1 /******************************************************************************* 2 * This file contains main functions related to the iSCSI Target Core Driver. 3 * 4 * (c) Copyright 2007-2013 Datera, Inc. 5 * 6 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 ******************************************************************************/ 18 19 #include <crypto/hash.h> 20 #include <linux/string.h> 21 #include <linux/kthread.h> 22 #include <linux/completion.h> 23 #include <linux/module.h> 24 #include <linux/vmalloc.h> 25 #include <linux/idr.h> 26 #include <asm/unaligned.h> 27 #include <scsi/scsi_proto.h> 28 #include <scsi/iscsi_proto.h> 29 #include <scsi/scsi_tcq.h> 30 #include <target/target_core_base.h> 31 #include <target/target_core_fabric.h> 32 33 #include <target/iscsi/iscsi_target_core.h> 34 #include "iscsi_target_parameters.h" 35 #include "iscsi_target_seq_pdu_list.h" 36 #include "iscsi_target_datain_values.h" 37 #include "iscsi_target_erl0.h" 38 #include "iscsi_target_erl1.h" 39 #include "iscsi_target_erl2.h" 40 #include "iscsi_target_login.h" 41 #include "iscsi_target_tmr.h" 42 #include "iscsi_target_tpg.h" 43 #include "iscsi_target_util.h" 44 #include "iscsi_target.h" 45 #include "iscsi_target_device.h" 46 #include <target/iscsi/iscsi_target_stat.h> 47 48 #include <target/iscsi/iscsi_transport.h> 49 50 static LIST_HEAD(g_tiqn_list); 51 static LIST_HEAD(g_np_list); 52 static DEFINE_SPINLOCK(tiqn_lock); 53 static DEFINE_MUTEX(np_lock); 54 55 static struct idr tiqn_idr; 56 struct idr sess_idr; 57 struct mutex auth_id_lock; 58 spinlock_t sess_idr_lock; 59 60 struct iscsit_global *iscsit_global; 61 62 struct kmem_cache *lio_qr_cache; 63 struct kmem_cache *lio_dr_cache; 64 struct kmem_cache *lio_ooo_cache; 65 struct kmem_cache *lio_r2t_cache; 66 67 static int iscsit_handle_immediate_data(struct iscsi_cmd *, 68 struct iscsi_scsi_req *, u32); 69 70 struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf) 71 { 72 struct iscsi_tiqn *tiqn = NULL; 73 74 spin_lock(&tiqn_lock); 75 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 76 if (!strcmp(tiqn->tiqn, buf)) { 77 78 spin_lock(&tiqn->tiqn_state_lock); 79 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 80 tiqn->tiqn_access_count++; 81 spin_unlock(&tiqn->tiqn_state_lock); 82 spin_unlock(&tiqn_lock); 83 return tiqn; 84 } 85 spin_unlock(&tiqn->tiqn_state_lock); 86 } 87 } 88 spin_unlock(&tiqn_lock); 89 90 return NULL; 91 } 92 93 static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn) 94 { 95 spin_lock(&tiqn->tiqn_state_lock); 96 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 97 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN; 98 spin_unlock(&tiqn->tiqn_state_lock); 99 return 0; 100 } 101 spin_unlock(&tiqn->tiqn_state_lock); 102 103 return -1; 104 } 105 106 void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn) 107 { 108 spin_lock(&tiqn->tiqn_state_lock); 109 tiqn->tiqn_access_count--; 110 spin_unlock(&tiqn->tiqn_state_lock); 111 } 112 113 /* 114 * Note that IQN formatting is expected to be done in userspace, and 115 * no explict IQN format checks are done here. 116 */ 117 struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf) 118 { 119 struct iscsi_tiqn *tiqn = NULL; 120 int ret; 121 122 if (strlen(buf) >= ISCSI_IQN_LEN) { 123 pr_err("Target IQN exceeds %d bytes\n", 124 ISCSI_IQN_LEN); 125 return ERR_PTR(-EINVAL); 126 } 127 128 tiqn = kzalloc(sizeof(struct iscsi_tiqn), GFP_KERNEL); 129 if (!tiqn) { 130 pr_err("Unable to allocate struct iscsi_tiqn\n"); 131 return ERR_PTR(-ENOMEM); 132 } 133 134 sprintf(tiqn->tiqn, "%s", buf); 135 INIT_LIST_HEAD(&tiqn->tiqn_list); 136 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list); 137 spin_lock_init(&tiqn->tiqn_state_lock); 138 spin_lock_init(&tiqn->tiqn_tpg_lock); 139 spin_lock_init(&tiqn->sess_err_stats.lock); 140 spin_lock_init(&tiqn->login_stats.lock); 141 spin_lock_init(&tiqn->logout_stats.lock); 142 143 tiqn->tiqn_state = TIQN_STATE_ACTIVE; 144 145 idr_preload(GFP_KERNEL); 146 spin_lock(&tiqn_lock); 147 148 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT); 149 if (ret < 0) { 150 pr_err("idr_alloc() failed for tiqn->tiqn_index\n"); 151 spin_unlock(&tiqn_lock); 152 idr_preload_end(); 153 kfree(tiqn); 154 return ERR_PTR(ret); 155 } 156 tiqn->tiqn_index = ret; 157 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list); 158 159 spin_unlock(&tiqn_lock); 160 idr_preload_end(); 161 162 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn); 163 164 return tiqn; 165 166 } 167 168 static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn) 169 { 170 /* 171 * Wait for accesses to said struct iscsi_tiqn to end. 172 */ 173 spin_lock(&tiqn->tiqn_state_lock); 174 while (tiqn->tiqn_access_count != 0) { 175 spin_unlock(&tiqn->tiqn_state_lock); 176 msleep(10); 177 spin_lock(&tiqn->tiqn_state_lock); 178 } 179 spin_unlock(&tiqn->tiqn_state_lock); 180 } 181 182 void iscsit_del_tiqn(struct iscsi_tiqn *tiqn) 183 { 184 /* 185 * iscsit_set_tiqn_shutdown sets tiqn->tiqn_state = TIQN_STATE_SHUTDOWN 186 * while holding tiqn->tiqn_state_lock. This means that all subsequent 187 * attempts to access this struct iscsi_tiqn will fail from both transport 188 * fabric and control code paths. 189 */ 190 if (iscsit_set_tiqn_shutdown(tiqn) < 0) { 191 pr_err("iscsit_set_tiqn_shutdown() failed\n"); 192 return; 193 } 194 195 iscsit_wait_for_tiqn(tiqn); 196 197 spin_lock(&tiqn_lock); 198 list_del(&tiqn->tiqn_list); 199 idr_remove(&tiqn_idr, tiqn->tiqn_index); 200 spin_unlock(&tiqn_lock); 201 202 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n", 203 tiqn->tiqn); 204 kfree(tiqn); 205 } 206 207 int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg) 208 { 209 int ret; 210 /* 211 * Determine if the network portal is accepting storage traffic. 212 */ 213 spin_lock_bh(&np->np_thread_lock); 214 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 215 spin_unlock_bh(&np->np_thread_lock); 216 return -1; 217 } 218 spin_unlock_bh(&np->np_thread_lock); 219 /* 220 * Determine if the portal group is accepting storage traffic. 221 */ 222 spin_lock_bh(&tpg->tpg_state_lock); 223 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 224 spin_unlock_bh(&tpg->tpg_state_lock); 225 return -1; 226 } 227 spin_unlock_bh(&tpg->tpg_state_lock); 228 229 /* 230 * Here we serialize access across the TIQN+TPG Tuple. 231 */ 232 ret = down_interruptible(&tpg->np_login_sem); 233 if (ret != 0) 234 return -1; 235 236 spin_lock_bh(&tpg->tpg_state_lock); 237 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 238 spin_unlock_bh(&tpg->tpg_state_lock); 239 up(&tpg->np_login_sem); 240 return -1; 241 } 242 spin_unlock_bh(&tpg->tpg_state_lock); 243 244 return 0; 245 } 246 247 void iscsit_login_kref_put(struct kref *kref) 248 { 249 struct iscsi_tpg_np *tpg_np = container_of(kref, 250 struct iscsi_tpg_np, tpg_np_kref); 251 252 complete(&tpg_np->tpg_np_comp); 253 } 254 255 int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg, 256 struct iscsi_tpg_np *tpg_np) 257 { 258 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn; 259 260 up(&tpg->np_login_sem); 261 262 if (tpg_np) 263 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 264 265 if (tiqn) 266 iscsit_put_tiqn_for_login(tiqn); 267 268 return 0; 269 } 270 271 bool iscsit_check_np_match( 272 struct sockaddr_storage *sockaddr, 273 struct iscsi_np *np, 274 int network_transport) 275 { 276 struct sockaddr_in *sock_in, *sock_in_e; 277 struct sockaddr_in6 *sock_in6, *sock_in6_e; 278 bool ip_match = false; 279 u16 port, port_e; 280 281 if (sockaddr->ss_family == AF_INET6) { 282 sock_in6 = (struct sockaddr_in6 *)sockaddr; 283 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr; 284 285 if (!memcmp(&sock_in6->sin6_addr.in6_u, 286 &sock_in6_e->sin6_addr.in6_u, 287 sizeof(struct in6_addr))) 288 ip_match = true; 289 290 port = ntohs(sock_in6->sin6_port); 291 port_e = ntohs(sock_in6_e->sin6_port); 292 } else { 293 sock_in = (struct sockaddr_in *)sockaddr; 294 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr; 295 296 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr) 297 ip_match = true; 298 299 port = ntohs(sock_in->sin_port); 300 port_e = ntohs(sock_in_e->sin_port); 301 } 302 303 if (ip_match && (port_e == port) && 304 (np->np_network_transport == network_transport)) 305 return true; 306 307 return false; 308 } 309 310 /* 311 * Called with mutex np_lock held 312 */ 313 static struct iscsi_np *iscsit_get_np( 314 struct sockaddr_storage *sockaddr, 315 int network_transport) 316 { 317 struct iscsi_np *np; 318 bool match; 319 320 list_for_each_entry(np, &g_np_list, np_list) { 321 spin_lock_bh(&np->np_thread_lock); 322 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 323 spin_unlock_bh(&np->np_thread_lock); 324 continue; 325 } 326 327 match = iscsit_check_np_match(sockaddr, np, network_transport); 328 if (match) { 329 /* 330 * Increment the np_exports reference count now to 331 * prevent iscsit_del_np() below from being called 332 * while iscsi_tpg_add_network_portal() is called. 333 */ 334 np->np_exports++; 335 spin_unlock_bh(&np->np_thread_lock); 336 return np; 337 } 338 spin_unlock_bh(&np->np_thread_lock); 339 } 340 341 return NULL; 342 } 343 344 struct iscsi_np *iscsit_add_np( 345 struct sockaddr_storage *sockaddr, 346 int network_transport) 347 { 348 struct iscsi_np *np; 349 int ret; 350 351 mutex_lock(&np_lock); 352 353 /* 354 * Locate the existing struct iscsi_np if already active.. 355 */ 356 np = iscsit_get_np(sockaddr, network_transport); 357 if (np) { 358 mutex_unlock(&np_lock); 359 return np; 360 } 361 362 np = kzalloc(sizeof(struct iscsi_np), GFP_KERNEL); 363 if (!np) { 364 pr_err("Unable to allocate memory for struct iscsi_np\n"); 365 mutex_unlock(&np_lock); 366 return ERR_PTR(-ENOMEM); 367 } 368 369 np->np_flags |= NPF_IP_NETWORK; 370 np->np_network_transport = network_transport; 371 spin_lock_init(&np->np_thread_lock); 372 init_completion(&np->np_restart_comp); 373 INIT_LIST_HEAD(&np->np_list); 374 375 ret = iscsi_target_setup_login_socket(np, sockaddr); 376 if (ret != 0) { 377 kfree(np); 378 mutex_unlock(&np_lock); 379 return ERR_PTR(ret); 380 } 381 382 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np"); 383 if (IS_ERR(np->np_thread)) { 384 pr_err("Unable to create kthread: iscsi_np\n"); 385 ret = PTR_ERR(np->np_thread); 386 kfree(np); 387 mutex_unlock(&np_lock); 388 return ERR_PTR(ret); 389 } 390 /* 391 * Increment the np_exports reference count now to prevent 392 * iscsit_del_np() below from being run while a new call to 393 * iscsi_tpg_add_network_portal() for a matching iscsi_np is 394 * active. We don't need to hold np->np_thread_lock at this 395 * point because iscsi_np has not been added to g_np_list yet. 396 */ 397 np->np_exports = 1; 398 np->np_thread_state = ISCSI_NP_THREAD_ACTIVE; 399 400 list_add_tail(&np->np_list, &g_np_list); 401 mutex_unlock(&np_lock); 402 403 pr_debug("CORE[0] - Added Network Portal: %pISpc on %s\n", 404 &np->np_sockaddr, np->np_transport->name); 405 406 return np; 407 } 408 409 int iscsit_reset_np_thread( 410 struct iscsi_np *np, 411 struct iscsi_tpg_np *tpg_np, 412 struct iscsi_portal_group *tpg, 413 bool shutdown) 414 { 415 spin_lock_bh(&np->np_thread_lock); 416 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) { 417 spin_unlock_bh(&np->np_thread_lock); 418 return 0; 419 } 420 np->np_thread_state = ISCSI_NP_THREAD_RESET; 421 422 if (np->np_thread) { 423 spin_unlock_bh(&np->np_thread_lock); 424 send_sig(SIGINT, np->np_thread, 1); 425 wait_for_completion(&np->np_restart_comp); 426 spin_lock_bh(&np->np_thread_lock); 427 } 428 spin_unlock_bh(&np->np_thread_lock); 429 430 if (tpg_np && shutdown) { 431 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 432 433 wait_for_completion(&tpg_np->tpg_np_comp); 434 } 435 436 return 0; 437 } 438 439 static void iscsit_free_np(struct iscsi_np *np) 440 { 441 if (np->np_socket) 442 sock_release(np->np_socket); 443 } 444 445 int iscsit_del_np(struct iscsi_np *np) 446 { 447 spin_lock_bh(&np->np_thread_lock); 448 np->np_exports--; 449 if (np->np_exports) { 450 np->enabled = true; 451 spin_unlock_bh(&np->np_thread_lock); 452 return 0; 453 } 454 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN; 455 spin_unlock_bh(&np->np_thread_lock); 456 457 if (np->np_thread) { 458 /* 459 * We need to send the signal to wakeup Linux/Net 460 * which may be sleeping in sock_accept().. 461 */ 462 send_sig(SIGINT, np->np_thread, 1); 463 kthread_stop(np->np_thread); 464 np->np_thread = NULL; 465 } 466 467 np->np_transport->iscsit_free_np(np); 468 469 mutex_lock(&np_lock); 470 list_del(&np->np_list); 471 mutex_unlock(&np_lock); 472 473 pr_debug("CORE[0] - Removed Network Portal: %pISpc on %s\n", 474 &np->np_sockaddr, np->np_transport->name); 475 476 iscsit_put_transport(np->np_transport); 477 kfree(np); 478 return 0; 479 } 480 481 static int iscsit_immediate_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 482 static int iscsit_response_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 483 484 static int iscsit_queue_rsp(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 485 { 486 iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state); 487 return 0; 488 } 489 490 static void iscsit_aborted_task(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 491 { 492 bool scsi_cmd = (cmd->iscsi_opcode == ISCSI_OP_SCSI_CMD); 493 494 spin_lock_bh(&conn->cmd_lock); 495 if (!list_empty(&cmd->i_conn_node)) 496 list_del_init(&cmd->i_conn_node); 497 spin_unlock_bh(&conn->cmd_lock); 498 499 __iscsit_free_cmd(cmd, scsi_cmd, true); 500 } 501 502 static enum target_prot_op iscsit_get_sup_prot_ops(struct iscsi_conn *conn) 503 { 504 return TARGET_PROT_NORMAL; 505 } 506 507 static struct iscsit_transport iscsi_target_transport = { 508 .name = "iSCSI/TCP", 509 .transport_type = ISCSI_TCP, 510 .owner = NULL, 511 .iscsit_setup_np = iscsit_setup_np, 512 .iscsit_accept_np = iscsit_accept_np, 513 .iscsit_free_np = iscsit_free_np, 514 .iscsit_get_login_rx = iscsit_get_login_rx, 515 .iscsit_put_login_tx = iscsit_put_login_tx, 516 .iscsit_get_dataout = iscsit_build_r2ts_for_cmd, 517 .iscsit_immediate_queue = iscsit_immediate_queue, 518 .iscsit_response_queue = iscsit_response_queue, 519 .iscsit_queue_data_in = iscsit_queue_rsp, 520 .iscsit_queue_status = iscsit_queue_rsp, 521 .iscsit_aborted_task = iscsit_aborted_task, 522 .iscsit_get_sup_prot_ops = iscsit_get_sup_prot_ops, 523 }; 524 525 static int __init iscsi_target_init_module(void) 526 { 527 int ret = 0, size; 528 529 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n"); 530 531 iscsit_global = kzalloc(sizeof(struct iscsit_global), GFP_KERNEL); 532 if (!iscsit_global) { 533 pr_err("Unable to allocate memory for iscsit_global\n"); 534 return -1; 535 } 536 spin_lock_init(&iscsit_global->ts_bitmap_lock); 537 mutex_init(&auth_id_lock); 538 spin_lock_init(&sess_idr_lock); 539 idr_init(&tiqn_idr); 540 idr_init(&sess_idr); 541 542 ret = target_register_template(&iscsi_ops); 543 if (ret) 544 goto out; 545 546 size = BITS_TO_LONGS(ISCSIT_BITMAP_BITS) * sizeof(long); 547 iscsit_global->ts_bitmap = vzalloc(size); 548 if (!iscsit_global->ts_bitmap) { 549 pr_err("Unable to allocate iscsit_global->ts_bitmap\n"); 550 goto configfs_out; 551 } 552 553 lio_qr_cache = kmem_cache_create("lio_qr_cache", 554 sizeof(struct iscsi_queue_req), 555 __alignof__(struct iscsi_queue_req), 0, NULL); 556 if (!lio_qr_cache) { 557 pr_err("nable to kmem_cache_create() for" 558 " lio_qr_cache\n"); 559 goto bitmap_out; 560 } 561 562 lio_dr_cache = kmem_cache_create("lio_dr_cache", 563 sizeof(struct iscsi_datain_req), 564 __alignof__(struct iscsi_datain_req), 0, NULL); 565 if (!lio_dr_cache) { 566 pr_err("Unable to kmem_cache_create() for" 567 " lio_dr_cache\n"); 568 goto qr_out; 569 } 570 571 lio_ooo_cache = kmem_cache_create("lio_ooo_cache", 572 sizeof(struct iscsi_ooo_cmdsn), 573 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL); 574 if (!lio_ooo_cache) { 575 pr_err("Unable to kmem_cache_create() for" 576 " lio_ooo_cache\n"); 577 goto dr_out; 578 } 579 580 lio_r2t_cache = kmem_cache_create("lio_r2t_cache", 581 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t), 582 0, NULL); 583 if (!lio_r2t_cache) { 584 pr_err("Unable to kmem_cache_create() for" 585 " lio_r2t_cache\n"); 586 goto ooo_out; 587 } 588 589 iscsit_register_transport(&iscsi_target_transport); 590 591 if (iscsit_load_discovery_tpg() < 0) 592 goto r2t_out; 593 594 return ret; 595 r2t_out: 596 iscsit_unregister_transport(&iscsi_target_transport); 597 kmem_cache_destroy(lio_r2t_cache); 598 ooo_out: 599 kmem_cache_destroy(lio_ooo_cache); 600 dr_out: 601 kmem_cache_destroy(lio_dr_cache); 602 qr_out: 603 kmem_cache_destroy(lio_qr_cache); 604 bitmap_out: 605 vfree(iscsit_global->ts_bitmap); 606 configfs_out: 607 /* XXX: this probably wants it to be it's own unwind step.. */ 608 if (iscsit_global->discovery_tpg) 609 iscsit_tpg_disable_portal_group(iscsit_global->discovery_tpg, 1); 610 target_unregister_template(&iscsi_ops); 611 out: 612 kfree(iscsit_global); 613 return -ENOMEM; 614 } 615 616 static void __exit iscsi_target_cleanup_module(void) 617 { 618 iscsit_release_discovery_tpg(); 619 iscsit_unregister_transport(&iscsi_target_transport); 620 kmem_cache_destroy(lio_qr_cache); 621 kmem_cache_destroy(lio_dr_cache); 622 kmem_cache_destroy(lio_ooo_cache); 623 kmem_cache_destroy(lio_r2t_cache); 624 625 /* 626 * Shutdown discovery sessions and disable discovery TPG 627 */ 628 if (iscsit_global->discovery_tpg) 629 iscsit_tpg_disable_portal_group(iscsit_global->discovery_tpg, 1); 630 631 target_unregister_template(&iscsi_ops); 632 633 vfree(iscsit_global->ts_bitmap); 634 kfree(iscsit_global); 635 } 636 637 static int iscsit_add_reject( 638 struct iscsi_conn *conn, 639 u8 reason, 640 unsigned char *buf) 641 { 642 struct iscsi_cmd *cmd; 643 644 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 645 if (!cmd) 646 return -1; 647 648 cmd->iscsi_opcode = ISCSI_OP_REJECT; 649 cmd->reject_reason = reason; 650 651 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 652 if (!cmd->buf_ptr) { 653 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 654 iscsit_free_cmd(cmd, false); 655 return -1; 656 } 657 658 spin_lock_bh(&conn->cmd_lock); 659 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 660 spin_unlock_bh(&conn->cmd_lock); 661 662 cmd->i_state = ISTATE_SEND_REJECT; 663 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 664 665 return -1; 666 } 667 668 static int iscsit_add_reject_from_cmd( 669 struct iscsi_cmd *cmd, 670 u8 reason, 671 bool add_to_conn, 672 unsigned char *buf) 673 { 674 struct iscsi_conn *conn; 675 676 if (!cmd->conn) { 677 pr_err("cmd->conn is NULL for ITT: 0x%08x\n", 678 cmd->init_task_tag); 679 return -1; 680 } 681 conn = cmd->conn; 682 683 cmd->iscsi_opcode = ISCSI_OP_REJECT; 684 cmd->reject_reason = reason; 685 686 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 687 if (!cmd->buf_ptr) { 688 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 689 iscsit_free_cmd(cmd, false); 690 return -1; 691 } 692 693 if (add_to_conn) { 694 spin_lock_bh(&conn->cmd_lock); 695 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 696 spin_unlock_bh(&conn->cmd_lock); 697 } 698 699 cmd->i_state = ISTATE_SEND_REJECT; 700 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 701 /* 702 * Perform the kref_put now if se_cmd has already been setup by 703 * scsit_setup_scsi_cmd() 704 */ 705 if (cmd->se_cmd.se_tfo != NULL) { 706 pr_debug("iscsi reject: calling target_put_sess_cmd >>>>>>\n"); 707 target_put_sess_cmd(&cmd->se_cmd); 708 } 709 return -1; 710 } 711 712 static int iscsit_add_reject_cmd(struct iscsi_cmd *cmd, u8 reason, 713 unsigned char *buf) 714 { 715 return iscsit_add_reject_from_cmd(cmd, reason, true, buf); 716 } 717 718 int iscsit_reject_cmd(struct iscsi_cmd *cmd, u8 reason, unsigned char *buf) 719 { 720 return iscsit_add_reject_from_cmd(cmd, reason, false, buf); 721 } 722 723 /* 724 * Map some portion of the allocated scatterlist to an iovec, suitable for 725 * kernel sockets to copy data in/out. 726 */ 727 static int iscsit_map_iovec( 728 struct iscsi_cmd *cmd, 729 struct kvec *iov, 730 u32 data_offset, 731 u32 data_length) 732 { 733 u32 i = 0; 734 struct scatterlist *sg; 735 unsigned int page_off; 736 737 /* 738 * We know each entry in t_data_sg contains a page. 739 */ 740 sg = &cmd->se_cmd.t_data_sg[data_offset / PAGE_SIZE]; 741 page_off = (data_offset % PAGE_SIZE); 742 743 cmd->first_data_sg = sg; 744 cmd->first_data_sg_off = page_off; 745 746 while (data_length) { 747 u32 cur_len = min_t(u32, data_length, sg->length - page_off); 748 749 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off; 750 iov[i].iov_len = cur_len; 751 752 data_length -= cur_len; 753 page_off = 0; 754 sg = sg_next(sg); 755 i++; 756 } 757 758 cmd->kmapped_nents = i; 759 760 return i; 761 } 762 763 static void iscsit_unmap_iovec(struct iscsi_cmd *cmd) 764 { 765 u32 i; 766 struct scatterlist *sg; 767 768 sg = cmd->first_data_sg; 769 770 for (i = 0; i < cmd->kmapped_nents; i++) 771 kunmap(sg_page(&sg[i])); 772 } 773 774 static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn) 775 { 776 LIST_HEAD(ack_list); 777 struct iscsi_cmd *cmd, *cmd_p; 778 779 conn->exp_statsn = exp_statsn; 780 781 if (conn->sess->sess_ops->RDMAExtensions) 782 return; 783 784 spin_lock_bh(&conn->cmd_lock); 785 list_for_each_entry_safe(cmd, cmd_p, &conn->conn_cmd_list, i_conn_node) { 786 spin_lock(&cmd->istate_lock); 787 if ((cmd->i_state == ISTATE_SENT_STATUS) && 788 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) { 789 cmd->i_state = ISTATE_REMOVE; 790 spin_unlock(&cmd->istate_lock); 791 list_move_tail(&cmd->i_conn_node, &ack_list); 792 continue; 793 } 794 spin_unlock(&cmd->istate_lock); 795 } 796 spin_unlock_bh(&conn->cmd_lock); 797 798 list_for_each_entry_safe(cmd, cmd_p, &ack_list, i_conn_node) { 799 list_del_init(&cmd->i_conn_node); 800 iscsit_free_cmd(cmd, false); 801 } 802 } 803 804 static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd) 805 { 806 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE)); 807 808 iov_count += ISCSI_IOV_DATA_BUFFER; 809 810 cmd->iov_data = kzalloc(iov_count * sizeof(struct kvec), GFP_KERNEL); 811 if (!cmd->iov_data) { 812 pr_err("Unable to allocate cmd->iov_data\n"); 813 return -ENOMEM; 814 } 815 816 cmd->orig_iov_data_count = iov_count; 817 return 0; 818 } 819 820 int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 821 unsigned char *buf) 822 { 823 int data_direction, payload_length; 824 struct iscsi_scsi_req *hdr; 825 int iscsi_task_attr; 826 int sam_task_attr; 827 828 atomic_long_inc(&conn->sess->cmd_pdus); 829 830 hdr = (struct iscsi_scsi_req *) buf; 831 payload_length = ntoh24(hdr->dlength); 832 833 /* FIXME; Add checks for AdditionalHeaderSegment */ 834 835 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) && 836 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 837 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL" 838 " not set. Bad iSCSI Initiator.\n"); 839 return iscsit_add_reject_cmd(cmd, 840 ISCSI_REASON_BOOKMARK_INVALID, buf); 841 } 842 843 if (((hdr->flags & ISCSI_FLAG_CMD_READ) || 844 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { 845 /* 846 * From RFC-3720 Section 10.3.1: 847 * 848 * "Either or both of R and W MAY be 1 when either the 849 * Expected Data Transfer Length and/or Bidirectional Read 850 * Expected Data Transfer Length are 0" 851 * 852 * For this case, go ahead and clear the unnecssary bits 853 * to avoid any confusion with ->data_direction. 854 */ 855 hdr->flags &= ~ISCSI_FLAG_CMD_READ; 856 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; 857 858 pr_warn("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" 859 " set when Expected Data Transfer Length is 0 for" 860 " CDB: 0x%02x, Fixing up flags\n", hdr->cdb[0]); 861 } 862 863 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && 864 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { 865 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE" 866 " MUST be set if Expected Data Transfer Length is not 0." 867 " Bad iSCSI Initiator\n"); 868 return iscsit_add_reject_cmd(cmd, 869 ISCSI_REASON_BOOKMARK_INVALID, buf); 870 } 871 872 if ((hdr->flags & ISCSI_FLAG_CMD_READ) && 873 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) { 874 pr_err("Bidirectional operations not supported!\n"); 875 return iscsit_add_reject_cmd(cmd, 876 ISCSI_REASON_BOOKMARK_INVALID, buf); 877 } 878 879 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 880 pr_err("Illegally set Immediate Bit in iSCSI Initiator" 881 " Scsi Command PDU.\n"); 882 return iscsit_add_reject_cmd(cmd, 883 ISCSI_REASON_BOOKMARK_INVALID, buf); 884 } 885 886 if (payload_length && !conn->sess->sess_ops->ImmediateData) { 887 pr_err("ImmediateData=No but DataSegmentLength=%u," 888 " protocol error.\n", payload_length); 889 return iscsit_add_reject_cmd(cmd, 890 ISCSI_REASON_PROTOCOL_ERROR, buf); 891 } 892 893 if ((be32_to_cpu(hdr->data_length) == payload_length) && 894 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) { 895 pr_err("Expected Data Transfer Length and Length of" 896 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL" 897 " bit is not set protocol error\n"); 898 return iscsit_add_reject_cmd(cmd, 899 ISCSI_REASON_PROTOCOL_ERROR, buf); 900 } 901 902 if (payload_length > be32_to_cpu(hdr->data_length)) { 903 pr_err("DataSegmentLength: %u is greater than" 904 " EDTL: %u, protocol error.\n", payload_length, 905 hdr->data_length); 906 return iscsit_add_reject_cmd(cmd, 907 ISCSI_REASON_PROTOCOL_ERROR, buf); 908 } 909 910 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 911 pr_err("DataSegmentLength: %u is greater than" 912 " MaxXmitDataSegmentLength: %u, protocol error.\n", 913 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 914 return iscsit_add_reject_cmd(cmd, 915 ISCSI_REASON_PROTOCOL_ERROR, buf); 916 } 917 918 if (payload_length > conn->sess->sess_ops->FirstBurstLength) { 919 pr_err("DataSegmentLength: %u is greater than" 920 " FirstBurstLength: %u, protocol error.\n", 921 payload_length, conn->sess->sess_ops->FirstBurstLength); 922 return iscsit_add_reject_cmd(cmd, 923 ISCSI_REASON_BOOKMARK_INVALID, buf); 924 } 925 926 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE : 927 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE : 928 DMA_NONE; 929 930 cmd->data_direction = data_direction; 931 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK; 932 /* 933 * Figure out the SAM Task Attribute for the incoming SCSI CDB 934 */ 935 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) || 936 (iscsi_task_attr == ISCSI_ATTR_SIMPLE)) 937 sam_task_attr = TCM_SIMPLE_TAG; 938 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED) 939 sam_task_attr = TCM_ORDERED_TAG; 940 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE) 941 sam_task_attr = TCM_HEAD_TAG; 942 else if (iscsi_task_attr == ISCSI_ATTR_ACA) 943 sam_task_attr = TCM_ACA_TAG; 944 else { 945 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using" 946 " TCM_SIMPLE_TAG\n", iscsi_task_attr); 947 sam_task_attr = TCM_SIMPLE_TAG; 948 } 949 950 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD; 951 cmd->i_state = ISTATE_NEW_CMD; 952 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 953 cmd->immediate_data = (payload_length) ? 1 : 0; 954 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) && 955 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0); 956 if (cmd->unsolicited_data) 957 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA; 958 959 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 960 if (hdr->flags & ISCSI_FLAG_CMD_READ) 961 cmd->targ_xfer_tag = session_get_next_ttt(conn->sess); 962 else 963 cmd->targ_xfer_tag = 0xFFFFFFFF; 964 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 965 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 966 cmd->first_burst_len = payload_length; 967 968 if (!conn->sess->sess_ops->RDMAExtensions && 969 cmd->data_direction == DMA_FROM_DEVICE) { 970 struct iscsi_datain_req *dr; 971 972 dr = iscsit_allocate_datain_req(); 973 if (!dr) 974 return iscsit_add_reject_cmd(cmd, 975 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 976 977 iscsit_attach_datain_req(cmd, dr); 978 } 979 980 /* 981 * Initialize struct se_cmd descriptor from target_core_mod infrastructure 982 */ 983 transport_init_se_cmd(&cmd->se_cmd, &iscsi_ops, 984 conn->sess->se_sess, be32_to_cpu(hdr->data_length), 985 cmd->data_direction, sam_task_attr, 986 cmd->sense_buffer + 2); 987 988 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x," 989 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt, 990 hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length, 991 conn->cid); 992 993 target_get_sess_cmd(&cmd->se_cmd, true); 994 995 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd, 996 scsilun_to_int(&hdr->lun)); 997 if (cmd->sense_reason) 998 goto attach_cmd; 999 1000 /* only used for printks or comparing with ->ref_task_tag */ 1001 cmd->se_cmd.tag = (__force u32)cmd->init_task_tag; 1002 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb); 1003 if (cmd->sense_reason) { 1004 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) { 1005 return iscsit_add_reject_cmd(cmd, 1006 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1007 } 1008 1009 goto attach_cmd; 1010 } 1011 1012 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) { 1013 return iscsit_add_reject_cmd(cmd, 1014 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1015 } 1016 1017 attach_cmd: 1018 spin_lock_bh(&conn->cmd_lock); 1019 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1020 spin_unlock_bh(&conn->cmd_lock); 1021 /* 1022 * Check if we need to delay processing because of ALUA 1023 * Active/NonOptimized primary access state.. 1024 */ 1025 core_alua_check_nonop_delay(&cmd->se_cmd); 1026 1027 return 0; 1028 } 1029 EXPORT_SYMBOL(iscsit_setup_scsi_cmd); 1030 1031 void iscsit_set_unsoliticed_dataout(struct iscsi_cmd *cmd) 1032 { 1033 iscsit_set_dataout_sequence_values(cmd); 1034 1035 spin_lock_bh(&cmd->dataout_timeout_lock); 1036 iscsit_start_dataout_timer(cmd, cmd->conn); 1037 spin_unlock_bh(&cmd->dataout_timeout_lock); 1038 } 1039 EXPORT_SYMBOL(iscsit_set_unsoliticed_dataout); 1040 1041 int iscsit_process_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1042 struct iscsi_scsi_req *hdr) 1043 { 1044 int cmdsn_ret = 0; 1045 /* 1046 * Check the CmdSN against ExpCmdSN/MaxCmdSN here if 1047 * the Immediate Bit is not set, and no Immediate 1048 * Data is attached. 1049 * 1050 * A PDU/CmdSN carrying Immediate Data can only 1051 * be processed after the DataCRC has passed. 1052 * If the DataCRC fails, the CmdSN MUST NOT 1053 * be acknowledged. (See below) 1054 */ 1055 if (!cmd->immediate_data) { 1056 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1057 (unsigned char *)hdr, hdr->cmdsn); 1058 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1059 return -1; 1060 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1061 target_put_sess_cmd(&cmd->se_cmd); 1062 return 0; 1063 } 1064 } 1065 1066 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1067 1068 /* 1069 * If no Immediate Data is attached, it's OK to return now. 1070 */ 1071 if (!cmd->immediate_data) { 1072 if (!cmd->sense_reason && cmd->unsolicited_data) 1073 iscsit_set_unsoliticed_dataout(cmd); 1074 if (!cmd->sense_reason) 1075 return 0; 1076 1077 target_put_sess_cmd(&cmd->se_cmd); 1078 return 0; 1079 } 1080 1081 /* 1082 * Early CHECK_CONDITIONs with ImmediateData never make it to command 1083 * execution. These exceptions are processed in CmdSN order using 1084 * iscsit_check_received_cmdsn() in iscsit_get_immediate_data() below. 1085 */ 1086 if (cmd->sense_reason) { 1087 if (cmd->reject_reason) 1088 return 0; 1089 1090 return 1; 1091 } 1092 /* 1093 * Call directly into transport_generic_new_cmd() to perform 1094 * the backend memory allocation. 1095 */ 1096 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd); 1097 if (cmd->sense_reason) 1098 return 1; 1099 1100 return 0; 1101 } 1102 EXPORT_SYMBOL(iscsit_process_scsi_cmd); 1103 1104 static int 1105 iscsit_get_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr, 1106 bool dump_payload) 1107 { 1108 int cmdsn_ret = 0, immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION; 1109 /* 1110 * Special case for Unsupported SAM WRITE Opcodes and ImmediateData=Yes. 1111 */ 1112 if (dump_payload) 1113 goto after_immediate_data; 1114 1115 immed_ret = iscsit_handle_immediate_data(cmd, hdr, 1116 cmd->first_burst_len); 1117 after_immediate_data: 1118 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) { 1119 /* 1120 * A PDU/CmdSN carrying Immediate Data passed 1121 * DataCRC, check against ExpCmdSN/MaxCmdSN if 1122 * Immediate Bit is not set. 1123 */ 1124 cmdsn_ret = iscsit_sequence_cmd(cmd->conn, cmd, 1125 (unsigned char *)hdr, hdr->cmdsn); 1126 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1127 return -1; 1128 1129 if (cmd->sense_reason || cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1130 int rc; 1131 1132 rc = iscsit_dump_data_payload(cmd->conn, 1133 cmd->first_burst_len, 1); 1134 target_put_sess_cmd(&cmd->se_cmd); 1135 return rc; 1136 } else if (cmd->unsolicited_data) 1137 iscsit_set_unsoliticed_dataout(cmd); 1138 1139 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) { 1140 /* 1141 * Immediate Data failed DataCRC and ERL>=1, 1142 * silently drop this PDU and let the initiator 1143 * plug the CmdSN gap. 1144 * 1145 * FIXME: Send Unsolicited NOPIN with reserved 1146 * TTT here to help the initiator figure out 1147 * the missing CmdSN, although they should be 1148 * intelligent enough to determine the missing 1149 * CmdSN and issue a retry to plug the sequence. 1150 */ 1151 cmd->i_state = ISTATE_REMOVE; 1152 iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, cmd->i_state); 1153 } else /* immed_ret == IMMEDIATE_DATA_CANNOT_RECOVER */ 1154 return -1; 1155 1156 return 0; 1157 } 1158 1159 static int 1160 iscsit_handle_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1161 unsigned char *buf) 1162 { 1163 struct iscsi_scsi_req *hdr = (struct iscsi_scsi_req *)buf; 1164 int rc, immed_data; 1165 bool dump_payload = false; 1166 1167 rc = iscsit_setup_scsi_cmd(conn, cmd, buf); 1168 if (rc < 0) 1169 return 0; 1170 /* 1171 * Allocation iovecs needed for struct socket operations for 1172 * traditional iSCSI block I/O. 1173 */ 1174 if (iscsit_allocate_iovecs(cmd) < 0) { 1175 return iscsit_reject_cmd(cmd, 1176 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1177 } 1178 immed_data = cmd->immediate_data; 1179 1180 rc = iscsit_process_scsi_cmd(conn, cmd, hdr); 1181 if (rc < 0) 1182 return rc; 1183 else if (rc > 0) 1184 dump_payload = true; 1185 1186 if (!immed_data) 1187 return 0; 1188 1189 return iscsit_get_immediate_data(cmd, hdr, dump_payload); 1190 } 1191 1192 static u32 iscsit_do_crypto_hash_sg( 1193 struct ahash_request *hash, 1194 struct iscsi_cmd *cmd, 1195 u32 data_offset, 1196 u32 data_length, 1197 u32 padding, 1198 u8 *pad_bytes) 1199 { 1200 u32 data_crc; 1201 struct scatterlist *sg; 1202 unsigned int page_off; 1203 1204 crypto_ahash_init(hash); 1205 1206 sg = cmd->first_data_sg; 1207 page_off = cmd->first_data_sg_off; 1208 1209 while (data_length) { 1210 u32 cur_len = min_t(u32, data_length, (sg->length - page_off)); 1211 1212 ahash_request_set_crypt(hash, sg, NULL, cur_len); 1213 crypto_ahash_update(hash); 1214 1215 data_length -= cur_len; 1216 page_off = 0; 1217 /* iscsit_map_iovec has already checked for invalid sg pointers */ 1218 sg = sg_next(sg); 1219 } 1220 1221 if (padding) { 1222 struct scatterlist pad_sg; 1223 1224 sg_init_one(&pad_sg, pad_bytes, padding); 1225 ahash_request_set_crypt(hash, &pad_sg, (u8 *)&data_crc, 1226 padding); 1227 crypto_ahash_finup(hash); 1228 } else { 1229 ahash_request_set_crypt(hash, NULL, (u8 *)&data_crc, 0); 1230 crypto_ahash_final(hash); 1231 } 1232 1233 return data_crc; 1234 } 1235 1236 static void iscsit_do_crypto_hash_buf( 1237 struct ahash_request *hash, 1238 const void *buf, 1239 u32 payload_length, 1240 u32 padding, 1241 u8 *pad_bytes, 1242 u8 *data_crc) 1243 { 1244 struct scatterlist sg[2]; 1245 1246 sg_init_table(sg, ARRAY_SIZE(sg)); 1247 sg_set_buf(sg, buf, payload_length); 1248 sg_set_buf(sg + 1, pad_bytes, padding); 1249 1250 ahash_request_set_crypt(hash, sg, data_crc, payload_length + padding); 1251 1252 crypto_ahash_digest(hash); 1253 } 1254 1255 int 1256 iscsit_check_dataout_hdr(struct iscsi_conn *conn, unsigned char *buf, 1257 struct iscsi_cmd **out_cmd) 1258 { 1259 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1260 struct iscsi_cmd *cmd = NULL; 1261 struct se_cmd *se_cmd; 1262 u32 payload_length = ntoh24(hdr->dlength); 1263 int rc; 1264 1265 if (!payload_length) { 1266 pr_warn("DataOUT payload is ZERO, ignoring.\n"); 1267 return 0; 1268 } 1269 1270 /* iSCSI write */ 1271 atomic_long_add(payload_length, &conn->sess->rx_data_octets); 1272 1273 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1274 pr_err("DataSegmentLength: %u is greater than" 1275 " MaxXmitDataSegmentLength: %u\n", payload_length, 1276 conn->conn_ops->MaxXmitDataSegmentLength); 1277 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1278 buf); 1279 } 1280 1281 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt, 1282 payload_length); 1283 if (!cmd) 1284 return 0; 1285 1286 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x," 1287 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 1288 hdr->itt, hdr->ttt, hdr->datasn, ntohl(hdr->offset), 1289 payload_length, conn->cid); 1290 1291 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) { 1292 pr_err("Command ITT: 0x%08x received DataOUT after" 1293 " last DataOUT received, dumping payload\n", 1294 cmd->init_task_tag); 1295 return iscsit_dump_data_payload(conn, payload_length, 1); 1296 } 1297 1298 if (cmd->data_direction != DMA_TO_DEVICE) { 1299 pr_err("Command ITT: 0x%08x received DataOUT for a" 1300 " NON-WRITE command.\n", cmd->init_task_tag); 1301 return iscsit_dump_data_payload(conn, payload_length, 1); 1302 } 1303 se_cmd = &cmd->se_cmd; 1304 iscsit_mod_dataout_timer(cmd); 1305 1306 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) { 1307 pr_err("DataOut Offset: %u, Length %u greater than" 1308 " iSCSI Command EDTL %u, protocol error.\n", 1309 hdr->offset, payload_length, cmd->se_cmd.data_length); 1310 return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID, buf); 1311 } 1312 1313 if (cmd->unsolicited_data) { 1314 int dump_unsolicited_data = 0; 1315 1316 if (conn->sess->sess_ops->InitialR2T) { 1317 pr_err("Received unexpected unsolicited data" 1318 " while InitialR2T=Yes, protocol error.\n"); 1319 transport_send_check_condition_and_sense(&cmd->se_cmd, 1320 TCM_UNEXPECTED_UNSOLICITED_DATA, 0); 1321 return -1; 1322 } 1323 /* 1324 * Special case for dealing with Unsolicited DataOUT 1325 * and Unsupported SAM WRITE Opcodes and SE resource allocation 1326 * failures; 1327 */ 1328 1329 /* Something's amiss if we're not in WRITE_PENDING state... */ 1330 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING); 1331 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE)) 1332 dump_unsolicited_data = 1; 1333 1334 if (dump_unsolicited_data) { 1335 /* 1336 * Check if a delayed TASK_ABORTED status needs to 1337 * be sent now if the ISCSI_FLAG_CMD_FINAL has been 1338 * received with the unsolicited data out. 1339 */ 1340 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1341 iscsit_stop_dataout_timer(cmd); 1342 1343 transport_check_aborted_status(se_cmd, 1344 (hdr->flags & ISCSI_FLAG_CMD_FINAL)); 1345 return iscsit_dump_data_payload(conn, payload_length, 1); 1346 } 1347 } else { 1348 /* 1349 * For the normal solicited data path: 1350 * 1351 * Check for a delayed TASK_ABORTED status and dump any 1352 * incoming data out payload if one exists. Also, when the 1353 * ISCSI_FLAG_CMD_FINAL is set to denote the end of the current 1354 * data out sequence, we decrement outstanding_r2ts. Once 1355 * outstanding_r2ts reaches zero, go ahead and send the delayed 1356 * TASK_ABORTED status. 1357 */ 1358 if (se_cmd->transport_state & CMD_T_ABORTED) { 1359 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1360 if (--cmd->outstanding_r2ts < 1) { 1361 iscsit_stop_dataout_timer(cmd); 1362 transport_check_aborted_status( 1363 se_cmd, 1); 1364 } 1365 1366 return iscsit_dump_data_payload(conn, payload_length, 1); 1367 } 1368 } 1369 /* 1370 * Preform DataSN, DataSequenceInOrder, DataPDUInOrder, and 1371 * within-command recovery checks before receiving the payload. 1372 */ 1373 rc = iscsit_check_pre_dataout(cmd, buf); 1374 if (rc == DATAOUT_WITHIN_COMMAND_RECOVERY) 1375 return 0; 1376 else if (rc == DATAOUT_CANNOT_RECOVER) 1377 return -1; 1378 1379 *out_cmd = cmd; 1380 return 0; 1381 } 1382 EXPORT_SYMBOL(iscsit_check_dataout_hdr); 1383 1384 static int 1385 iscsit_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1386 struct iscsi_data *hdr) 1387 { 1388 struct kvec *iov; 1389 u32 checksum, iov_count = 0, padding = 0, rx_got = 0, rx_size = 0; 1390 u32 payload_length = ntoh24(hdr->dlength); 1391 int iov_ret, data_crc_failed = 0; 1392 1393 rx_size += payload_length; 1394 iov = &cmd->iov_data[0]; 1395 1396 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset), 1397 payload_length); 1398 if (iov_ret < 0) 1399 return -1; 1400 1401 iov_count += iov_ret; 1402 1403 padding = ((-payload_length) & 3); 1404 if (padding != 0) { 1405 iov[iov_count].iov_base = cmd->pad_bytes; 1406 iov[iov_count++].iov_len = padding; 1407 rx_size += padding; 1408 pr_debug("Receiving %u padding bytes.\n", padding); 1409 } 1410 1411 if (conn->conn_ops->DataDigest) { 1412 iov[iov_count].iov_base = &checksum; 1413 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 1414 rx_size += ISCSI_CRC_LEN; 1415 } 1416 1417 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 1418 1419 iscsit_unmap_iovec(cmd); 1420 1421 if (rx_got != rx_size) 1422 return -1; 1423 1424 if (conn->conn_ops->DataDigest) { 1425 u32 data_crc; 1426 1427 data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd, 1428 be32_to_cpu(hdr->offset), 1429 payload_length, padding, 1430 cmd->pad_bytes); 1431 1432 if (checksum != data_crc) { 1433 pr_err("ITT: 0x%08x, Offset: %u, Length: %u," 1434 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x" 1435 " does not match computed 0x%08x\n", 1436 hdr->itt, hdr->offset, payload_length, 1437 hdr->datasn, checksum, data_crc); 1438 data_crc_failed = 1; 1439 } else { 1440 pr_debug("Got CRC32C DataDigest 0x%08x for" 1441 " %u bytes of Data Out\n", checksum, 1442 payload_length); 1443 } 1444 } 1445 1446 return data_crc_failed; 1447 } 1448 1449 int 1450 iscsit_check_dataout_payload(struct iscsi_cmd *cmd, struct iscsi_data *hdr, 1451 bool data_crc_failed) 1452 { 1453 struct iscsi_conn *conn = cmd->conn; 1454 int rc, ooo_cmdsn; 1455 /* 1456 * Increment post receive data and CRC values or perform 1457 * within-command recovery. 1458 */ 1459 rc = iscsit_check_post_dataout(cmd, (unsigned char *)hdr, data_crc_failed); 1460 if ((rc == DATAOUT_NORMAL) || (rc == DATAOUT_WITHIN_COMMAND_RECOVERY)) 1461 return 0; 1462 else if (rc == DATAOUT_SEND_R2T) { 1463 iscsit_set_dataout_sequence_values(cmd); 1464 conn->conn_transport->iscsit_get_dataout(conn, cmd, false); 1465 } else if (rc == DATAOUT_SEND_TO_TRANSPORT) { 1466 /* 1467 * Handle extra special case for out of order 1468 * Unsolicited Data Out. 1469 */ 1470 spin_lock_bh(&cmd->istate_lock); 1471 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN); 1472 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 1473 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 1474 spin_unlock_bh(&cmd->istate_lock); 1475 1476 iscsit_stop_dataout_timer(cmd); 1477 if (ooo_cmdsn) 1478 return 0; 1479 target_execute_cmd(&cmd->se_cmd); 1480 return 0; 1481 } else /* DATAOUT_CANNOT_RECOVER */ 1482 return -1; 1483 1484 return 0; 1485 } 1486 EXPORT_SYMBOL(iscsit_check_dataout_payload); 1487 1488 static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) 1489 { 1490 struct iscsi_cmd *cmd = NULL; 1491 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1492 int rc; 1493 bool data_crc_failed = false; 1494 1495 rc = iscsit_check_dataout_hdr(conn, buf, &cmd); 1496 if (rc < 0) 1497 return 0; 1498 else if (!cmd) 1499 return 0; 1500 1501 rc = iscsit_get_dataout(conn, cmd, hdr); 1502 if (rc < 0) 1503 return rc; 1504 else if (rc > 0) 1505 data_crc_failed = true; 1506 1507 return iscsit_check_dataout_payload(cmd, hdr, data_crc_failed); 1508 } 1509 1510 int iscsit_setup_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1511 struct iscsi_nopout *hdr) 1512 { 1513 u32 payload_length = ntoh24(hdr->dlength); 1514 1515 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 1516 pr_err("NopOUT Flag's, Left Most Bit not set, protocol error.\n"); 1517 if (!cmd) 1518 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1519 (unsigned char *)hdr); 1520 1521 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1522 (unsigned char *)hdr); 1523 } 1524 1525 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1526 pr_err("NOPOUT ITT is reserved, but Immediate Bit is" 1527 " not set, protocol error.\n"); 1528 if (!cmd) 1529 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1530 (unsigned char *)hdr); 1531 1532 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1533 (unsigned char *)hdr); 1534 } 1535 1536 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1537 pr_err("NOPOUT Ping Data DataSegmentLength: %u is" 1538 " greater than MaxXmitDataSegmentLength: %u, protocol" 1539 " error.\n", payload_length, 1540 conn->conn_ops->MaxXmitDataSegmentLength); 1541 if (!cmd) 1542 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1543 (unsigned char *)hdr); 1544 1545 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1546 (unsigned char *)hdr); 1547 } 1548 1549 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%08x," 1550 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n", 1551 hdr->itt == RESERVED_ITT ? "Response" : "Request", 1552 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn, 1553 payload_length); 1554 /* 1555 * This is not a response to a Unsolicited NopIN, which means 1556 * it can either be a NOPOUT ping request (with a valid ITT), 1557 * or a NOPOUT not requesting a NOPIN (with a reserved ITT). 1558 * Either way, make sure we allocate an struct iscsi_cmd, as both 1559 * can contain ping data. 1560 */ 1561 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1562 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT; 1563 cmd->i_state = ISTATE_SEND_NOPIN; 1564 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1565 1 : 0); 1566 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1567 cmd->targ_xfer_tag = 0xFFFFFFFF; 1568 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1569 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1570 cmd->data_direction = DMA_NONE; 1571 } 1572 1573 return 0; 1574 } 1575 EXPORT_SYMBOL(iscsit_setup_nop_out); 1576 1577 int iscsit_process_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1578 struct iscsi_nopout *hdr) 1579 { 1580 struct iscsi_cmd *cmd_p = NULL; 1581 int cmdsn_ret = 0; 1582 /* 1583 * Initiator is expecting a NopIN ping reply.. 1584 */ 1585 if (hdr->itt != RESERVED_ITT) { 1586 if (!cmd) 1587 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1588 (unsigned char *)hdr); 1589 1590 spin_lock_bh(&conn->cmd_lock); 1591 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1592 spin_unlock_bh(&conn->cmd_lock); 1593 1594 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1595 1596 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 1597 iscsit_add_cmd_to_response_queue(cmd, conn, 1598 cmd->i_state); 1599 return 0; 1600 } 1601 1602 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1603 (unsigned char *)hdr, hdr->cmdsn); 1604 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1605 return 0; 1606 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1607 return -1; 1608 1609 return 0; 1610 } 1611 /* 1612 * This was a response to a unsolicited NOPIN ping. 1613 */ 1614 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 1615 cmd_p = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt)); 1616 if (!cmd_p) 1617 return -EINVAL; 1618 1619 iscsit_stop_nopin_response_timer(conn); 1620 1621 cmd_p->i_state = ISTATE_REMOVE; 1622 iscsit_add_cmd_to_immediate_queue(cmd_p, conn, cmd_p->i_state); 1623 1624 iscsit_start_nopin_timer(conn); 1625 return 0; 1626 } 1627 /* 1628 * Otherwise, initiator is not expecting a NOPIN is response. 1629 * Just ignore for now. 1630 */ 1631 return 0; 1632 } 1633 EXPORT_SYMBOL(iscsit_process_nop_out); 1634 1635 static int iscsit_handle_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1636 unsigned char *buf) 1637 { 1638 unsigned char *ping_data = NULL; 1639 struct iscsi_nopout *hdr = (struct iscsi_nopout *)buf; 1640 struct kvec *iov = NULL; 1641 u32 payload_length = ntoh24(hdr->dlength); 1642 int ret; 1643 1644 ret = iscsit_setup_nop_out(conn, cmd, hdr); 1645 if (ret < 0) 1646 return 0; 1647 /* 1648 * Handle NOP-OUT payload for traditional iSCSI sockets 1649 */ 1650 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1651 u32 checksum, data_crc, padding = 0; 1652 int niov = 0, rx_got, rx_size = payload_length; 1653 1654 ping_data = kzalloc(payload_length + 1, GFP_KERNEL); 1655 if (!ping_data) { 1656 pr_err("Unable to allocate memory for" 1657 " NOPOUT ping data.\n"); 1658 ret = -1; 1659 goto out; 1660 } 1661 1662 iov = &cmd->iov_misc[0]; 1663 iov[niov].iov_base = ping_data; 1664 iov[niov++].iov_len = payload_length; 1665 1666 padding = ((-payload_length) & 3); 1667 if (padding != 0) { 1668 pr_debug("Receiving %u additional bytes" 1669 " for padding.\n", padding); 1670 iov[niov].iov_base = &cmd->pad_bytes; 1671 iov[niov++].iov_len = padding; 1672 rx_size += padding; 1673 } 1674 if (conn->conn_ops->DataDigest) { 1675 iov[niov].iov_base = &checksum; 1676 iov[niov++].iov_len = ISCSI_CRC_LEN; 1677 rx_size += ISCSI_CRC_LEN; 1678 } 1679 1680 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size); 1681 if (rx_got != rx_size) { 1682 ret = -1; 1683 goto out; 1684 } 1685 1686 if (conn->conn_ops->DataDigest) { 1687 iscsit_do_crypto_hash_buf(conn->conn_rx_hash, 1688 ping_data, payload_length, 1689 padding, cmd->pad_bytes, 1690 (u8 *)&data_crc); 1691 1692 if (checksum != data_crc) { 1693 pr_err("Ping data CRC32C DataDigest" 1694 " 0x%08x does not match computed 0x%08x\n", 1695 checksum, data_crc); 1696 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 1697 pr_err("Unable to recover from" 1698 " NOPOUT Ping DataCRC failure while in" 1699 " ERL=0.\n"); 1700 ret = -1; 1701 goto out; 1702 } else { 1703 /* 1704 * Silently drop this PDU and let the 1705 * initiator plug the CmdSN gap. 1706 */ 1707 pr_debug("Dropping NOPOUT" 1708 " Command CmdSN: 0x%08x due to" 1709 " DataCRC error.\n", hdr->cmdsn); 1710 ret = 0; 1711 goto out; 1712 } 1713 } else { 1714 pr_debug("Got CRC32C DataDigest" 1715 " 0x%08x for %u bytes of ping data.\n", 1716 checksum, payload_length); 1717 } 1718 } 1719 1720 ping_data[payload_length] = '\0'; 1721 /* 1722 * Attach ping data to struct iscsi_cmd->buf_ptr. 1723 */ 1724 cmd->buf_ptr = ping_data; 1725 cmd->buf_ptr_size = payload_length; 1726 1727 pr_debug("Got %u bytes of NOPOUT ping" 1728 " data.\n", payload_length); 1729 pr_debug("Ping Data: \"%s\"\n", ping_data); 1730 } 1731 1732 return iscsit_process_nop_out(conn, cmd, hdr); 1733 out: 1734 if (cmd) 1735 iscsit_free_cmd(cmd, false); 1736 1737 kfree(ping_data); 1738 return ret; 1739 } 1740 1741 int 1742 iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1743 unsigned char *buf) 1744 { 1745 struct se_tmr_req *se_tmr; 1746 struct iscsi_tmr_req *tmr_req; 1747 struct iscsi_tm *hdr; 1748 int out_of_order_cmdsn = 0, ret; 1749 bool sess_ref = false; 1750 u8 function; 1751 1752 hdr = (struct iscsi_tm *) buf; 1753 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 1754 function = hdr->flags; 1755 1756 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:" 1757 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:" 1758 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function, 1759 hdr->rtt, hdr->refcmdsn, conn->cid); 1760 1761 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1762 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1763 hdr->rtt != RESERVED_ITT)) { 1764 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n"); 1765 hdr->rtt = RESERVED_ITT; 1766 } 1767 1768 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) && 1769 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1770 pr_err("Task Management Request TASK_REASSIGN not" 1771 " issued as immediate command, bad iSCSI Initiator" 1772 "implementation\n"); 1773 return iscsit_add_reject_cmd(cmd, 1774 ISCSI_REASON_PROTOCOL_ERROR, buf); 1775 } 1776 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1777 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG) 1778 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG); 1779 1780 cmd->data_direction = DMA_NONE; 1781 1782 cmd->tmr_req = kzalloc(sizeof(struct iscsi_tmr_req), GFP_KERNEL); 1783 if (!cmd->tmr_req) { 1784 pr_err("Unable to allocate memory for" 1785 " Task Management command!\n"); 1786 return iscsit_add_reject_cmd(cmd, 1787 ISCSI_REASON_BOOKMARK_NO_RESOURCES, 1788 buf); 1789 } 1790 1791 /* 1792 * TASK_REASSIGN for ERL=2 / connection stays inside of 1793 * LIO-Target $FABRIC_MOD 1794 */ 1795 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1796 1797 u8 tcm_function; 1798 int ret; 1799 1800 transport_init_se_cmd(&cmd->se_cmd, &iscsi_ops, 1801 conn->sess->se_sess, 0, DMA_NONE, 1802 TCM_SIMPLE_TAG, cmd->sense_buffer + 2); 1803 1804 target_get_sess_cmd(&cmd->se_cmd, true); 1805 sess_ref = true; 1806 1807 switch (function) { 1808 case ISCSI_TM_FUNC_ABORT_TASK: 1809 tcm_function = TMR_ABORT_TASK; 1810 break; 1811 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1812 tcm_function = TMR_ABORT_TASK_SET; 1813 break; 1814 case ISCSI_TM_FUNC_CLEAR_ACA: 1815 tcm_function = TMR_CLEAR_ACA; 1816 break; 1817 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1818 tcm_function = TMR_CLEAR_TASK_SET; 1819 break; 1820 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1821 tcm_function = TMR_LUN_RESET; 1822 break; 1823 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1824 tcm_function = TMR_TARGET_WARM_RESET; 1825 break; 1826 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1827 tcm_function = TMR_TARGET_COLD_RESET; 1828 break; 1829 default: 1830 pr_err("Unknown iSCSI TMR Function:" 1831 " 0x%02x\n", function); 1832 return iscsit_add_reject_cmd(cmd, 1833 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1834 } 1835 1836 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req, 1837 tcm_function, GFP_KERNEL); 1838 if (ret < 0) 1839 return iscsit_add_reject_cmd(cmd, 1840 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1841 1842 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req; 1843 } 1844 1845 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC; 1846 cmd->i_state = ISTATE_SEND_TASKMGTRSP; 1847 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1848 cmd->init_task_tag = hdr->itt; 1849 cmd->targ_xfer_tag = 0xFFFFFFFF; 1850 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1851 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1852 se_tmr = cmd->se_cmd.se_tmr_req; 1853 tmr_req = cmd->tmr_req; 1854 /* 1855 * Locate the struct se_lun for all TMRs not related to ERL=2 TASK_REASSIGN 1856 */ 1857 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1858 ret = transport_lookup_tmr_lun(&cmd->se_cmd, 1859 scsilun_to_int(&hdr->lun)); 1860 if (ret < 0) { 1861 se_tmr->response = ISCSI_TMF_RSP_NO_LUN; 1862 goto attach; 1863 } 1864 } 1865 1866 switch (function) { 1867 case ISCSI_TM_FUNC_ABORT_TASK: 1868 se_tmr->response = iscsit_tmr_abort_task(cmd, buf); 1869 if (se_tmr->response) 1870 goto attach; 1871 break; 1872 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1873 case ISCSI_TM_FUNC_CLEAR_ACA: 1874 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1875 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1876 break; 1877 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1878 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) { 1879 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1880 goto attach; 1881 } 1882 break; 1883 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1884 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) { 1885 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1886 goto attach; 1887 } 1888 break; 1889 case ISCSI_TM_FUNC_TASK_REASSIGN: 1890 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf); 1891 /* 1892 * Perform sanity checks on the ExpDataSN only if the 1893 * TASK_REASSIGN was successful. 1894 */ 1895 if (se_tmr->response) 1896 break; 1897 1898 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0) 1899 return iscsit_add_reject_cmd(cmd, 1900 ISCSI_REASON_BOOKMARK_INVALID, buf); 1901 break; 1902 default: 1903 pr_err("Unknown TMR function: 0x%02x, protocol" 1904 " error.\n", function); 1905 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED; 1906 goto attach; 1907 } 1908 1909 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1910 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE)) 1911 se_tmr->call_transport = 1; 1912 attach: 1913 spin_lock_bh(&conn->cmd_lock); 1914 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1915 spin_unlock_bh(&conn->cmd_lock); 1916 1917 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1918 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 1919 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP) 1920 out_of_order_cmdsn = 1; 1921 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1922 return 0; 1923 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1924 return -1; 1925 } 1926 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1927 1928 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE)) 1929 return 0; 1930 /* 1931 * Found the referenced task, send to transport for processing. 1932 */ 1933 if (se_tmr->call_transport) 1934 return transport_generic_handle_tmr(&cmd->se_cmd); 1935 1936 /* 1937 * Could not find the referenced LUN, task, or Task Management 1938 * command not authorized or supported. Change state and 1939 * let the tx_thread send the response. 1940 * 1941 * For connection recovery, this is also the default action for 1942 * TMR TASK_REASSIGN. 1943 */ 1944 if (sess_ref) { 1945 pr_debug("Handle TMR, using sess_ref=true check\n"); 1946 target_put_sess_cmd(&cmd->se_cmd); 1947 } 1948 1949 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 1950 return 0; 1951 } 1952 EXPORT_SYMBOL(iscsit_handle_task_mgt_cmd); 1953 1954 /* #warning FIXME: Support Text Command parameters besides SendTargets */ 1955 int 1956 iscsit_setup_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1957 struct iscsi_text *hdr) 1958 { 1959 u32 payload_length = ntoh24(hdr->dlength); 1960 1961 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1962 pr_err("Unable to accept text parameter length: %u" 1963 "greater than MaxXmitDataSegmentLength %u.\n", 1964 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 1965 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1966 (unsigned char *)hdr); 1967 } 1968 1969 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL) || 1970 (hdr->flags & ISCSI_FLAG_TEXT_CONTINUE)) { 1971 pr_err("Multi sequence text commands currently not supported\n"); 1972 return iscsit_reject_cmd(cmd, ISCSI_REASON_CMD_NOT_SUPPORTED, 1973 (unsigned char *)hdr); 1974 } 1975 1976 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x," 1977 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn, 1978 hdr->exp_statsn, payload_length); 1979 1980 cmd->iscsi_opcode = ISCSI_OP_TEXT; 1981 cmd->i_state = ISTATE_SEND_TEXTRSP; 1982 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1983 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1984 cmd->targ_xfer_tag = 0xFFFFFFFF; 1985 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1986 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1987 cmd->data_direction = DMA_NONE; 1988 cmd->text_in_ptr = NULL; 1989 1990 return 0; 1991 } 1992 EXPORT_SYMBOL(iscsit_setup_text_cmd); 1993 1994 int 1995 iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1996 struct iscsi_text *hdr) 1997 { 1998 unsigned char *text_in = cmd->text_in_ptr, *text_ptr; 1999 int cmdsn_ret; 2000 2001 if (!text_in) { 2002 cmd->targ_xfer_tag = be32_to_cpu(hdr->ttt); 2003 if (cmd->targ_xfer_tag == 0xFFFFFFFF) { 2004 pr_err("Unable to locate text_in buffer for sendtargets" 2005 " discovery\n"); 2006 goto reject; 2007 } 2008 goto empty_sendtargets; 2009 } 2010 if (strncmp("SendTargets", text_in, 11) != 0) { 2011 pr_err("Received Text Data that is not" 2012 " SendTargets, cannot continue.\n"); 2013 goto reject; 2014 } 2015 text_ptr = strchr(text_in, '='); 2016 if (!text_ptr) { 2017 pr_err("No \"=\" separator found in Text Data," 2018 " cannot continue.\n"); 2019 goto reject; 2020 } 2021 if (!strncmp("=All", text_ptr, 4)) { 2022 cmd->cmd_flags |= ICF_SENDTARGETS_ALL; 2023 } else if (!strncmp("=iqn.", text_ptr, 5) || 2024 !strncmp("=eui.", text_ptr, 5)) { 2025 cmd->cmd_flags |= ICF_SENDTARGETS_SINGLE; 2026 } else { 2027 pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr); 2028 goto reject; 2029 } 2030 2031 spin_lock_bh(&conn->cmd_lock); 2032 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2033 spin_unlock_bh(&conn->cmd_lock); 2034 2035 empty_sendtargets: 2036 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2037 2038 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 2039 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 2040 (unsigned char *)hdr, hdr->cmdsn); 2041 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2042 return -1; 2043 2044 return 0; 2045 } 2046 2047 return iscsit_execute_cmd(cmd, 0); 2048 2049 reject: 2050 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 2051 (unsigned char *)hdr); 2052 } 2053 EXPORT_SYMBOL(iscsit_process_text_cmd); 2054 2055 static int 2056 iscsit_handle_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2057 unsigned char *buf) 2058 { 2059 struct iscsi_text *hdr = (struct iscsi_text *)buf; 2060 char *text_in = NULL; 2061 u32 payload_length = ntoh24(hdr->dlength); 2062 int rx_size, rc; 2063 2064 rc = iscsit_setup_text_cmd(conn, cmd, hdr); 2065 if (rc < 0) 2066 return 0; 2067 2068 rx_size = payload_length; 2069 if (payload_length) { 2070 u32 checksum = 0, data_crc = 0; 2071 u32 padding = 0, pad_bytes = 0; 2072 int niov = 0, rx_got; 2073 struct kvec iov[3]; 2074 2075 text_in = kzalloc(payload_length, GFP_KERNEL); 2076 if (!text_in) { 2077 pr_err("Unable to allocate memory for" 2078 " incoming text parameters\n"); 2079 goto reject; 2080 } 2081 cmd->text_in_ptr = text_in; 2082 2083 memset(iov, 0, 3 * sizeof(struct kvec)); 2084 iov[niov].iov_base = text_in; 2085 iov[niov++].iov_len = payload_length; 2086 2087 padding = ((-payload_length) & 3); 2088 if (padding != 0) { 2089 iov[niov].iov_base = &pad_bytes; 2090 iov[niov++].iov_len = padding; 2091 rx_size += padding; 2092 pr_debug("Receiving %u additional bytes" 2093 " for padding.\n", padding); 2094 } 2095 if (conn->conn_ops->DataDigest) { 2096 iov[niov].iov_base = &checksum; 2097 iov[niov++].iov_len = ISCSI_CRC_LEN; 2098 rx_size += ISCSI_CRC_LEN; 2099 } 2100 2101 rx_got = rx_data(conn, &iov[0], niov, rx_size); 2102 if (rx_got != rx_size) 2103 goto reject; 2104 2105 if (conn->conn_ops->DataDigest) { 2106 iscsit_do_crypto_hash_buf(conn->conn_rx_hash, 2107 text_in, payload_length, 2108 padding, (u8 *)&pad_bytes, 2109 (u8 *)&data_crc); 2110 2111 if (checksum != data_crc) { 2112 pr_err("Text data CRC32C DataDigest" 2113 " 0x%08x does not match computed" 2114 " 0x%08x\n", checksum, data_crc); 2115 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2116 pr_err("Unable to recover from" 2117 " Text Data digest failure while in" 2118 " ERL=0.\n"); 2119 goto reject; 2120 } else { 2121 /* 2122 * Silently drop this PDU and let the 2123 * initiator plug the CmdSN gap. 2124 */ 2125 pr_debug("Dropping Text" 2126 " Command CmdSN: 0x%08x due to" 2127 " DataCRC error.\n", hdr->cmdsn); 2128 kfree(text_in); 2129 return 0; 2130 } 2131 } else { 2132 pr_debug("Got CRC32C DataDigest" 2133 " 0x%08x for %u bytes of text data.\n", 2134 checksum, payload_length); 2135 } 2136 } 2137 text_in[payload_length - 1] = '\0'; 2138 pr_debug("Successfully read %d bytes of text" 2139 " data.\n", payload_length); 2140 } 2141 2142 return iscsit_process_text_cmd(conn, cmd, hdr); 2143 2144 reject: 2145 kfree(cmd->text_in_ptr); 2146 cmd->text_in_ptr = NULL; 2147 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 2148 } 2149 2150 int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2151 { 2152 struct iscsi_conn *conn_p; 2153 struct iscsi_session *sess = conn->sess; 2154 2155 pr_debug("Received logout request CLOSESESSION on CID: %hu" 2156 " for SID: %u.\n", conn->cid, conn->sess->sid); 2157 2158 atomic_set(&sess->session_logout, 1); 2159 atomic_set(&conn->conn_logout_remove, 1); 2160 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION; 2161 2162 iscsit_inc_conn_usage_count(conn); 2163 iscsit_inc_session_usage_count(sess); 2164 2165 spin_lock_bh(&sess->conn_lock); 2166 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) { 2167 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN) 2168 continue; 2169 2170 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2171 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2172 } 2173 spin_unlock_bh(&sess->conn_lock); 2174 2175 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2176 2177 return 0; 2178 } 2179 2180 int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2181 { 2182 struct iscsi_conn *l_conn; 2183 struct iscsi_session *sess = conn->sess; 2184 2185 pr_debug("Received logout request CLOSECONNECTION for CID:" 2186 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2187 2188 /* 2189 * A Logout Request with a CLOSECONNECTION reason code for a CID 2190 * can arrive on a connection with a differing CID. 2191 */ 2192 if (conn->cid == cmd->logout_cid) { 2193 spin_lock_bh(&conn->state_lock); 2194 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2195 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2196 2197 atomic_set(&conn->conn_logout_remove, 1); 2198 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION; 2199 iscsit_inc_conn_usage_count(conn); 2200 2201 spin_unlock_bh(&conn->state_lock); 2202 } else { 2203 /* 2204 * Handle all different cid CLOSECONNECTION requests in 2205 * iscsit_logout_post_handler_diffcid() as to give enough 2206 * time for any non immediate command's CmdSN to be 2207 * acknowledged on the connection in question. 2208 * 2209 * Here we simply make sure the CID is still around. 2210 */ 2211 l_conn = iscsit_get_conn_from_cid(sess, 2212 cmd->logout_cid); 2213 if (!l_conn) { 2214 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2215 iscsit_add_cmd_to_response_queue(cmd, conn, 2216 cmd->i_state); 2217 return 0; 2218 } 2219 2220 iscsit_dec_conn_usage_count(l_conn); 2221 } 2222 2223 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2224 2225 return 0; 2226 } 2227 2228 int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2229 { 2230 struct iscsi_session *sess = conn->sess; 2231 2232 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for" 2233 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2234 2235 if (sess->sess_ops->ErrorRecoveryLevel != 2) { 2236 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2237 " while ERL!=2.\n"); 2238 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED; 2239 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2240 return 0; 2241 } 2242 2243 if (conn->cid == cmd->logout_cid) { 2244 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2245 " with CID: %hu on CID: %hu, implementation error.\n", 2246 cmd->logout_cid, conn->cid); 2247 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED; 2248 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2249 return 0; 2250 } 2251 2252 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2253 2254 return 0; 2255 } 2256 2257 int 2258 iscsit_handle_logout_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2259 unsigned char *buf) 2260 { 2261 int cmdsn_ret, logout_remove = 0; 2262 u8 reason_code = 0; 2263 struct iscsi_logout *hdr; 2264 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn); 2265 2266 hdr = (struct iscsi_logout *) buf; 2267 reason_code = (hdr->flags & 0x7f); 2268 2269 if (tiqn) { 2270 spin_lock(&tiqn->logout_stats.lock); 2271 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) 2272 tiqn->logout_stats.normal_logouts++; 2273 else 2274 tiqn->logout_stats.abnormal_logouts++; 2275 spin_unlock(&tiqn->logout_stats.lock); 2276 } 2277 2278 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x" 2279 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n", 2280 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code, 2281 hdr->cid, conn->cid); 2282 2283 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) { 2284 pr_err("Received logout request on connection that" 2285 " is not in logged in state, ignoring request.\n"); 2286 iscsit_free_cmd(cmd, false); 2287 return 0; 2288 } 2289 2290 cmd->iscsi_opcode = ISCSI_OP_LOGOUT; 2291 cmd->i_state = ISTATE_SEND_LOGOUTRSP; 2292 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2293 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 2294 cmd->targ_xfer_tag = 0xFFFFFFFF; 2295 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2296 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2297 cmd->logout_cid = be16_to_cpu(hdr->cid); 2298 cmd->logout_reason = reason_code; 2299 cmd->data_direction = DMA_NONE; 2300 2301 /* 2302 * We need to sleep in these cases (by returning 1) until the Logout 2303 * Response gets sent in the tx thread. 2304 */ 2305 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) || 2306 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) && 2307 be16_to_cpu(hdr->cid) == conn->cid)) 2308 logout_remove = 1; 2309 2310 spin_lock_bh(&conn->cmd_lock); 2311 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2312 spin_unlock_bh(&conn->cmd_lock); 2313 2314 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY) 2315 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2316 2317 /* 2318 * Immediate commands are executed, well, immediately. 2319 * Non-Immediate Logout Commands are executed in CmdSN order. 2320 */ 2321 if (cmd->immediate_cmd) { 2322 int ret = iscsit_execute_cmd(cmd, 0); 2323 2324 if (ret < 0) 2325 return ret; 2326 } else { 2327 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 2328 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 2329 logout_remove = 0; 2330 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2331 return -1; 2332 } 2333 2334 return logout_remove; 2335 } 2336 EXPORT_SYMBOL(iscsit_handle_logout_cmd); 2337 2338 static int iscsit_handle_snack( 2339 struct iscsi_conn *conn, 2340 unsigned char *buf) 2341 { 2342 struct iscsi_snack *hdr; 2343 2344 hdr = (struct iscsi_snack *) buf; 2345 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 2346 2347 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:" 2348 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x," 2349 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags, 2350 hdr->begrun, hdr->runlength, conn->cid); 2351 2352 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2353 pr_err("Initiator sent SNACK request while in" 2354 " ErrorRecoveryLevel=0.\n"); 2355 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2356 buf); 2357 } 2358 /* 2359 * SNACK_DATA and SNACK_R2T are both 0, so check which function to 2360 * call from inside iscsi_send_recovery_datain_or_r2t(). 2361 */ 2362 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) { 2363 case 0: 2364 return iscsit_handle_recovery_datain_or_r2t(conn, buf, 2365 hdr->itt, 2366 be32_to_cpu(hdr->ttt), 2367 be32_to_cpu(hdr->begrun), 2368 be32_to_cpu(hdr->runlength)); 2369 case ISCSI_FLAG_SNACK_TYPE_STATUS: 2370 return iscsit_handle_status_snack(conn, hdr->itt, 2371 be32_to_cpu(hdr->ttt), 2372 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength)); 2373 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK: 2374 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt), 2375 be32_to_cpu(hdr->begrun), 2376 be32_to_cpu(hdr->runlength)); 2377 case ISCSI_FLAG_SNACK_TYPE_RDATA: 2378 /* FIXME: Support R-Data SNACK */ 2379 pr_err("R-Data SNACK Not Supported.\n"); 2380 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2381 buf); 2382 default: 2383 pr_err("Unknown SNACK type 0x%02x, protocol" 2384 " error.\n", hdr->flags & 0x0f); 2385 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2386 buf); 2387 } 2388 2389 return 0; 2390 } 2391 2392 static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn) 2393 { 2394 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2395 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2396 wait_for_completion_interruptible_timeout( 2397 &conn->rx_half_close_comp, 2398 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ); 2399 } 2400 } 2401 2402 static int iscsit_handle_immediate_data( 2403 struct iscsi_cmd *cmd, 2404 struct iscsi_scsi_req *hdr, 2405 u32 length) 2406 { 2407 int iov_ret, rx_got = 0, rx_size = 0; 2408 u32 checksum, iov_count = 0, padding = 0; 2409 struct iscsi_conn *conn = cmd->conn; 2410 struct kvec *iov; 2411 2412 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length); 2413 if (iov_ret < 0) 2414 return IMMEDIATE_DATA_CANNOT_RECOVER; 2415 2416 rx_size = length; 2417 iov_count = iov_ret; 2418 iov = &cmd->iov_data[0]; 2419 2420 padding = ((-length) & 3); 2421 if (padding != 0) { 2422 iov[iov_count].iov_base = cmd->pad_bytes; 2423 iov[iov_count++].iov_len = padding; 2424 rx_size += padding; 2425 } 2426 2427 if (conn->conn_ops->DataDigest) { 2428 iov[iov_count].iov_base = &checksum; 2429 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2430 rx_size += ISCSI_CRC_LEN; 2431 } 2432 2433 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 2434 2435 iscsit_unmap_iovec(cmd); 2436 2437 if (rx_got != rx_size) { 2438 iscsit_rx_thread_wait_for_tcp(conn); 2439 return IMMEDIATE_DATA_CANNOT_RECOVER; 2440 } 2441 2442 if (conn->conn_ops->DataDigest) { 2443 u32 data_crc; 2444 2445 data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd, 2446 cmd->write_data_done, length, padding, 2447 cmd->pad_bytes); 2448 2449 if (checksum != data_crc) { 2450 pr_err("ImmediateData CRC32C DataDigest 0x%08x" 2451 " does not match computed 0x%08x\n", checksum, 2452 data_crc); 2453 2454 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2455 pr_err("Unable to recover from" 2456 " Immediate Data digest failure while" 2457 " in ERL=0.\n"); 2458 iscsit_reject_cmd(cmd, 2459 ISCSI_REASON_DATA_DIGEST_ERROR, 2460 (unsigned char *)hdr); 2461 return IMMEDIATE_DATA_CANNOT_RECOVER; 2462 } else { 2463 iscsit_reject_cmd(cmd, 2464 ISCSI_REASON_DATA_DIGEST_ERROR, 2465 (unsigned char *)hdr); 2466 return IMMEDIATE_DATA_ERL1_CRC_FAILURE; 2467 } 2468 } else { 2469 pr_debug("Got CRC32C DataDigest 0x%08x for" 2470 " %u bytes of Immediate Data\n", checksum, 2471 length); 2472 } 2473 } 2474 2475 cmd->write_data_done += length; 2476 2477 if (cmd->write_data_done == cmd->se_cmd.data_length) { 2478 spin_lock_bh(&cmd->istate_lock); 2479 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 2480 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 2481 spin_unlock_bh(&cmd->istate_lock); 2482 } 2483 2484 return IMMEDIATE_DATA_NORMAL_OPERATION; 2485 } 2486 2487 /* 2488 * Called with sess->conn_lock held. 2489 */ 2490 /* #warning iscsi_build_conn_drop_async_message() only sends out on connections 2491 with active network interface */ 2492 static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn) 2493 { 2494 struct iscsi_cmd *cmd; 2495 struct iscsi_conn *conn_p; 2496 bool found = false; 2497 2498 /* 2499 * Only send a Asynchronous Message on connections whos network 2500 * interface is still functional. 2501 */ 2502 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) { 2503 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) { 2504 iscsit_inc_conn_usage_count(conn_p); 2505 found = true; 2506 break; 2507 } 2508 } 2509 2510 if (!found) 2511 return; 2512 2513 cmd = iscsit_allocate_cmd(conn_p, TASK_RUNNING); 2514 if (!cmd) { 2515 iscsit_dec_conn_usage_count(conn_p); 2516 return; 2517 } 2518 2519 cmd->logout_cid = conn->cid; 2520 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2521 cmd->i_state = ISTATE_SEND_ASYNCMSG; 2522 2523 spin_lock_bh(&conn_p->cmd_lock); 2524 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list); 2525 spin_unlock_bh(&conn_p->cmd_lock); 2526 2527 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state); 2528 iscsit_dec_conn_usage_count(conn_p); 2529 } 2530 2531 static int iscsit_send_conn_drop_async_message( 2532 struct iscsi_cmd *cmd, 2533 struct iscsi_conn *conn) 2534 { 2535 struct iscsi_async *hdr; 2536 2537 cmd->tx_size = ISCSI_HDR_LEN; 2538 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2539 2540 hdr = (struct iscsi_async *) cmd->pdu; 2541 hdr->opcode = ISCSI_OP_ASYNC_EVENT; 2542 hdr->flags = ISCSI_FLAG_CMD_FINAL; 2543 cmd->init_task_tag = RESERVED_ITT; 2544 cmd->targ_xfer_tag = 0xFFFFFFFF; 2545 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]); 2546 cmd->stat_sn = conn->stat_sn++; 2547 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2548 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2549 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2550 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION; 2551 hdr->param1 = cpu_to_be16(cmd->logout_cid); 2552 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait); 2553 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain); 2554 2555 if (conn->conn_ops->HeaderDigest) { 2556 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2557 2558 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 2559 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2560 2561 cmd->tx_size += ISCSI_CRC_LEN; 2562 pr_debug("Attaching CRC32C HeaderDigest to" 2563 " Async Message 0x%08x\n", *header_digest); 2564 } 2565 2566 cmd->iov_misc[0].iov_base = cmd->pdu; 2567 cmd->iov_misc[0].iov_len = cmd->tx_size; 2568 cmd->iov_misc_count = 1; 2569 2570 pr_debug("Sending Connection Dropped Async Message StatSN:" 2571 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn, 2572 cmd->logout_cid, conn->cid); 2573 return 0; 2574 } 2575 2576 static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn) 2577 { 2578 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2579 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2580 wait_for_completion_interruptible_timeout( 2581 &conn->tx_half_close_comp, 2582 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ); 2583 } 2584 } 2585 2586 static void 2587 iscsit_build_datain_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2588 struct iscsi_datain *datain, struct iscsi_data_rsp *hdr, 2589 bool set_statsn) 2590 { 2591 hdr->opcode = ISCSI_OP_SCSI_DATA_IN; 2592 hdr->flags = datain->flags; 2593 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) { 2594 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 2595 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW; 2596 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2597 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 2598 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW; 2599 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2600 } 2601 } 2602 hton24(hdr->dlength, datain->length); 2603 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2604 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 2605 (struct scsi_lun *)&hdr->lun); 2606 else 2607 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2608 2609 hdr->itt = cmd->init_task_tag; 2610 2611 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2612 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2613 else 2614 hdr->ttt = cpu_to_be32(0xFFFFFFFF); 2615 if (set_statsn) 2616 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2617 else 2618 hdr->statsn = cpu_to_be32(0xFFFFFFFF); 2619 2620 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2621 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2622 hdr->datasn = cpu_to_be32(datain->data_sn); 2623 hdr->offset = cpu_to_be32(datain->offset); 2624 2625 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x," 2626 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 2627 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn), 2628 ntohl(hdr->offset), datain->length, conn->cid); 2629 } 2630 2631 static int iscsit_send_datain(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2632 { 2633 struct iscsi_data_rsp *hdr = (struct iscsi_data_rsp *)&cmd->pdu[0]; 2634 struct iscsi_datain datain; 2635 struct iscsi_datain_req *dr; 2636 struct kvec *iov; 2637 u32 iov_count = 0, tx_size = 0; 2638 int eodr = 0, ret, iov_ret; 2639 bool set_statsn = false; 2640 2641 memset(&datain, 0, sizeof(struct iscsi_datain)); 2642 dr = iscsit_get_datain_values(cmd, &datain); 2643 if (!dr) { 2644 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n", 2645 cmd->init_task_tag); 2646 return -1; 2647 } 2648 /* 2649 * Be paranoid and double check the logic for now. 2650 */ 2651 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) { 2652 pr_err("Command ITT: 0x%08x, datain.offset: %u and" 2653 " datain.length: %u exceeds cmd->data_length: %u\n", 2654 cmd->init_task_tag, datain.offset, datain.length, 2655 cmd->se_cmd.data_length); 2656 return -1; 2657 } 2658 2659 atomic_long_add(datain.length, &conn->sess->tx_data_octets); 2660 /* 2661 * Special case for successfully execution w/ both DATAIN 2662 * and Sense Data. 2663 */ 2664 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) && 2665 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE)) 2666 datain.flags &= ~ISCSI_FLAG_DATA_STATUS; 2667 else { 2668 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) || 2669 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) { 2670 iscsit_increment_maxcmdsn(cmd, conn->sess); 2671 cmd->stat_sn = conn->stat_sn++; 2672 set_statsn = true; 2673 } else if (dr->dr_complete == 2674 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY) 2675 set_statsn = true; 2676 } 2677 2678 iscsit_build_datain_pdu(cmd, conn, &datain, hdr, set_statsn); 2679 2680 iov = &cmd->iov_data[0]; 2681 iov[iov_count].iov_base = cmd->pdu; 2682 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 2683 tx_size += ISCSI_HDR_LEN; 2684 2685 if (conn->conn_ops->HeaderDigest) { 2686 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2687 2688 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu, 2689 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2690 2691 iov[0].iov_len += ISCSI_CRC_LEN; 2692 tx_size += ISCSI_CRC_LEN; 2693 2694 pr_debug("Attaching CRC32 HeaderDigest" 2695 " for DataIN PDU 0x%08x\n", *header_digest); 2696 } 2697 2698 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1], 2699 datain.offset, datain.length); 2700 if (iov_ret < 0) 2701 return -1; 2702 2703 iov_count += iov_ret; 2704 tx_size += datain.length; 2705 2706 cmd->padding = ((-datain.length) & 3); 2707 if (cmd->padding) { 2708 iov[iov_count].iov_base = cmd->pad_bytes; 2709 iov[iov_count++].iov_len = cmd->padding; 2710 tx_size += cmd->padding; 2711 2712 pr_debug("Attaching %u padding bytes\n", 2713 cmd->padding); 2714 } 2715 if (conn->conn_ops->DataDigest) { 2716 cmd->data_crc = iscsit_do_crypto_hash_sg(conn->conn_tx_hash, cmd, 2717 datain.offset, datain.length, cmd->padding, cmd->pad_bytes); 2718 2719 iov[iov_count].iov_base = &cmd->data_crc; 2720 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2721 tx_size += ISCSI_CRC_LEN; 2722 2723 pr_debug("Attached CRC32C DataDigest %d bytes, crc" 2724 " 0x%08x\n", datain.length+cmd->padding, cmd->data_crc); 2725 } 2726 2727 cmd->iov_data_count = iov_count; 2728 cmd->tx_size = tx_size; 2729 2730 ret = iscsit_fe_sendpage_sg(cmd, conn); 2731 2732 iscsit_unmap_iovec(cmd); 2733 2734 if (ret < 0) { 2735 iscsit_tx_thread_wait_for_tcp(conn); 2736 return ret; 2737 } 2738 2739 if (dr->dr_complete) { 2740 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ? 2741 2 : 1; 2742 iscsit_free_datain_req(cmd, dr); 2743 } 2744 2745 return eodr; 2746 } 2747 2748 int 2749 iscsit_build_logout_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2750 struct iscsi_logout_rsp *hdr) 2751 { 2752 struct iscsi_conn *logout_conn = NULL; 2753 struct iscsi_conn_recovery *cr = NULL; 2754 struct iscsi_session *sess = conn->sess; 2755 /* 2756 * The actual shutting down of Sessions and/or Connections 2757 * for CLOSESESSION and CLOSECONNECTION Logout Requests 2758 * is done in scsi_logout_post_handler(). 2759 */ 2760 switch (cmd->logout_reason) { 2761 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 2762 pr_debug("iSCSI session logout successful, setting" 2763 " logout response to ISCSI_LOGOUT_SUCCESS.\n"); 2764 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2765 break; 2766 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 2767 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND) 2768 break; 2769 /* 2770 * For CLOSECONNECTION logout requests carrying 2771 * a matching logout CID -> local CID, the reference 2772 * for the local CID will have been incremented in 2773 * iscsi_logout_closeconnection(). 2774 * 2775 * For CLOSECONNECTION logout requests carrying 2776 * a different CID than the connection it arrived 2777 * on, the connection responding to cmd->logout_cid 2778 * is stopped in iscsit_logout_post_handler_diffcid(). 2779 */ 2780 2781 pr_debug("iSCSI CID: %hu logout on CID: %hu" 2782 " successful.\n", cmd->logout_cid, conn->cid); 2783 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2784 break; 2785 case ISCSI_LOGOUT_REASON_RECOVERY: 2786 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) || 2787 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED)) 2788 break; 2789 /* 2790 * If the connection is still active from our point of view 2791 * force connection recovery to occur. 2792 */ 2793 logout_conn = iscsit_get_conn_from_cid_rcfr(sess, 2794 cmd->logout_cid); 2795 if (logout_conn) { 2796 iscsit_connection_reinstatement_rcfr(logout_conn); 2797 iscsit_dec_conn_usage_count(logout_conn); 2798 } 2799 2800 cr = iscsit_get_inactive_connection_recovery_entry( 2801 conn->sess, cmd->logout_cid); 2802 if (!cr) { 2803 pr_err("Unable to locate CID: %hu for" 2804 " REMOVECONNFORRECOVERY Logout Request.\n", 2805 cmd->logout_cid); 2806 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2807 break; 2808 } 2809 2810 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn); 2811 2812 pr_debug("iSCSI REMOVECONNFORRECOVERY logout" 2813 " for recovery for CID: %hu on CID: %hu successful.\n", 2814 cmd->logout_cid, conn->cid); 2815 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2816 break; 2817 default: 2818 pr_err("Unknown cmd->logout_reason: 0x%02x\n", 2819 cmd->logout_reason); 2820 return -1; 2821 } 2822 2823 hdr->opcode = ISCSI_OP_LOGOUT_RSP; 2824 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2825 hdr->response = cmd->logout_response; 2826 hdr->itt = cmd->init_task_tag; 2827 cmd->stat_sn = conn->stat_sn++; 2828 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2829 2830 iscsit_increment_maxcmdsn(cmd, conn->sess); 2831 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2832 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2833 2834 pr_debug("Built Logout Response ITT: 0x%08x StatSN:" 2835 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n", 2836 cmd->init_task_tag, cmd->stat_sn, hdr->response, 2837 cmd->logout_cid, conn->cid); 2838 2839 return 0; 2840 } 2841 EXPORT_SYMBOL(iscsit_build_logout_rsp); 2842 2843 static int 2844 iscsit_send_logout(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2845 { 2846 struct kvec *iov; 2847 int niov = 0, tx_size, rc; 2848 2849 rc = iscsit_build_logout_rsp(cmd, conn, 2850 (struct iscsi_logout_rsp *)&cmd->pdu[0]); 2851 if (rc < 0) 2852 return rc; 2853 2854 tx_size = ISCSI_HDR_LEN; 2855 iov = &cmd->iov_misc[0]; 2856 iov[niov].iov_base = cmd->pdu; 2857 iov[niov++].iov_len = ISCSI_HDR_LEN; 2858 2859 if (conn->conn_ops->HeaderDigest) { 2860 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2861 2862 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, &cmd->pdu[0], 2863 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2864 2865 iov[0].iov_len += ISCSI_CRC_LEN; 2866 tx_size += ISCSI_CRC_LEN; 2867 pr_debug("Attaching CRC32C HeaderDigest to" 2868 " Logout Response 0x%08x\n", *header_digest); 2869 } 2870 cmd->iov_misc_count = niov; 2871 cmd->tx_size = tx_size; 2872 2873 return 0; 2874 } 2875 2876 void 2877 iscsit_build_nopin_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2878 struct iscsi_nopin *hdr, bool nopout_response) 2879 { 2880 hdr->opcode = ISCSI_OP_NOOP_IN; 2881 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2882 hton24(hdr->dlength, cmd->buf_ptr_size); 2883 if (nopout_response) 2884 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2885 hdr->itt = cmd->init_task_tag; 2886 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2887 cmd->stat_sn = (nopout_response) ? conn->stat_sn++ : 2888 conn->stat_sn; 2889 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2890 2891 if (nopout_response) 2892 iscsit_increment_maxcmdsn(cmd, conn->sess); 2893 2894 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2895 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2896 2897 pr_debug("Built NOPIN %s Response ITT: 0x%08x, TTT: 0x%08x," 2898 " StatSN: 0x%08x, Length %u\n", (nopout_response) ? 2899 "Solicitied" : "Unsolicitied", cmd->init_task_tag, 2900 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size); 2901 } 2902 EXPORT_SYMBOL(iscsit_build_nopin_rsp); 2903 2904 /* 2905 * Unsolicited NOPIN, either requesting a response or not. 2906 */ 2907 static int iscsit_send_unsolicited_nopin( 2908 struct iscsi_cmd *cmd, 2909 struct iscsi_conn *conn, 2910 int want_response) 2911 { 2912 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2913 int tx_size = ISCSI_HDR_LEN, ret; 2914 2915 iscsit_build_nopin_rsp(cmd, conn, hdr, false); 2916 2917 if (conn->conn_ops->HeaderDigest) { 2918 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2919 2920 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 2921 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2922 2923 tx_size += ISCSI_CRC_LEN; 2924 pr_debug("Attaching CRC32C HeaderDigest to" 2925 " NopIN 0x%08x\n", *header_digest); 2926 } 2927 2928 cmd->iov_misc[0].iov_base = cmd->pdu; 2929 cmd->iov_misc[0].iov_len = tx_size; 2930 cmd->iov_misc_count = 1; 2931 cmd->tx_size = tx_size; 2932 2933 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:" 2934 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid); 2935 2936 ret = iscsit_send_tx_data(cmd, conn, 1); 2937 if (ret < 0) { 2938 iscsit_tx_thread_wait_for_tcp(conn); 2939 return ret; 2940 } 2941 2942 spin_lock_bh(&cmd->istate_lock); 2943 cmd->i_state = want_response ? 2944 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS; 2945 spin_unlock_bh(&cmd->istate_lock); 2946 2947 return 0; 2948 } 2949 2950 static int 2951 iscsit_send_nopin(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2952 { 2953 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2954 struct kvec *iov; 2955 u32 padding = 0; 2956 int niov = 0, tx_size; 2957 2958 iscsit_build_nopin_rsp(cmd, conn, hdr, true); 2959 2960 tx_size = ISCSI_HDR_LEN; 2961 iov = &cmd->iov_misc[0]; 2962 iov[niov].iov_base = cmd->pdu; 2963 iov[niov++].iov_len = ISCSI_HDR_LEN; 2964 2965 if (conn->conn_ops->HeaderDigest) { 2966 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2967 2968 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 2969 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2970 2971 iov[0].iov_len += ISCSI_CRC_LEN; 2972 tx_size += ISCSI_CRC_LEN; 2973 pr_debug("Attaching CRC32C HeaderDigest" 2974 " to NopIn 0x%08x\n", *header_digest); 2975 } 2976 2977 /* 2978 * NOPOUT Ping Data is attached to struct iscsi_cmd->buf_ptr. 2979 * NOPOUT DataSegmentLength is at struct iscsi_cmd->buf_ptr_size. 2980 */ 2981 if (cmd->buf_ptr_size) { 2982 iov[niov].iov_base = cmd->buf_ptr; 2983 iov[niov++].iov_len = cmd->buf_ptr_size; 2984 tx_size += cmd->buf_ptr_size; 2985 2986 pr_debug("Echoing back %u bytes of ping" 2987 " data.\n", cmd->buf_ptr_size); 2988 2989 padding = ((-cmd->buf_ptr_size) & 3); 2990 if (padding != 0) { 2991 iov[niov].iov_base = &cmd->pad_bytes; 2992 iov[niov++].iov_len = padding; 2993 tx_size += padding; 2994 pr_debug("Attaching %u additional" 2995 " padding bytes.\n", padding); 2996 } 2997 if (conn->conn_ops->DataDigest) { 2998 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, 2999 cmd->buf_ptr, cmd->buf_ptr_size, 3000 padding, (u8 *)&cmd->pad_bytes, 3001 (u8 *)&cmd->data_crc); 3002 3003 iov[niov].iov_base = &cmd->data_crc; 3004 iov[niov++].iov_len = ISCSI_CRC_LEN; 3005 tx_size += ISCSI_CRC_LEN; 3006 pr_debug("Attached DataDigest for %u" 3007 " bytes of ping data, CRC 0x%08x\n", 3008 cmd->buf_ptr_size, cmd->data_crc); 3009 } 3010 } 3011 3012 cmd->iov_misc_count = niov; 3013 cmd->tx_size = tx_size; 3014 3015 return 0; 3016 } 3017 3018 static int iscsit_send_r2t( 3019 struct iscsi_cmd *cmd, 3020 struct iscsi_conn *conn) 3021 { 3022 int tx_size = 0; 3023 struct iscsi_r2t *r2t; 3024 struct iscsi_r2t_rsp *hdr; 3025 int ret; 3026 3027 r2t = iscsit_get_r2t_from_list(cmd); 3028 if (!r2t) 3029 return -1; 3030 3031 hdr = (struct iscsi_r2t_rsp *) cmd->pdu; 3032 memset(hdr, 0, ISCSI_HDR_LEN); 3033 hdr->opcode = ISCSI_OP_R2T; 3034 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3035 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 3036 (struct scsi_lun *)&hdr->lun); 3037 hdr->itt = cmd->init_task_tag; 3038 r2t->targ_xfer_tag = session_get_next_ttt(conn->sess); 3039 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag); 3040 hdr->statsn = cpu_to_be32(conn->stat_sn); 3041 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3042 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3043 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn); 3044 hdr->data_offset = cpu_to_be32(r2t->offset); 3045 hdr->data_length = cpu_to_be32(r2t->xfer_len); 3046 3047 cmd->iov_misc[0].iov_base = cmd->pdu; 3048 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3049 tx_size += ISCSI_HDR_LEN; 3050 3051 if (conn->conn_ops->HeaderDigest) { 3052 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3053 3054 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 3055 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3056 3057 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3058 tx_size += ISCSI_CRC_LEN; 3059 pr_debug("Attaching CRC32 HeaderDigest for R2T" 3060 " PDU 0x%08x\n", *header_digest); 3061 } 3062 3063 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:" 3064 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n", 3065 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag, 3066 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn, 3067 r2t->offset, r2t->xfer_len, conn->cid); 3068 3069 cmd->iov_misc_count = 1; 3070 cmd->tx_size = tx_size; 3071 3072 spin_lock_bh(&cmd->r2t_lock); 3073 r2t->sent_r2t = 1; 3074 spin_unlock_bh(&cmd->r2t_lock); 3075 3076 ret = iscsit_send_tx_data(cmd, conn, 1); 3077 if (ret < 0) { 3078 iscsit_tx_thread_wait_for_tcp(conn); 3079 return ret; 3080 } 3081 3082 spin_lock_bh(&cmd->dataout_timeout_lock); 3083 iscsit_start_dataout_timer(cmd, conn); 3084 spin_unlock_bh(&cmd->dataout_timeout_lock); 3085 3086 return 0; 3087 } 3088 3089 /* 3090 * @recovery: If called from iscsi_task_reassign_complete_write() for 3091 * connection recovery. 3092 */ 3093 int iscsit_build_r2ts_for_cmd( 3094 struct iscsi_conn *conn, 3095 struct iscsi_cmd *cmd, 3096 bool recovery) 3097 { 3098 int first_r2t = 1; 3099 u32 offset = 0, xfer_len = 0; 3100 3101 spin_lock_bh(&cmd->r2t_lock); 3102 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) { 3103 spin_unlock_bh(&cmd->r2t_lock); 3104 return 0; 3105 } 3106 3107 if (conn->sess->sess_ops->DataSequenceInOrder && 3108 !recovery) 3109 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done); 3110 3111 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) { 3112 if (conn->sess->sess_ops->DataSequenceInOrder) { 3113 offset = cmd->r2t_offset; 3114 3115 if (first_r2t && recovery) { 3116 int new_data_end = offset + 3117 conn->sess->sess_ops->MaxBurstLength - 3118 cmd->next_burst_len; 3119 3120 if (new_data_end > cmd->se_cmd.data_length) 3121 xfer_len = cmd->se_cmd.data_length - offset; 3122 else 3123 xfer_len = 3124 conn->sess->sess_ops->MaxBurstLength - 3125 cmd->next_burst_len; 3126 } else { 3127 int new_data_end = offset + 3128 conn->sess->sess_ops->MaxBurstLength; 3129 3130 if (new_data_end > cmd->se_cmd.data_length) 3131 xfer_len = cmd->se_cmd.data_length - offset; 3132 else 3133 xfer_len = conn->sess->sess_ops->MaxBurstLength; 3134 } 3135 cmd->r2t_offset += xfer_len; 3136 3137 if (cmd->r2t_offset == cmd->se_cmd.data_length) 3138 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3139 } else { 3140 struct iscsi_seq *seq; 3141 3142 seq = iscsit_get_seq_holder_for_r2t(cmd); 3143 if (!seq) { 3144 spin_unlock_bh(&cmd->r2t_lock); 3145 return -1; 3146 } 3147 3148 offset = seq->offset; 3149 xfer_len = seq->xfer_len; 3150 3151 if (cmd->seq_send_order == cmd->seq_count) 3152 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3153 } 3154 cmd->outstanding_r2ts++; 3155 first_r2t = 0; 3156 3157 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) { 3158 spin_unlock_bh(&cmd->r2t_lock); 3159 return -1; 3160 } 3161 3162 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) 3163 break; 3164 } 3165 spin_unlock_bh(&cmd->r2t_lock); 3166 3167 return 0; 3168 } 3169 3170 void iscsit_build_rsp_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3171 bool inc_stat_sn, struct iscsi_scsi_rsp *hdr) 3172 { 3173 if (inc_stat_sn) 3174 cmd->stat_sn = conn->stat_sn++; 3175 3176 atomic_long_inc(&conn->sess->rsp_pdus); 3177 3178 memset(hdr, 0, ISCSI_HDR_LEN); 3179 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP; 3180 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3181 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 3182 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW; 3183 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3184 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 3185 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW; 3186 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3187 } 3188 hdr->response = cmd->iscsi_response; 3189 hdr->cmd_status = cmd->se_cmd.scsi_status; 3190 hdr->itt = cmd->init_task_tag; 3191 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3192 3193 iscsit_increment_maxcmdsn(cmd, conn->sess); 3194 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3195 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3196 3197 pr_debug("Built SCSI Response, ITT: 0x%08x, StatSN: 0x%08x," 3198 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n", 3199 cmd->init_task_tag, cmd->stat_sn, cmd->se_cmd.scsi_status, 3200 cmd->se_cmd.scsi_status, conn->cid); 3201 } 3202 EXPORT_SYMBOL(iscsit_build_rsp_pdu); 3203 3204 static int iscsit_send_response(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3205 { 3206 struct iscsi_scsi_rsp *hdr = (struct iscsi_scsi_rsp *)&cmd->pdu[0]; 3207 struct kvec *iov; 3208 u32 padding = 0, tx_size = 0; 3209 int iov_count = 0; 3210 bool inc_stat_sn = (cmd->i_state == ISTATE_SEND_STATUS); 3211 3212 iscsit_build_rsp_pdu(cmd, conn, inc_stat_sn, hdr); 3213 3214 iov = &cmd->iov_misc[0]; 3215 iov[iov_count].iov_base = cmd->pdu; 3216 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3217 tx_size += ISCSI_HDR_LEN; 3218 3219 /* 3220 * Attach SENSE DATA payload to iSCSI Response PDU 3221 */ 3222 if (cmd->se_cmd.sense_buffer && 3223 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) || 3224 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) { 3225 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer); 3226 cmd->se_cmd.scsi_sense_length += sizeof (__be16); 3227 3228 padding = -(cmd->se_cmd.scsi_sense_length) & 3; 3229 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length); 3230 iov[iov_count].iov_base = cmd->sense_buffer; 3231 iov[iov_count++].iov_len = 3232 (cmd->se_cmd.scsi_sense_length + padding); 3233 tx_size += cmd->se_cmd.scsi_sense_length; 3234 3235 if (padding) { 3236 memset(cmd->sense_buffer + 3237 cmd->se_cmd.scsi_sense_length, 0, padding); 3238 tx_size += padding; 3239 pr_debug("Adding %u bytes of padding to" 3240 " SENSE.\n", padding); 3241 } 3242 3243 if (conn->conn_ops->DataDigest) { 3244 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, 3245 cmd->sense_buffer, 3246 (cmd->se_cmd.scsi_sense_length + padding), 3247 0, NULL, (u8 *)&cmd->data_crc); 3248 3249 iov[iov_count].iov_base = &cmd->data_crc; 3250 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3251 tx_size += ISCSI_CRC_LEN; 3252 3253 pr_debug("Attaching CRC32 DataDigest for" 3254 " SENSE, %u bytes CRC 0x%08x\n", 3255 (cmd->se_cmd.scsi_sense_length + padding), 3256 cmd->data_crc); 3257 } 3258 3259 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI" 3260 " Response PDU\n", 3261 cmd->se_cmd.scsi_sense_length); 3262 } 3263 3264 if (conn->conn_ops->HeaderDigest) { 3265 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3266 3267 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu, 3268 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3269 3270 iov[0].iov_len += ISCSI_CRC_LEN; 3271 tx_size += ISCSI_CRC_LEN; 3272 pr_debug("Attaching CRC32 HeaderDigest for Response" 3273 " PDU 0x%08x\n", *header_digest); 3274 } 3275 3276 cmd->iov_misc_count = iov_count; 3277 cmd->tx_size = tx_size; 3278 3279 return 0; 3280 } 3281 3282 static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr) 3283 { 3284 switch (se_tmr->response) { 3285 case TMR_FUNCTION_COMPLETE: 3286 return ISCSI_TMF_RSP_COMPLETE; 3287 case TMR_TASK_DOES_NOT_EXIST: 3288 return ISCSI_TMF_RSP_NO_TASK; 3289 case TMR_LUN_DOES_NOT_EXIST: 3290 return ISCSI_TMF_RSP_NO_LUN; 3291 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED: 3292 return ISCSI_TMF_RSP_NOT_SUPPORTED; 3293 case TMR_FUNCTION_REJECTED: 3294 default: 3295 return ISCSI_TMF_RSP_REJECTED; 3296 } 3297 } 3298 3299 void 3300 iscsit_build_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3301 struct iscsi_tm_rsp *hdr) 3302 { 3303 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req; 3304 3305 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP; 3306 hdr->flags = ISCSI_FLAG_CMD_FINAL; 3307 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr); 3308 hdr->itt = cmd->init_task_tag; 3309 cmd->stat_sn = conn->stat_sn++; 3310 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3311 3312 iscsit_increment_maxcmdsn(cmd, conn->sess); 3313 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3314 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3315 3316 pr_debug("Built Task Management Response ITT: 0x%08x," 3317 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n", 3318 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid); 3319 } 3320 EXPORT_SYMBOL(iscsit_build_task_mgt_rsp); 3321 3322 static int 3323 iscsit_send_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3324 { 3325 struct iscsi_tm_rsp *hdr = (struct iscsi_tm_rsp *)&cmd->pdu[0]; 3326 u32 tx_size = 0; 3327 3328 iscsit_build_task_mgt_rsp(cmd, conn, hdr); 3329 3330 cmd->iov_misc[0].iov_base = cmd->pdu; 3331 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3332 tx_size += ISCSI_HDR_LEN; 3333 3334 if (conn->conn_ops->HeaderDigest) { 3335 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3336 3337 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 3338 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3339 3340 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3341 tx_size += ISCSI_CRC_LEN; 3342 pr_debug("Attaching CRC32 HeaderDigest for Task" 3343 " Mgmt Response PDU 0x%08x\n", *header_digest); 3344 } 3345 3346 cmd->iov_misc_count = 1; 3347 cmd->tx_size = tx_size; 3348 3349 return 0; 3350 } 3351 3352 static bool iscsit_check_inaddr_any(struct iscsi_np *np) 3353 { 3354 bool ret = false; 3355 3356 if (np->np_sockaddr.ss_family == AF_INET6) { 3357 const struct sockaddr_in6 sin6 = { 3358 .sin6_addr = IN6ADDR_ANY_INIT }; 3359 struct sockaddr_in6 *sock_in6 = 3360 (struct sockaddr_in6 *)&np->np_sockaddr; 3361 3362 if (!memcmp(sock_in6->sin6_addr.s6_addr, 3363 sin6.sin6_addr.s6_addr, 16)) 3364 ret = true; 3365 } else { 3366 struct sockaddr_in * sock_in = 3367 (struct sockaddr_in *)&np->np_sockaddr; 3368 3369 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY)) 3370 ret = true; 3371 } 3372 3373 return ret; 3374 } 3375 3376 #define SENDTARGETS_BUF_LIMIT 32768U 3377 3378 static int 3379 iscsit_build_sendtargets_response(struct iscsi_cmd *cmd, 3380 enum iscsit_transport_type network_transport, 3381 int skip_bytes, bool *completed) 3382 { 3383 char *payload = NULL; 3384 struct iscsi_conn *conn = cmd->conn; 3385 struct iscsi_portal_group *tpg; 3386 struct iscsi_tiqn *tiqn; 3387 struct iscsi_tpg_np *tpg_np; 3388 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0; 3389 int target_name_printed; 3390 unsigned char buf[ISCSI_IQN_LEN+12]; /* iqn + "TargetName=" + \0 */ 3391 unsigned char *text_in = cmd->text_in_ptr, *text_ptr = NULL; 3392 bool active; 3393 3394 buffer_len = min(conn->conn_ops->MaxRecvDataSegmentLength, 3395 SENDTARGETS_BUF_LIMIT); 3396 3397 payload = kzalloc(buffer_len, GFP_KERNEL); 3398 if (!payload) { 3399 pr_err("Unable to allocate memory for sendtargets" 3400 " response.\n"); 3401 return -ENOMEM; 3402 } 3403 /* 3404 * Locate pointer to iqn./eui. string for ICF_SENDTARGETS_SINGLE 3405 * explicit case.. 3406 */ 3407 if (cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) { 3408 text_ptr = strchr(text_in, '='); 3409 if (!text_ptr) { 3410 pr_err("Unable to locate '=' string in text_in:" 3411 " %s\n", text_in); 3412 kfree(payload); 3413 return -EINVAL; 3414 } 3415 /* 3416 * Skip over '=' character.. 3417 */ 3418 text_ptr += 1; 3419 } 3420 3421 spin_lock(&tiqn_lock); 3422 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 3423 if ((cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) && 3424 strcmp(tiqn->tiqn, text_ptr)) { 3425 continue; 3426 } 3427 3428 target_name_printed = 0; 3429 3430 spin_lock(&tiqn->tiqn_tpg_lock); 3431 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) { 3432 3433 /* If demo_mode_discovery=0 and generate_node_acls=0 3434 * (demo mode dislabed) do not return 3435 * TargetName+TargetAddress unless a NodeACL exists. 3436 */ 3437 3438 if ((tpg->tpg_attrib.generate_node_acls == 0) && 3439 (tpg->tpg_attrib.demo_mode_discovery == 0) && 3440 (!target_tpg_has_node_acl(&tpg->tpg_se_tpg, 3441 cmd->conn->sess->sess_ops->InitiatorName))) { 3442 continue; 3443 } 3444 3445 spin_lock(&tpg->tpg_state_lock); 3446 active = (tpg->tpg_state == TPG_STATE_ACTIVE); 3447 spin_unlock(&tpg->tpg_state_lock); 3448 3449 if (!active && tpg->tpg_attrib.tpg_enabled_sendtargets) 3450 continue; 3451 3452 spin_lock(&tpg->tpg_np_lock); 3453 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list, 3454 tpg_np_list) { 3455 struct iscsi_np *np = tpg_np->tpg_np; 3456 bool inaddr_any = iscsit_check_inaddr_any(np); 3457 struct sockaddr_storage *sockaddr; 3458 3459 if (np->np_network_transport != network_transport) 3460 continue; 3461 3462 if (!target_name_printed) { 3463 len = sprintf(buf, "TargetName=%s", 3464 tiqn->tiqn); 3465 len += 1; 3466 3467 if ((len + payload_len) > buffer_len) { 3468 spin_unlock(&tpg->tpg_np_lock); 3469 spin_unlock(&tiqn->tiqn_tpg_lock); 3470 end_of_buf = 1; 3471 goto eob; 3472 } 3473 3474 if (skip_bytes && len <= skip_bytes) { 3475 skip_bytes -= len; 3476 } else { 3477 memcpy(payload + payload_len, buf, len); 3478 payload_len += len; 3479 target_name_printed = 1; 3480 if (len > skip_bytes) 3481 skip_bytes = 0; 3482 } 3483 } 3484 3485 if (inaddr_any) 3486 sockaddr = &conn->local_sockaddr; 3487 else 3488 sockaddr = &np->np_sockaddr; 3489 3490 len = sprintf(buf, "TargetAddress=" 3491 "%pISpc,%hu", 3492 sockaddr, 3493 tpg->tpgt); 3494 len += 1; 3495 3496 if ((len + payload_len) > buffer_len) { 3497 spin_unlock(&tpg->tpg_np_lock); 3498 spin_unlock(&tiqn->tiqn_tpg_lock); 3499 end_of_buf = 1; 3500 goto eob; 3501 } 3502 3503 if (skip_bytes && len <= skip_bytes) { 3504 skip_bytes -= len; 3505 } else { 3506 memcpy(payload + payload_len, buf, len); 3507 payload_len += len; 3508 if (len > skip_bytes) 3509 skip_bytes = 0; 3510 } 3511 } 3512 spin_unlock(&tpg->tpg_np_lock); 3513 } 3514 spin_unlock(&tiqn->tiqn_tpg_lock); 3515 eob: 3516 if (end_of_buf) { 3517 *completed = false; 3518 break; 3519 } 3520 3521 if (cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) 3522 break; 3523 } 3524 spin_unlock(&tiqn_lock); 3525 3526 cmd->buf_ptr = payload; 3527 3528 return payload_len; 3529 } 3530 3531 int 3532 iscsit_build_text_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3533 struct iscsi_text_rsp *hdr, 3534 enum iscsit_transport_type network_transport) 3535 { 3536 int text_length, padding; 3537 bool completed = true; 3538 3539 text_length = iscsit_build_sendtargets_response(cmd, network_transport, 3540 cmd->read_data_done, 3541 &completed); 3542 if (text_length < 0) 3543 return text_length; 3544 3545 if (completed) { 3546 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3547 } else { 3548 hdr->flags |= ISCSI_FLAG_TEXT_CONTINUE; 3549 cmd->read_data_done += text_length; 3550 if (cmd->targ_xfer_tag == 0xFFFFFFFF) 3551 cmd->targ_xfer_tag = session_get_next_ttt(conn->sess); 3552 } 3553 hdr->opcode = ISCSI_OP_TEXT_RSP; 3554 padding = ((-text_length) & 3); 3555 hton24(hdr->dlength, text_length); 3556 hdr->itt = cmd->init_task_tag; 3557 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 3558 cmd->stat_sn = conn->stat_sn++; 3559 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3560 3561 iscsit_increment_maxcmdsn(cmd, conn->sess); 3562 /* 3563 * Reset maxcmdsn_inc in multi-part text payload exchanges to 3564 * correctly increment MaxCmdSN for each response answering a 3565 * non immediate text request with a valid CmdSN. 3566 */ 3567 cmd->maxcmdsn_inc = 0; 3568 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3569 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3570 3571 pr_debug("Built Text Response: ITT: 0x%08x, TTT: 0x%08x, StatSN: 0x%08x," 3572 " Length: %u, CID: %hu F: %d C: %d\n", cmd->init_task_tag, 3573 cmd->targ_xfer_tag, cmd->stat_sn, text_length, conn->cid, 3574 !!(hdr->flags & ISCSI_FLAG_CMD_FINAL), 3575 !!(hdr->flags & ISCSI_FLAG_TEXT_CONTINUE)); 3576 3577 return text_length + padding; 3578 } 3579 EXPORT_SYMBOL(iscsit_build_text_rsp); 3580 3581 static int iscsit_send_text_rsp( 3582 struct iscsi_cmd *cmd, 3583 struct iscsi_conn *conn) 3584 { 3585 struct iscsi_text_rsp *hdr = (struct iscsi_text_rsp *)cmd->pdu; 3586 struct kvec *iov; 3587 u32 tx_size = 0; 3588 int text_length, iov_count = 0, rc; 3589 3590 rc = iscsit_build_text_rsp(cmd, conn, hdr, ISCSI_TCP); 3591 if (rc < 0) 3592 return rc; 3593 3594 text_length = rc; 3595 iov = &cmd->iov_misc[0]; 3596 iov[iov_count].iov_base = cmd->pdu; 3597 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3598 iov[iov_count].iov_base = cmd->buf_ptr; 3599 iov[iov_count++].iov_len = text_length; 3600 3601 tx_size += (ISCSI_HDR_LEN + text_length); 3602 3603 if (conn->conn_ops->HeaderDigest) { 3604 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3605 3606 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 3607 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3608 3609 iov[0].iov_len += ISCSI_CRC_LEN; 3610 tx_size += ISCSI_CRC_LEN; 3611 pr_debug("Attaching CRC32 HeaderDigest for" 3612 " Text Response PDU 0x%08x\n", *header_digest); 3613 } 3614 3615 if (conn->conn_ops->DataDigest) { 3616 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, 3617 cmd->buf_ptr, text_length, 3618 0, NULL, (u8 *)&cmd->data_crc); 3619 3620 iov[iov_count].iov_base = &cmd->data_crc; 3621 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3622 tx_size += ISCSI_CRC_LEN; 3623 3624 pr_debug("Attaching DataDigest for %u bytes of text" 3625 " data, CRC 0x%08x\n", text_length, 3626 cmd->data_crc); 3627 } 3628 3629 cmd->iov_misc_count = iov_count; 3630 cmd->tx_size = tx_size; 3631 3632 return 0; 3633 } 3634 3635 void 3636 iscsit_build_reject(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3637 struct iscsi_reject *hdr) 3638 { 3639 hdr->opcode = ISCSI_OP_REJECT; 3640 hdr->reason = cmd->reject_reason; 3641 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3642 hton24(hdr->dlength, ISCSI_HDR_LEN); 3643 hdr->ffffffff = cpu_to_be32(0xffffffff); 3644 cmd->stat_sn = conn->stat_sn++; 3645 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3646 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3647 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3648 3649 } 3650 EXPORT_SYMBOL(iscsit_build_reject); 3651 3652 static int iscsit_send_reject( 3653 struct iscsi_cmd *cmd, 3654 struct iscsi_conn *conn) 3655 { 3656 struct iscsi_reject *hdr = (struct iscsi_reject *)&cmd->pdu[0]; 3657 struct kvec *iov; 3658 u32 iov_count = 0, tx_size; 3659 3660 iscsit_build_reject(cmd, conn, hdr); 3661 3662 iov = &cmd->iov_misc[0]; 3663 iov[iov_count].iov_base = cmd->pdu; 3664 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3665 iov[iov_count].iov_base = cmd->buf_ptr; 3666 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3667 3668 tx_size = (ISCSI_HDR_LEN + ISCSI_HDR_LEN); 3669 3670 if (conn->conn_ops->HeaderDigest) { 3671 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3672 3673 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 3674 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3675 3676 iov[0].iov_len += ISCSI_CRC_LEN; 3677 tx_size += ISCSI_CRC_LEN; 3678 pr_debug("Attaching CRC32 HeaderDigest for" 3679 " REJECT PDU 0x%08x\n", *header_digest); 3680 } 3681 3682 if (conn->conn_ops->DataDigest) { 3683 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->buf_ptr, 3684 ISCSI_HDR_LEN, 0, NULL, (u8 *)&cmd->data_crc); 3685 3686 iov[iov_count].iov_base = &cmd->data_crc; 3687 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3688 tx_size += ISCSI_CRC_LEN; 3689 pr_debug("Attaching CRC32 DataDigest for REJECT" 3690 " PDU 0x%08x\n", cmd->data_crc); 3691 } 3692 3693 cmd->iov_misc_count = iov_count; 3694 cmd->tx_size = tx_size; 3695 3696 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x," 3697 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid); 3698 3699 return 0; 3700 } 3701 3702 void iscsit_thread_get_cpumask(struct iscsi_conn *conn) 3703 { 3704 int ord, cpu; 3705 /* 3706 * bitmap_id is assigned from iscsit_global->ts_bitmap from 3707 * within iscsit_start_kthreads() 3708 * 3709 * Here we use bitmap_id to determine which CPU that this 3710 * iSCSI connection's RX/TX threads will be scheduled to 3711 * execute upon. 3712 */ 3713 ord = conn->bitmap_id % cpumask_weight(cpu_online_mask); 3714 for_each_online_cpu(cpu) { 3715 if (ord-- == 0) { 3716 cpumask_set_cpu(cpu, conn->conn_cpumask); 3717 return; 3718 } 3719 } 3720 /* 3721 * This should never be reached.. 3722 */ 3723 dump_stack(); 3724 cpumask_setall(conn->conn_cpumask); 3725 } 3726 3727 static inline void iscsit_thread_check_cpumask( 3728 struct iscsi_conn *conn, 3729 struct task_struct *p, 3730 int mode) 3731 { 3732 /* 3733 * mode == 1 signals iscsi_target_tx_thread() usage. 3734 * mode == 0 signals iscsi_target_rx_thread() usage. 3735 */ 3736 if (mode == 1) { 3737 if (!conn->conn_tx_reset_cpumask) 3738 return; 3739 conn->conn_tx_reset_cpumask = 0; 3740 } else { 3741 if (!conn->conn_rx_reset_cpumask) 3742 return; 3743 conn->conn_rx_reset_cpumask = 0; 3744 } 3745 /* 3746 * Update the CPU mask for this single kthread so that 3747 * both TX and RX kthreads are scheduled to run on the 3748 * same CPU. 3749 */ 3750 set_cpus_allowed_ptr(p, conn->conn_cpumask); 3751 } 3752 3753 static int 3754 iscsit_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3755 { 3756 int ret; 3757 3758 switch (state) { 3759 case ISTATE_SEND_R2T: 3760 ret = iscsit_send_r2t(cmd, conn); 3761 if (ret < 0) 3762 goto err; 3763 break; 3764 case ISTATE_REMOVE: 3765 spin_lock_bh(&conn->cmd_lock); 3766 list_del_init(&cmd->i_conn_node); 3767 spin_unlock_bh(&conn->cmd_lock); 3768 3769 iscsit_free_cmd(cmd, false); 3770 break; 3771 case ISTATE_SEND_NOPIN_WANT_RESPONSE: 3772 iscsit_mod_nopin_response_timer(conn); 3773 ret = iscsit_send_unsolicited_nopin(cmd, conn, 1); 3774 if (ret < 0) 3775 goto err; 3776 break; 3777 case ISTATE_SEND_NOPIN_NO_RESPONSE: 3778 ret = iscsit_send_unsolicited_nopin(cmd, conn, 0); 3779 if (ret < 0) 3780 goto err; 3781 break; 3782 default: 3783 pr_err("Unknown Opcode: 0x%02x ITT:" 3784 " 0x%08x, i_state: %d on CID: %hu\n", 3785 cmd->iscsi_opcode, cmd->init_task_tag, state, 3786 conn->cid); 3787 goto err; 3788 } 3789 3790 return 0; 3791 3792 err: 3793 return -1; 3794 } 3795 3796 static int 3797 iscsit_handle_immediate_queue(struct iscsi_conn *conn) 3798 { 3799 struct iscsit_transport *t = conn->conn_transport; 3800 struct iscsi_queue_req *qr; 3801 struct iscsi_cmd *cmd; 3802 u8 state; 3803 int ret; 3804 3805 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) { 3806 atomic_set(&conn->check_immediate_queue, 0); 3807 cmd = qr->cmd; 3808 state = qr->state; 3809 kmem_cache_free(lio_qr_cache, qr); 3810 3811 ret = t->iscsit_immediate_queue(conn, cmd, state); 3812 if (ret < 0) 3813 return ret; 3814 } 3815 3816 return 0; 3817 } 3818 3819 static int 3820 iscsit_response_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3821 { 3822 int ret; 3823 3824 check_rsp_state: 3825 switch (state) { 3826 case ISTATE_SEND_DATAIN: 3827 ret = iscsit_send_datain(cmd, conn); 3828 if (ret < 0) 3829 goto err; 3830 else if (!ret) 3831 /* more drs */ 3832 goto check_rsp_state; 3833 else if (ret == 1) { 3834 /* all done */ 3835 spin_lock_bh(&cmd->istate_lock); 3836 cmd->i_state = ISTATE_SENT_STATUS; 3837 spin_unlock_bh(&cmd->istate_lock); 3838 3839 if (atomic_read(&conn->check_immediate_queue)) 3840 return 1; 3841 3842 return 0; 3843 } else if (ret == 2) { 3844 /* Still must send status, 3845 SCF_TRANSPORT_TASK_SENSE was set */ 3846 spin_lock_bh(&cmd->istate_lock); 3847 cmd->i_state = ISTATE_SEND_STATUS; 3848 spin_unlock_bh(&cmd->istate_lock); 3849 state = ISTATE_SEND_STATUS; 3850 goto check_rsp_state; 3851 } 3852 3853 break; 3854 case ISTATE_SEND_STATUS: 3855 case ISTATE_SEND_STATUS_RECOVERY: 3856 ret = iscsit_send_response(cmd, conn); 3857 break; 3858 case ISTATE_SEND_LOGOUTRSP: 3859 ret = iscsit_send_logout(cmd, conn); 3860 break; 3861 case ISTATE_SEND_ASYNCMSG: 3862 ret = iscsit_send_conn_drop_async_message( 3863 cmd, conn); 3864 break; 3865 case ISTATE_SEND_NOPIN: 3866 ret = iscsit_send_nopin(cmd, conn); 3867 break; 3868 case ISTATE_SEND_REJECT: 3869 ret = iscsit_send_reject(cmd, conn); 3870 break; 3871 case ISTATE_SEND_TASKMGTRSP: 3872 ret = iscsit_send_task_mgt_rsp(cmd, conn); 3873 if (ret != 0) 3874 break; 3875 ret = iscsit_tmr_post_handler(cmd, conn); 3876 if (ret != 0) 3877 iscsit_fall_back_to_erl0(conn->sess); 3878 break; 3879 case ISTATE_SEND_TEXTRSP: 3880 ret = iscsit_send_text_rsp(cmd, conn); 3881 break; 3882 default: 3883 pr_err("Unknown Opcode: 0x%02x ITT:" 3884 " 0x%08x, i_state: %d on CID: %hu\n", 3885 cmd->iscsi_opcode, cmd->init_task_tag, 3886 state, conn->cid); 3887 goto err; 3888 } 3889 if (ret < 0) 3890 goto err; 3891 3892 if (iscsit_send_tx_data(cmd, conn, 1) < 0) { 3893 iscsit_tx_thread_wait_for_tcp(conn); 3894 iscsit_unmap_iovec(cmd); 3895 goto err; 3896 } 3897 iscsit_unmap_iovec(cmd); 3898 3899 switch (state) { 3900 case ISTATE_SEND_LOGOUTRSP: 3901 if (!iscsit_logout_post_handler(cmd, conn)) 3902 return -ECONNRESET; 3903 /* fall through */ 3904 case ISTATE_SEND_STATUS: 3905 case ISTATE_SEND_ASYNCMSG: 3906 case ISTATE_SEND_NOPIN: 3907 case ISTATE_SEND_STATUS_RECOVERY: 3908 case ISTATE_SEND_TEXTRSP: 3909 case ISTATE_SEND_TASKMGTRSP: 3910 case ISTATE_SEND_REJECT: 3911 spin_lock_bh(&cmd->istate_lock); 3912 cmd->i_state = ISTATE_SENT_STATUS; 3913 spin_unlock_bh(&cmd->istate_lock); 3914 break; 3915 default: 3916 pr_err("Unknown Opcode: 0x%02x ITT:" 3917 " 0x%08x, i_state: %d on CID: %hu\n", 3918 cmd->iscsi_opcode, cmd->init_task_tag, 3919 cmd->i_state, conn->cid); 3920 goto err; 3921 } 3922 3923 if (atomic_read(&conn->check_immediate_queue)) 3924 return 1; 3925 3926 return 0; 3927 3928 err: 3929 return -1; 3930 } 3931 3932 static int iscsit_handle_response_queue(struct iscsi_conn *conn) 3933 { 3934 struct iscsit_transport *t = conn->conn_transport; 3935 struct iscsi_queue_req *qr; 3936 struct iscsi_cmd *cmd; 3937 u8 state; 3938 int ret; 3939 3940 while ((qr = iscsit_get_cmd_from_response_queue(conn))) { 3941 cmd = qr->cmd; 3942 state = qr->state; 3943 kmem_cache_free(lio_qr_cache, qr); 3944 3945 ret = t->iscsit_response_queue(conn, cmd, state); 3946 if (ret == 1 || ret < 0) 3947 return ret; 3948 } 3949 3950 return 0; 3951 } 3952 3953 int iscsi_target_tx_thread(void *arg) 3954 { 3955 int ret = 0; 3956 struct iscsi_conn *conn = arg; 3957 /* 3958 * Allow ourselves to be interrupted by SIGINT so that a 3959 * connection recovery / failure event can be triggered externally. 3960 */ 3961 allow_signal(SIGINT); 3962 3963 while (!kthread_should_stop()) { 3964 /* 3965 * Ensure that both TX and RX per connection kthreads 3966 * are scheduled to run on the same CPU. 3967 */ 3968 iscsit_thread_check_cpumask(conn, current, 1); 3969 3970 wait_event_interruptible(conn->queues_wq, 3971 !iscsit_conn_all_queues_empty(conn)); 3972 3973 if (signal_pending(current)) 3974 goto transport_err; 3975 3976 get_immediate: 3977 ret = iscsit_handle_immediate_queue(conn); 3978 if (ret < 0) 3979 goto transport_err; 3980 3981 ret = iscsit_handle_response_queue(conn); 3982 if (ret == 1) 3983 goto get_immediate; 3984 else if (ret == -ECONNRESET) 3985 goto out; 3986 else if (ret < 0) 3987 goto transport_err; 3988 } 3989 3990 transport_err: 3991 /* 3992 * Avoid the normal connection failure code-path if this connection 3993 * is still within LOGIN mode, and iscsi_np process context is 3994 * responsible for cleaning up the early connection failure. 3995 */ 3996 if (conn->conn_state != TARG_CONN_STATE_IN_LOGIN) 3997 iscsit_take_action_for_connection_exit(conn); 3998 out: 3999 return 0; 4000 } 4001 4002 static int iscsi_target_rx_opcode(struct iscsi_conn *conn, unsigned char *buf) 4003 { 4004 struct iscsi_hdr *hdr = (struct iscsi_hdr *)buf; 4005 struct iscsi_cmd *cmd; 4006 int ret = 0; 4007 4008 switch (hdr->opcode & ISCSI_OPCODE_MASK) { 4009 case ISCSI_OP_SCSI_CMD: 4010 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 4011 if (!cmd) 4012 goto reject; 4013 4014 ret = iscsit_handle_scsi_cmd(conn, cmd, buf); 4015 break; 4016 case ISCSI_OP_SCSI_DATA_OUT: 4017 ret = iscsit_handle_data_out(conn, buf); 4018 break; 4019 case ISCSI_OP_NOOP_OUT: 4020 cmd = NULL; 4021 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 4022 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 4023 if (!cmd) 4024 goto reject; 4025 } 4026 ret = iscsit_handle_nop_out(conn, cmd, buf); 4027 break; 4028 case ISCSI_OP_SCSI_TMFUNC: 4029 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 4030 if (!cmd) 4031 goto reject; 4032 4033 ret = iscsit_handle_task_mgt_cmd(conn, cmd, buf); 4034 break; 4035 case ISCSI_OP_TEXT: 4036 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 4037 cmd = iscsit_find_cmd_from_itt(conn, hdr->itt); 4038 if (!cmd) 4039 goto reject; 4040 } else { 4041 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 4042 if (!cmd) 4043 goto reject; 4044 } 4045 4046 ret = iscsit_handle_text_cmd(conn, cmd, buf); 4047 break; 4048 case ISCSI_OP_LOGOUT: 4049 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 4050 if (!cmd) 4051 goto reject; 4052 4053 ret = iscsit_handle_logout_cmd(conn, cmd, buf); 4054 if (ret > 0) 4055 wait_for_completion_timeout(&conn->conn_logout_comp, 4056 SECONDS_FOR_LOGOUT_COMP * HZ); 4057 break; 4058 case ISCSI_OP_SNACK: 4059 ret = iscsit_handle_snack(conn, buf); 4060 break; 4061 default: 4062 pr_err("Got unknown iSCSI OpCode: 0x%02x\n", hdr->opcode); 4063 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 4064 pr_err("Cannot recover from unknown" 4065 " opcode while ERL=0, closing iSCSI connection.\n"); 4066 return -1; 4067 } 4068 pr_err("Unable to recover from unknown opcode while OFMarker=No," 4069 " closing iSCSI connection.\n"); 4070 ret = -1; 4071 break; 4072 } 4073 4074 return ret; 4075 reject: 4076 return iscsit_add_reject(conn, ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 4077 } 4078 4079 static bool iscsi_target_check_conn_state(struct iscsi_conn *conn) 4080 { 4081 bool ret; 4082 4083 spin_lock_bh(&conn->state_lock); 4084 ret = (conn->conn_state != TARG_CONN_STATE_LOGGED_IN); 4085 spin_unlock_bh(&conn->state_lock); 4086 4087 return ret; 4088 } 4089 4090 int iscsi_target_rx_thread(void *arg) 4091 { 4092 int ret, rc; 4093 u8 buffer[ISCSI_HDR_LEN], opcode; 4094 u32 checksum = 0, digest = 0; 4095 struct iscsi_conn *conn = arg; 4096 struct kvec iov; 4097 /* 4098 * Allow ourselves to be interrupted by SIGINT so that a 4099 * connection recovery / failure event can be triggered externally. 4100 */ 4101 allow_signal(SIGINT); 4102 /* 4103 * Wait for iscsi_post_login_handler() to complete before allowing 4104 * incoming iscsi/tcp socket I/O, and/or failing the connection. 4105 */ 4106 rc = wait_for_completion_interruptible(&conn->rx_login_comp); 4107 if (rc < 0 || iscsi_target_check_conn_state(conn)) 4108 return 0; 4109 4110 if (conn->conn_transport->transport_type == ISCSI_INFINIBAND) { 4111 struct completion comp; 4112 4113 init_completion(&comp); 4114 rc = wait_for_completion_interruptible(&comp); 4115 if (rc < 0) 4116 goto transport_err; 4117 4118 goto transport_err; 4119 } 4120 4121 while (!kthread_should_stop()) { 4122 /* 4123 * Ensure that both TX and RX per connection kthreads 4124 * are scheduled to run on the same CPU. 4125 */ 4126 iscsit_thread_check_cpumask(conn, current, 0); 4127 4128 memset(buffer, 0, ISCSI_HDR_LEN); 4129 memset(&iov, 0, sizeof(struct kvec)); 4130 4131 iov.iov_base = buffer; 4132 iov.iov_len = ISCSI_HDR_LEN; 4133 4134 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN); 4135 if (ret != ISCSI_HDR_LEN) { 4136 iscsit_rx_thread_wait_for_tcp(conn); 4137 goto transport_err; 4138 } 4139 4140 if (conn->conn_ops->HeaderDigest) { 4141 iov.iov_base = &digest; 4142 iov.iov_len = ISCSI_CRC_LEN; 4143 4144 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN); 4145 if (ret != ISCSI_CRC_LEN) { 4146 iscsit_rx_thread_wait_for_tcp(conn); 4147 goto transport_err; 4148 } 4149 4150 iscsit_do_crypto_hash_buf(conn->conn_rx_hash, 4151 buffer, ISCSI_HDR_LEN, 4152 0, NULL, (u8 *)&checksum); 4153 4154 if (digest != checksum) { 4155 pr_err("HeaderDigest CRC32C failed," 4156 " received 0x%08x, computed 0x%08x\n", 4157 digest, checksum); 4158 /* 4159 * Set the PDU to 0xff so it will intentionally 4160 * hit default in the switch below. 4161 */ 4162 memset(buffer, 0xff, ISCSI_HDR_LEN); 4163 atomic_long_inc(&conn->sess->conn_digest_errors); 4164 } else { 4165 pr_debug("Got HeaderDigest CRC32C" 4166 " 0x%08x\n", checksum); 4167 } 4168 } 4169 4170 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT) 4171 goto transport_err; 4172 4173 opcode = buffer[0] & ISCSI_OPCODE_MASK; 4174 4175 if (conn->sess->sess_ops->SessionType && 4176 ((!(opcode & ISCSI_OP_TEXT)) || 4177 (!(opcode & ISCSI_OP_LOGOUT)))) { 4178 pr_err("Received illegal iSCSI Opcode: 0x%02x" 4179 " while in Discovery Session, rejecting.\n", opcode); 4180 iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 4181 buffer); 4182 goto transport_err; 4183 } 4184 4185 ret = iscsi_target_rx_opcode(conn, buffer); 4186 if (ret < 0) 4187 goto transport_err; 4188 } 4189 4190 transport_err: 4191 if (!signal_pending(current)) 4192 atomic_set(&conn->transport_failed, 1); 4193 iscsit_take_action_for_connection_exit(conn); 4194 return 0; 4195 } 4196 4197 static void iscsit_release_commands_from_conn(struct iscsi_conn *conn) 4198 { 4199 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL; 4200 struct iscsi_session *sess = conn->sess; 4201 /* 4202 * We expect this function to only ever be called from either RX or TX 4203 * thread context via iscsit_close_connection() once the other context 4204 * has been reset -> returned sleeping pre-handler state. 4205 */ 4206 spin_lock_bh(&conn->cmd_lock); 4207 list_for_each_entry_safe(cmd, cmd_tmp, &conn->conn_cmd_list, i_conn_node) { 4208 4209 list_del_init(&cmd->i_conn_node); 4210 spin_unlock_bh(&conn->cmd_lock); 4211 4212 iscsit_increment_maxcmdsn(cmd, sess); 4213 4214 iscsit_free_cmd(cmd, true); 4215 4216 spin_lock_bh(&conn->cmd_lock); 4217 } 4218 spin_unlock_bh(&conn->cmd_lock); 4219 } 4220 4221 static void iscsit_stop_timers_for_cmds( 4222 struct iscsi_conn *conn) 4223 { 4224 struct iscsi_cmd *cmd; 4225 4226 spin_lock_bh(&conn->cmd_lock); 4227 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) { 4228 if (cmd->data_direction == DMA_TO_DEVICE) 4229 iscsit_stop_dataout_timer(cmd); 4230 } 4231 spin_unlock_bh(&conn->cmd_lock); 4232 } 4233 4234 int iscsit_close_connection( 4235 struct iscsi_conn *conn) 4236 { 4237 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT); 4238 struct iscsi_session *sess = conn->sess; 4239 4240 pr_debug("Closing iSCSI connection CID %hu on SID:" 4241 " %u\n", conn->cid, sess->sid); 4242 /* 4243 * Always up conn_logout_comp for the traditional TCP case just in case 4244 * the RX Thread in iscsi_target_rx_opcode() is sleeping and the logout 4245 * response never got sent because the connection failed. 4246 * 4247 * However for iser-target, isert_wait4logout() is using conn_logout_comp 4248 * to signal logout response TX interrupt completion. Go ahead and skip 4249 * this for iser since isert_rx_opcode() does not wait on logout failure, 4250 * and to avoid iscsi_conn pointer dereference in iser-target code. 4251 */ 4252 if (conn->conn_transport->transport_type == ISCSI_TCP) 4253 complete(&conn->conn_logout_comp); 4254 4255 if (!strcmp(current->comm, ISCSI_RX_THREAD_NAME)) { 4256 if (conn->tx_thread && 4257 cmpxchg(&conn->tx_thread_active, true, false)) { 4258 send_sig(SIGINT, conn->tx_thread, 1); 4259 kthread_stop(conn->tx_thread); 4260 } 4261 } else if (!strcmp(current->comm, ISCSI_TX_THREAD_NAME)) { 4262 if (conn->rx_thread && 4263 cmpxchg(&conn->rx_thread_active, true, false)) { 4264 send_sig(SIGINT, conn->rx_thread, 1); 4265 kthread_stop(conn->rx_thread); 4266 } 4267 } 4268 4269 spin_lock(&iscsit_global->ts_bitmap_lock); 4270 bitmap_release_region(iscsit_global->ts_bitmap, conn->bitmap_id, 4271 get_order(1)); 4272 spin_unlock(&iscsit_global->ts_bitmap_lock); 4273 4274 iscsit_stop_timers_for_cmds(conn); 4275 iscsit_stop_nopin_response_timer(conn); 4276 iscsit_stop_nopin_timer(conn); 4277 4278 if (conn->conn_transport->iscsit_wait_conn) 4279 conn->conn_transport->iscsit_wait_conn(conn); 4280 4281 /* 4282 * During Connection recovery drop unacknowledged out of order 4283 * commands for this connection, and prepare the other commands 4284 * for realligence. 4285 * 4286 * During normal operation clear the out of order commands (but 4287 * do not free the struct iscsi_ooo_cmdsn's) and release all 4288 * struct iscsi_cmds. 4289 */ 4290 if (atomic_read(&conn->connection_recovery)) { 4291 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn); 4292 iscsit_prepare_cmds_for_realligance(conn); 4293 } else { 4294 iscsit_clear_ooo_cmdsns_for_conn(conn); 4295 iscsit_release_commands_from_conn(conn); 4296 } 4297 iscsit_free_queue_reqs_for_conn(conn); 4298 4299 /* 4300 * Handle decrementing session or connection usage count if 4301 * a logout response was not able to be sent because the 4302 * connection failed. Fall back to Session Recovery here. 4303 */ 4304 if (atomic_read(&conn->conn_logout_remove)) { 4305 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) { 4306 iscsit_dec_conn_usage_count(conn); 4307 iscsit_dec_session_usage_count(sess); 4308 } 4309 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) 4310 iscsit_dec_conn_usage_count(conn); 4311 4312 atomic_set(&conn->conn_logout_remove, 0); 4313 atomic_set(&sess->session_reinstatement, 0); 4314 atomic_set(&sess->session_fall_back_to_erl0, 1); 4315 } 4316 4317 spin_lock_bh(&sess->conn_lock); 4318 list_del(&conn->conn_list); 4319 4320 /* 4321 * Attempt to let the Initiator know this connection failed by 4322 * sending an Connection Dropped Async Message on another 4323 * active connection. 4324 */ 4325 if (atomic_read(&conn->connection_recovery)) 4326 iscsit_build_conn_drop_async_message(conn); 4327 4328 spin_unlock_bh(&sess->conn_lock); 4329 4330 /* 4331 * If connection reinstatement is being performed on this connection, 4332 * up the connection reinstatement semaphore that is being blocked on 4333 * in iscsit_cause_connection_reinstatement(). 4334 */ 4335 spin_lock_bh(&conn->state_lock); 4336 if (atomic_read(&conn->sleep_on_conn_wait_comp)) { 4337 spin_unlock_bh(&conn->state_lock); 4338 complete(&conn->conn_wait_comp); 4339 wait_for_completion(&conn->conn_post_wait_comp); 4340 spin_lock_bh(&conn->state_lock); 4341 } 4342 4343 /* 4344 * If connection reinstatement is being performed on this connection 4345 * by receiving a REMOVECONNFORRECOVERY logout request, up the 4346 * connection wait rcfr semaphore that is being blocked on 4347 * an iscsit_connection_reinstatement_rcfr(). 4348 */ 4349 if (atomic_read(&conn->connection_wait_rcfr)) { 4350 spin_unlock_bh(&conn->state_lock); 4351 complete(&conn->conn_wait_rcfr_comp); 4352 wait_for_completion(&conn->conn_post_wait_comp); 4353 spin_lock_bh(&conn->state_lock); 4354 } 4355 atomic_set(&conn->connection_reinstatement, 1); 4356 spin_unlock_bh(&conn->state_lock); 4357 4358 /* 4359 * If any other processes are accessing this connection pointer we 4360 * must wait until they have completed. 4361 */ 4362 iscsit_check_conn_usage_count(conn); 4363 4364 ahash_request_free(conn->conn_tx_hash); 4365 if (conn->conn_rx_hash) { 4366 struct crypto_ahash *tfm; 4367 4368 tfm = crypto_ahash_reqtfm(conn->conn_rx_hash); 4369 ahash_request_free(conn->conn_rx_hash); 4370 crypto_free_ahash(tfm); 4371 } 4372 4373 free_cpumask_var(conn->conn_cpumask); 4374 4375 kfree(conn->conn_ops); 4376 conn->conn_ops = NULL; 4377 4378 if (conn->sock) 4379 sock_release(conn->sock); 4380 4381 if (conn->conn_transport->iscsit_free_conn) 4382 conn->conn_transport->iscsit_free_conn(conn); 4383 4384 iscsit_put_transport(conn->conn_transport); 4385 4386 pr_debug("Moving to TARG_CONN_STATE_FREE.\n"); 4387 conn->conn_state = TARG_CONN_STATE_FREE; 4388 kfree(conn); 4389 4390 spin_lock_bh(&sess->conn_lock); 4391 atomic_dec(&sess->nconn); 4392 pr_debug("Decremented iSCSI connection count to %hu from node:" 4393 " %s\n", atomic_read(&sess->nconn), 4394 sess->sess_ops->InitiatorName); 4395 /* 4396 * Make sure that if one connection fails in an non ERL=2 iSCSI 4397 * Session that they all fail. 4398 */ 4399 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout && 4400 !atomic_read(&sess->session_logout)) 4401 atomic_set(&sess->session_fall_back_to_erl0, 1); 4402 4403 /* 4404 * If this was not the last connection in the session, and we are 4405 * performing session reinstatement or falling back to ERL=0, call 4406 * iscsit_stop_session() without sleeping to shutdown the other 4407 * active connections. 4408 */ 4409 if (atomic_read(&sess->nconn)) { 4410 if (!atomic_read(&sess->session_reinstatement) && 4411 !atomic_read(&sess->session_fall_back_to_erl0)) { 4412 spin_unlock_bh(&sess->conn_lock); 4413 return 0; 4414 } 4415 if (!atomic_read(&sess->session_stop_active)) { 4416 atomic_set(&sess->session_stop_active, 1); 4417 spin_unlock_bh(&sess->conn_lock); 4418 iscsit_stop_session(sess, 0, 0); 4419 return 0; 4420 } 4421 spin_unlock_bh(&sess->conn_lock); 4422 return 0; 4423 } 4424 4425 /* 4426 * If this was the last connection in the session and one of the 4427 * following is occurring: 4428 * 4429 * Session Reinstatement is not being performed, and are falling back 4430 * to ERL=0 call iscsit_close_session(). 4431 * 4432 * Session Logout was requested. iscsit_close_session() will be called 4433 * elsewhere. 4434 * 4435 * Session Continuation is not being performed, start the Time2Retain 4436 * handler and check if sleep_on_sess_wait_sem is active. 4437 */ 4438 if (!atomic_read(&sess->session_reinstatement) && 4439 atomic_read(&sess->session_fall_back_to_erl0)) { 4440 spin_unlock_bh(&sess->conn_lock); 4441 target_put_session(sess->se_sess); 4442 4443 return 0; 4444 } else if (atomic_read(&sess->session_logout)) { 4445 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4446 sess->session_state = TARG_SESS_STATE_FREE; 4447 spin_unlock_bh(&sess->conn_lock); 4448 4449 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4450 complete(&sess->session_wait_comp); 4451 4452 return 0; 4453 } else { 4454 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4455 sess->session_state = TARG_SESS_STATE_FAILED; 4456 4457 if (!atomic_read(&sess->session_continuation)) { 4458 spin_unlock_bh(&sess->conn_lock); 4459 iscsit_start_time2retain_handler(sess); 4460 } else 4461 spin_unlock_bh(&sess->conn_lock); 4462 4463 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4464 complete(&sess->session_wait_comp); 4465 4466 return 0; 4467 } 4468 } 4469 4470 int iscsit_close_session(struct iscsi_session *sess) 4471 { 4472 struct iscsi_portal_group *tpg = sess->tpg; 4473 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4474 4475 if (atomic_read(&sess->nconn)) { 4476 pr_err("%d connection(s) still exist for iSCSI session" 4477 " to %s\n", atomic_read(&sess->nconn), 4478 sess->sess_ops->InitiatorName); 4479 BUG(); 4480 } 4481 4482 spin_lock_bh(&se_tpg->session_lock); 4483 atomic_set(&sess->session_logout, 1); 4484 atomic_set(&sess->session_reinstatement, 1); 4485 iscsit_stop_time2retain_timer(sess); 4486 spin_unlock_bh(&se_tpg->session_lock); 4487 4488 /* 4489 * transport_deregister_session_configfs() will clear the 4490 * struct se_node_acl->nacl_sess pointer now as a iscsi_np process context 4491 * can be setting it again with __transport_register_session() in 4492 * iscsi_post_login_handler() again after the iscsit_stop_session() 4493 * completes in iscsi_np context. 4494 */ 4495 transport_deregister_session_configfs(sess->se_sess); 4496 4497 /* 4498 * If any other processes are accessing this session pointer we must 4499 * wait until they have completed. If we are in an interrupt (the 4500 * time2retain handler) and contain and active session usage count we 4501 * restart the timer and exit. 4502 */ 4503 if (!in_interrupt()) { 4504 if (iscsit_check_session_usage_count(sess) == 1) 4505 iscsit_stop_session(sess, 1, 1); 4506 } else { 4507 if (iscsit_check_session_usage_count(sess) == 2) { 4508 atomic_set(&sess->session_logout, 0); 4509 iscsit_start_time2retain_handler(sess); 4510 return 0; 4511 } 4512 } 4513 4514 transport_deregister_session(sess->se_sess); 4515 4516 if (sess->sess_ops->ErrorRecoveryLevel == 2) 4517 iscsit_free_connection_recovery_entires(sess); 4518 4519 iscsit_free_all_ooo_cmdsns(sess); 4520 4521 spin_lock_bh(&se_tpg->session_lock); 4522 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4523 sess->session_state = TARG_SESS_STATE_FREE; 4524 pr_debug("Released iSCSI session from node: %s\n", 4525 sess->sess_ops->InitiatorName); 4526 tpg->nsessions--; 4527 if (tpg->tpg_tiqn) 4528 tpg->tpg_tiqn->tiqn_nsessions--; 4529 4530 pr_debug("Decremented number of active iSCSI Sessions on" 4531 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions); 4532 4533 spin_lock(&sess_idr_lock); 4534 idr_remove(&sess_idr, sess->session_index); 4535 spin_unlock(&sess_idr_lock); 4536 4537 kfree(sess->sess_ops); 4538 sess->sess_ops = NULL; 4539 spin_unlock_bh(&se_tpg->session_lock); 4540 4541 kfree(sess); 4542 return 0; 4543 } 4544 4545 static void iscsit_logout_post_handler_closesession( 4546 struct iscsi_conn *conn) 4547 { 4548 struct iscsi_session *sess = conn->sess; 4549 int sleep = 1; 4550 /* 4551 * Traditional iscsi/tcp will invoke this logic from TX thread 4552 * context during session logout, so clear tx_thread_active and 4553 * sleep if iscsit_close_connection() has not already occured. 4554 * 4555 * Since iser-target invokes this logic from it's own workqueue, 4556 * always sleep waiting for RX/TX thread shutdown to complete 4557 * within iscsit_close_connection(). 4558 */ 4559 if (conn->conn_transport->transport_type == ISCSI_TCP) 4560 sleep = cmpxchg(&conn->tx_thread_active, true, false); 4561 4562 atomic_set(&conn->conn_logout_remove, 0); 4563 complete(&conn->conn_logout_comp); 4564 4565 iscsit_dec_conn_usage_count(conn); 4566 iscsit_stop_session(sess, sleep, sleep); 4567 iscsit_dec_session_usage_count(sess); 4568 target_put_session(sess->se_sess); 4569 } 4570 4571 static void iscsit_logout_post_handler_samecid( 4572 struct iscsi_conn *conn) 4573 { 4574 int sleep = 1; 4575 4576 if (conn->conn_transport->transport_type == ISCSI_TCP) 4577 sleep = cmpxchg(&conn->tx_thread_active, true, false); 4578 4579 atomic_set(&conn->conn_logout_remove, 0); 4580 complete(&conn->conn_logout_comp); 4581 4582 iscsit_cause_connection_reinstatement(conn, sleep); 4583 iscsit_dec_conn_usage_count(conn); 4584 } 4585 4586 static void iscsit_logout_post_handler_diffcid( 4587 struct iscsi_conn *conn, 4588 u16 cid) 4589 { 4590 struct iscsi_conn *l_conn; 4591 struct iscsi_session *sess = conn->sess; 4592 bool conn_found = false; 4593 4594 if (!sess) 4595 return; 4596 4597 spin_lock_bh(&sess->conn_lock); 4598 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) { 4599 if (l_conn->cid == cid) { 4600 iscsit_inc_conn_usage_count(l_conn); 4601 conn_found = true; 4602 break; 4603 } 4604 } 4605 spin_unlock_bh(&sess->conn_lock); 4606 4607 if (!conn_found) 4608 return; 4609 4610 if (l_conn->sock) 4611 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN); 4612 4613 spin_lock_bh(&l_conn->state_lock); 4614 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 4615 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 4616 spin_unlock_bh(&l_conn->state_lock); 4617 4618 iscsit_cause_connection_reinstatement(l_conn, 1); 4619 iscsit_dec_conn_usage_count(l_conn); 4620 } 4621 4622 /* 4623 * Return of 0 causes the TX thread to restart. 4624 */ 4625 int iscsit_logout_post_handler( 4626 struct iscsi_cmd *cmd, 4627 struct iscsi_conn *conn) 4628 { 4629 int ret = 0; 4630 4631 switch (cmd->logout_reason) { 4632 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 4633 switch (cmd->logout_response) { 4634 case ISCSI_LOGOUT_SUCCESS: 4635 case ISCSI_LOGOUT_CLEANUP_FAILED: 4636 default: 4637 iscsit_logout_post_handler_closesession(conn); 4638 break; 4639 } 4640 ret = 0; 4641 break; 4642 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 4643 if (conn->cid == cmd->logout_cid) { 4644 switch (cmd->logout_response) { 4645 case ISCSI_LOGOUT_SUCCESS: 4646 case ISCSI_LOGOUT_CLEANUP_FAILED: 4647 default: 4648 iscsit_logout_post_handler_samecid(conn); 4649 break; 4650 } 4651 ret = 0; 4652 } else { 4653 switch (cmd->logout_response) { 4654 case ISCSI_LOGOUT_SUCCESS: 4655 iscsit_logout_post_handler_diffcid(conn, 4656 cmd->logout_cid); 4657 break; 4658 case ISCSI_LOGOUT_CID_NOT_FOUND: 4659 case ISCSI_LOGOUT_CLEANUP_FAILED: 4660 default: 4661 break; 4662 } 4663 ret = 1; 4664 } 4665 break; 4666 case ISCSI_LOGOUT_REASON_RECOVERY: 4667 switch (cmd->logout_response) { 4668 case ISCSI_LOGOUT_SUCCESS: 4669 case ISCSI_LOGOUT_CID_NOT_FOUND: 4670 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED: 4671 case ISCSI_LOGOUT_CLEANUP_FAILED: 4672 default: 4673 break; 4674 } 4675 ret = 1; 4676 break; 4677 default: 4678 break; 4679 4680 } 4681 return ret; 4682 } 4683 EXPORT_SYMBOL(iscsit_logout_post_handler); 4684 4685 void iscsit_fail_session(struct iscsi_session *sess) 4686 { 4687 struct iscsi_conn *conn; 4688 4689 spin_lock_bh(&sess->conn_lock); 4690 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) { 4691 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n"); 4692 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT; 4693 } 4694 spin_unlock_bh(&sess->conn_lock); 4695 4696 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4697 sess->session_state = TARG_SESS_STATE_FAILED; 4698 } 4699 4700 int iscsit_free_session(struct iscsi_session *sess) 4701 { 4702 u16 conn_count = atomic_read(&sess->nconn); 4703 struct iscsi_conn *conn, *conn_tmp = NULL; 4704 int is_last; 4705 4706 spin_lock_bh(&sess->conn_lock); 4707 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4708 4709 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4710 conn_list) { 4711 if (conn_count == 0) 4712 break; 4713 4714 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4715 is_last = 1; 4716 } else { 4717 iscsit_inc_conn_usage_count(conn_tmp); 4718 is_last = 0; 4719 } 4720 iscsit_inc_conn_usage_count(conn); 4721 4722 spin_unlock_bh(&sess->conn_lock); 4723 iscsit_cause_connection_reinstatement(conn, 1); 4724 spin_lock_bh(&sess->conn_lock); 4725 4726 iscsit_dec_conn_usage_count(conn); 4727 if (is_last == 0) 4728 iscsit_dec_conn_usage_count(conn_tmp); 4729 4730 conn_count--; 4731 } 4732 4733 if (atomic_read(&sess->nconn)) { 4734 spin_unlock_bh(&sess->conn_lock); 4735 wait_for_completion(&sess->session_wait_comp); 4736 } else 4737 spin_unlock_bh(&sess->conn_lock); 4738 4739 target_put_session(sess->se_sess); 4740 return 0; 4741 } 4742 4743 void iscsit_stop_session( 4744 struct iscsi_session *sess, 4745 int session_sleep, 4746 int connection_sleep) 4747 { 4748 u16 conn_count = atomic_read(&sess->nconn); 4749 struct iscsi_conn *conn, *conn_tmp = NULL; 4750 int is_last; 4751 4752 spin_lock_bh(&sess->conn_lock); 4753 if (session_sleep) 4754 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4755 4756 if (connection_sleep) { 4757 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4758 conn_list) { 4759 if (conn_count == 0) 4760 break; 4761 4762 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4763 is_last = 1; 4764 } else { 4765 iscsit_inc_conn_usage_count(conn_tmp); 4766 is_last = 0; 4767 } 4768 iscsit_inc_conn_usage_count(conn); 4769 4770 spin_unlock_bh(&sess->conn_lock); 4771 iscsit_cause_connection_reinstatement(conn, 1); 4772 spin_lock_bh(&sess->conn_lock); 4773 4774 iscsit_dec_conn_usage_count(conn); 4775 if (is_last == 0) 4776 iscsit_dec_conn_usage_count(conn_tmp); 4777 conn_count--; 4778 } 4779 } else { 4780 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) 4781 iscsit_cause_connection_reinstatement(conn, 0); 4782 } 4783 4784 if (session_sleep && atomic_read(&sess->nconn)) { 4785 spin_unlock_bh(&sess->conn_lock); 4786 wait_for_completion(&sess->session_wait_comp); 4787 } else 4788 spin_unlock_bh(&sess->conn_lock); 4789 } 4790 4791 int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force) 4792 { 4793 struct iscsi_session *sess; 4794 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4795 struct se_session *se_sess, *se_sess_tmp; 4796 LIST_HEAD(free_list); 4797 int session_count = 0; 4798 4799 spin_lock_bh(&se_tpg->session_lock); 4800 if (tpg->nsessions && !force) { 4801 spin_unlock_bh(&se_tpg->session_lock); 4802 return -1; 4803 } 4804 4805 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list, 4806 sess_list) { 4807 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4808 4809 spin_lock(&sess->conn_lock); 4810 if (atomic_read(&sess->session_fall_back_to_erl0) || 4811 atomic_read(&sess->session_logout) || 4812 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) { 4813 spin_unlock(&sess->conn_lock); 4814 continue; 4815 } 4816 atomic_set(&sess->session_reinstatement, 1); 4817 spin_unlock(&sess->conn_lock); 4818 4819 list_move_tail(&se_sess->sess_list, &free_list); 4820 } 4821 spin_unlock_bh(&se_tpg->session_lock); 4822 4823 list_for_each_entry_safe(se_sess, se_sess_tmp, &free_list, sess_list) { 4824 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4825 4826 iscsit_free_session(sess); 4827 session_count++; 4828 } 4829 4830 pr_debug("Released %d iSCSI Session(s) from Target Portal" 4831 " Group: %hu\n", session_count, tpg->tpgt); 4832 return 0; 4833 } 4834 4835 MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure"); 4836 MODULE_VERSION("4.1.x"); 4837 MODULE_AUTHOR("nab@Linux-iSCSI.org"); 4838 MODULE_LICENSE("GPL"); 4839 4840 module_init(iscsi_target_init_module); 4841 module_exit(iscsi_target_cleanup_module); 4842