue->nvme_sq, &nvmet_tcp_ops))) { 1074 pr_err("failed cmd %p id %d opcode %d, data_len: %d\n", 1075 req->cmd, req->cmd->common.command_id, 1076 req->cmd->common.opcode, 1077 le32_to_cpu(req->cmd->common.dptr.sgl.length)); 1078 1079 nvmet_tcp_handle_req_failure(queue, queue->cmd, req); 1080 return 0; 1081 } 1082 1083 ret = nvmet_tcp_map_data(queue->cmd); 1084 if (unlikely(ret)) { 1085 pr_err("queue %d: failed to map data\n", queue->idx); 1086 if (nvmet_tcp_has_inline_data(queue->cmd)) 1087 nvmet_tcp_fatal_error(queue); 1088 else 1089 nvmet_req_complete(req, ret); 1090 ret = -EAGAIN; 1091 goto out; 1092 } 1093 1094 if (nvmet_tcp_need_data_in(queue->cmd)) { 1095 if (nvmet_tcp_has_inline_data(queue->cmd)) { 1096 queue->rcv_state = NVMET_TCP_RECV_DATA; 1097 nvmet_tcp_build_pdu_iovec(queue->cmd); 1098 return 0; 1099 } 1100 /* send back R2T */ 1101 nvmet_tcp_queue_response(&queue->cmd->req); 1102 goto out; 1103 } 1104 1105 queue->cmd->req.execute(&queue->cmd->req); 1106 out: 1107 nvmet_prepare_receive_pdu(queue); 1108 return ret; 1109 } 1110 1111 static const u8 nvme_tcp_pdu_sizes[] = { 1112 [nvme_tcp_icreq] = sizeof(struct nvme_tcp_icreq_pdu), 1113 [nvme_tcp_cmd] = sizeof(struct nvme_tcp_cmd_pdu), 1114 [nvme_tcp_h2c_data] = sizeof(struct nvme_tcp_data_pdu), 1115 }; 1116 1117 static inline u8 nvmet_tcp_pdu_size(u8 type) 1118 { 1119 size_t idx = type; 1120 1121 return (idx < ARRAY_SIZE(nvme_tcp_pdu_sizes) && 1122 nvme_tcp_pdu_sizes[idx]) ? 1123 nvme_tcp_pdu_sizes[idx] : 0; 1124 } 1125 1126 static inline bool nvmet_tcp_pdu_valid(u8 type) 1127 { 1128 switch (type) { 1129 case nvme_tcp_icreq: 1130 case nvme_tcp_cmd: 1131 case nvme_tcp_h2c_data: 1132 /* fallthru */ 1133 return true; 1134 } 1135 1136 return false; 1137 } 1138 1139 static int nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue *queue, 1140 struct msghdr *msg, char *cbuf) 1141 { 1142 struct cmsghdr *cmsg = (struct cmsghdr *)cbuf; 1143 u8 ctype, level, description; 1144 int ret = 0; 1145 1146 ctype = tls_get_record_type(queue->sock->sk, cmsg); 1147 switch (ctype) { 1148 case 0: 1149 break; 1150 case TLS_RECORD_TYPE_DATA: 1151 break; 1152 case TLS_RECORD_TYPE_ALERT: 1153 tls_alert_recv(queue->sock->sk, msg, &level, &description); 1154 if (level == TLS_ALERT_LEVEL_FATAL) { 1155 pr_err("queue %d: TLS Alert desc %u\n", 1156 queue->idx, description); 1157 ret = -ENOTCONN; 1158 } else { 1159 pr_warn("queue %d: TLS Alert desc %u\n", 1160 queue->idx, description); 1161 ret = -EAGAIN; 1162 } 1163 break; 1164 default: 1165 /* discard this record type */ 1166 pr_err("queue %d: TLS record %d unhandled\n", 1167 queue->idx, ctype); 1168 ret = -EAGAIN; 1169 break; 1170 } 1171 return ret; 1172 } 1173 1174 static int nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue *queue) 1175 { 1176 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr; 1177 int len, ret; 1178 struct kvec iov; 1179 char cbuf[CMSG_LEN(sizeof(char))] = {}; 1180 struct msghdr msg = { .msg_flags = MSG_DONTWAIT }; 1181 1182 recv: 1183 iov.iov_base = (void *)&queue->pdu + queue->offset; 1184 iov.iov_len = queue->left; 1185 if (queue->tls_pskid) { 1186 msg.msg_control = cbuf; 1187 msg.msg_controllen = sizeof(cbuf); 1188 } 1189 len = kernel_recvmsg(queue->sock, &msg, &iov, 1, 1190 iov.iov_len, msg.msg_flags); 1191 if (unlikely(len < 0)) 1192 return len; 1193 if (queue->tls_pskid) { 1194 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf); 1195 if (ret < 0) 1196 return ret; 1197 } 1198 1199 queue->offset += len; 1200 queue->left -= len; 1201 if (queue->left) 1202 return -EAGAIN; 1203 1204 if (queue->offset == sizeof(struct nvme_tcp_hdr)) { 1205 u8 hdgst = nvmet_tcp_hdgst_len(queue); 1206 1207 if (unlikely(!nvmet_tcp_pdu_valid(hdr->type))) { 1208 pr_err("unexpected pdu type %d\n", hdr->type); 1209 nvmet_tcp_fatal_error(queue); 1210 return -EIO; 1211 } 1212 1213 if (unlikely(hdr->hlen != nvmet_tcp_pdu_size(hdr->type))) { 1214 pr_err("pdu %d bad hlen %d\n", hdr->type, hdr->hlen); 1215 return -EIO; 1216 } 1217 1218 queue->left = hdr->hlen - queue->offset + hdgst; 1219 goto recv; 1220 } 1221 1222 if (queue->hdr_digest && 1223 nvmet_tcp_verify_hdgst(queue, &queue->pdu, hdr->hlen)) { 1224 nvmet_tcp_fatal_error(queue); /* fatal */ 1225 return -EPROTO; 1226 } 1227 1228 if (queue->data_digest && 1229 nvmet_tcp_check_ddgst(queue, &queue->pdu)) { 1230 nvmet_tcp_fatal_error(queue); /* fatal */ 1231 return -EPROTO; 1232 } 1233 1234 return nvmet_tcp_done_recv_pdu(queue); 1235 } 1236 1237 static void nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd *cmd) 1238 { 1239 struct nvmet_tcp_queue *queue = cmd->queue; 1240 1241 nvmet_tcp_calc_ddgst(queue->rcv_hash, cmd); 1242 queue->offset = 0; 1243 queue->left = NVME_TCP_DIGEST_LENGTH; 1244 queue->rcv_state = NVMET_TCP_RECV_DDGST; 1245 } 1246 1247 static int nvmet_tcp_try_recv_data(struct nvmet_tcp_queue *queue) 1248 { 1249 struct nvmet_tcp_cmd *cmd = queue->cmd; 1250 int len, ret; 1251 1252 while (msg_data_left(&cmd->recv_msg)) { 1253 len = sock_recvmsg(cmd->queue->sock, &cmd->recv_msg, 1254 cmd->recv_msg.msg_flags); 1255 if (len <= 0) 1256 return len; 1257 if (queue->tls_pskid) { 1258 ret = nvmet_tcp_tls_record_ok(cmd->queue, 1259 &cmd->recv_msg, cmd->recv_cbuf); 1260 if (ret < 0) 1261 return ret; 1262 } 1263 1264 cmd->pdu_recv += len; 1265 cmd->rbytes_done += len; 1266 } 1267 1268 if (queue->data_digest) { 1269 nvmet_tcp_prep_recv_ddgst(cmd); 1270 return 0; 1271 } 1272 1273 if (cmd->rbytes_done == cmd->req.transfer_len) 1274 nvmet_tcp_execute_request(cmd); 1275 1276 nvmet_prepare_receive_pdu(queue); 1277 return 0; 1278 } 1279 1280 static int nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue *queue) 1281 { 1282 struct nvmet_tcp_cmd *cmd = queue->cmd; 1283 int ret, len; 1284 char cbuf[CMSG_LEN(sizeof(char))] = {}; 1285 struct msghdr msg = { .msg_flags = MSG_DONTWAIT }; 1286 struct kvec iov = { 1287 .iov_base = (void *)&cmd->recv_ddgst + queue->offset, 1288 .iov_len = queue->left 1289 }; 1290 1291 if (queue->tls_pskid) { 1292 msg.msg_control = cbuf; 1293 msg.msg_controllen = sizeof(cbuf); 1294 } 1295 len = kernel_recvmsg(queue->sock, &msg, &iov, 1, 1296 iov.iov_len, msg.msg_flags); 1297 if (unlikely(len < 0)) 1298 return len; 1299 if (queue->tls_pskid) { 1300 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf); 1301 if (ret < 0) 1302 return ret; 1303 } 1304 1305 queue->offset += len; 1306 queue->left -= len; 1307 if (queue->left) 1308 return -EAGAIN; 1309 1310 if (queue->data_digest && cmd->exp_ddgst != cmd->recv_ddgst) { 1311 pr_err("queue %d: cmd %d pdu (%d) data digest error: recv %#x expected %#x\n", 1312 queue->idx, cmd->req.cmd->common.command_id, 1313 queue->pdu.cmd.hdr.type, le32_to_cpu(cmd->recv_ddgst), 1314 le32_to_cpu(cmd->exp_ddgst)); 1315 nvmet_req_uninit(&cmd->req); 1316 nvmet_tcp_free_cmd_buffers(cmd); 1317 nvmet_tcp_fatal_error(queue); 1318 ret = -EPROTO; 1319 goto out; 1320 } 1321 1322 if (cmd->rbytes_done == cmd->req.transfer_len) 1323 nvmet_tcp_execute_request(cmd); 1324 1325 ret = 0; 1326 out: 1327 nvmet_prepare_receive_pdu(queue); 1328 return ret; 1329 } 1330 1331 static int nvmet_tcp_try_recv_one(struct nvmet_tcp_queue *queue) 1332 { 1333 int result = 0; 1334 1335 if (unlikely(queue->rcv_state == NVMET_TCP_RECV_ERR)) 1336 return 0; 1337 1338 if (queue->rcv_state == NVMET_TCP_RECV_PDU) { 1339 result = nvmet_tcp_try_recv_pdu(queue); 1340 if (result != 0) 1341 goto done_recv; 1342 } 1343 1344 if (queue->rcv_state == NVMET_TCP_RECV_DATA) { 1345 result = nvmet_tcp_try_recv_data(queue); 1346 if (result != 0) 1347 goto done_recv; 1348 } 1349 1350 if (queue->rcv_state == NVMET_TCP_RECV_DDGST) { 1351 result = nvmet_tcp_try_recv_ddgst(queue); 1352 if (result != 0) 1353 goto done_recv; 1354 } 1355 1356 done_recv: 1357 if (result < 0) { 1358 if (result == -EAGAIN) 1359 return 0; 1360 return result; 1361 } 1362 return 1; 1363 } 1364 1365 static int nvmet_tcp_try_recv(struct nvmet_tcp_queue *queue, 1366 int budget, int *recvs) 1367 { 1368 int i, ret = 0; 1369 1370 for (i = 0; i < budget; i++) { 1371 ret = nvmet_tcp_try_recv_one(queue); 1372 if (unlikely(ret < 0)) { 1373 nvmet_tcp_socket_error(queue, ret); 1374 goto done; 1375 } else if (ret == 0) { 1376 break; 1377 } 1378 (*recvs)++; 1379 } 1380 done: 1381 return ret; 1382 } 1383 1384 static void nvmet_tcp_release_queue(struct kref *kref) 1385 { 1386 struct nvmet_tcp_queue *queue = 1387 container_of(kref, struct nvmet_tcp_queue, kref); 1388 1389 WARN_ON(queue->state != NVMET_TCP_Q_DISCONNECTING); 1390 queue_work(nvmet_wq, &queue->release_work); 1391 } 1392 1393 static void nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue *queue) 1394 { 1395 spin_lock_bh(&queue->state_lock); 1396 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) { 1397 /* Socket closed during handshake */ 1398 tls_handshake_cancel(queue->sock->sk); 1399 } 1400 if (queue->state != NVMET_TCP_Q_DISCONNECTING) { 1401 queue->state = NVMET_TCP_Q_DISCONNECTING; 1402 kref_put(&queue->kref, nvmet_tcp_release_queue); 1403 } 1404 spin_unlock_bh(&queue->state_lock); 1405 } 1406 1407 static inline void nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue *queue) 1408 { 1409 queue->poll_end = jiffies + usecs_to_jiffies(idle_poll_period_usecs); 1410 } 1411 1412 static bool nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue *queue, 1413 int ops) 1414 { 1415 if (!idle_poll_period_usecs) 1416 return false; 1417 1418 if (ops) 1419 nvmet_tcp_arm_queue_deadline(queue); 1420 1421 return !time_after(jiffies, queue->poll_end); 1422 } 1423 1424 static void nvmet_tcp_io_work(struct work_struct *w) 1425 { 1426 struct nvmet_tcp_queue *queue = 1427 container_of(w, struct nvmet_tcp_queue, io_work); 1428 bool pending; 1429 int ret, ops = 0; 1430 1431 do { 1432 pending = false; 1433 1434 ret = nvmet_tcp_try_recv(queue, NVMET_TCP_RECV_BUDGET, &ops); 1435 if (ret > 0) 1436 pending = true; 1437 else if (ret < 0) 1438 return; 1439 1440 ret = nvmet_tcp_try_send(queue, NVMET_TCP_SEND_BUDGET, &ops); 1441 if (ret > 0) 1442 pending = true; 1443 else if (ret < 0) 1444 return; 1445 1446 } while (pending && ops < NVMET_TCP_IO_WORK_BUDGET); 1447 1448 /* 1449 * Requeue the worker if idle deadline period is in progress or any 1450 * ops activity was recorded during the do-while loop above. 1451 */ 1452 if (nvmet_tcp_check_queue_deadline(queue, ops) || pending) 1453 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work); 1454 } 1455 1456 static int nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue *queue, 1457 struct nvmet_tcp_cmd *c) 1458 { 1459 u8 hdgst = nvmet_tcp_hdgst_len(queue); 1460 1461 c->queue = queue; 1462 c->req.port = queue->port->nport; 1463 1464 c->cmd_pdu = page_frag_alloc(&queue->pf_cache, 1465 sizeof(*c->cmd_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1466 if (!c->cmd_pdu) 1467 return -ENOMEM; 1468 c->req.cmd = &c->cmd_pdu->cmd; 1469 1470 c->rsp_pdu = page_frag_alloc(&queue->pf_cache, 1471 sizeof(*c->rsp_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1472 if (!c->rsp_pdu) 1473 goto out_free_cmd; 1474 c->req.cqe = &c->rsp_pdu->cqe; 1475 1476 c->data_pdu = page_frag_alloc(&queue->pf_cache, 1477 sizeof(*c->data_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1478 if (!c->data_pdu) 1479 goto out_free_rsp; 1480 1481 c->r2t_pdu = page_frag_alloc(&queue->pf_cache, 1482 sizeof(*c->r2t_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO); 1483 if (!c->r2t_pdu) 1484 goto out_free_data; 1485 1486 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) { 1487 c->recv_msg.msg_control = c->recv_cbuf; 1488 c->recv_msg.msg_controllen = sizeof(c->recv_cbuf); 1489 } 1490 c->recv_msg.msg_flags = MSG_DONTWAIT | MSG_NOSIGNAL; 1491 1492 list_add_tail(&c->entry, &queue->free_list); 1493 1494 return 0; 1495 out_free_data: 1496 page_frag_free(c->data_pdu); 1497 out_free_rsp: 1498 page_frag_free(c->rsp_pdu); 1499 out_free_cmd: 1500 page_frag_free(c->cmd_pdu); 1501 return -ENOMEM; 1502 } 1503 1504 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c) 1505 { 1506 page_frag_free(c->r2t_pdu); 1507 page_frag_free(c->data_pdu); 1508 page_frag_free(c->rsp_pdu); 1509 page_frag_free(c->cmd_pdu); 1510 } 1511 1512 static int nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue *queue) 1513 { 1514 struct nvmet_tcp_cmd *cmds; 1515 int i, ret = -EINVAL, nr_cmds = queue->nr_cmds; 1516 1517 cmds = kcalloc(nr_cmds, sizeof(struct nvmet_tcp_cmd), GFP_KERNEL); 1518 if (!cmds) 1519 goto out; 1520 1521 for (i = 0; i < nr_cmds; i++) { 1522 ret = nvmet_tcp_alloc_cmd(queue, cmds + i); 1523 if (ret) 1524 goto out_free; 1525 } 1526 1527 queue->cmds = cmds; 1528 1529 return 0; 1530 out_free: 1531 while (--i >= 0) 1532 nvmet_tcp_free_cmd(cmds + i); 1533 kfree(cmds); 1534 out: 1535 return ret; 1536 } 1537 1538 static void nvmet_tcp_free_cmds(struct nvmet_tcp_queue *queue) 1539 { 1540 struct nvmet_tcp_cmd *cmds = queue->cmds; 1541 int i; 1542 1543 for (i = 0; i < queue->nr_cmds; i++) 1544 nvmet_tcp_free_cmd(cmds + i); 1545 1546 nvmet_tcp_free_cmd(&queue->connect); 1547 kfree(cmds); 1548 } 1549 1550 static void nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue *queue) 1551 { 1552 struct socket *sock = queue->sock; 1553 1554 write_lock_bh(&sock->sk->sk_callback_lock); 1555 sock->sk->sk_data_ready = queue->data_ready; 1556 sock->sk->sk_state_change = queue->state_change; 1557 sock->sk->sk_write_space = queue->write_space; 1558 sock->sk->sk_user_data = NULL; 1559 write_unlock_bh(&sock->sk->sk_callback_lock); 1560 } 1561 1562 static void nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue *queue) 1563 { 1564 struct nvmet_tcp_cmd *cmd = queue->cmds; 1565 int i; 1566 1567 for (i = 0; i < queue->nr_cmds; i++, cmd++) { 1568 if (nvmet_tcp_need_data_in(cmd)) 1569 nvmet_req_uninit(&cmd->req); 1570 } 1571 1572 if (!queue->nr_cmds && nvmet_tcp_need_data_in(&queue->connect)) { 1573 /* failed in connect */ 1574 nvmet_req_uninit(&queue->connect.req); 1575 } 1576 } 1577 1578 static void nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue *queue) 1579 { 1580 struct nvmet_tcp_cmd *cmd = queue->cmds; 1581 int i; 1582 1583 for (i = 0; i < queue->nr_cmds; i++, cmd++) { 1584 if (nvmet_tcp_need_data_in(cmd)) 1585 nvmet_tcp_free_cmd_buffers(cmd); 1586 } 1587 1588 if (!queue->nr_cmds && nvmet_tcp_need_data_in(&queue->connect)) 1589 nvmet_tcp_free_cmd_buffers(&queue->connect); 1590 } 1591 1592 static void nvmet_tcp_release_queue_work(struct work_struct *w) 1593 { 1594 struct page *page; 1595 struct nvmet_tcp_queue *queue = 1596 container_of(w, struct nvmet_tcp_queue, release_work); 1597 1598 mutex_lock(&nvmet_tcp_queue_mutex); 1599 list_del_init(&queue->queue_list); 1600 mutex_unlock(&nvmet_tcp_queue_mutex); 1601 1602 nvmet_tcp_restore_socket_callbacks(queue); 1603 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work); 1604 cancel_work_sync(&queue->io_work); 1605 /* stop accepting incoming data */ 1606 queue->rcv_state = NVMET_TCP_RECV_ERR; 1607 1608 nvmet_tcp_uninit_data_in_cmds(queue); 1609 nvmet_sq_destroy(&queue->nvme_sq); 1610 cancel_work_sync(&queue->io_work); 1611 nvmet_tcp_free_cmd_data_in_buffers(queue); 1612 /* ->sock will be released by fput() */ 1613 fput(queue->sock->file); 1614 nvmet_tcp_free_cmds(queue); 1615 if (queue->hdr_digest || queue->data_digest) 1616 nvmet_tcp_free_crypto(queue); 1617 ida_free(&nvmet_tcp_queue_ida, queue->idx); 1618 page = virt_to_head_page(queue->pf_cache.va); 1619 __page_frag_cache_drain(page, queue->pf_cache.pagecnt_bias); 1620 kfree(queue); 1621 } 1622 1623 static void nvmet_tcp_data_ready(struct sock *sk) 1624 { 1625 struct nvmet_tcp_queue *queue; 1626 1627 trace_sk_data_ready(sk); 1628 1629 read_lock_bh(&sk->sk_callback_lock); 1630 queue = sk->sk_user_data; 1631 if (likely(queue)) { 1632 if (queue->data_ready) 1633 queue->data_ready(sk); 1634 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE) 1635 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, 1636 &queue->io_work); 1637 } 1638 read_unlock_bh(&sk->sk_callback_lock); 1639 } 1640 1641 static void nvmet_tcp_write_space(struct sock *sk) 1642 { 1643 struct nvmet_tcp_queue *queue; 1644 1645 read_lock_bh(&sk->sk_callback_lock); 1646 queue = sk->sk_user_data; 1647 if (unlikely(!queue)) 1648 goto out; 1649 1650 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) { 1651 queue->write_space(sk); 1652 goto out; 1653 } 1654 1655 if (sk_stream_is_writeable(sk)) { 1656 clear_bit(SOCK_NOSPACE, &sk->sk_socket->flags); 1657 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work); 1658 } 1659 out: 1660 read_unlock_bh(&sk->sk_callback_lock); 1661 } 1662 1663 static void nvmet_tcp_state_change(struct sock *sk) 1664 { 1665 struct nvmet_tcp_queue *queue; 1666 1667 read_lock_bh(&sk->sk_callback_lock); 1668 queue = sk->sk_user_data; 1669 if (!queue) 1670 goto done; 1671 1672 switch (sk->sk_state) { 1673 case TCP_FIN_WAIT2: 1674 case TCP_LAST_ACK: 1675 break; 1676 case TCP_FIN_WAIT1: 1677 case TCP_CLOSE_WAIT: 1678 case TCP_CLOSE: 1679 /* FALLTHRU */ 1680 nvmet_tcp_schedule_release_queue(queue); 1681 break; 1682 default: 1683 pr_warn("queue %d unhandled state %d\n", 1684 queue->idx, sk->sk_state); 1685 } 1686 done: 1687 read_unlock_bh(&sk->sk_callback_lock); 1688 } 1689 1690 static int nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue *queue) 1691 { 1692 struct socket *sock = queue->sock; 1693 struct inet_sock *inet = inet_sk(sock->sk); 1694 int ret; 1695 1696 ret = kernel_getsockname(sock, 1697 (struct sockaddr *)&queue->sockaddr); 1698 if (ret < 0) 1699 return ret; 1700 1701 ret = kernel_getpeername(sock, 1702 (struct sockaddr *)&queue->sockaddr_peer); 1703 if (ret < 0) 1704 return ret; 1705 1706 /* 1707 * Cleanup whatever is sitting in the TCP transmit queue on socket 1708 * close. This is done to prevent stale data from being sent should 1709 * the network connection be restored before TCP times out. 1710 */ 1711 sock_no_linger(sock->sk); 1712 1713 if (so_priority > 0) 1714 sock_set_priority(sock->sk, so_priority); 1715 1716 /* Set socket type of service */ 1717 if (inet->rcv_tos > 0) 1718 ip_sock_set_tos(sock->sk, inet->rcv_tos); 1719 1720 ret = 0; 1721 write_lock_bh(&sock->sk->sk_callback_lock); 1722 if (sock->sk->sk_state != TCP_ESTABLISHED) { 1723 /* 1724 * If the socket is already closing, don't even start 1725 * consuming it 1726 */ 1727 ret = -ENOTCONN; 1728 } else { 1729 sock->sk->sk_user_data = queue; 1730 queue->data_ready = sock->sk->sk_data_ready; 1731 sock->sk->sk_data_ready = nvmet_tcp_data_ready; 1732 queue->state_change = sock->sk->sk_state_change; 1733 sock->sk->sk_state_change = nvmet_tcp_state_change; 1734 queue->write_space = sock->sk->sk_write_space; 1735 sock->sk->sk_write_space = nvmet_tcp_write_space; 1736 if (idle_poll_period_usecs) 1737 nvmet_tcp_arm_queue_deadline(queue); 1738 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work); 1739 } 1740 write_unlock_bh(&sock->sk->sk_callback_lock); 1741 1742 return ret; 1743 } 1744 1745 #ifdef CONFIG_NVME_TARGET_TCP_TLS 1746 static int nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue *queue) 1747 { 1748 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr; 1749 int len, ret; 1750 struct kvec iov = { 1751 .iov_base = (u8 *)&queue->pdu + queue->offset, 1752 .iov_len = sizeof(struct nvme_tcp_hdr), 1753 }; 1754 char cbuf[CMSG_LEN(sizeof(char))] = {}; 1755 struct msghdr msg = { 1756 .msg_control = cbuf, 1757 .msg_controllen = sizeof(cbuf), 1758 .msg_flags = MSG_PEEK, 1759 }; 1760 1761 if (nvmet_port_secure_channel_required(queue->port->nport)) 1762 return 0; 1763 1764 len = kernel_recvmsg(queue->sock, &msg, &iov, 1, 1765 iov.iov_len, msg.msg_flags); 1766 if (unlikely(len < 0)) { 1767 pr_debug("queue %d: peek error %d\n", 1768 queue->idx, len); 1769 return len; 1770 } 1771 1772 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf); 1773 if (ret < 0) 1774 return ret; 1775 1776 if (len < sizeof(struct nvme_tcp_hdr)) { 1777 pr_debug("queue %d: short read, %d bytes missing\n", 1778 queue->idx, (int)iov.iov_len - len); 1779 return -EAGAIN; 1780 } 1781 pr_debug("queue %d: hdr type %d hlen %d plen %d size %d\n", 1782 queue->idx, hdr->type, hdr->hlen, hdr->plen, 1783 (int)sizeof(struct nvme_tcp_icreq_pdu)); 1784 if (hdr->type == nvme_tcp_icreq && 1785 hdr->hlen == sizeof(struct nvme_tcp_icreq_pdu) && 1786 hdr->plen == cpu_to_le32(sizeof(struct nvme_tcp_icreq_pdu))) { 1787 pr_debug("queue %d: icreq detected\n", 1788 queue->idx); 1789 return len; 1790 } 1791 return 0; 1792 } 1793 1794 static void nvmet_tcp_tls_handshake_done(void *data, int status, 1795 key_serial_t peerid) 1796 { 1797 struct nvmet_tcp_queue *queue = data; 1798 1799 pr_debug("queue %d: TLS handshake done, key %x, status %d\n", 1800 queue->idx, peerid, status); 1801 spin_lock_bh(&queue->state_lock); 1802 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) { 1803 spin_unlock_bh(&queue->state_lock); 1804 return; 1805 } 1806 if (!status) { 1807 queue->tls_pskid = peerid; 1808 queue->state = NVMET_TCP_Q_CONNECTING; 1809 } else 1810 queue->state = NVMET_TCP_Q_FAILED; 1811 spin_unlock_bh(&queue->state_lock); 1812 1813 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work); 1814 if (status) 1815 nvmet_tcp_schedule_release_queue(queue); 1816 else 1817 nvmet_tcp_set_queue_sock(queue); 1818 kref_put(&queue->kref, nvmet_tcp_release_queue); 1819 } 1820 1821 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w) 1822 { 1823 struct nvmet_tcp_queue *queue = container_of(to_delayed_work(w), 1824 struct nvmet_tcp_queue, tls_handshake_tmo_work); 1825 1826 pr_warn("queue %d: TLS handshake timeout\n", queue->idx); 1827 /* 1828 * If tls_handshake_cancel() fails we've lost the race with 1829 * nvmet_tcp_tls_handshake_done() */ 1830 if (!tls_handshake_cancel(queue->sock->sk)) 1831 return; 1832 spin_lock_bh(&queue->state_lock); 1833 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) { 1834 spin_unlock_bh(&queue->state_lock); 1835 return; 1836 } 1837 queue->state = NVMET_TCP_Q_FAILED; 1838 spin_unlock_bh(&queue->state_lock); 1839 nvmet_tcp_schedule_release_queue(queue); 1840 kref_put(&queue->kref, nvmet_tcp_release_queue); 1841 } 1842 1843 static int nvmet_tcp_tls_handshake(struct nvmet_tcp_queue *queue) 1844 { 1845 int ret = -EOPNOTSUPP; 1846 struct tls_handshake_args args; 1847 1848 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE) { 1849 pr_warn("cannot start TLS in state %d\n", queue->state); 1850 return -EINVAL; 1851 } 1852 1853 kref_get(&queue->kref); 1854 pr_debug("queue %d: TLS ServerHello\n", queue->idx); 1855 memset(&args, 0, sizeof(args)); 1856 args.ta_sock = queue->sock; 1857 args.ta_done = nvmet_tcp_tls_handshake_done; 1858 args.ta_data = queue; 1859 args.ta_keyring = key_serial(queue->port->nport->keyring); 1860 args.ta_timeout_ms = tls_handshake_timeout * 1000; 1861 1862 ret = tls_server_hello_psk(&args, GFP_KERNEL); 1863 if (ret) { 1864 kref_put(&queue->kref, nvmet_tcp_release_queue); 1865 pr_err("failed to start TLS, err=%d\n", ret); 1866 } else { 1867 queue_delayed_work(nvmet_wq, &queue->tls_handshake_tmo_work, 1868 tls_handshake_timeout * HZ); 1869 } 1870 return ret; 1871 } 1872 #else 1873 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w) {} 1874 #endif 1875 1876 static void nvmet_tcp_alloc_queue(struct nvmet_tcp_port *port, 1877 struct socket *newsock) 1878 { 1879 struct nvmet_tcp_queue *queue; 1880 struct file *sock_file = NULL; 1881 int ret; 1882 1883 queue = kzalloc(sizeof(*queue), GFP_KERNEL); 1884 if (!queue) { 1885 ret = -ENOMEM; 1886 goto out_release; 1887 } 1888 1889 INIT_WORK(&queue->release_work, nvmet_tcp_release_queue_work); 1890 INIT_WORK(&queue->io_work, nvmet_tcp_io_work); 1891 kref_init(&queue->kref); 1892 queue->sock = newsock; 1893 queue->port = port; 1894 queue->nr_cmds = 0; 1895 spin_lock_init(&queue->state_lock); 1896 if (queue->port->nport->disc_addr.tsas.tcp.sectype == 1897 NVMF_TCP_SECTYPE_TLS13) 1898 queue->state = NVMET_TCP_Q_TLS_HANDSHAKE; 1899 else 1900 queue->state = NVMET_TCP_Q_CONNECTING; 1901 INIT_LIST_HEAD(&queue->free_list); 1902 init_llist_head(&queue->resp_list); 1903 INIT_LIST_HEAD(&queue->resp_send_list); 1904 1905 sock_file = sock_alloc_file(queue->sock, O_CLOEXEC, NULL); 1906 if (IS_ERR(sock_file)) { 1907 ret = PTR_ERR(sock_file); 1908 goto out_free_queue; 1909 } 1910 1911 queue->idx = ida_alloc(&nvmet_tcp_queue_ida, GFP_KERNEL); 1912 if (queue->idx < 0) { 1913 ret = queue->idx; 1914 goto out_sock; 1915 } 1916 1917 ret = nvmet_tcp_alloc_cmd(queue, &queue->connect); 1918 if (ret) 1919 goto out_ida_remove; 1920 1921 ret = nvmet_sq_init(&queue->nvme_sq); 1922 if (ret) 1923 goto out_free_connect; 1924 1925 nvmet_prepare_receive_pdu(queue); 1926 1927 mutex_lock(&nvmet_tcp_queue_mutex); 1928 list_add_tail(&queue->queue_list, &nvmet_tcp_queue_list); 1929 mutex_unlock(&nvmet_tcp_queue_mutex); 1930 1931 INIT_DELAYED_WORK(&queue->tls_handshake_tmo_work, 1932 nvmet_tcp_tls_handshake_timeout); 1933 #ifdef CONFIG_NVME_TARGET_TCP_TLS 1934 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) { 1935 struct sock *sk = queue->sock->sk; 1936 1937 /* Restore the default callbacks before starting upcall */ 1938 read_lock_bh(&sk->sk_callback_lock); 1939 sk->sk_user_data = NULL; 1940 sk->sk_data_ready = port->data_ready; 1941 read_unlock_bh(&sk->sk_callback_lock); 1942 if (!nvmet_tcp_try_peek_pdu(queue)) { 1943 if (!nvmet_tcp_tls_handshake(queue)) 1944 return; 1945 /* TLS handshake failed, terminate the connection */ 1946 goto out_destroy_sq; 1947 } 1948 /* Not a TLS connection, continue with normal processing */ 1949 queue->state = NVMET_TCP_Q_CONNECTING; 1950 } 1951 #endif 1952 1953 ret = nvmet_tcp_set_queue_sock(queue); 1954 if (ret) 1955 goto out_destroy_sq; 1956 1957 return; 1958 out_destroy_sq: 1959 mutex_lock(&nvmet_tcp_queue_mutex); 1960 list_del_init(&queue->queue_list); 1961 mutex_unlock(&nvmet_tcp_queue_mutex); 1962 nvmet_sq_destroy(&queue->nvme_sq); 1963 out_free_connect: 1964 nvmet_tcp_free_cmd(&queue->connect); 1965 out_ida_remove: 1966 ida_free(&nvmet_tcp_queue_ida, queue->idx); 1967 out_sock: 1968 fput(queue->sock->file); 1969 out_free_queue: 1970 kfree(queue); 1971 out_release: 1972 pr_err("failed to allocate queue, error %d\n", ret); 1973 if (!sock_file) 1974 sock_release(newsock); 1975 } 1976 1977 static void nvmet_tcp_accept_work(struct work_struct *w) 1978 { 1979 struct nvmet_tcp_port *port = 1980 container_of(w, struct nvmet_tcp_port, accept_work); 1981 struct socket *newsock; 1982 int ret; 1983 1984 while (true) { 1985 ret = kernel_accept(port->sock, &newsock, O_NONBLOCK); 1986 if (ret < 0) { 1987 if (ret != -EAGAIN) 1988 pr_warn("failed to accept err=%d\n", ret); 1989 return; 1990 } 1991 nvmet_tcp_alloc_queue(port, newsock); 1992 } 1993 } 1994 1995 static void nvmet_tcp_listen_data_ready(struct sock *sk) 1996 { 1997 struct nvmet_tcp_port *port; 1998 1999 trace_sk_data_ready(sk); 2000 2001 read_lock_bh(&sk->sk_callback_lock); 2002 port = sk->sk_user_data; 2003 if (!port) 2004 goto out; 2005 2006 if (sk->sk_state == TCP_LISTEN) 2007 queue_work(nvmet_wq, &port->accept_work); 2008 out: 2009 read_unlock_bh(&sk->sk_callback_lock); 2010 } 2011 2012 static int nvmet_tcp_add_port(struct nvmet_port *nport) 2013 { 2014 struct nvmet_tcp_port *port; 2015 __kernel_sa_family_t af; 2016 int ret; 2017 2018 port = kzalloc(sizeof(*port), GFP_KERNEL); 2019 if (!port) 2020 return -ENOMEM; 2021 2022 switch (nport->disc_addr.adrfam) { 2023 case NVMF_ADDR_FAMILY_IP4: 2024 af = AF_INET; 2025 break; 2026 case NVMF_ADDR_FAMILY_IP6: 2027 af = AF_INET6; 2028 break; 2029 default: 2030 pr_err("address family %d not supported\n", 2031 nport->disc_addr.adrfam); 2032 ret = -EINVAL; 2033 goto err_port; 2034 } 2035 2036 ret = inet_pton_with_scope(&init_net, af, nport->disc_addr.traddr, 2037 nport->disc_addr.trsvcid, &port->addr); 2038 if (ret) { 2039 pr_err("malformed ip/port passed: %s:%s\n", 2040 nport->disc_addr.traddr, nport->disc_addr.trsvcid); 2041 goto err_port; 2042 } 2043 2044 port->nport = nport; 2045 INIT_WORK(&port->accept_work, nvmet_tcp_accept_work); 2046 if (port->nport->inline_data_size < 0) 2047 port->nport->inline_data_size = NVMET_TCP_DEF_INLINE_DATA_SIZE; 2048 2049 ret = sock_create(port->addr.ss_family, SOCK_STREAM, 2050 IPPROTO_TCP, &port->sock); 2051 if (ret) { 2052 pr_err("failed to create a socket\n"); 2053 goto err_port; 2054 } 2055 2056 port->sock->sk->sk_user_data = port; 2057 port->data_ready = port->sock->sk->sk_data_ready; 2058 port->sock->sk->sk_data_ready = nvmet_tcp_listen_data_ready; 2059 sock_set_reuseaddr(port->sock->sk); 2060 tcp_sock_set_nodelay(port->sock->sk); 2061 if (so_priority > 0) 2062 sock_set_priority(port->sock->sk, so_priority); 2063 2064 ret = kernel_bind(port->sock, (struct sockaddr *)&port->addr, 2065 sizeof(port->addr)); 2066 if (ret) { 2067 pr_err("failed to bind port socket %d\n", ret); 2068 goto err_sock; 2069 } 2070 2071 ret = kernel_listen(port->sock, NVMET_TCP_BACKLOG); 2072 if (ret) { 2073 pr_err("failed to listen %d on port sock\n", ret); 2074 goto err_sock; 2075 } 2076 2077 nport->priv = port; 2078 pr_info("enabling port %d (%pISpc)\n", 2079 le16_to_cpu(nport->disc_addr.portid), &port->addr); 2080 2081 return 0; 2082 2083 err_sock: 2084 sock_release(port->sock); 2085 err_port: 2086 kfree(port); 2087 return ret; 2088 } 2089 2090 static void nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port *port) 2091 { 2092 struct nvmet_tcp_queue *queue; 2093 2094 mutex_lock(&nvmet_tcp_queue_mutex); 2095 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list) 2096 if (queue->port == port) 2097 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 2098 mutex_unlock(&nvmet_tcp_queue_mutex); 2099 } 2100 2101 static void nvmet_tcp_remove_port(struct nvmet_port *nport) 2102 { 2103 struct nvmet_tcp_port *port = nport->priv; 2104 2105 write_lock_bh(&port->sock->sk->sk_callback_lock); 2106 port->sock->sk->sk_data_ready = port->data_ready; 2107 port->sock->sk->sk_user_data = NULL; 2108 write_unlock_bh(&port->sock->sk->sk_callback_lock); 2109 cancel_work_sync(&port->accept_work); 2110 /* 2111 * Destroy the remaining queues, which are not belong to any 2112 * controller yet. 2113 */ 2114 nvmet_tcp_destroy_port_queues(port); 2115 2116 sock_release(port->sock); 2117 kfree(port); 2118 } 2119 2120 static void nvmet_tcp_delete_ctrl(struct nvmet_ctrl *ctrl) 2121 { 2122 struct nvmet_tcp_queue *queue; 2123 2124 mutex_lock(&nvmet_tcp_queue_mutex); 2125 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list) 2126 if (queue->nvme_sq.ctrl == ctrl) 2127 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 2128 mutex_unlock(&nvmet_tcp_queue_mutex); 2129 } 2130 2131 static u16 nvmet_tcp_install_queue(struct nvmet_sq *sq) 2132 { 2133 struct nvmet_tcp_queue *queue = 2134 container_of(sq, struct nvmet_tcp_queue, nvme_sq); 2135 2136 if (sq->qid == 0) { 2137 struct nvmet_tcp_queue *q; 2138 int pending = 0; 2139 2140 /* Check for pending controller teardown */ 2141 mutex_lock(&nvmet_tcp_queue_mutex); 2142 list_for_each_entry(q, &nvmet_tcp_queue_list, queue_list) { 2143 if (q->nvme_sq.ctrl == sq->ctrl && 2144 q->state == NVMET_TCP_Q_DISCONNECTING) 2145 pending++; 2146 } 2147 mutex_unlock(&nvmet_tcp_queue_mutex); 2148 if (pending > NVMET_TCP_BACKLOG) 2149 return NVME_SC_CONNECT_CTRL_BUSY; 2150 } 2151 2152 queue->nr_cmds = sq->size * 2; 2153 if (nvmet_tcp_alloc_cmds(queue)) 2154 return NVME_SC_INTERNAL; 2155 return 0; 2156 } 2157 2158 static void nvmet_tcp_disc_port_addr(struct nvmet_req *req, 2159 struct nvmet_port *nport, char *traddr) 2160 { 2161 struct nvmet_tcp_port *port = nport->priv; 2162 2163 if (inet_addr_is_any((struct sockaddr *)&port->addr)) { 2164 struct nvmet_tcp_cmd *cmd = 2165 container_of(req, struct nvmet_tcp_cmd, req); 2166 struct nvmet_tcp_queue *queue = cmd->queue; 2167 2168 sprintf(traddr, "%pISc", (struct sockaddr *)&queue->sockaddr); 2169 } else { 2170 memcpy(traddr, nport->disc_addr.traddr, NVMF_TRADDR_SIZE); 2171 } 2172 } 2173 2174 static const struct nvmet_fabrics_ops nvmet_tcp_ops = { 2175 .owner = THIS_MODULE, 2176 .type = NVMF_TRTYPE_TCP, 2177 .msdbd = 1, 2178 .add_port = nvmet_tcp_add_port, 2179 .remove_port = nvmet_tcp_remove_port, 2180 .queue_response = nvmet_tcp_queue_response, 2181 .delete_ctrl = nvmet_tcp_delete_ctrl, 2182 .install_queue = nvmet_tcp_install_queue, 2183 .disc_traddr = nvmet_tcp_disc_port_addr, 2184 }; 2185 2186 static int __init nvmet_tcp_init(void) 2187 { 2188 int ret; 2189 2190 nvmet_tcp_wq = alloc_workqueue("nvmet_tcp_wq", 2191 WQ_MEM_RECLAIM | WQ_HIGHPRI, 0); 2192 if (!nvmet_tcp_wq) 2193 return -ENOMEM; 2194 2195 ret = nvmet_register_transport(&nvmet_tcp_ops); 2196 if (ret) 2197 goto err; 2198 2199 return 0; 2200 err: 2201 destroy_workqueue(nvmet_tcp_wq); 2202 return ret; 2203 } 2204 2205 static void __exit nvmet_tcp_exit(void) 2206 { 2207 struct nvmet_tcp_queue *queue; 2208 2209 nvmet_unregister_transport(&nvmet_tcp_ops); 2210 2211 flush_workqueue(nvmet_wq); 2212 mutex_lock(&nvmet_tcp_queue_mutex); 2213 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list) 2214 kernel_sock_shutdown(queue->sock, SHUT_RDWR); 2215 mutex_unlock(&nvmet_tcp_queue_mutex); 2216 flush_workqueue(nvmet_wq); 2217 2218 destroy_workqueue(nvmet_tcp_wq); 2219 } 2220 2221 module_init(nvmet_tcp_init); 2222 module_exit(nvmet_tcp_exit); 2223 2224 MODULE_LICENSE("GPL v2"); 2225 MODULE_ALIAS("nvmet-transport-3"); /* 3 == NVMF_TRTYPE_TCP */ 2226