1 /******************************************************************************* 2 * This file contains main functions related to the iSCSI Target Core Driver. 3 * 4 * (c) Copyright 2007-2013 Datera, Inc. 5 * 6 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 ******************************************************************************/ 18 19 #include <crypto/hash.h> 20 #include <linux/string.h> 21 #include <linux/kthread.h> 22 #include <linux/completion.h> 23 #include <linux/module.h> 24 #include <linux/vmalloc.h> 25 #include <linux/idr.h> 26 #include <linux/delay.h> 27 #include <linux/sched/signal.h> 28 #include <asm/unaligned.h> 29 #include <net/ipv6.h> 30 #include <scsi/scsi_proto.h> 31 #include <scsi/iscsi_proto.h> 32 #include <scsi/scsi_tcq.h> 33 #include <target/target_core_base.h> 34 #include <target/target_core_fabric.h> 35 36 #include <target/iscsi/iscsi_target_core.h> 37 #include "iscsi_target_parameters.h" 38 #include "iscsi_target_seq_pdu_list.h" 39 #include "iscsi_target_datain_values.h" 40 #include "iscsi_target_erl0.h" 41 #include "iscsi_target_erl1.h" 42 #include "iscsi_target_erl2.h" 43 #include "iscsi_target_login.h" 44 #include "iscsi_target_tmr.h" 45 #include "iscsi_target_tpg.h" 46 #include "iscsi_target_util.h" 47 #include "iscsi_target.h" 48 #include "iscsi_target_device.h" 49 #include <target/iscsi/iscsi_target_stat.h> 50 51 #include <target/iscsi/iscsi_transport.h> 52 53 static LIST_HEAD(g_tiqn_list); 54 static LIST_HEAD(g_np_list); 55 static DEFINE_SPINLOCK(tiqn_lock); 56 static DEFINE_MUTEX(np_lock); 57 58 static struct idr tiqn_idr; 59 struct idr sess_idr; 60 struct mutex auth_id_lock; 61 spinlock_t sess_idr_lock; 62 63 struct iscsit_global *iscsit_global; 64 65 struct kmem_cache *lio_qr_cache; 66 struct kmem_cache *lio_dr_cache; 67 struct kmem_cache *lio_ooo_cache; 68 struct kmem_cache *lio_r2t_cache; 69 70 static int iscsit_handle_immediate_data(struct iscsi_cmd *, 71 struct iscsi_scsi_req *, u32); 72 73 struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf) 74 { 75 struct iscsi_tiqn *tiqn = NULL; 76 77 spin_lock(&tiqn_lock); 78 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 79 if (!strcmp(tiqn->tiqn, buf)) { 80 81 spin_lock(&tiqn->tiqn_state_lock); 82 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 83 tiqn->tiqn_access_count++; 84 spin_unlock(&tiqn->tiqn_state_lock); 85 spin_unlock(&tiqn_lock); 86 return tiqn; 87 } 88 spin_unlock(&tiqn->tiqn_state_lock); 89 } 90 } 91 spin_unlock(&tiqn_lock); 92 93 return NULL; 94 } 95 96 static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn) 97 { 98 spin_lock(&tiqn->tiqn_state_lock); 99 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 100 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN; 101 spin_unlock(&tiqn->tiqn_state_lock); 102 return 0; 103 } 104 spin_unlock(&tiqn->tiqn_state_lock); 105 106 return -1; 107 } 108 109 void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn) 110 { 111 spin_lock(&tiqn->tiqn_state_lock); 112 tiqn->tiqn_access_count--; 113 spin_unlock(&tiqn->tiqn_state_lock); 114 } 115 116 /* 117 * Note that IQN formatting is expected to be done in userspace, and 118 * no explict IQN format checks are done here. 119 */ 120 struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf) 121 { 122 struct iscsi_tiqn *tiqn = NULL; 123 int ret; 124 125 if (strlen(buf) >= ISCSI_IQN_LEN) { 126 pr_err("Target IQN exceeds %d bytes\n", 127 ISCSI_IQN_LEN); 128 return ERR_PTR(-EINVAL); 129 } 130 131 tiqn = kzalloc(sizeof(*tiqn), GFP_KERNEL); 132 if (!tiqn) 133 return ERR_PTR(-ENOMEM); 134 135 sprintf(tiqn->tiqn, "%s", buf); 136 INIT_LIST_HEAD(&tiqn->tiqn_list); 137 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list); 138 spin_lock_init(&tiqn->tiqn_state_lock); 139 spin_lock_init(&tiqn->tiqn_tpg_lock); 140 spin_lock_init(&tiqn->sess_err_stats.lock); 141 spin_lock_init(&tiqn->login_stats.lock); 142 spin_lock_init(&tiqn->logout_stats.lock); 143 144 tiqn->tiqn_state = TIQN_STATE_ACTIVE; 145 146 idr_preload(GFP_KERNEL); 147 spin_lock(&tiqn_lock); 148 149 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT); 150 if (ret < 0) { 151 pr_err("idr_alloc() failed for tiqn->tiqn_index\n"); 152 spin_unlock(&tiqn_lock); 153 idr_preload_end(); 154 kfree(tiqn); 155 return ERR_PTR(ret); 156 } 157 tiqn->tiqn_index = ret; 158 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list); 159 160 spin_unlock(&tiqn_lock); 161 idr_preload_end(); 162 163 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn); 164 165 return tiqn; 166 167 } 168 169 static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn) 170 { 171 /* 172 * Wait for accesses to said struct iscsi_tiqn to end. 173 */ 174 spin_lock(&tiqn->tiqn_state_lock); 175 while (tiqn->tiqn_access_count != 0) { 176 spin_unlock(&tiqn->tiqn_state_lock); 177 msleep(10); 178 spin_lock(&tiqn->tiqn_state_lock); 179 } 180 spin_unlock(&tiqn->tiqn_state_lock); 181 } 182 183 void iscsit_del_tiqn(struct iscsi_tiqn *tiqn) 184 { 185 /* 186 * iscsit_set_tiqn_shutdown sets tiqn->tiqn_state = TIQN_STATE_SHUTDOWN 187 * while holding tiqn->tiqn_state_lock. This means that all subsequent 188 * attempts to access this struct iscsi_tiqn will fail from both transport 189 * fabric and control code paths. 190 */ 191 if (iscsit_set_tiqn_shutdown(tiqn) < 0) { 192 pr_err("iscsit_set_tiqn_shutdown() failed\n"); 193 return; 194 } 195 196 iscsit_wait_for_tiqn(tiqn); 197 198 spin_lock(&tiqn_lock); 199 list_del(&tiqn->tiqn_list); 200 idr_remove(&tiqn_idr, tiqn->tiqn_index); 201 spin_unlock(&tiqn_lock); 202 203 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n", 204 tiqn->tiqn); 205 kfree(tiqn); 206 } 207 208 int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg) 209 { 210 int ret; 211 /* 212 * Determine if the network portal is accepting storage traffic. 213 */ 214 spin_lock_bh(&np->np_thread_lock); 215 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 216 spin_unlock_bh(&np->np_thread_lock); 217 return -1; 218 } 219 spin_unlock_bh(&np->np_thread_lock); 220 /* 221 * Determine if the portal group is accepting storage traffic. 222 */ 223 spin_lock_bh(&tpg->tpg_state_lock); 224 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 225 spin_unlock_bh(&tpg->tpg_state_lock); 226 return -1; 227 } 228 spin_unlock_bh(&tpg->tpg_state_lock); 229 230 /* 231 * Here we serialize access across the TIQN+TPG Tuple. 232 */ 233 ret = down_interruptible(&tpg->np_login_sem); 234 if (ret != 0) 235 return -1; 236 237 spin_lock_bh(&tpg->tpg_state_lock); 238 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 239 spin_unlock_bh(&tpg->tpg_state_lock); 240 up(&tpg->np_login_sem); 241 return -1; 242 } 243 spin_unlock_bh(&tpg->tpg_state_lock); 244 245 return 0; 246 } 247 248 void iscsit_login_kref_put(struct kref *kref) 249 { 250 struct iscsi_tpg_np *tpg_np = container_of(kref, 251 struct iscsi_tpg_np, tpg_np_kref); 252 253 complete(&tpg_np->tpg_np_comp); 254 } 255 256 int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg, 257 struct iscsi_tpg_np *tpg_np) 258 { 259 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn; 260 261 up(&tpg->np_login_sem); 262 263 if (tpg_np) 264 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 265 266 if (tiqn) 267 iscsit_put_tiqn_for_login(tiqn); 268 269 return 0; 270 } 271 272 bool iscsit_check_np_match( 273 struct sockaddr_storage *sockaddr, 274 struct iscsi_np *np, 275 int network_transport) 276 { 277 struct sockaddr_in *sock_in, *sock_in_e; 278 struct sockaddr_in6 *sock_in6, *sock_in6_e; 279 bool ip_match = false; 280 u16 port, port_e; 281 282 if (sockaddr->ss_family == AF_INET6) { 283 sock_in6 = (struct sockaddr_in6 *)sockaddr; 284 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr; 285 286 if (!memcmp(&sock_in6->sin6_addr.in6_u, 287 &sock_in6_e->sin6_addr.in6_u, 288 sizeof(struct in6_addr))) 289 ip_match = true; 290 291 port = ntohs(sock_in6->sin6_port); 292 port_e = ntohs(sock_in6_e->sin6_port); 293 } else { 294 sock_in = (struct sockaddr_in *)sockaddr; 295 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr; 296 297 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr) 298 ip_match = true; 299 300 port = ntohs(sock_in->sin_port); 301 port_e = ntohs(sock_in_e->sin_port); 302 } 303 304 if (ip_match && (port_e == port) && 305 (np->np_network_transport == network_transport)) 306 return true; 307 308 return false; 309 } 310 311 /* 312 * Called with mutex np_lock held 313 */ 314 static struct iscsi_np *iscsit_get_np( 315 struct sockaddr_storage *sockaddr, 316 int network_transport) 317 { 318 struct iscsi_np *np; 319 bool match; 320 321 list_for_each_entry(np, &g_np_list, np_list) { 322 spin_lock_bh(&np->np_thread_lock); 323 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 324 spin_unlock_bh(&np->np_thread_lock); 325 continue; 326 } 327 328 match = iscsit_check_np_match(sockaddr, np, network_transport); 329 if (match) { 330 /* 331 * Increment the np_exports reference count now to 332 * prevent iscsit_del_np() below from being called 333 * while iscsi_tpg_add_network_portal() is called. 334 */ 335 np->np_exports++; 336 spin_unlock_bh(&np->np_thread_lock); 337 return np; 338 } 339 spin_unlock_bh(&np->np_thread_lock); 340 } 341 342 return NULL; 343 } 344 345 struct iscsi_np *iscsit_add_np( 346 struct sockaddr_storage *sockaddr, 347 int network_transport) 348 { 349 struct iscsi_np *np; 350 int ret; 351 352 mutex_lock(&np_lock); 353 354 /* 355 * Locate the existing struct iscsi_np if already active.. 356 */ 357 np = iscsit_get_np(sockaddr, network_transport); 358 if (np) { 359 mutex_unlock(&np_lock); 360 return np; 361 } 362 363 np = kzalloc(sizeof(*np), GFP_KERNEL); 364 if (!np) { 365 mutex_unlock(&np_lock); 366 return ERR_PTR(-ENOMEM); 367 } 368 369 np->np_flags |= NPF_IP_NETWORK; 370 np->np_network_transport = network_transport; 371 spin_lock_init(&np->np_thread_lock); 372 init_completion(&np->np_restart_comp); 373 INIT_LIST_HEAD(&np->np_list); 374 375 timer_setup(&np->np_login_timer, iscsi_handle_login_thread_timeout, 0); 376 377 ret = iscsi_target_setup_login_socket(np, sockaddr); 378 if (ret != 0) { 379 kfree(np); 380 mutex_unlock(&np_lock); 381 return ERR_PTR(ret); 382 } 383 384 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np"); 385 if (IS_ERR(np->np_thread)) { 386 pr_err("Unable to create kthread: iscsi_np\n"); 387 ret = PTR_ERR(np->np_thread); 388 kfree(np); 389 mutex_unlock(&np_lock); 390 return ERR_PTR(ret); 391 } 392 /* 393 * Increment the np_exports reference count now to prevent 394 * iscsit_del_np() below from being run while a new call to 395 * iscsi_tpg_add_network_portal() for a matching iscsi_np is 396 * active. We don't need to hold np->np_thread_lock at this 397 * point because iscsi_np has not been added to g_np_list yet. 398 */ 399 np->np_exports = 1; 400 np->np_thread_state = ISCSI_NP_THREAD_ACTIVE; 401 402 list_add_tail(&np->np_list, &g_np_list); 403 mutex_unlock(&np_lock); 404 405 pr_debug("CORE[0] - Added Network Portal: %pISpc on %s\n", 406 &np->np_sockaddr, np->np_transport->name); 407 408 return np; 409 } 410 411 int iscsit_reset_np_thread( 412 struct iscsi_np *np, 413 struct iscsi_tpg_np *tpg_np, 414 struct iscsi_portal_group *tpg, 415 bool shutdown) 416 { 417 spin_lock_bh(&np->np_thread_lock); 418 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) { 419 spin_unlock_bh(&np->np_thread_lock); 420 return 0; 421 } 422 np->np_thread_state = ISCSI_NP_THREAD_RESET; 423 atomic_inc(&np->np_reset_count); 424 425 if (np->np_thread) { 426 spin_unlock_bh(&np->np_thread_lock); 427 send_sig(SIGINT, np->np_thread, 1); 428 wait_for_completion(&np->np_restart_comp); 429 spin_lock_bh(&np->np_thread_lock); 430 } 431 spin_unlock_bh(&np->np_thread_lock); 432 433 if (tpg_np && shutdown) { 434 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 435 436 wait_for_completion(&tpg_np->tpg_np_comp); 437 } 438 439 return 0; 440 } 441 442 static void iscsit_free_np(struct iscsi_np *np) 443 { 444 if (np->np_socket) 445 sock_release(np->np_socket); 446 } 447 448 int iscsit_del_np(struct iscsi_np *np) 449 { 450 spin_lock_bh(&np->np_thread_lock); 451 np->np_exports--; 452 if (np->np_exports) { 453 np->enabled = true; 454 spin_unlock_bh(&np->np_thread_lock); 455 return 0; 456 } 457 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN; 458 spin_unlock_bh(&np->np_thread_lock); 459 460 if (np->np_thread) { 461 /* 462 * We need to send the signal to wakeup Linux/Net 463 * which may be sleeping in sock_accept().. 464 */ 465 send_sig(SIGINT, np->np_thread, 1); 466 kthread_stop(np->np_thread); 467 np->np_thread = NULL; 468 } 469 470 np->np_transport->iscsit_free_np(np); 471 472 mutex_lock(&np_lock); 473 list_del(&np->np_list); 474 mutex_unlock(&np_lock); 475 476 pr_debug("CORE[0] - Removed Network Portal: %pISpc on %s\n", 477 &np->np_sockaddr, np->np_transport->name); 478 479 iscsit_put_transport(np->np_transport); 480 kfree(np); 481 return 0; 482 } 483 484 static void iscsit_get_rx_pdu(struct iscsi_conn *); 485 486 int iscsit_queue_rsp(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 487 { 488 return iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state); 489 } 490 EXPORT_SYMBOL(iscsit_queue_rsp); 491 492 void iscsit_aborted_task(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 493 { 494 spin_lock_bh(&conn->cmd_lock); 495 if (!list_empty(&cmd->i_conn_node) && 496 !(cmd->se_cmd.transport_state & CMD_T_FABRIC_STOP)) 497 list_del_init(&cmd->i_conn_node); 498 spin_unlock_bh(&conn->cmd_lock); 499 500 __iscsit_free_cmd(cmd, true); 501 } 502 EXPORT_SYMBOL(iscsit_aborted_task); 503 504 static void iscsit_do_crypto_hash_buf(struct ahash_request *, const void *, 505 u32, u32, u8 *, u8 *); 506 static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *); 507 508 static int 509 iscsit_xmit_nondatain_pdu(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 510 const void *data_buf, u32 data_buf_len) 511 { 512 struct iscsi_hdr *hdr = (struct iscsi_hdr *)cmd->pdu; 513 struct kvec *iov; 514 u32 niov = 0, tx_size = ISCSI_HDR_LEN; 515 int ret; 516 517 iov = &cmd->iov_misc[0]; 518 iov[niov].iov_base = cmd->pdu; 519 iov[niov++].iov_len = ISCSI_HDR_LEN; 520 521 if (conn->conn_ops->HeaderDigest) { 522 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 523 524 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr, 525 ISCSI_HDR_LEN, 0, NULL, 526 (u8 *)header_digest); 527 528 iov[0].iov_len += ISCSI_CRC_LEN; 529 tx_size += ISCSI_CRC_LEN; 530 pr_debug("Attaching CRC32C HeaderDigest" 531 " to opcode 0x%x 0x%08x\n", 532 hdr->opcode, *header_digest); 533 } 534 535 if (data_buf_len) { 536 u32 padding = ((-data_buf_len) & 3); 537 538 iov[niov].iov_base = (void *)data_buf; 539 iov[niov++].iov_len = data_buf_len; 540 tx_size += data_buf_len; 541 542 if (padding != 0) { 543 iov[niov].iov_base = &cmd->pad_bytes; 544 iov[niov++].iov_len = padding; 545 tx_size += padding; 546 pr_debug("Attaching %u additional" 547 " padding bytes.\n", padding); 548 } 549 550 if (conn->conn_ops->DataDigest) { 551 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, 552 data_buf, data_buf_len, 553 padding, 554 (u8 *)&cmd->pad_bytes, 555 (u8 *)&cmd->data_crc); 556 557 iov[niov].iov_base = &cmd->data_crc; 558 iov[niov++].iov_len = ISCSI_CRC_LEN; 559 tx_size += ISCSI_CRC_LEN; 560 pr_debug("Attached DataDigest for %u" 561 " bytes opcode 0x%x, CRC 0x%08x\n", 562 data_buf_len, hdr->opcode, cmd->data_crc); 563 } 564 } 565 566 cmd->iov_misc_count = niov; 567 cmd->tx_size = tx_size; 568 569 ret = iscsit_send_tx_data(cmd, conn, 1); 570 if (ret < 0) { 571 iscsit_tx_thread_wait_for_tcp(conn); 572 return ret; 573 } 574 575 return 0; 576 } 577 578 static int iscsit_map_iovec(struct iscsi_cmd *, struct kvec *, u32, u32); 579 static void iscsit_unmap_iovec(struct iscsi_cmd *); 580 static u32 iscsit_do_crypto_hash_sg(struct ahash_request *, struct iscsi_cmd *, 581 u32, u32, u32, u8 *); 582 static int 583 iscsit_xmit_datain_pdu(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 584 const struct iscsi_datain *datain) 585 { 586 struct kvec *iov; 587 u32 iov_count = 0, tx_size = 0; 588 int ret, iov_ret; 589 590 iov = &cmd->iov_data[0]; 591 iov[iov_count].iov_base = cmd->pdu; 592 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 593 tx_size += ISCSI_HDR_LEN; 594 595 if (conn->conn_ops->HeaderDigest) { 596 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 597 598 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu, 599 ISCSI_HDR_LEN, 0, NULL, 600 (u8 *)header_digest); 601 602 iov[0].iov_len += ISCSI_CRC_LEN; 603 tx_size += ISCSI_CRC_LEN; 604 605 pr_debug("Attaching CRC32 HeaderDigest for DataIN PDU 0x%08x\n", 606 *header_digest); 607 } 608 609 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1], 610 datain->offset, datain->length); 611 if (iov_ret < 0) 612 return -1; 613 614 iov_count += iov_ret; 615 tx_size += datain->length; 616 617 cmd->padding = ((-datain->length) & 3); 618 if (cmd->padding) { 619 iov[iov_count].iov_base = cmd->pad_bytes; 620 iov[iov_count++].iov_len = cmd->padding; 621 tx_size += cmd->padding; 622 623 pr_debug("Attaching %u padding bytes\n", cmd->padding); 624 } 625 626 if (conn->conn_ops->DataDigest) { 627 cmd->data_crc = iscsit_do_crypto_hash_sg(conn->conn_tx_hash, 628 cmd, datain->offset, 629 datain->length, 630 cmd->padding, 631 cmd->pad_bytes); 632 633 iov[iov_count].iov_base = &cmd->data_crc; 634 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 635 tx_size += ISCSI_CRC_LEN; 636 637 pr_debug("Attached CRC32C DataDigest %d bytes, crc 0x%08x\n", 638 datain->length + cmd->padding, cmd->data_crc); 639 } 640 641 cmd->iov_data_count = iov_count; 642 cmd->tx_size = tx_size; 643 644 ret = iscsit_fe_sendpage_sg(cmd, conn); 645 646 iscsit_unmap_iovec(cmd); 647 648 if (ret < 0) { 649 iscsit_tx_thread_wait_for_tcp(conn); 650 return ret; 651 } 652 653 return 0; 654 } 655 656 static int iscsit_xmit_pdu(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 657 struct iscsi_datain_req *dr, const void *buf, 658 u32 buf_len) 659 { 660 if (dr) 661 return iscsit_xmit_datain_pdu(conn, cmd, buf); 662 else 663 return iscsit_xmit_nondatain_pdu(conn, cmd, buf, buf_len); 664 } 665 666 static enum target_prot_op iscsit_get_sup_prot_ops(struct iscsi_conn *conn) 667 { 668 return TARGET_PROT_NORMAL; 669 } 670 671 static struct iscsit_transport iscsi_target_transport = { 672 .name = "iSCSI/TCP", 673 .transport_type = ISCSI_TCP, 674 .rdma_shutdown = false, 675 .owner = NULL, 676 .iscsit_setup_np = iscsit_setup_np, 677 .iscsit_accept_np = iscsit_accept_np, 678 .iscsit_free_np = iscsit_free_np, 679 .iscsit_get_login_rx = iscsit_get_login_rx, 680 .iscsit_put_login_tx = iscsit_put_login_tx, 681 .iscsit_get_dataout = iscsit_build_r2ts_for_cmd, 682 .iscsit_immediate_queue = iscsit_immediate_queue, 683 .iscsit_response_queue = iscsit_response_queue, 684 .iscsit_queue_data_in = iscsit_queue_rsp, 685 .iscsit_queue_status = iscsit_queue_rsp, 686 .iscsit_aborted_task = iscsit_aborted_task, 687 .iscsit_xmit_pdu = iscsit_xmit_pdu, 688 .iscsit_get_rx_pdu = iscsit_get_rx_pdu, 689 .iscsit_get_sup_prot_ops = iscsit_get_sup_prot_ops, 690 }; 691 692 static int __init iscsi_target_init_module(void) 693 { 694 int ret = 0, size; 695 696 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n"); 697 iscsit_global = kzalloc(sizeof(*iscsit_global), GFP_KERNEL); 698 if (!iscsit_global) 699 return -1; 700 701 spin_lock_init(&iscsit_global->ts_bitmap_lock); 702 mutex_init(&auth_id_lock); 703 spin_lock_init(&sess_idr_lock); 704 idr_init(&tiqn_idr); 705 idr_init(&sess_idr); 706 707 ret = target_register_template(&iscsi_ops); 708 if (ret) 709 goto out; 710 711 size = BITS_TO_LONGS(ISCSIT_BITMAP_BITS) * sizeof(long); 712 iscsit_global->ts_bitmap = vzalloc(size); 713 if (!iscsit_global->ts_bitmap) 714 goto configfs_out; 715 716 lio_qr_cache = kmem_cache_create("lio_qr_cache", 717 sizeof(struct iscsi_queue_req), 718 __alignof__(struct iscsi_queue_req), 0, NULL); 719 if (!lio_qr_cache) { 720 pr_err("nable to kmem_cache_create() for" 721 " lio_qr_cache\n"); 722 goto bitmap_out; 723 } 724 725 lio_dr_cache = kmem_cache_create("lio_dr_cache", 726 sizeof(struct iscsi_datain_req), 727 __alignof__(struct iscsi_datain_req), 0, NULL); 728 if (!lio_dr_cache) { 729 pr_err("Unable to kmem_cache_create() for" 730 " lio_dr_cache\n"); 731 goto qr_out; 732 } 733 734 lio_ooo_cache = kmem_cache_create("lio_ooo_cache", 735 sizeof(struct iscsi_ooo_cmdsn), 736 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL); 737 if (!lio_ooo_cache) { 738 pr_err("Unable to kmem_cache_create() for" 739 " lio_ooo_cache\n"); 740 goto dr_out; 741 } 742 743 lio_r2t_cache = kmem_cache_create("lio_r2t_cache", 744 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t), 745 0, NULL); 746 if (!lio_r2t_cache) { 747 pr_err("Unable to kmem_cache_create() for" 748 " lio_r2t_cache\n"); 749 goto ooo_out; 750 } 751 752 iscsit_register_transport(&iscsi_target_transport); 753 754 if (iscsit_load_discovery_tpg() < 0) 755 goto r2t_out; 756 757 return ret; 758 r2t_out: 759 iscsit_unregister_transport(&iscsi_target_transport); 760 kmem_cache_destroy(lio_r2t_cache); 761 ooo_out: 762 kmem_cache_destroy(lio_ooo_cache); 763 dr_out: 764 kmem_cache_destroy(lio_dr_cache); 765 qr_out: 766 kmem_cache_destroy(lio_qr_cache); 767 bitmap_out: 768 vfree(iscsit_global->ts_bitmap); 769 configfs_out: 770 /* XXX: this probably wants it to be it's own unwind step.. */ 771 if (iscsit_global->discovery_tpg) 772 iscsit_tpg_disable_portal_group(iscsit_global->discovery_tpg, 1); 773 target_unregister_template(&iscsi_ops); 774 out: 775 kfree(iscsit_global); 776 return -ENOMEM; 777 } 778 779 static void __exit iscsi_target_cleanup_module(void) 780 { 781 iscsit_release_discovery_tpg(); 782 iscsit_unregister_transport(&iscsi_target_transport); 783 kmem_cache_destroy(lio_qr_cache); 784 kmem_cache_destroy(lio_dr_cache); 785 kmem_cache_destroy(lio_ooo_cache); 786 kmem_cache_destroy(lio_r2t_cache); 787 788 /* 789 * Shutdown discovery sessions and disable discovery TPG 790 */ 791 if (iscsit_global->discovery_tpg) 792 iscsit_tpg_disable_portal_group(iscsit_global->discovery_tpg, 1); 793 794 target_unregister_template(&iscsi_ops); 795 796 vfree(iscsit_global->ts_bitmap); 797 kfree(iscsit_global); 798 } 799 800 int iscsit_add_reject( 801 struct iscsi_conn *conn, 802 u8 reason, 803 unsigned char *buf) 804 { 805 struct iscsi_cmd *cmd; 806 807 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 808 if (!cmd) 809 return -1; 810 811 cmd->iscsi_opcode = ISCSI_OP_REJECT; 812 cmd->reject_reason = reason; 813 814 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 815 if (!cmd->buf_ptr) { 816 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 817 iscsit_free_cmd(cmd, false); 818 return -1; 819 } 820 821 spin_lock_bh(&conn->cmd_lock); 822 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 823 spin_unlock_bh(&conn->cmd_lock); 824 825 cmd->i_state = ISTATE_SEND_REJECT; 826 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 827 828 return -1; 829 } 830 EXPORT_SYMBOL(iscsit_add_reject); 831 832 static int iscsit_add_reject_from_cmd( 833 struct iscsi_cmd *cmd, 834 u8 reason, 835 bool add_to_conn, 836 unsigned char *buf) 837 { 838 struct iscsi_conn *conn; 839 840 if (!cmd->conn) { 841 pr_err("cmd->conn is NULL for ITT: 0x%08x\n", 842 cmd->init_task_tag); 843 return -1; 844 } 845 conn = cmd->conn; 846 847 cmd->iscsi_opcode = ISCSI_OP_REJECT; 848 cmd->reject_reason = reason; 849 850 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 851 if (!cmd->buf_ptr) { 852 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 853 iscsit_free_cmd(cmd, false); 854 return -1; 855 } 856 857 if (add_to_conn) { 858 spin_lock_bh(&conn->cmd_lock); 859 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 860 spin_unlock_bh(&conn->cmd_lock); 861 } 862 863 cmd->i_state = ISTATE_SEND_REJECT; 864 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 865 /* 866 * Perform the kref_put now if se_cmd has already been setup by 867 * scsit_setup_scsi_cmd() 868 */ 869 if (cmd->se_cmd.se_tfo != NULL) { 870 pr_debug("iscsi reject: calling target_put_sess_cmd >>>>>>\n"); 871 target_put_sess_cmd(&cmd->se_cmd); 872 } 873 return -1; 874 } 875 876 static int iscsit_add_reject_cmd(struct iscsi_cmd *cmd, u8 reason, 877 unsigned char *buf) 878 { 879 return iscsit_add_reject_from_cmd(cmd, reason, true, buf); 880 } 881 882 int iscsit_reject_cmd(struct iscsi_cmd *cmd, u8 reason, unsigned char *buf) 883 { 884 return iscsit_add_reject_from_cmd(cmd, reason, false, buf); 885 } 886 EXPORT_SYMBOL(iscsit_reject_cmd); 887 888 /* 889 * Map some portion of the allocated scatterlist to an iovec, suitable for 890 * kernel sockets to copy data in/out. 891 */ 892 static int iscsit_map_iovec( 893 struct iscsi_cmd *cmd, 894 struct kvec *iov, 895 u32 data_offset, 896 u32 data_length) 897 { 898 u32 i = 0; 899 struct scatterlist *sg; 900 unsigned int page_off; 901 902 /* 903 * We know each entry in t_data_sg contains a page. 904 */ 905 u32 ent = data_offset / PAGE_SIZE; 906 907 if (ent >= cmd->se_cmd.t_data_nents) { 908 pr_err("Initial page entry out-of-bounds\n"); 909 return -1; 910 } 911 912 sg = &cmd->se_cmd.t_data_sg[ent]; 913 page_off = (data_offset % PAGE_SIZE); 914 915 cmd->first_data_sg = sg; 916 cmd->first_data_sg_off = page_off; 917 918 while (data_length) { 919 u32 cur_len = min_t(u32, data_length, sg->length - page_off); 920 921 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off; 922 iov[i].iov_len = cur_len; 923 924 data_length -= cur_len; 925 page_off = 0; 926 sg = sg_next(sg); 927 i++; 928 } 929 930 cmd->kmapped_nents = i; 931 932 return i; 933 } 934 935 static void iscsit_unmap_iovec(struct iscsi_cmd *cmd) 936 { 937 u32 i; 938 struct scatterlist *sg; 939 940 sg = cmd->first_data_sg; 941 942 for (i = 0; i < cmd->kmapped_nents; i++) 943 kunmap(sg_page(&sg[i])); 944 } 945 946 static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn) 947 { 948 LIST_HEAD(ack_list); 949 struct iscsi_cmd *cmd, *cmd_p; 950 951 conn->exp_statsn = exp_statsn; 952 953 if (conn->sess->sess_ops->RDMAExtensions) 954 return; 955 956 spin_lock_bh(&conn->cmd_lock); 957 list_for_each_entry_safe(cmd, cmd_p, &conn->conn_cmd_list, i_conn_node) { 958 spin_lock(&cmd->istate_lock); 959 if ((cmd->i_state == ISTATE_SENT_STATUS) && 960 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) { 961 cmd->i_state = ISTATE_REMOVE; 962 spin_unlock(&cmd->istate_lock); 963 list_move_tail(&cmd->i_conn_node, &ack_list); 964 continue; 965 } 966 spin_unlock(&cmd->istate_lock); 967 } 968 spin_unlock_bh(&conn->cmd_lock); 969 970 list_for_each_entry_safe(cmd, cmd_p, &ack_list, i_conn_node) { 971 list_del_init(&cmd->i_conn_node); 972 iscsit_free_cmd(cmd, false); 973 } 974 } 975 976 static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd) 977 { 978 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE)); 979 980 iov_count += ISCSI_IOV_DATA_BUFFER; 981 cmd->iov_data = kcalloc(iov_count, sizeof(*cmd->iov_data), GFP_KERNEL); 982 if (!cmd->iov_data) 983 return -ENOMEM; 984 985 cmd->orig_iov_data_count = iov_count; 986 return 0; 987 } 988 989 int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 990 unsigned char *buf) 991 { 992 int data_direction, payload_length; 993 struct iscsi_scsi_req *hdr; 994 int iscsi_task_attr; 995 int sam_task_attr; 996 997 atomic_long_inc(&conn->sess->cmd_pdus); 998 999 hdr = (struct iscsi_scsi_req *) buf; 1000 payload_length = ntoh24(hdr->dlength); 1001 1002 /* FIXME; Add checks for AdditionalHeaderSegment */ 1003 1004 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) && 1005 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 1006 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL" 1007 " not set. Bad iSCSI Initiator.\n"); 1008 return iscsit_add_reject_cmd(cmd, 1009 ISCSI_REASON_BOOKMARK_INVALID, buf); 1010 } 1011 1012 if (((hdr->flags & ISCSI_FLAG_CMD_READ) || 1013 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { 1014 /* 1015 * From RFC-3720 Section 10.3.1: 1016 * 1017 * "Either or both of R and W MAY be 1 when either the 1018 * Expected Data Transfer Length and/or Bidirectional Read 1019 * Expected Data Transfer Length are 0" 1020 * 1021 * For this case, go ahead and clear the unnecssary bits 1022 * to avoid any confusion with ->data_direction. 1023 */ 1024 hdr->flags &= ~ISCSI_FLAG_CMD_READ; 1025 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; 1026 1027 pr_warn("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" 1028 " set when Expected Data Transfer Length is 0 for" 1029 " CDB: 0x%02x, Fixing up flags\n", hdr->cdb[0]); 1030 } 1031 1032 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && 1033 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { 1034 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE" 1035 " MUST be set if Expected Data Transfer Length is not 0." 1036 " Bad iSCSI Initiator\n"); 1037 return iscsit_add_reject_cmd(cmd, 1038 ISCSI_REASON_BOOKMARK_INVALID, buf); 1039 } 1040 1041 if ((hdr->flags & ISCSI_FLAG_CMD_READ) && 1042 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) { 1043 pr_err("Bidirectional operations not supported!\n"); 1044 return iscsit_add_reject_cmd(cmd, 1045 ISCSI_REASON_BOOKMARK_INVALID, buf); 1046 } 1047 1048 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 1049 pr_err("Illegally set Immediate Bit in iSCSI Initiator" 1050 " Scsi Command PDU.\n"); 1051 return iscsit_add_reject_cmd(cmd, 1052 ISCSI_REASON_BOOKMARK_INVALID, buf); 1053 } 1054 1055 if (payload_length && !conn->sess->sess_ops->ImmediateData) { 1056 pr_err("ImmediateData=No but DataSegmentLength=%u," 1057 " protocol error.\n", payload_length); 1058 return iscsit_add_reject_cmd(cmd, 1059 ISCSI_REASON_PROTOCOL_ERROR, buf); 1060 } 1061 1062 if ((be32_to_cpu(hdr->data_length) == payload_length) && 1063 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) { 1064 pr_err("Expected Data Transfer Length and Length of" 1065 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL" 1066 " bit is not set protocol error\n"); 1067 return iscsit_add_reject_cmd(cmd, 1068 ISCSI_REASON_PROTOCOL_ERROR, buf); 1069 } 1070 1071 if (payload_length > be32_to_cpu(hdr->data_length)) { 1072 pr_err("DataSegmentLength: %u is greater than" 1073 " EDTL: %u, protocol error.\n", payload_length, 1074 hdr->data_length); 1075 return iscsit_add_reject_cmd(cmd, 1076 ISCSI_REASON_PROTOCOL_ERROR, buf); 1077 } 1078 1079 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1080 pr_err("DataSegmentLength: %u is greater than" 1081 " MaxXmitDataSegmentLength: %u, protocol error.\n", 1082 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 1083 return iscsit_add_reject_cmd(cmd, 1084 ISCSI_REASON_PROTOCOL_ERROR, buf); 1085 } 1086 1087 if (payload_length > conn->sess->sess_ops->FirstBurstLength) { 1088 pr_err("DataSegmentLength: %u is greater than" 1089 " FirstBurstLength: %u, protocol error.\n", 1090 payload_length, conn->sess->sess_ops->FirstBurstLength); 1091 return iscsit_add_reject_cmd(cmd, 1092 ISCSI_REASON_BOOKMARK_INVALID, buf); 1093 } 1094 1095 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE : 1096 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE : 1097 DMA_NONE; 1098 1099 cmd->data_direction = data_direction; 1100 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK; 1101 /* 1102 * Figure out the SAM Task Attribute for the incoming SCSI CDB 1103 */ 1104 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) || 1105 (iscsi_task_attr == ISCSI_ATTR_SIMPLE)) 1106 sam_task_attr = TCM_SIMPLE_TAG; 1107 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED) 1108 sam_task_attr = TCM_ORDERED_TAG; 1109 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE) 1110 sam_task_attr = TCM_HEAD_TAG; 1111 else if (iscsi_task_attr == ISCSI_ATTR_ACA) 1112 sam_task_attr = TCM_ACA_TAG; 1113 else { 1114 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using" 1115 " TCM_SIMPLE_TAG\n", iscsi_task_attr); 1116 sam_task_attr = TCM_SIMPLE_TAG; 1117 } 1118 1119 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD; 1120 cmd->i_state = ISTATE_NEW_CMD; 1121 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1122 cmd->immediate_data = (payload_length) ? 1 : 0; 1123 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) && 1124 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0); 1125 if (cmd->unsolicited_data) 1126 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA; 1127 1128 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1129 if (hdr->flags & ISCSI_FLAG_CMD_READ) 1130 cmd->targ_xfer_tag = session_get_next_ttt(conn->sess); 1131 else 1132 cmd->targ_xfer_tag = 0xFFFFFFFF; 1133 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1134 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1135 cmd->first_burst_len = payload_length; 1136 1137 if (!conn->sess->sess_ops->RDMAExtensions && 1138 cmd->data_direction == DMA_FROM_DEVICE) { 1139 struct iscsi_datain_req *dr; 1140 1141 dr = iscsit_allocate_datain_req(); 1142 if (!dr) 1143 return iscsit_add_reject_cmd(cmd, 1144 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1145 1146 iscsit_attach_datain_req(cmd, dr); 1147 } 1148 1149 /* 1150 * Initialize struct se_cmd descriptor from target_core_mod infrastructure 1151 */ 1152 transport_init_se_cmd(&cmd->se_cmd, &iscsi_ops, 1153 conn->sess->se_sess, be32_to_cpu(hdr->data_length), 1154 cmd->data_direction, sam_task_attr, 1155 cmd->sense_buffer + 2); 1156 1157 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x," 1158 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt, 1159 hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length, 1160 conn->cid); 1161 1162 target_get_sess_cmd(&cmd->se_cmd, true); 1163 1164 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd, 1165 scsilun_to_int(&hdr->lun)); 1166 if (cmd->sense_reason) 1167 goto attach_cmd; 1168 1169 /* only used for printks or comparing with ->ref_task_tag */ 1170 cmd->se_cmd.tag = (__force u32)cmd->init_task_tag; 1171 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb); 1172 if (cmd->sense_reason) { 1173 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) { 1174 return iscsit_add_reject_cmd(cmd, 1175 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1176 } 1177 1178 goto attach_cmd; 1179 } 1180 1181 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) { 1182 return iscsit_add_reject_cmd(cmd, 1183 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1184 } 1185 1186 attach_cmd: 1187 spin_lock_bh(&conn->cmd_lock); 1188 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1189 spin_unlock_bh(&conn->cmd_lock); 1190 /* 1191 * Check if we need to delay processing because of ALUA 1192 * Active/NonOptimized primary access state.. 1193 */ 1194 core_alua_check_nonop_delay(&cmd->se_cmd); 1195 1196 return 0; 1197 } 1198 EXPORT_SYMBOL(iscsit_setup_scsi_cmd); 1199 1200 void iscsit_set_unsoliticed_dataout(struct iscsi_cmd *cmd) 1201 { 1202 iscsit_set_dataout_sequence_values(cmd); 1203 1204 spin_lock_bh(&cmd->dataout_timeout_lock); 1205 iscsit_start_dataout_timer(cmd, cmd->conn); 1206 spin_unlock_bh(&cmd->dataout_timeout_lock); 1207 } 1208 EXPORT_SYMBOL(iscsit_set_unsoliticed_dataout); 1209 1210 int iscsit_process_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1211 struct iscsi_scsi_req *hdr) 1212 { 1213 int cmdsn_ret = 0; 1214 /* 1215 * Check the CmdSN against ExpCmdSN/MaxCmdSN here if 1216 * the Immediate Bit is not set, and no Immediate 1217 * Data is attached. 1218 * 1219 * A PDU/CmdSN carrying Immediate Data can only 1220 * be processed after the DataCRC has passed. 1221 * If the DataCRC fails, the CmdSN MUST NOT 1222 * be acknowledged. (See below) 1223 */ 1224 if (!cmd->immediate_data) { 1225 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1226 (unsigned char *)hdr, hdr->cmdsn); 1227 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1228 return -1; 1229 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1230 target_put_sess_cmd(&cmd->se_cmd); 1231 return 0; 1232 } 1233 } 1234 1235 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1236 1237 /* 1238 * If no Immediate Data is attached, it's OK to return now. 1239 */ 1240 if (!cmd->immediate_data) { 1241 if (!cmd->sense_reason && cmd->unsolicited_data) 1242 iscsit_set_unsoliticed_dataout(cmd); 1243 if (!cmd->sense_reason) 1244 return 0; 1245 1246 target_put_sess_cmd(&cmd->se_cmd); 1247 return 0; 1248 } 1249 1250 /* 1251 * Early CHECK_CONDITIONs with ImmediateData never make it to command 1252 * execution. These exceptions are processed in CmdSN order using 1253 * iscsit_check_received_cmdsn() in iscsit_get_immediate_data() below. 1254 */ 1255 if (cmd->sense_reason) 1256 return 1; 1257 /* 1258 * Call directly into transport_generic_new_cmd() to perform 1259 * the backend memory allocation. 1260 */ 1261 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd); 1262 if (cmd->sense_reason) 1263 return 1; 1264 1265 return 0; 1266 } 1267 EXPORT_SYMBOL(iscsit_process_scsi_cmd); 1268 1269 static int 1270 iscsit_get_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr, 1271 bool dump_payload) 1272 { 1273 int cmdsn_ret = 0, immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION; 1274 /* 1275 * Special case for Unsupported SAM WRITE Opcodes and ImmediateData=Yes. 1276 */ 1277 if (dump_payload) 1278 goto after_immediate_data; 1279 /* 1280 * Check for underflow case where both EDTL and immediate data payload 1281 * exceeds what is presented by CDB's TRANSFER LENGTH, and what has 1282 * already been set in target_cmd_size_check() as se_cmd->data_length. 1283 * 1284 * For this special case, fail the command and dump the immediate data 1285 * payload. 1286 */ 1287 if (cmd->first_burst_len > cmd->se_cmd.data_length) { 1288 cmd->sense_reason = TCM_INVALID_CDB_FIELD; 1289 goto after_immediate_data; 1290 } 1291 1292 immed_ret = iscsit_handle_immediate_data(cmd, hdr, 1293 cmd->first_burst_len); 1294 after_immediate_data: 1295 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) { 1296 /* 1297 * A PDU/CmdSN carrying Immediate Data passed 1298 * DataCRC, check against ExpCmdSN/MaxCmdSN if 1299 * Immediate Bit is not set. 1300 */ 1301 cmdsn_ret = iscsit_sequence_cmd(cmd->conn, cmd, 1302 (unsigned char *)hdr, hdr->cmdsn); 1303 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1304 return -1; 1305 1306 if (cmd->sense_reason || cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1307 int rc; 1308 1309 rc = iscsit_dump_data_payload(cmd->conn, 1310 cmd->first_burst_len, 1); 1311 target_put_sess_cmd(&cmd->se_cmd); 1312 return rc; 1313 } else if (cmd->unsolicited_data) 1314 iscsit_set_unsoliticed_dataout(cmd); 1315 1316 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) { 1317 /* 1318 * Immediate Data failed DataCRC and ERL>=1, 1319 * silently drop this PDU and let the initiator 1320 * plug the CmdSN gap. 1321 * 1322 * FIXME: Send Unsolicited NOPIN with reserved 1323 * TTT here to help the initiator figure out 1324 * the missing CmdSN, although they should be 1325 * intelligent enough to determine the missing 1326 * CmdSN and issue a retry to plug the sequence. 1327 */ 1328 cmd->i_state = ISTATE_REMOVE; 1329 iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, cmd->i_state); 1330 } else /* immed_ret == IMMEDIATE_DATA_CANNOT_RECOVER */ 1331 return -1; 1332 1333 return 0; 1334 } 1335 1336 static int 1337 iscsit_handle_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1338 unsigned char *buf) 1339 { 1340 struct iscsi_scsi_req *hdr = (struct iscsi_scsi_req *)buf; 1341 int rc, immed_data; 1342 bool dump_payload = false; 1343 1344 rc = iscsit_setup_scsi_cmd(conn, cmd, buf); 1345 if (rc < 0) 1346 return 0; 1347 /* 1348 * Allocation iovecs needed for struct socket operations for 1349 * traditional iSCSI block I/O. 1350 */ 1351 if (iscsit_allocate_iovecs(cmd) < 0) { 1352 return iscsit_reject_cmd(cmd, 1353 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1354 } 1355 immed_data = cmd->immediate_data; 1356 1357 rc = iscsit_process_scsi_cmd(conn, cmd, hdr); 1358 if (rc < 0) 1359 return rc; 1360 else if (rc > 0) 1361 dump_payload = true; 1362 1363 if (!immed_data) 1364 return 0; 1365 1366 return iscsit_get_immediate_data(cmd, hdr, dump_payload); 1367 } 1368 1369 static u32 iscsit_do_crypto_hash_sg( 1370 struct ahash_request *hash, 1371 struct iscsi_cmd *cmd, 1372 u32 data_offset, 1373 u32 data_length, 1374 u32 padding, 1375 u8 *pad_bytes) 1376 { 1377 u32 data_crc; 1378 struct scatterlist *sg; 1379 unsigned int page_off; 1380 1381 crypto_ahash_init(hash); 1382 1383 sg = cmd->first_data_sg; 1384 page_off = cmd->first_data_sg_off; 1385 1386 while (data_length) { 1387 u32 cur_len = min_t(u32, data_length, (sg->length - page_off)); 1388 1389 ahash_request_set_crypt(hash, sg, NULL, cur_len); 1390 crypto_ahash_update(hash); 1391 1392 data_length -= cur_len; 1393 page_off = 0; 1394 /* iscsit_map_iovec has already checked for invalid sg pointers */ 1395 sg = sg_next(sg); 1396 } 1397 1398 if (padding) { 1399 struct scatterlist pad_sg; 1400 1401 sg_init_one(&pad_sg, pad_bytes, padding); 1402 ahash_request_set_crypt(hash, &pad_sg, (u8 *)&data_crc, 1403 padding); 1404 crypto_ahash_finup(hash); 1405 } else { 1406 ahash_request_set_crypt(hash, NULL, (u8 *)&data_crc, 0); 1407 crypto_ahash_final(hash); 1408 } 1409 1410 return data_crc; 1411 } 1412 1413 static void iscsit_do_crypto_hash_buf( 1414 struct ahash_request *hash, 1415 const void *buf, 1416 u32 payload_length, 1417 u32 padding, 1418 u8 *pad_bytes, 1419 u8 *data_crc) 1420 { 1421 struct scatterlist sg[2]; 1422 1423 sg_init_table(sg, ARRAY_SIZE(sg)); 1424 sg_set_buf(sg, buf, payload_length); 1425 sg_set_buf(sg + 1, pad_bytes, padding); 1426 1427 ahash_request_set_crypt(hash, sg, data_crc, payload_length + padding); 1428 1429 crypto_ahash_digest(hash); 1430 } 1431 1432 int 1433 __iscsit_check_dataout_hdr(struct iscsi_conn *conn, void *buf, 1434 struct iscsi_cmd *cmd, u32 payload_length, 1435 bool *success) 1436 { 1437 struct iscsi_data *hdr = buf; 1438 struct se_cmd *se_cmd; 1439 int rc; 1440 1441 /* iSCSI write */ 1442 atomic_long_add(payload_length, &conn->sess->rx_data_octets); 1443 1444 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x," 1445 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 1446 hdr->itt, hdr->ttt, hdr->datasn, ntohl(hdr->offset), 1447 payload_length, conn->cid); 1448 1449 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) { 1450 pr_err("Command ITT: 0x%08x received DataOUT after" 1451 " last DataOUT received, dumping payload\n", 1452 cmd->init_task_tag); 1453 return iscsit_dump_data_payload(conn, payload_length, 1); 1454 } 1455 1456 if (cmd->data_direction != DMA_TO_DEVICE) { 1457 pr_err("Command ITT: 0x%08x received DataOUT for a" 1458 " NON-WRITE command.\n", cmd->init_task_tag); 1459 return iscsit_dump_data_payload(conn, payload_length, 1); 1460 } 1461 se_cmd = &cmd->se_cmd; 1462 iscsit_mod_dataout_timer(cmd); 1463 1464 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) { 1465 pr_err("DataOut Offset: %u, Length %u greater than" 1466 " iSCSI Command EDTL %u, protocol error.\n", 1467 hdr->offset, payload_length, cmd->se_cmd.data_length); 1468 return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID, buf); 1469 } 1470 1471 if (cmd->unsolicited_data) { 1472 int dump_unsolicited_data = 0; 1473 1474 if (conn->sess->sess_ops->InitialR2T) { 1475 pr_err("Received unexpected unsolicited data" 1476 " while InitialR2T=Yes, protocol error.\n"); 1477 transport_send_check_condition_and_sense(&cmd->se_cmd, 1478 TCM_UNEXPECTED_UNSOLICITED_DATA, 0); 1479 return -1; 1480 } 1481 /* 1482 * Special case for dealing with Unsolicited DataOUT 1483 * and Unsupported SAM WRITE Opcodes and SE resource allocation 1484 * failures; 1485 */ 1486 1487 /* Something's amiss if we're not in WRITE_PENDING state... */ 1488 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING); 1489 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE)) 1490 dump_unsolicited_data = 1; 1491 1492 if (dump_unsolicited_data) { 1493 /* 1494 * Check if a delayed TASK_ABORTED status needs to 1495 * be sent now if the ISCSI_FLAG_CMD_FINAL has been 1496 * received with the unsolicited data out. 1497 */ 1498 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1499 iscsit_stop_dataout_timer(cmd); 1500 1501 transport_check_aborted_status(se_cmd, 1502 (hdr->flags & ISCSI_FLAG_CMD_FINAL)); 1503 return iscsit_dump_data_payload(conn, payload_length, 1); 1504 } 1505 } else { 1506 /* 1507 * For the normal solicited data path: 1508 * 1509 * Check for a delayed TASK_ABORTED status and dump any 1510 * incoming data out payload if one exists. Also, when the 1511 * ISCSI_FLAG_CMD_FINAL is set to denote the end of the current 1512 * data out sequence, we decrement outstanding_r2ts. Once 1513 * outstanding_r2ts reaches zero, go ahead and send the delayed 1514 * TASK_ABORTED status. 1515 */ 1516 if (se_cmd->transport_state & CMD_T_ABORTED) { 1517 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1518 if (--cmd->outstanding_r2ts < 1) { 1519 iscsit_stop_dataout_timer(cmd); 1520 transport_check_aborted_status( 1521 se_cmd, 1); 1522 } 1523 1524 return iscsit_dump_data_payload(conn, payload_length, 1); 1525 } 1526 } 1527 /* 1528 * Perform DataSN, DataSequenceInOrder, DataPDUInOrder, and 1529 * within-command recovery checks before receiving the payload. 1530 */ 1531 rc = iscsit_check_pre_dataout(cmd, buf); 1532 if (rc == DATAOUT_WITHIN_COMMAND_RECOVERY) 1533 return 0; 1534 else if (rc == DATAOUT_CANNOT_RECOVER) 1535 return -1; 1536 *success = true; 1537 return 0; 1538 } 1539 EXPORT_SYMBOL(__iscsit_check_dataout_hdr); 1540 1541 int 1542 iscsit_check_dataout_hdr(struct iscsi_conn *conn, void *buf, 1543 struct iscsi_cmd **out_cmd) 1544 { 1545 struct iscsi_data *hdr = buf; 1546 struct iscsi_cmd *cmd; 1547 u32 payload_length = ntoh24(hdr->dlength); 1548 int rc; 1549 bool success = false; 1550 1551 if (!payload_length) { 1552 pr_warn_ratelimited("DataOUT payload is ZERO, ignoring.\n"); 1553 return 0; 1554 } 1555 1556 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1557 pr_err_ratelimited("DataSegmentLength: %u is greater than" 1558 " MaxXmitDataSegmentLength: %u\n", payload_length, 1559 conn->conn_ops->MaxXmitDataSegmentLength); 1560 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, buf); 1561 } 1562 1563 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt, payload_length); 1564 if (!cmd) 1565 return 0; 1566 1567 rc = __iscsit_check_dataout_hdr(conn, buf, cmd, payload_length, &success); 1568 1569 if (success) 1570 *out_cmd = cmd; 1571 1572 return rc; 1573 } 1574 EXPORT_SYMBOL(iscsit_check_dataout_hdr); 1575 1576 static int 1577 iscsit_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1578 struct iscsi_data *hdr) 1579 { 1580 struct kvec *iov; 1581 u32 checksum, iov_count = 0, padding = 0, rx_got = 0, rx_size = 0; 1582 u32 payload_length = ntoh24(hdr->dlength); 1583 int iov_ret, data_crc_failed = 0; 1584 1585 rx_size += payload_length; 1586 iov = &cmd->iov_data[0]; 1587 1588 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset), 1589 payload_length); 1590 if (iov_ret < 0) 1591 return -1; 1592 1593 iov_count += iov_ret; 1594 1595 padding = ((-payload_length) & 3); 1596 if (padding != 0) { 1597 iov[iov_count].iov_base = cmd->pad_bytes; 1598 iov[iov_count++].iov_len = padding; 1599 rx_size += padding; 1600 pr_debug("Receiving %u padding bytes.\n", padding); 1601 } 1602 1603 if (conn->conn_ops->DataDigest) { 1604 iov[iov_count].iov_base = &checksum; 1605 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 1606 rx_size += ISCSI_CRC_LEN; 1607 } 1608 1609 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 1610 1611 iscsit_unmap_iovec(cmd); 1612 1613 if (rx_got != rx_size) 1614 return -1; 1615 1616 if (conn->conn_ops->DataDigest) { 1617 u32 data_crc; 1618 1619 data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd, 1620 be32_to_cpu(hdr->offset), 1621 payload_length, padding, 1622 cmd->pad_bytes); 1623 1624 if (checksum != data_crc) { 1625 pr_err("ITT: 0x%08x, Offset: %u, Length: %u," 1626 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x" 1627 " does not match computed 0x%08x\n", 1628 hdr->itt, hdr->offset, payload_length, 1629 hdr->datasn, checksum, data_crc); 1630 data_crc_failed = 1; 1631 } else { 1632 pr_debug("Got CRC32C DataDigest 0x%08x for" 1633 " %u bytes of Data Out\n", checksum, 1634 payload_length); 1635 } 1636 } 1637 1638 return data_crc_failed; 1639 } 1640 1641 int 1642 iscsit_check_dataout_payload(struct iscsi_cmd *cmd, struct iscsi_data *hdr, 1643 bool data_crc_failed) 1644 { 1645 struct iscsi_conn *conn = cmd->conn; 1646 int rc, ooo_cmdsn; 1647 /* 1648 * Increment post receive data and CRC values or perform 1649 * within-command recovery. 1650 */ 1651 rc = iscsit_check_post_dataout(cmd, (unsigned char *)hdr, data_crc_failed); 1652 if ((rc == DATAOUT_NORMAL) || (rc == DATAOUT_WITHIN_COMMAND_RECOVERY)) 1653 return 0; 1654 else if (rc == DATAOUT_SEND_R2T) { 1655 iscsit_set_dataout_sequence_values(cmd); 1656 conn->conn_transport->iscsit_get_dataout(conn, cmd, false); 1657 } else if (rc == DATAOUT_SEND_TO_TRANSPORT) { 1658 /* 1659 * Handle extra special case for out of order 1660 * Unsolicited Data Out. 1661 */ 1662 spin_lock_bh(&cmd->istate_lock); 1663 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN); 1664 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 1665 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 1666 spin_unlock_bh(&cmd->istate_lock); 1667 1668 iscsit_stop_dataout_timer(cmd); 1669 if (ooo_cmdsn) 1670 return 0; 1671 target_execute_cmd(&cmd->se_cmd); 1672 return 0; 1673 } else /* DATAOUT_CANNOT_RECOVER */ 1674 return -1; 1675 1676 return 0; 1677 } 1678 EXPORT_SYMBOL(iscsit_check_dataout_payload); 1679 1680 static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) 1681 { 1682 struct iscsi_cmd *cmd = NULL; 1683 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1684 int rc; 1685 bool data_crc_failed = false; 1686 1687 rc = iscsit_check_dataout_hdr(conn, buf, &cmd); 1688 if (rc < 0) 1689 return 0; 1690 else if (!cmd) 1691 return 0; 1692 1693 rc = iscsit_get_dataout(conn, cmd, hdr); 1694 if (rc < 0) 1695 return rc; 1696 else if (rc > 0) 1697 data_crc_failed = true; 1698 1699 return iscsit_check_dataout_payload(cmd, hdr, data_crc_failed); 1700 } 1701 1702 int iscsit_setup_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1703 struct iscsi_nopout *hdr) 1704 { 1705 u32 payload_length = ntoh24(hdr->dlength); 1706 1707 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 1708 pr_err("NopOUT Flag's, Left Most Bit not set, protocol error.\n"); 1709 if (!cmd) 1710 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1711 (unsigned char *)hdr); 1712 1713 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1714 (unsigned char *)hdr); 1715 } 1716 1717 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1718 pr_err("NOPOUT ITT is reserved, but Immediate Bit is" 1719 " not set, protocol error.\n"); 1720 if (!cmd) 1721 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1722 (unsigned char *)hdr); 1723 1724 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1725 (unsigned char *)hdr); 1726 } 1727 1728 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1729 pr_err("NOPOUT Ping Data DataSegmentLength: %u is" 1730 " greater than MaxXmitDataSegmentLength: %u, protocol" 1731 " error.\n", payload_length, 1732 conn->conn_ops->MaxXmitDataSegmentLength); 1733 if (!cmd) 1734 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1735 (unsigned char *)hdr); 1736 1737 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1738 (unsigned char *)hdr); 1739 } 1740 1741 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%08x," 1742 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n", 1743 hdr->itt == RESERVED_ITT ? "Response" : "Request", 1744 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn, 1745 payload_length); 1746 /* 1747 * This is not a response to a Unsolicited NopIN, which means 1748 * it can either be a NOPOUT ping request (with a valid ITT), 1749 * or a NOPOUT not requesting a NOPIN (with a reserved ITT). 1750 * Either way, make sure we allocate an struct iscsi_cmd, as both 1751 * can contain ping data. 1752 */ 1753 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1754 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT; 1755 cmd->i_state = ISTATE_SEND_NOPIN; 1756 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1757 1 : 0); 1758 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1759 cmd->targ_xfer_tag = 0xFFFFFFFF; 1760 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1761 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1762 cmd->data_direction = DMA_NONE; 1763 } 1764 1765 return 0; 1766 } 1767 EXPORT_SYMBOL(iscsit_setup_nop_out); 1768 1769 int iscsit_process_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1770 struct iscsi_nopout *hdr) 1771 { 1772 struct iscsi_cmd *cmd_p = NULL; 1773 int cmdsn_ret = 0; 1774 /* 1775 * Initiator is expecting a NopIN ping reply.. 1776 */ 1777 if (hdr->itt != RESERVED_ITT) { 1778 if (!cmd) 1779 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1780 (unsigned char *)hdr); 1781 1782 spin_lock_bh(&conn->cmd_lock); 1783 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1784 spin_unlock_bh(&conn->cmd_lock); 1785 1786 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1787 1788 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 1789 iscsit_add_cmd_to_response_queue(cmd, conn, 1790 cmd->i_state); 1791 return 0; 1792 } 1793 1794 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1795 (unsigned char *)hdr, hdr->cmdsn); 1796 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1797 return 0; 1798 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1799 return -1; 1800 1801 return 0; 1802 } 1803 /* 1804 * This was a response to a unsolicited NOPIN ping. 1805 */ 1806 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 1807 cmd_p = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt)); 1808 if (!cmd_p) 1809 return -EINVAL; 1810 1811 iscsit_stop_nopin_response_timer(conn); 1812 1813 cmd_p->i_state = ISTATE_REMOVE; 1814 iscsit_add_cmd_to_immediate_queue(cmd_p, conn, cmd_p->i_state); 1815 1816 iscsit_start_nopin_timer(conn); 1817 return 0; 1818 } 1819 /* 1820 * Otherwise, initiator is not expecting a NOPIN is response. 1821 * Just ignore for now. 1822 */ 1823 1824 if (cmd) 1825 iscsit_free_cmd(cmd, false); 1826 1827 return 0; 1828 } 1829 EXPORT_SYMBOL(iscsit_process_nop_out); 1830 1831 static int iscsit_handle_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1832 unsigned char *buf) 1833 { 1834 unsigned char *ping_data = NULL; 1835 struct iscsi_nopout *hdr = (struct iscsi_nopout *)buf; 1836 struct kvec *iov = NULL; 1837 u32 payload_length = ntoh24(hdr->dlength); 1838 int ret; 1839 1840 ret = iscsit_setup_nop_out(conn, cmd, hdr); 1841 if (ret < 0) 1842 return 0; 1843 /* 1844 * Handle NOP-OUT payload for traditional iSCSI sockets 1845 */ 1846 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1847 u32 checksum, data_crc, padding = 0; 1848 int niov = 0, rx_got, rx_size = payload_length; 1849 1850 ping_data = kzalloc(payload_length + 1, GFP_KERNEL); 1851 if (!ping_data) { 1852 ret = -1; 1853 goto out; 1854 } 1855 1856 iov = &cmd->iov_misc[0]; 1857 iov[niov].iov_base = ping_data; 1858 iov[niov++].iov_len = payload_length; 1859 1860 padding = ((-payload_length) & 3); 1861 if (padding != 0) { 1862 pr_debug("Receiving %u additional bytes" 1863 " for padding.\n", padding); 1864 iov[niov].iov_base = &cmd->pad_bytes; 1865 iov[niov++].iov_len = padding; 1866 rx_size += padding; 1867 } 1868 if (conn->conn_ops->DataDigest) { 1869 iov[niov].iov_base = &checksum; 1870 iov[niov++].iov_len = ISCSI_CRC_LEN; 1871 rx_size += ISCSI_CRC_LEN; 1872 } 1873 1874 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size); 1875 if (rx_got != rx_size) { 1876 ret = -1; 1877 goto out; 1878 } 1879 1880 if (conn->conn_ops->DataDigest) { 1881 iscsit_do_crypto_hash_buf(conn->conn_rx_hash, 1882 ping_data, payload_length, 1883 padding, cmd->pad_bytes, 1884 (u8 *)&data_crc); 1885 1886 if (checksum != data_crc) { 1887 pr_err("Ping data CRC32C DataDigest" 1888 " 0x%08x does not match computed 0x%08x\n", 1889 checksum, data_crc); 1890 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 1891 pr_err("Unable to recover from" 1892 " NOPOUT Ping DataCRC failure while in" 1893 " ERL=0.\n"); 1894 ret = -1; 1895 goto out; 1896 } else { 1897 /* 1898 * Silently drop this PDU and let the 1899 * initiator plug the CmdSN gap. 1900 */ 1901 pr_debug("Dropping NOPOUT" 1902 " Command CmdSN: 0x%08x due to" 1903 " DataCRC error.\n", hdr->cmdsn); 1904 ret = 0; 1905 goto out; 1906 } 1907 } else { 1908 pr_debug("Got CRC32C DataDigest" 1909 " 0x%08x for %u bytes of ping data.\n", 1910 checksum, payload_length); 1911 } 1912 } 1913 1914 ping_data[payload_length] = '\0'; 1915 /* 1916 * Attach ping data to struct iscsi_cmd->buf_ptr. 1917 */ 1918 cmd->buf_ptr = ping_data; 1919 cmd->buf_ptr_size = payload_length; 1920 1921 pr_debug("Got %u bytes of NOPOUT ping" 1922 " data.\n", payload_length); 1923 pr_debug("Ping Data: \"%s\"\n", ping_data); 1924 } 1925 1926 return iscsit_process_nop_out(conn, cmd, hdr); 1927 out: 1928 if (cmd) 1929 iscsit_free_cmd(cmd, false); 1930 1931 kfree(ping_data); 1932 return ret; 1933 } 1934 1935 static enum tcm_tmreq_table iscsit_convert_tmf(u8 iscsi_tmf) 1936 { 1937 switch (iscsi_tmf) { 1938 case ISCSI_TM_FUNC_ABORT_TASK: 1939 return TMR_ABORT_TASK; 1940 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1941 return TMR_ABORT_TASK_SET; 1942 case ISCSI_TM_FUNC_CLEAR_ACA: 1943 return TMR_CLEAR_ACA; 1944 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1945 return TMR_CLEAR_TASK_SET; 1946 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1947 return TMR_LUN_RESET; 1948 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1949 return TMR_TARGET_WARM_RESET; 1950 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1951 return TMR_TARGET_COLD_RESET; 1952 default: 1953 return TMR_UNKNOWN; 1954 } 1955 } 1956 1957 int 1958 iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1959 unsigned char *buf) 1960 { 1961 struct se_tmr_req *se_tmr; 1962 struct iscsi_tmr_req *tmr_req; 1963 struct iscsi_tm *hdr; 1964 int out_of_order_cmdsn = 0, ret; 1965 bool sess_ref = false; 1966 u8 function, tcm_function = TMR_UNKNOWN; 1967 1968 hdr = (struct iscsi_tm *) buf; 1969 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 1970 function = hdr->flags; 1971 1972 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:" 1973 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:" 1974 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function, 1975 hdr->rtt, hdr->refcmdsn, conn->cid); 1976 1977 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1978 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1979 hdr->rtt != RESERVED_ITT)) { 1980 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n"); 1981 hdr->rtt = RESERVED_ITT; 1982 } 1983 1984 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) && 1985 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1986 pr_err("Task Management Request TASK_REASSIGN not" 1987 " issued as immediate command, bad iSCSI Initiator" 1988 "implementation\n"); 1989 return iscsit_add_reject_cmd(cmd, 1990 ISCSI_REASON_PROTOCOL_ERROR, buf); 1991 } 1992 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1993 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG) 1994 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG); 1995 1996 cmd->data_direction = DMA_NONE; 1997 cmd->tmr_req = kzalloc(sizeof(*cmd->tmr_req), GFP_KERNEL); 1998 if (!cmd->tmr_req) 1999 return iscsit_add_reject_cmd(cmd, 2000 ISCSI_REASON_BOOKMARK_NO_RESOURCES, 2001 buf); 2002 2003 /* 2004 * TASK_REASSIGN for ERL=2 / connection stays inside of 2005 * LIO-Target $FABRIC_MOD 2006 */ 2007 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 2008 transport_init_se_cmd(&cmd->se_cmd, &iscsi_ops, 2009 conn->sess->se_sess, 0, DMA_NONE, 2010 TCM_SIMPLE_TAG, cmd->sense_buffer + 2); 2011 2012 target_get_sess_cmd(&cmd->se_cmd, true); 2013 sess_ref = true; 2014 tcm_function = iscsit_convert_tmf(function); 2015 if (tcm_function == TMR_UNKNOWN) { 2016 pr_err("Unknown iSCSI TMR Function:" 2017 " 0x%02x\n", function); 2018 return iscsit_add_reject_cmd(cmd, 2019 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 2020 } 2021 } 2022 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req, tcm_function, 2023 GFP_KERNEL); 2024 if (ret < 0) 2025 return iscsit_add_reject_cmd(cmd, 2026 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 2027 2028 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req; 2029 2030 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC; 2031 cmd->i_state = ISTATE_SEND_TASKMGTRSP; 2032 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2033 cmd->init_task_tag = hdr->itt; 2034 cmd->targ_xfer_tag = 0xFFFFFFFF; 2035 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2036 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2037 se_tmr = cmd->se_cmd.se_tmr_req; 2038 tmr_req = cmd->tmr_req; 2039 /* 2040 * Locate the struct se_lun for all TMRs not related to ERL=2 TASK_REASSIGN 2041 */ 2042 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 2043 ret = transport_lookup_tmr_lun(&cmd->se_cmd, 2044 scsilun_to_int(&hdr->lun)); 2045 if (ret < 0) { 2046 se_tmr->response = ISCSI_TMF_RSP_NO_LUN; 2047 goto attach; 2048 } 2049 } 2050 2051 switch (function) { 2052 case ISCSI_TM_FUNC_ABORT_TASK: 2053 se_tmr->response = iscsit_tmr_abort_task(cmd, buf); 2054 if (se_tmr->response) 2055 goto attach; 2056 break; 2057 case ISCSI_TM_FUNC_ABORT_TASK_SET: 2058 case ISCSI_TM_FUNC_CLEAR_ACA: 2059 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 2060 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 2061 break; 2062 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 2063 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) { 2064 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 2065 goto attach; 2066 } 2067 break; 2068 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 2069 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) { 2070 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 2071 goto attach; 2072 } 2073 break; 2074 case ISCSI_TM_FUNC_TASK_REASSIGN: 2075 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf); 2076 /* 2077 * Perform sanity checks on the ExpDataSN only if the 2078 * TASK_REASSIGN was successful. 2079 */ 2080 if (se_tmr->response) 2081 break; 2082 2083 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0) 2084 return iscsit_add_reject_cmd(cmd, 2085 ISCSI_REASON_BOOKMARK_INVALID, buf); 2086 break; 2087 default: 2088 pr_err("Unknown TMR function: 0x%02x, protocol" 2089 " error.\n", function); 2090 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED; 2091 goto attach; 2092 } 2093 2094 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 2095 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE)) 2096 se_tmr->call_transport = 1; 2097 attach: 2098 spin_lock_bh(&conn->cmd_lock); 2099 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2100 spin_unlock_bh(&conn->cmd_lock); 2101 2102 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 2103 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 2104 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP) 2105 out_of_order_cmdsn = 1; 2106 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 2107 return 0; 2108 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2109 return -1; 2110 } 2111 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2112 2113 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE)) 2114 return 0; 2115 /* 2116 * Found the referenced task, send to transport for processing. 2117 */ 2118 if (se_tmr->call_transport) 2119 return transport_generic_handle_tmr(&cmd->se_cmd); 2120 2121 /* 2122 * Could not find the referenced LUN, task, or Task Management 2123 * command not authorized or supported. Change state and 2124 * let the tx_thread send the response. 2125 * 2126 * For connection recovery, this is also the default action for 2127 * TMR TASK_REASSIGN. 2128 */ 2129 if (sess_ref) { 2130 pr_debug("Handle TMR, using sess_ref=true check\n"); 2131 target_put_sess_cmd(&cmd->se_cmd); 2132 } 2133 2134 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2135 return 0; 2136 } 2137 EXPORT_SYMBOL(iscsit_handle_task_mgt_cmd); 2138 2139 /* #warning FIXME: Support Text Command parameters besides SendTargets */ 2140 int 2141 iscsit_setup_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2142 struct iscsi_text *hdr) 2143 { 2144 u32 payload_length = ntoh24(hdr->dlength); 2145 2146 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 2147 pr_err("Unable to accept text parameter length: %u" 2148 "greater than MaxXmitDataSegmentLength %u.\n", 2149 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 2150 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 2151 (unsigned char *)hdr); 2152 } 2153 2154 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL) || 2155 (hdr->flags & ISCSI_FLAG_TEXT_CONTINUE)) { 2156 pr_err("Multi sequence text commands currently not supported\n"); 2157 return iscsit_reject_cmd(cmd, ISCSI_REASON_CMD_NOT_SUPPORTED, 2158 (unsigned char *)hdr); 2159 } 2160 2161 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x," 2162 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn, 2163 hdr->exp_statsn, payload_length); 2164 2165 cmd->iscsi_opcode = ISCSI_OP_TEXT; 2166 cmd->i_state = ISTATE_SEND_TEXTRSP; 2167 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2168 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 2169 cmd->targ_xfer_tag = 0xFFFFFFFF; 2170 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2171 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2172 cmd->data_direction = DMA_NONE; 2173 kfree(cmd->text_in_ptr); 2174 cmd->text_in_ptr = NULL; 2175 2176 return 0; 2177 } 2178 EXPORT_SYMBOL(iscsit_setup_text_cmd); 2179 2180 int 2181 iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2182 struct iscsi_text *hdr) 2183 { 2184 unsigned char *text_in = cmd->text_in_ptr, *text_ptr; 2185 int cmdsn_ret; 2186 2187 if (!text_in) { 2188 cmd->targ_xfer_tag = be32_to_cpu(hdr->ttt); 2189 if (cmd->targ_xfer_tag == 0xFFFFFFFF) { 2190 pr_err("Unable to locate text_in buffer for sendtargets" 2191 " discovery\n"); 2192 goto reject; 2193 } 2194 goto empty_sendtargets; 2195 } 2196 if (strncmp("SendTargets", text_in, 11) != 0) { 2197 pr_err("Received Text Data that is not" 2198 " SendTargets, cannot continue.\n"); 2199 goto reject; 2200 } 2201 text_ptr = strchr(text_in, '='); 2202 if (!text_ptr) { 2203 pr_err("No \"=\" separator found in Text Data," 2204 " cannot continue.\n"); 2205 goto reject; 2206 } 2207 if (!strncmp("=All", text_ptr, 4)) { 2208 cmd->cmd_flags |= ICF_SENDTARGETS_ALL; 2209 } else if (!strncmp("=iqn.", text_ptr, 5) || 2210 !strncmp("=eui.", text_ptr, 5)) { 2211 cmd->cmd_flags |= ICF_SENDTARGETS_SINGLE; 2212 } else { 2213 pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr); 2214 goto reject; 2215 } 2216 2217 spin_lock_bh(&conn->cmd_lock); 2218 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2219 spin_unlock_bh(&conn->cmd_lock); 2220 2221 empty_sendtargets: 2222 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2223 2224 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 2225 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 2226 (unsigned char *)hdr, hdr->cmdsn); 2227 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2228 return -1; 2229 2230 return 0; 2231 } 2232 2233 return iscsit_execute_cmd(cmd, 0); 2234 2235 reject: 2236 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 2237 (unsigned char *)hdr); 2238 } 2239 EXPORT_SYMBOL(iscsit_process_text_cmd); 2240 2241 static int 2242 iscsit_handle_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2243 unsigned char *buf) 2244 { 2245 struct iscsi_text *hdr = (struct iscsi_text *)buf; 2246 char *text_in = NULL; 2247 u32 payload_length = ntoh24(hdr->dlength); 2248 int rx_size, rc; 2249 2250 rc = iscsit_setup_text_cmd(conn, cmd, hdr); 2251 if (rc < 0) 2252 return 0; 2253 2254 rx_size = payload_length; 2255 if (payload_length) { 2256 u32 checksum = 0, data_crc = 0; 2257 u32 padding = 0, pad_bytes = 0; 2258 int niov = 0, rx_got; 2259 struct kvec iov[3]; 2260 2261 text_in = kzalloc(payload_length, GFP_KERNEL); 2262 if (!text_in) 2263 goto reject; 2264 2265 cmd->text_in_ptr = text_in; 2266 2267 memset(iov, 0, 3 * sizeof(struct kvec)); 2268 iov[niov].iov_base = text_in; 2269 iov[niov++].iov_len = payload_length; 2270 2271 padding = ((-payload_length) & 3); 2272 if (padding != 0) { 2273 iov[niov].iov_base = &pad_bytes; 2274 iov[niov++].iov_len = padding; 2275 rx_size += padding; 2276 pr_debug("Receiving %u additional bytes" 2277 " for padding.\n", padding); 2278 } 2279 if (conn->conn_ops->DataDigest) { 2280 iov[niov].iov_base = &checksum; 2281 iov[niov++].iov_len = ISCSI_CRC_LEN; 2282 rx_size += ISCSI_CRC_LEN; 2283 } 2284 2285 rx_got = rx_data(conn, &iov[0], niov, rx_size); 2286 if (rx_got != rx_size) 2287 goto reject; 2288 2289 if (conn->conn_ops->DataDigest) { 2290 iscsit_do_crypto_hash_buf(conn->conn_rx_hash, 2291 text_in, payload_length, 2292 padding, (u8 *)&pad_bytes, 2293 (u8 *)&data_crc); 2294 2295 if (checksum != data_crc) { 2296 pr_err("Text data CRC32C DataDigest" 2297 " 0x%08x does not match computed" 2298 " 0x%08x\n", checksum, data_crc); 2299 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2300 pr_err("Unable to recover from" 2301 " Text Data digest failure while in" 2302 " ERL=0.\n"); 2303 goto reject; 2304 } else { 2305 /* 2306 * Silently drop this PDU and let the 2307 * initiator plug the CmdSN gap. 2308 */ 2309 pr_debug("Dropping Text" 2310 " Command CmdSN: 0x%08x due to" 2311 " DataCRC error.\n", hdr->cmdsn); 2312 kfree(text_in); 2313 return 0; 2314 } 2315 } else { 2316 pr_debug("Got CRC32C DataDigest" 2317 " 0x%08x for %u bytes of text data.\n", 2318 checksum, payload_length); 2319 } 2320 } 2321 text_in[payload_length - 1] = '\0'; 2322 pr_debug("Successfully read %d bytes of text" 2323 " data.\n", payload_length); 2324 } 2325 2326 return iscsit_process_text_cmd(conn, cmd, hdr); 2327 2328 reject: 2329 kfree(cmd->text_in_ptr); 2330 cmd->text_in_ptr = NULL; 2331 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 2332 } 2333 2334 int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2335 { 2336 struct iscsi_conn *conn_p; 2337 struct iscsi_session *sess = conn->sess; 2338 2339 pr_debug("Received logout request CLOSESESSION on CID: %hu" 2340 " for SID: %u.\n", conn->cid, conn->sess->sid); 2341 2342 atomic_set(&sess->session_logout, 1); 2343 atomic_set(&conn->conn_logout_remove, 1); 2344 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION; 2345 2346 iscsit_inc_conn_usage_count(conn); 2347 iscsit_inc_session_usage_count(sess); 2348 2349 spin_lock_bh(&sess->conn_lock); 2350 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) { 2351 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN) 2352 continue; 2353 2354 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2355 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2356 } 2357 spin_unlock_bh(&sess->conn_lock); 2358 2359 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2360 2361 return 0; 2362 } 2363 2364 int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2365 { 2366 struct iscsi_conn *l_conn; 2367 struct iscsi_session *sess = conn->sess; 2368 2369 pr_debug("Received logout request CLOSECONNECTION for CID:" 2370 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2371 2372 /* 2373 * A Logout Request with a CLOSECONNECTION reason code for a CID 2374 * can arrive on a connection with a differing CID. 2375 */ 2376 if (conn->cid == cmd->logout_cid) { 2377 spin_lock_bh(&conn->state_lock); 2378 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2379 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2380 2381 atomic_set(&conn->conn_logout_remove, 1); 2382 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION; 2383 iscsit_inc_conn_usage_count(conn); 2384 2385 spin_unlock_bh(&conn->state_lock); 2386 } else { 2387 /* 2388 * Handle all different cid CLOSECONNECTION requests in 2389 * iscsit_logout_post_handler_diffcid() as to give enough 2390 * time for any non immediate command's CmdSN to be 2391 * acknowledged on the connection in question. 2392 * 2393 * Here we simply make sure the CID is still around. 2394 */ 2395 l_conn = iscsit_get_conn_from_cid(sess, 2396 cmd->logout_cid); 2397 if (!l_conn) { 2398 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2399 iscsit_add_cmd_to_response_queue(cmd, conn, 2400 cmd->i_state); 2401 return 0; 2402 } 2403 2404 iscsit_dec_conn_usage_count(l_conn); 2405 } 2406 2407 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2408 2409 return 0; 2410 } 2411 2412 int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2413 { 2414 struct iscsi_session *sess = conn->sess; 2415 2416 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for" 2417 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2418 2419 if (sess->sess_ops->ErrorRecoveryLevel != 2) { 2420 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2421 " while ERL!=2.\n"); 2422 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED; 2423 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2424 return 0; 2425 } 2426 2427 if (conn->cid == cmd->logout_cid) { 2428 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2429 " with CID: %hu on CID: %hu, implementation error.\n", 2430 cmd->logout_cid, conn->cid); 2431 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED; 2432 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2433 return 0; 2434 } 2435 2436 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2437 2438 return 0; 2439 } 2440 2441 int 2442 iscsit_handle_logout_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2443 unsigned char *buf) 2444 { 2445 int cmdsn_ret, logout_remove = 0; 2446 u8 reason_code = 0; 2447 struct iscsi_logout *hdr; 2448 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn); 2449 2450 hdr = (struct iscsi_logout *) buf; 2451 reason_code = (hdr->flags & 0x7f); 2452 2453 if (tiqn) { 2454 spin_lock(&tiqn->logout_stats.lock); 2455 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) 2456 tiqn->logout_stats.normal_logouts++; 2457 else 2458 tiqn->logout_stats.abnormal_logouts++; 2459 spin_unlock(&tiqn->logout_stats.lock); 2460 } 2461 2462 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x" 2463 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n", 2464 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code, 2465 hdr->cid, conn->cid); 2466 2467 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) { 2468 pr_err("Received logout request on connection that" 2469 " is not in logged in state, ignoring request.\n"); 2470 iscsit_free_cmd(cmd, false); 2471 return 0; 2472 } 2473 2474 cmd->iscsi_opcode = ISCSI_OP_LOGOUT; 2475 cmd->i_state = ISTATE_SEND_LOGOUTRSP; 2476 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2477 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 2478 cmd->targ_xfer_tag = 0xFFFFFFFF; 2479 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2480 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2481 cmd->logout_cid = be16_to_cpu(hdr->cid); 2482 cmd->logout_reason = reason_code; 2483 cmd->data_direction = DMA_NONE; 2484 2485 /* 2486 * We need to sleep in these cases (by returning 1) until the Logout 2487 * Response gets sent in the tx thread. 2488 */ 2489 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) || 2490 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) && 2491 be16_to_cpu(hdr->cid) == conn->cid)) 2492 logout_remove = 1; 2493 2494 spin_lock_bh(&conn->cmd_lock); 2495 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2496 spin_unlock_bh(&conn->cmd_lock); 2497 2498 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY) 2499 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2500 2501 /* 2502 * Immediate commands are executed, well, immediately. 2503 * Non-Immediate Logout Commands are executed in CmdSN order. 2504 */ 2505 if (cmd->immediate_cmd) { 2506 int ret = iscsit_execute_cmd(cmd, 0); 2507 2508 if (ret < 0) 2509 return ret; 2510 } else { 2511 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 2512 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 2513 logout_remove = 0; 2514 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2515 return -1; 2516 } 2517 2518 return logout_remove; 2519 } 2520 EXPORT_SYMBOL(iscsit_handle_logout_cmd); 2521 2522 int iscsit_handle_snack( 2523 struct iscsi_conn *conn, 2524 unsigned char *buf) 2525 { 2526 struct iscsi_snack *hdr; 2527 2528 hdr = (struct iscsi_snack *) buf; 2529 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 2530 2531 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:" 2532 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x," 2533 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags, 2534 hdr->begrun, hdr->runlength, conn->cid); 2535 2536 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2537 pr_err("Initiator sent SNACK request while in" 2538 " ErrorRecoveryLevel=0.\n"); 2539 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2540 buf); 2541 } 2542 /* 2543 * SNACK_DATA and SNACK_R2T are both 0, so check which function to 2544 * call from inside iscsi_send_recovery_datain_or_r2t(). 2545 */ 2546 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) { 2547 case 0: 2548 return iscsit_handle_recovery_datain_or_r2t(conn, buf, 2549 hdr->itt, 2550 be32_to_cpu(hdr->ttt), 2551 be32_to_cpu(hdr->begrun), 2552 be32_to_cpu(hdr->runlength)); 2553 case ISCSI_FLAG_SNACK_TYPE_STATUS: 2554 return iscsit_handle_status_snack(conn, hdr->itt, 2555 be32_to_cpu(hdr->ttt), 2556 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength)); 2557 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK: 2558 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt), 2559 be32_to_cpu(hdr->begrun), 2560 be32_to_cpu(hdr->runlength)); 2561 case ISCSI_FLAG_SNACK_TYPE_RDATA: 2562 /* FIXME: Support R-Data SNACK */ 2563 pr_err("R-Data SNACK Not Supported.\n"); 2564 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2565 buf); 2566 default: 2567 pr_err("Unknown SNACK type 0x%02x, protocol" 2568 " error.\n", hdr->flags & 0x0f); 2569 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2570 buf); 2571 } 2572 2573 return 0; 2574 } 2575 EXPORT_SYMBOL(iscsit_handle_snack); 2576 2577 static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn) 2578 { 2579 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2580 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2581 wait_for_completion_interruptible_timeout( 2582 &conn->rx_half_close_comp, 2583 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ); 2584 } 2585 } 2586 2587 static int iscsit_handle_immediate_data( 2588 struct iscsi_cmd *cmd, 2589 struct iscsi_scsi_req *hdr, 2590 u32 length) 2591 { 2592 int iov_ret, rx_got = 0, rx_size = 0; 2593 u32 checksum, iov_count = 0, padding = 0; 2594 struct iscsi_conn *conn = cmd->conn; 2595 struct kvec *iov; 2596 2597 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length); 2598 if (iov_ret < 0) 2599 return IMMEDIATE_DATA_CANNOT_RECOVER; 2600 2601 rx_size = length; 2602 iov_count = iov_ret; 2603 iov = &cmd->iov_data[0]; 2604 2605 padding = ((-length) & 3); 2606 if (padding != 0) { 2607 iov[iov_count].iov_base = cmd->pad_bytes; 2608 iov[iov_count++].iov_len = padding; 2609 rx_size += padding; 2610 } 2611 2612 if (conn->conn_ops->DataDigest) { 2613 iov[iov_count].iov_base = &checksum; 2614 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2615 rx_size += ISCSI_CRC_LEN; 2616 } 2617 2618 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 2619 2620 iscsit_unmap_iovec(cmd); 2621 2622 if (rx_got != rx_size) { 2623 iscsit_rx_thread_wait_for_tcp(conn); 2624 return IMMEDIATE_DATA_CANNOT_RECOVER; 2625 } 2626 2627 if (conn->conn_ops->DataDigest) { 2628 u32 data_crc; 2629 2630 data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd, 2631 cmd->write_data_done, length, padding, 2632 cmd->pad_bytes); 2633 2634 if (checksum != data_crc) { 2635 pr_err("ImmediateData CRC32C DataDigest 0x%08x" 2636 " does not match computed 0x%08x\n", checksum, 2637 data_crc); 2638 2639 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2640 pr_err("Unable to recover from" 2641 " Immediate Data digest failure while" 2642 " in ERL=0.\n"); 2643 iscsit_reject_cmd(cmd, 2644 ISCSI_REASON_DATA_DIGEST_ERROR, 2645 (unsigned char *)hdr); 2646 return IMMEDIATE_DATA_CANNOT_RECOVER; 2647 } else { 2648 iscsit_reject_cmd(cmd, 2649 ISCSI_REASON_DATA_DIGEST_ERROR, 2650 (unsigned char *)hdr); 2651 return IMMEDIATE_DATA_ERL1_CRC_FAILURE; 2652 } 2653 } else { 2654 pr_debug("Got CRC32C DataDigest 0x%08x for" 2655 " %u bytes of Immediate Data\n", checksum, 2656 length); 2657 } 2658 } 2659 2660 cmd->write_data_done += length; 2661 2662 if (cmd->write_data_done == cmd->se_cmd.data_length) { 2663 spin_lock_bh(&cmd->istate_lock); 2664 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 2665 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 2666 spin_unlock_bh(&cmd->istate_lock); 2667 } 2668 2669 return IMMEDIATE_DATA_NORMAL_OPERATION; 2670 } 2671 2672 /* 2673 * Called with sess->conn_lock held. 2674 */ 2675 /* #warning iscsi_build_conn_drop_async_message() only sends out on connections 2676 with active network interface */ 2677 static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn) 2678 { 2679 struct iscsi_cmd *cmd; 2680 struct iscsi_conn *conn_p; 2681 bool found = false; 2682 2683 /* 2684 * Only send a Asynchronous Message on connections whos network 2685 * interface is still functional. 2686 */ 2687 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) { 2688 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) { 2689 iscsit_inc_conn_usage_count(conn_p); 2690 found = true; 2691 break; 2692 } 2693 } 2694 2695 if (!found) 2696 return; 2697 2698 cmd = iscsit_allocate_cmd(conn_p, TASK_RUNNING); 2699 if (!cmd) { 2700 iscsit_dec_conn_usage_count(conn_p); 2701 return; 2702 } 2703 2704 cmd->logout_cid = conn->cid; 2705 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2706 cmd->i_state = ISTATE_SEND_ASYNCMSG; 2707 2708 spin_lock_bh(&conn_p->cmd_lock); 2709 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list); 2710 spin_unlock_bh(&conn_p->cmd_lock); 2711 2712 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state); 2713 iscsit_dec_conn_usage_count(conn_p); 2714 } 2715 2716 static int iscsit_send_conn_drop_async_message( 2717 struct iscsi_cmd *cmd, 2718 struct iscsi_conn *conn) 2719 { 2720 struct iscsi_async *hdr; 2721 2722 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2723 2724 hdr = (struct iscsi_async *) cmd->pdu; 2725 hdr->opcode = ISCSI_OP_ASYNC_EVENT; 2726 hdr->flags = ISCSI_FLAG_CMD_FINAL; 2727 cmd->init_task_tag = RESERVED_ITT; 2728 cmd->targ_xfer_tag = 0xFFFFFFFF; 2729 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]); 2730 cmd->stat_sn = conn->stat_sn++; 2731 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2732 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2733 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2734 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION; 2735 hdr->param1 = cpu_to_be16(cmd->logout_cid); 2736 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait); 2737 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain); 2738 2739 pr_debug("Sending Connection Dropped Async Message StatSN:" 2740 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn, 2741 cmd->logout_cid, conn->cid); 2742 2743 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0); 2744 } 2745 2746 static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn) 2747 { 2748 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2749 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2750 wait_for_completion_interruptible_timeout( 2751 &conn->tx_half_close_comp, 2752 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ); 2753 } 2754 } 2755 2756 void 2757 iscsit_build_datain_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2758 struct iscsi_datain *datain, struct iscsi_data_rsp *hdr, 2759 bool set_statsn) 2760 { 2761 hdr->opcode = ISCSI_OP_SCSI_DATA_IN; 2762 hdr->flags = datain->flags; 2763 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) { 2764 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 2765 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW; 2766 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2767 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 2768 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW; 2769 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2770 } 2771 } 2772 hton24(hdr->dlength, datain->length); 2773 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2774 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 2775 (struct scsi_lun *)&hdr->lun); 2776 else 2777 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2778 2779 hdr->itt = cmd->init_task_tag; 2780 2781 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2782 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2783 else 2784 hdr->ttt = cpu_to_be32(0xFFFFFFFF); 2785 if (set_statsn) 2786 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2787 else 2788 hdr->statsn = cpu_to_be32(0xFFFFFFFF); 2789 2790 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2791 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2792 hdr->datasn = cpu_to_be32(datain->data_sn); 2793 hdr->offset = cpu_to_be32(datain->offset); 2794 2795 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x," 2796 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 2797 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn), 2798 ntohl(hdr->offset), datain->length, conn->cid); 2799 } 2800 EXPORT_SYMBOL(iscsit_build_datain_pdu); 2801 2802 static int iscsit_send_datain(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2803 { 2804 struct iscsi_data_rsp *hdr = (struct iscsi_data_rsp *)&cmd->pdu[0]; 2805 struct iscsi_datain datain; 2806 struct iscsi_datain_req *dr; 2807 int eodr = 0, ret; 2808 bool set_statsn = false; 2809 2810 memset(&datain, 0, sizeof(struct iscsi_datain)); 2811 dr = iscsit_get_datain_values(cmd, &datain); 2812 if (!dr) { 2813 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n", 2814 cmd->init_task_tag); 2815 return -1; 2816 } 2817 /* 2818 * Be paranoid and double check the logic for now. 2819 */ 2820 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) { 2821 pr_err("Command ITT: 0x%08x, datain.offset: %u and" 2822 " datain.length: %u exceeds cmd->data_length: %u\n", 2823 cmd->init_task_tag, datain.offset, datain.length, 2824 cmd->se_cmd.data_length); 2825 return -1; 2826 } 2827 2828 atomic_long_add(datain.length, &conn->sess->tx_data_octets); 2829 /* 2830 * Special case for successfully execution w/ both DATAIN 2831 * and Sense Data. 2832 */ 2833 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) && 2834 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE)) 2835 datain.flags &= ~ISCSI_FLAG_DATA_STATUS; 2836 else { 2837 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) || 2838 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) { 2839 iscsit_increment_maxcmdsn(cmd, conn->sess); 2840 cmd->stat_sn = conn->stat_sn++; 2841 set_statsn = true; 2842 } else if (dr->dr_complete == 2843 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY) 2844 set_statsn = true; 2845 } 2846 2847 iscsit_build_datain_pdu(cmd, conn, &datain, hdr, set_statsn); 2848 2849 ret = conn->conn_transport->iscsit_xmit_pdu(conn, cmd, dr, &datain, 0); 2850 if (ret < 0) 2851 return ret; 2852 2853 if (dr->dr_complete) { 2854 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ? 2855 2 : 1; 2856 iscsit_free_datain_req(cmd, dr); 2857 } 2858 2859 return eodr; 2860 } 2861 2862 int 2863 iscsit_build_logout_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2864 struct iscsi_logout_rsp *hdr) 2865 { 2866 struct iscsi_conn *logout_conn = NULL; 2867 struct iscsi_conn_recovery *cr = NULL; 2868 struct iscsi_session *sess = conn->sess; 2869 /* 2870 * The actual shutting down of Sessions and/or Connections 2871 * for CLOSESESSION and CLOSECONNECTION Logout Requests 2872 * is done in scsi_logout_post_handler(). 2873 */ 2874 switch (cmd->logout_reason) { 2875 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 2876 pr_debug("iSCSI session logout successful, setting" 2877 " logout response to ISCSI_LOGOUT_SUCCESS.\n"); 2878 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2879 break; 2880 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 2881 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND) 2882 break; 2883 /* 2884 * For CLOSECONNECTION logout requests carrying 2885 * a matching logout CID -> local CID, the reference 2886 * for the local CID will have been incremented in 2887 * iscsi_logout_closeconnection(). 2888 * 2889 * For CLOSECONNECTION logout requests carrying 2890 * a different CID than the connection it arrived 2891 * on, the connection responding to cmd->logout_cid 2892 * is stopped in iscsit_logout_post_handler_diffcid(). 2893 */ 2894 2895 pr_debug("iSCSI CID: %hu logout on CID: %hu" 2896 " successful.\n", cmd->logout_cid, conn->cid); 2897 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2898 break; 2899 case ISCSI_LOGOUT_REASON_RECOVERY: 2900 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) || 2901 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED)) 2902 break; 2903 /* 2904 * If the connection is still active from our point of view 2905 * force connection recovery to occur. 2906 */ 2907 logout_conn = iscsit_get_conn_from_cid_rcfr(sess, 2908 cmd->logout_cid); 2909 if (logout_conn) { 2910 iscsit_connection_reinstatement_rcfr(logout_conn); 2911 iscsit_dec_conn_usage_count(logout_conn); 2912 } 2913 2914 cr = iscsit_get_inactive_connection_recovery_entry( 2915 conn->sess, cmd->logout_cid); 2916 if (!cr) { 2917 pr_err("Unable to locate CID: %hu for" 2918 " REMOVECONNFORRECOVERY Logout Request.\n", 2919 cmd->logout_cid); 2920 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2921 break; 2922 } 2923 2924 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn); 2925 2926 pr_debug("iSCSI REMOVECONNFORRECOVERY logout" 2927 " for recovery for CID: %hu on CID: %hu successful.\n", 2928 cmd->logout_cid, conn->cid); 2929 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2930 break; 2931 default: 2932 pr_err("Unknown cmd->logout_reason: 0x%02x\n", 2933 cmd->logout_reason); 2934 return -1; 2935 } 2936 2937 hdr->opcode = ISCSI_OP_LOGOUT_RSP; 2938 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2939 hdr->response = cmd->logout_response; 2940 hdr->itt = cmd->init_task_tag; 2941 cmd->stat_sn = conn->stat_sn++; 2942 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2943 2944 iscsit_increment_maxcmdsn(cmd, conn->sess); 2945 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2946 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2947 2948 pr_debug("Built Logout Response ITT: 0x%08x StatSN:" 2949 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n", 2950 cmd->init_task_tag, cmd->stat_sn, hdr->response, 2951 cmd->logout_cid, conn->cid); 2952 2953 return 0; 2954 } 2955 EXPORT_SYMBOL(iscsit_build_logout_rsp); 2956 2957 static int 2958 iscsit_send_logout(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2959 { 2960 int rc; 2961 2962 rc = iscsit_build_logout_rsp(cmd, conn, 2963 (struct iscsi_logout_rsp *)&cmd->pdu[0]); 2964 if (rc < 0) 2965 return rc; 2966 2967 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0); 2968 } 2969 2970 void 2971 iscsit_build_nopin_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2972 struct iscsi_nopin *hdr, bool nopout_response) 2973 { 2974 hdr->opcode = ISCSI_OP_NOOP_IN; 2975 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2976 hton24(hdr->dlength, cmd->buf_ptr_size); 2977 if (nopout_response) 2978 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2979 hdr->itt = cmd->init_task_tag; 2980 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2981 cmd->stat_sn = (nopout_response) ? conn->stat_sn++ : 2982 conn->stat_sn; 2983 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2984 2985 if (nopout_response) 2986 iscsit_increment_maxcmdsn(cmd, conn->sess); 2987 2988 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2989 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 2990 2991 pr_debug("Built NOPIN %s Response ITT: 0x%08x, TTT: 0x%08x," 2992 " StatSN: 0x%08x, Length %u\n", (nopout_response) ? 2993 "Solicited" : "Unsolicited", cmd->init_task_tag, 2994 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size); 2995 } 2996 EXPORT_SYMBOL(iscsit_build_nopin_rsp); 2997 2998 /* 2999 * Unsolicited NOPIN, either requesting a response or not. 3000 */ 3001 static int iscsit_send_unsolicited_nopin( 3002 struct iscsi_cmd *cmd, 3003 struct iscsi_conn *conn, 3004 int want_response) 3005 { 3006 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 3007 int ret; 3008 3009 iscsit_build_nopin_rsp(cmd, conn, hdr, false); 3010 3011 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:" 3012 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid); 3013 3014 ret = conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0); 3015 if (ret < 0) 3016 return ret; 3017 3018 spin_lock_bh(&cmd->istate_lock); 3019 cmd->i_state = want_response ? 3020 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS; 3021 spin_unlock_bh(&cmd->istate_lock); 3022 3023 return 0; 3024 } 3025 3026 static int 3027 iscsit_send_nopin(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3028 { 3029 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 3030 3031 iscsit_build_nopin_rsp(cmd, conn, hdr, true); 3032 3033 /* 3034 * NOPOUT Ping Data is attached to struct iscsi_cmd->buf_ptr. 3035 * NOPOUT DataSegmentLength is at struct iscsi_cmd->buf_ptr_size. 3036 */ 3037 pr_debug("Echoing back %u bytes of ping data.\n", cmd->buf_ptr_size); 3038 3039 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, 3040 cmd->buf_ptr, 3041 cmd->buf_ptr_size); 3042 } 3043 3044 static int iscsit_send_r2t( 3045 struct iscsi_cmd *cmd, 3046 struct iscsi_conn *conn) 3047 { 3048 struct iscsi_r2t *r2t; 3049 struct iscsi_r2t_rsp *hdr; 3050 int ret; 3051 3052 r2t = iscsit_get_r2t_from_list(cmd); 3053 if (!r2t) 3054 return -1; 3055 3056 hdr = (struct iscsi_r2t_rsp *) cmd->pdu; 3057 memset(hdr, 0, ISCSI_HDR_LEN); 3058 hdr->opcode = ISCSI_OP_R2T; 3059 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3060 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 3061 (struct scsi_lun *)&hdr->lun); 3062 hdr->itt = cmd->init_task_tag; 3063 if (conn->conn_transport->iscsit_get_r2t_ttt) 3064 conn->conn_transport->iscsit_get_r2t_ttt(conn, cmd, r2t); 3065 else 3066 r2t->targ_xfer_tag = session_get_next_ttt(conn->sess); 3067 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag); 3068 hdr->statsn = cpu_to_be32(conn->stat_sn); 3069 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3070 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3071 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn); 3072 hdr->data_offset = cpu_to_be32(r2t->offset); 3073 hdr->data_length = cpu_to_be32(r2t->xfer_len); 3074 3075 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:" 3076 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n", 3077 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag, 3078 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn, 3079 r2t->offset, r2t->xfer_len, conn->cid); 3080 3081 spin_lock_bh(&cmd->r2t_lock); 3082 r2t->sent_r2t = 1; 3083 spin_unlock_bh(&cmd->r2t_lock); 3084 3085 ret = conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0); 3086 if (ret < 0) { 3087 return ret; 3088 } 3089 3090 spin_lock_bh(&cmd->dataout_timeout_lock); 3091 iscsit_start_dataout_timer(cmd, conn); 3092 spin_unlock_bh(&cmd->dataout_timeout_lock); 3093 3094 return 0; 3095 } 3096 3097 /* 3098 * @recovery: If called from iscsi_task_reassign_complete_write() for 3099 * connection recovery. 3100 */ 3101 int iscsit_build_r2ts_for_cmd( 3102 struct iscsi_conn *conn, 3103 struct iscsi_cmd *cmd, 3104 bool recovery) 3105 { 3106 int first_r2t = 1; 3107 u32 offset = 0, xfer_len = 0; 3108 3109 spin_lock_bh(&cmd->r2t_lock); 3110 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) { 3111 spin_unlock_bh(&cmd->r2t_lock); 3112 return 0; 3113 } 3114 3115 if (conn->sess->sess_ops->DataSequenceInOrder && 3116 !recovery) 3117 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done); 3118 3119 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) { 3120 if (conn->sess->sess_ops->DataSequenceInOrder) { 3121 offset = cmd->r2t_offset; 3122 3123 if (first_r2t && recovery) { 3124 int new_data_end = offset + 3125 conn->sess->sess_ops->MaxBurstLength - 3126 cmd->next_burst_len; 3127 3128 if (new_data_end > cmd->se_cmd.data_length) 3129 xfer_len = cmd->se_cmd.data_length - offset; 3130 else 3131 xfer_len = 3132 conn->sess->sess_ops->MaxBurstLength - 3133 cmd->next_burst_len; 3134 } else { 3135 int new_data_end = offset + 3136 conn->sess->sess_ops->MaxBurstLength; 3137 3138 if (new_data_end > cmd->se_cmd.data_length) 3139 xfer_len = cmd->se_cmd.data_length - offset; 3140 else 3141 xfer_len = conn->sess->sess_ops->MaxBurstLength; 3142 } 3143 cmd->r2t_offset += xfer_len; 3144 3145 if (cmd->r2t_offset == cmd->se_cmd.data_length) 3146 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3147 } else { 3148 struct iscsi_seq *seq; 3149 3150 seq = iscsit_get_seq_holder_for_r2t(cmd); 3151 if (!seq) { 3152 spin_unlock_bh(&cmd->r2t_lock); 3153 return -1; 3154 } 3155 3156 offset = seq->offset; 3157 xfer_len = seq->xfer_len; 3158 3159 if (cmd->seq_send_order == cmd->seq_count) 3160 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3161 } 3162 cmd->outstanding_r2ts++; 3163 first_r2t = 0; 3164 3165 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) { 3166 spin_unlock_bh(&cmd->r2t_lock); 3167 return -1; 3168 } 3169 3170 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) 3171 break; 3172 } 3173 spin_unlock_bh(&cmd->r2t_lock); 3174 3175 return 0; 3176 } 3177 EXPORT_SYMBOL(iscsit_build_r2ts_for_cmd); 3178 3179 void iscsit_build_rsp_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3180 bool inc_stat_sn, struct iscsi_scsi_rsp *hdr) 3181 { 3182 if (inc_stat_sn) 3183 cmd->stat_sn = conn->stat_sn++; 3184 3185 atomic_long_inc(&conn->sess->rsp_pdus); 3186 3187 memset(hdr, 0, ISCSI_HDR_LEN); 3188 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP; 3189 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3190 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 3191 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW; 3192 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3193 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 3194 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW; 3195 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3196 } 3197 hdr->response = cmd->iscsi_response; 3198 hdr->cmd_status = cmd->se_cmd.scsi_status; 3199 hdr->itt = cmd->init_task_tag; 3200 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3201 3202 iscsit_increment_maxcmdsn(cmd, conn->sess); 3203 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3204 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3205 3206 pr_debug("Built SCSI Response, ITT: 0x%08x, StatSN: 0x%08x," 3207 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n", 3208 cmd->init_task_tag, cmd->stat_sn, cmd->se_cmd.scsi_status, 3209 cmd->se_cmd.scsi_status, conn->cid); 3210 } 3211 EXPORT_SYMBOL(iscsit_build_rsp_pdu); 3212 3213 static int iscsit_send_response(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3214 { 3215 struct iscsi_scsi_rsp *hdr = (struct iscsi_scsi_rsp *)&cmd->pdu[0]; 3216 bool inc_stat_sn = (cmd->i_state == ISTATE_SEND_STATUS); 3217 void *data_buf = NULL; 3218 u32 padding = 0, data_buf_len = 0; 3219 3220 iscsit_build_rsp_pdu(cmd, conn, inc_stat_sn, hdr); 3221 3222 /* 3223 * Attach SENSE DATA payload to iSCSI Response PDU 3224 */ 3225 if (cmd->se_cmd.sense_buffer && 3226 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) || 3227 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) { 3228 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer); 3229 cmd->se_cmd.scsi_sense_length += sizeof (__be16); 3230 3231 padding = -(cmd->se_cmd.scsi_sense_length) & 3; 3232 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length); 3233 data_buf = cmd->sense_buffer; 3234 data_buf_len = cmd->se_cmd.scsi_sense_length + padding; 3235 3236 if (padding) { 3237 memset(cmd->sense_buffer + 3238 cmd->se_cmd.scsi_sense_length, 0, padding); 3239 pr_debug("Adding %u bytes of padding to" 3240 " SENSE.\n", padding); 3241 } 3242 3243 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI" 3244 " Response PDU\n", 3245 cmd->se_cmd.scsi_sense_length); 3246 } 3247 3248 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, data_buf, 3249 data_buf_len); 3250 } 3251 3252 static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr) 3253 { 3254 switch (se_tmr->response) { 3255 case TMR_FUNCTION_COMPLETE: 3256 return ISCSI_TMF_RSP_COMPLETE; 3257 case TMR_TASK_DOES_NOT_EXIST: 3258 return ISCSI_TMF_RSP_NO_TASK; 3259 case TMR_LUN_DOES_NOT_EXIST: 3260 return ISCSI_TMF_RSP_NO_LUN; 3261 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED: 3262 return ISCSI_TMF_RSP_NOT_SUPPORTED; 3263 case TMR_FUNCTION_REJECTED: 3264 default: 3265 return ISCSI_TMF_RSP_REJECTED; 3266 } 3267 } 3268 3269 void 3270 iscsit_build_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3271 struct iscsi_tm_rsp *hdr) 3272 { 3273 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req; 3274 3275 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP; 3276 hdr->flags = ISCSI_FLAG_CMD_FINAL; 3277 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr); 3278 hdr->itt = cmd->init_task_tag; 3279 cmd->stat_sn = conn->stat_sn++; 3280 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3281 3282 iscsit_increment_maxcmdsn(cmd, conn->sess); 3283 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3284 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3285 3286 pr_debug("Built Task Management Response ITT: 0x%08x," 3287 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n", 3288 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid); 3289 } 3290 EXPORT_SYMBOL(iscsit_build_task_mgt_rsp); 3291 3292 static int 3293 iscsit_send_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3294 { 3295 struct iscsi_tm_rsp *hdr = (struct iscsi_tm_rsp *)&cmd->pdu[0]; 3296 3297 iscsit_build_task_mgt_rsp(cmd, conn, hdr); 3298 3299 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0); 3300 } 3301 3302 static bool iscsit_check_inaddr_any(struct iscsi_np *np) 3303 { 3304 bool ret = false; 3305 3306 if (np->np_sockaddr.ss_family == AF_INET6) { 3307 const struct sockaddr_in6 sin6 = { 3308 .sin6_addr = IN6ADDR_ANY_INIT }; 3309 struct sockaddr_in6 *sock_in6 = 3310 (struct sockaddr_in6 *)&np->np_sockaddr; 3311 3312 if (!memcmp(sock_in6->sin6_addr.s6_addr, 3313 sin6.sin6_addr.s6_addr, 16)) 3314 ret = true; 3315 } else { 3316 struct sockaddr_in * sock_in = 3317 (struct sockaddr_in *)&np->np_sockaddr; 3318 3319 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY)) 3320 ret = true; 3321 } 3322 3323 return ret; 3324 } 3325 3326 #define SENDTARGETS_BUF_LIMIT 32768U 3327 3328 static int 3329 iscsit_build_sendtargets_response(struct iscsi_cmd *cmd, 3330 enum iscsit_transport_type network_transport, 3331 int skip_bytes, bool *completed) 3332 { 3333 char *payload = NULL; 3334 struct iscsi_conn *conn = cmd->conn; 3335 struct iscsi_portal_group *tpg; 3336 struct iscsi_tiqn *tiqn; 3337 struct iscsi_tpg_np *tpg_np; 3338 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0; 3339 int target_name_printed; 3340 unsigned char buf[ISCSI_IQN_LEN+12]; /* iqn + "TargetName=" + \0 */ 3341 unsigned char *text_in = cmd->text_in_ptr, *text_ptr = NULL; 3342 bool active; 3343 3344 buffer_len = min(conn->conn_ops->MaxRecvDataSegmentLength, 3345 SENDTARGETS_BUF_LIMIT); 3346 3347 payload = kzalloc(buffer_len, GFP_KERNEL); 3348 if (!payload) 3349 return -ENOMEM; 3350 3351 /* 3352 * Locate pointer to iqn./eui. string for ICF_SENDTARGETS_SINGLE 3353 * explicit case.. 3354 */ 3355 if (cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) { 3356 text_ptr = strchr(text_in, '='); 3357 if (!text_ptr) { 3358 pr_err("Unable to locate '=' string in text_in:" 3359 " %s\n", text_in); 3360 kfree(payload); 3361 return -EINVAL; 3362 } 3363 /* 3364 * Skip over '=' character.. 3365 */ 3366 text_ptr += 1; 3367 } 3368 3369 spin_lock(&tiqn_lock); 3370 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 3371 if ((cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) && 3372 strcmp(tiqn->tiqn, text_ptr)) { 3373 continue; 3374 } 3375 3376 target_name_printed = 0; 3377 3378 spin_lock(&tiqn->tiqn_tpg_lock); 3379 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) { 3380 3381 /* If demo_mode_discovery=0 and generate_node_acls=0 3382 * (demo mode dislabed) do not return 3383 * TargetName+TargetAddress unless a NodeACL exists. 3384 */ 3385 3386 if ((tpg->tpg_attrib.generate_node_acls == 0) && 3387 (tpg->tpg_attrib.demo_mode_discovery == 0) && 3388 (!target_tpg_has_node_acl(&tpg->tpg_se_tpg, 3389 cmd->conn->sess->sess_ops->InitiatorName))) { 3390 continue; 3391 } 3392 3393 spin_lock(&tpg->tpg_state_lock); 3394 active = (tpg->tpg_state == TPG_STATE_ACTIVE); 3395 spin_unlock(&tpg->tpg_state_lock); 3396 3397 if (!active && tpg->tpg_attrib.tpg_enabled_sendtargets) 3398 continue; 3399 3400 spin_lock(&tpg->tpg_np_lock); 3401 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list, 3402 tpg_np_list) { 3403 struct iscsi_np *np = tpg_np->tpg_np; 3404 bool inaddr_any = iscsit_check_inaddr_any(np); 3405 struct sockaddr_storage *sockaddr; 3406 3407 if (np->np_network_transport != network_transport) 3408 continue; 3409 3410 if (!target_name_printed) { 3411 len = sprintf(buf, "TargetName=%s", 3412 tiqn->tiqn); 3413 len += 1; 3414 3415 if ((len + payload_len) > buffer_len) { 3416 spin_unlock(&tpg->tpg_np_lock); 3417 spin_unlock(&tiqn->tiqn_tpg_lock); 3418 end_of_buf = 1; 3419 goto eob; 3420 } 3421 3422 if (skip_bytes && len <= skip_bytes) { 3423 skip_bytes -= len; 3424 } else { 3425 memcpy(payload + payload_len, buf, len); 3426 payload_len += len; 3427 target_name_printed = 1; 3428 if (len > skip_bytes) 3429 skip_bytes = 0; 3430 } 3431 } 3432 3433 if (inaddr_any) 3434 sockaddr = &conn->local_sockaddr; 3435 else 3436 sockaddr = &np->np_sockaddr; 3437 3438 len = sprintf(buf, "TargetAddress=" 3439 "%pISpc,%hu", 3440 sockaddr, 3441 tpg->tpgt); 3442 len += 1; 3443 3444 if ((len + payload_len) > buffer_len) { 3445 spin_unlock(&tpg->tpg_np_lock); 3446 spin_unlock(&tiqn->tiqn_tpg_lock); 3447 end_of_buf = 1; 3448 goto eob; 3449 } 3450 3451 if (skip_bytes && len <= skip_bytes) { 3452 skip_bytes -= len; 3453 } else { 3454 memcpy(payload + payload_len, buf, len); 3455 payload_len += len; 3456 if (len > skip_bytes) 3457 skip_bytes = 0; 3458 } 3459 } 3460 spin_unlock(&tpg->tpg_np_lock); 3461 } 3462 spin_unlock(&tiqn->tiqn_tpg_lock); 3463 eob: 3464 if (end_of_buf) { 3465 *completed = false; 3466 break; 3467 } 3468 3469 if (cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) 3470 break; 3471 } 3472 spin_unlock(&tiqn_lock); 3473 3474 cmd->buf_ptr = payload; 3475 3476 return payload_len; 3477 } 3478 3479 int 3480 iscsit_build_text_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3481 struct iscsi_text_rsp *hdr, 3482 enum iscsit_transport_type network_transport) 3483 { 3484 int text_length, padding; 3485 bool completed = true; 3486 3487 text_length = iscsit_build_sendtargets_response(cmd, network_transport, 3488 cmd->read_data_done, 3489 &completed); 3490 if (text_length < 0) 3491 return text_length; 3492 3493 if (completed) { 3494 hdr->flags = ISCSI_FLAG_CMD_FINAL; 3495 } else { 3496 hdr->flags = ISCSI_FLAG_TEXT_CONTINUE; 3497 cmd->read_data_done += text_length; 3498 if (cmd->targ_xfer_tag == 0xFFFFFFFF) 3499 cmd->targ_xfer_tag = session_get_next_ttt(conn->sess); 3500 } 3501 hdr->opcode = ISCSI_OP_TEXT_RSP; 3502 padding = ((-text_length) & 3); 3503 hton24(hdr->dlength, text_length); 3504 hdr->itt = cmd->init_task_tag; 3505 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 3506 cmd->stat_sn = conn->stat_sn++; 3507 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3508 3509 iscsit_increment_maxcmdsn(cmd, conn->sess); 3510 /* 3511 * Reset maxcmdsn_inc in multi-part text payload exchanges to 3512 * correctly increment MaxCmdSN for each response answering a 3513 * non immediate text request with a valid CmdSN. 3514 */ 3515 cmd->maxcmdsn_inc = 0; 3516 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3517 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3518 3519 pr_debug("Built Text Response: ITT: 0x%08x, TTT: 0x%08x, StatSN: 0x%08x," 3520 " Length: %u, CID: %hu F: %d C: %d\n", cmd->init_task_tag, 3521 cmd->targ_xfer_tag, cmd->stat_sn, text_length, conn->cid, 3522 !!(hdr->flags & ISCSI_FLAG_CMD_FINAL), 3523 !!(hdr->flags & ISCSI_FLAG_TEXT_CONTINUE)); 3524 3525 return text_length + padding; 3526 } 3527 EXPORT_SYMBOL(iscsit_build_text_rsp); 3528 3529 static int iscsit_send_text_rsp( 3530 struct iscsi_cmd *cmd, 3531 struct iscsi_conn *conn) 3532 { 3533 struct iscsi_text_rsp *hdr = (struct iscsi_text_rsp *)cmd->pdu; 3534 int text_length; 3535 3536 text_length = iscsit_build_text_rsp(cmd, conn, hdr, 3537 conn->conn_transport->transport_type); 3538 if (text_length < 0) 3539 return text_length; 3540 3541 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, 3542 cmd->buf_ptr, 3543 text_length); 3544 } 3545 3546 void 3547 iscsit_build_reject(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3548 struct iscsi_reject *hdr) 3549 { 3550 hdr->opcode = ISCSI_OP_REJECT; 3551 hdr->reason = cmd->reject_reason; 3552 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3553 hton24(hdr->dlength, ISCSI_HDR_LEN); 3554 hdr->ffffffff = cpu_to_be32(0xffffffff); 3555 cmd->stat_sn = conn->stat_sn++; 3556 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3557 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3558 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 3559 3560 } 3561 EXPORT_SYMBOL(iscsit_build_reject); 3562 3563 static int iscsit_send_reject( 3564 struct iscsi_cmd *cmd, 3565 struct iscsi_conn *conn) 3566 { 3567 struct iscsi_reject *hdr = (struct iscsi_reject *)&cmd->pdu[0]; 3568 3569 iscsit_build_reject(cmd, conn, hdr); 3570 3571 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x," 3572 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid); 3573 3574 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, 3575 cmd->buf_ptr, 3576 ISCSI_HDR_LEN); 3577 } 3578 3579 void iscsit_thread_get_cpumask(struct iscsi_conn *conn) 3580 { 3581 int ord, cpu; 3582 /* 3583 * bitmap_id is assigned from iscsit_global->ts_bitmap from 3584 * within iscsit_start_kthreads() 3585 * 3586 * Here we use bitmap_id to determine which CPU that this 3587 * iSCSI connection's RX/TX threads will be scheduled to 3588 * execute upon. 3589 */ 3590 ord = conn->bitmap_id % cpumask_weight(cpu_online_mask); 3591 for_each_online_cpu(cpu) { 3592 if (ord-- == 0) { 3593 cpumask_set_cpu(cpu, conn->conn_cpumask); 3594 return; 3595 } 3596 } 3597 /* 3598 * This should never be reached.. 3599 */ 3600 dump_stack(); 3601 cpumask_setall(conn->conn_cpumask); 3602 } 3603 3604 int 3605 iscsit_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3606 { 3607 int ret; 3608 3609 switch (state) { 3610 case ISTATE_SEND_R2T: 3611 ret = iscsit_send_r2t(cmd, conn); 3612 if (ret < 0) 3613 goto err; 3614 break; 3615 case ISTATE_REMOVE: 3616 spin_lock_bh(&conn->cmd_lock); 3617 list_del_init(&cmd->i_conn_node); 3618 spin_unlock_bh(&conn->cmd_lock); 3619 3620 iscsit_free_cmd(cmd, false); 3621 break; 3622 case ISTATE_SEND_NOPIN_WANT_RESPONSE: 3623 iscsit_mod_nopin_response_timer(conn); 3624 ret = iscsit_send_unsolicited_nopin(cmd, conn, 1); 3625 if (ret < 0) 3626 goto err; 3627 break; 3628 case ISTATE_SEND_NOPIN_NO_RESPONSE: 3629 ret = iscsit_send_unsolicited_nopin(cmd, conn, 0); 3630 if (ret < 0) 3631 goto err; 3632 break; 3633 default: 3634 pr_err("Unknown Opcode: 0x%02x ITT:" 3635 " 0x%08x, i_state: %d on CID: %hu\n", 3636 cmd->iscsi_opcode, cmd->init_task_tag, state, 3637 conn->cid); 3638 goto err; 3639 } 3640 3641 return 0; 3642 3643 err: 3644 return -1; 3645 } 3646 EXPORT_SYMBOL(iscsit_immediate_queue); 3647 3648 static int 3649 iscsit_handle_immediate_queue(struct iscsi_conn *conn) 3650 { 3651 struct iscsit_transport *t = conn->conn_transport; 3652 struct iscsi_queue_req *qr; 3653 struct iscsi_cmd *cmd; 3654 u8 state; 3655 int ret; 3656 3657 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) { 3658 atomic_set(&conn->check_immediate_queue, 0); 3659 cmd = qr->cmd; 3660 state = qr->state; 3661 kmem_cache_free(lio_qr_cache, qr); 3662 3663 ret = t->iscsit_immediate_queue(conn, cmd, state); 3664 if (ret < 0) 3665 return ret; 3666 } 3667 3668 return 0; 3669 } 3670 3671 int 3672 iscsit_response_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3673 { 3674 int ret; 3675 3676 check_rsp_state: 3677 switch (state) { 3678 case ISTATE_SEND_DATAIN: 3679 ret = iscsit_send_datain(cmd, conn); 3680 if (ret < 0) 3681 goto err; 3682 else if (!ret) 3683 /* more drs */ 3684 goto check_rsp_state; 3685 else if (ret == 1) { 3686 /* all done */ 3687 spin_lock_bh(&cmd->istate_lock); 3688 cmd->i_state = ISTATE_SENT_STATUS; 3689 spin_unlock_bh(&cmd->istate_lock); 3690 3691 if (atomic_read(&conn->check_immediate_queue)) 3692 return 1; 3693 3694 return 0; 3695 } else if (ret == 2) { 3696 /* Still must send status, 3697 SCF_TRANSPORT_TASK_SENSE was set */ 3698 spin_lock_bh(&cmd->istate_lock); 3699 cmd->i_state = ISTATE_SEND_STATUS; 3700 spin_unlock_bh(&cmd->istate_lock); 3701 state = ISTATE_SEND_STATUS; 3702 goto check_rsp_state; 3703 } 3704 3705 break; 3706 case ISTATE_SEND_STATUS: 3707 case ISTATE_SEND_STATUS_RECOVERY: 3708 ret = iscsit_send_response(cmd, conn); 3709 break; 3710 case ISTATE_SEND_LOGOUTRSP: 3711 ret = iscsit_send_logout(cmd, conn); 3712 break; 3713 case ISTATE_SEND_ASYNCMSG: 3714 ret = iscsit_send_conn_drop_async_message( 3715 cmd, conn); 3716 break; 3717 case ISTATE_SEND_NOPIN: 3718 ret = iscsit_send_nopin(cmd, conn); 3719 break; 3720 case ISTATE_SEND_REJECT: 3721 ret = iscsit_send_reject(cmd, conn); 3722 break; 3723 case ISTATE_SEND_TASKMGTRSP: 3724 ret = iscsit_send_task_mgt_rsp(cmd, conn); 3725 if (ret != 0) 3726 break; 3727 ret = iscsit_tmr_post_handler(cmd, conn); 3728 if (ret != 0) 3729 iscsit_fall_back_to_erl0(conn->sess); 3730 break; 3731 case ISTATE_SEND_TEXTRSP: 3732 ret = iscsit_send_text_rsp(cmd, conn); 3733 break; 3734 default: 3735 pr_err("Unknown Opcode: 0x%02x ITT:" 3736 " 0x%08x, i_state: %d on CID: %hu\n", 3737 cmd->iscsi_opcode, cmd->init_task_tag, 3738 state, conn->cid); 3739 goto err; 3740 } 3741 if (ret < 0) 3742 goto err; 3743 3744 switch (state) { 3745 case ISTATE_SEND_LOGOUTRSP: 3746 if (!iscsit_logout_post_handler(cmd, conn)) 3747 return -ECONNRESET; 3748 /* fall through */ 3749 case ISTATE_SEND_STATUS: 3750 case ISTATE_SEND_ASYNCMSG: 3751 case ISTATE_SEND_NOPIN: 3752 case ISTATE_SEND_STATUS_RECOVERY: 3753 case ISTATE_SEND_TEXTRSP: 3754 case ISTATE_SEND_TASKMGTRSP: 3755 case ISTATE_SEND_REJECT: 3756 spin_lock_bh(&cmd->istate_lock); 3757 cmd->i_state = ISTATE_SENT_STATUS; 3758 spin_unlock_bh(&cmd->istate_lock); 3759 break; 3760 default: 3761 pr_err("Unknown Opcode: 0x%02x ITT:" 3762 " 0x%08x, i_state: %d on CID: %hu\n", 3763 cmd->iscsi_opcode, cmd->init_task_tag, 3764 cmd->i_state, conn->cid); 3765 goto err; 3766 } 3767 3768 if (atomic_read(&conn->check_immediate_queue)) 3769 return 1; 3770 3771 return 0; 3772 3773 err: 3774 return -1; 3775 } 3776 EXPORT_SYMBOL(iscsit_response_queue); 3777 3778 static int iscsit_handle_response_queue(struct iscsi_conn *conn) 3779 { 3780 struct iscsit_transport *t = conn->conn_transport; 3781 struct iscsi_queue_req *qr; 3782 struct iscsi_cmd *cmd; 3783 u8 state; 3784 int ret; 3785 3786 while ((qr = iscsit_get_cmd_from_response_queue(conn))) { 3787 cmd = qr->cmd; 3788 state = qr->state; 3789 kmem_cache_free(lio_qr_cache, qr); 3790 3791 ret = t->iscsit_response_queue(conn, cmd, state); 3792 if (ret == 1 || ret < 0) 3793 return ret; 3794 } 3795 3796 return 0; 3797 } 3798 3799 int iscsi_target_tx_thread(void *arg) 3800 { 3801 int ret = 0; 3802 struct iscsi_conn *conn = arg; 3803 bool conn_freed = false; 3804 3805 /* 3806 * Allow ourselves to be interrupted by SIGINT so that a 3807 * connection recovery / failure event can be triggered externally. 3808 */ 3809 allow_signal(SIGINT); 3810 3811 while (!kthread_should_stop()) { 3812 /* 3813 * Ensure that both TX and RX per connection kthreads 3814 * are scheduled to run on the same CPU. 3815 */ 3816 iscsit_thread_check_cpumask(conn, current, 1); 3817 3818 wait_event_interruptible(conn->queues_wq, 3819 !iscsit_conn_all_queues_empty(conn)); 3820 3821 if (signal_pending(current)) 3822 goto transport_err; 3823 3824 get_immediate: 3825 ret = iscsit_handle_immediate_queue(conn); 3826 if (ret < 0) 3827 goto transport_err; 3828 3829 ret = iscsit_handle_response_queue(conn); 3830 if (ret == 1) { 3831 goto get_immediate; 3832 } else if (ret == -ECONNRESET) { 3833 conn_freed = true; 3834 goto out; 3835 } else if (ret < 0) { 3836 goto transport_err; 3837 } 3838 } 3839 3840 transport_err: 3841 /* 3842 * Avoid the normal connection failure code-path if this connection 3843 * is still within LOGIN mode, and iscsi_np process context is 3844 * responsible for cleaning up the early connection failure. 3845 */ 3846 if (conn->conn_state != TARG_CONN_STATE_IN_LOGIN) 3847 iscsit_take_action_for_connection_exit(conn, &conn_freed); 3848 out: 3849 if (!conn_freed) { 3850 while (!kthread_should_stop()) { 3851 msleep(100); 3852 } 3853 } 3854 return 0; 3855 } 3856 3857 static int iscsi_target_rx_opcode(struct iscsi_conn *conn, unsigned char *buf) 3858 { 3859 struct iscsi_hdr *hdr = (struct iscsi_hdr *)buf; 3860 struct iscsi_cmd *cmd; 3861 int ret = 0; 3862 3863 switch (hdr->opcode & ISCSI_OPCODE_MASK) { 3864 case ISCSI_OP_SCSI_CMD: 3865 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 3866 if (!cmd) 3867 goto reject; 3868 3869 ret = iscsit_handle_scsi_cmd(conn, cmd, buf); 3870 break; 3871 case ISCSI_OP_SCSI_DATA_OUT: 3872 ret = iscsit_handle_data_out(conn, buf); 3873 break; 3874 case ISCSI_OP_NOOP_OUT: 3875 cmd = NULL; 3876 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 3877 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 3878 if (!cmd) 3879 goto reject; 3880 } 3881 ret = iscsit_handle_nop_out(conn, cmd, buf); 3882 break; 3883 case ISCSI_OP_SCSI_TMFUNC: 3884 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 3885 if (!cmd) 3886 goto reject; 3887 3888 ret = iscsit_handle_task_mgt_cmd(conn, cmd, buf); 3889 break; 3890 case ISCSI_OP_TEXT: 3891 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 3892 cmd = iscsit_find_cmd_from_itt(conn, hdr->itt); 3893 if (!cmd) 3894 goto reject; 3895 } else { 3896 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 3897 if (!cmd) 3898 goto reject; 3899 } 3900 3901 ret = iscsit_handle_text_cmd(conn, cmd, buf); 3902 break; 3903 case ISCSI_OP_LOGOUT: 3904 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE); 3905 if (!cmd) 3906 goto reject; 3907 3908 ret = iscsit_handle_logout_cmd(conn, cmd, buf); 3909 if (ret > 0) 3910 wait_for_completion_timeout(&conn->conn_logout_comp, 3911 SECONDS_FOR_LOGOUT_COMP * HZ); 3912 break; 3913 case ISCSI_OP_SNACK: 3914 ret = iscsit_handle_snack(conn, buf); 3915 break; 3916 default: 3917 pr_err("Got unknown iSCSI OpCode: 0x%02x\n", hdr->opcode); 3918 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 3919 pr_err("Cannot recover from unknown" 3920 " opcode while ERL=0, closing iSCSI connection.\n"); 3921 return -1; 3922 } 3923 pr_err("Unable to recover from unknown opcode while OFMarker=No," 3924 " closing iSCSI connection.\n"); 3925 ret = -1; 3926 break; 3927 } 3928 3929 return ret; 3930 reject: 3931 return iscsit_add_reject(conn, ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 3932 } 3933 3934 static bool iscsi_target_check_conn_state(struct iscsi_conn *conn) 3935 { 3936 bool ret; 3937 3938 spin_lock_bh(&conn->state_lock); 3939 ret = (conn->conn_state != TARG_CONN_STATE_LOGGED_IN); 3940 spin_unlock_bh(&conn->state_lock); 3941 3942 return ret; 3943 } 3944 3945 static void iscsit_get_rx_pdu(struct iscsi_conn *conn) 3946 { 3947 int ret; 3948 u8 buffer[ISCSI_HDR_LEN], opcode; 3949 u32 checksum = 0, digest = 0; 3950 struct kvec iov; 3951 3952 while (!kthread_should_stop()) { 3953 /* 3954 * Ensure that both TX and RX per connection kthreads 3955 * are scheduled to run on the same CPU. 3956 */ 3957 iscsit_thread_check_cpumask(conn, current, 0); 3958 3959 memset(buffer, 0, ISCSI_HDR_LEN); 3960 memset(&iov, 0, sizeof(struct kvec)); 3961 3962 iov.iov_base = buffer; 3963 iov.iov_len = ISCSI_HDR_LEN; 3964 3965 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN); 3966 if (ret != ISCSI_HDR_LEN) { 3967 iscsit_rx_thread_wait_for_tcp(conn); 3968 return; 3969 } 3970 3971 if (conn->conn_ops->HeaderDigest) { 3972 iov.iov_base = &digest; 3973 iov.iov_len = ISCSI_CRC_LEN; 3974 3975 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN); 3976 if (ret != ISCSI_CRC_LEN) { 3977 iscsit_rx_thread_wait_for_tcp(conn); 3978 return; 3979 } 3980 3981 iscsit_do_crypto_hash_buf(conn->conn_rx_hash, 3982 buffer, ISCSI_HDR_LEN, 3983 0, NULL, (u8 *)&checksum); 3984 3985 if (digest != checksum) { 3986 pr_err("HeaderDigest CRC32C failed," 3987 " received 0x%08x, computed 0x%08x\n", 3988 digest, checksum); 3989 /* 3990 * Set the PDU to 0xff so it will intentionally 3991 * hit default in the switch below. 3992 */ 3993 memset(buffer, 0xff, ISCSI_HDR_LEN); 3994 atomic_long_inc(&conn->sess->conn_digest_errors); 3995 } else { 3996 pr_debug("Got HeaderDigest CRC32C" 3997 " 0x%08x\n", checksum); 3998 } 3999 } 4000 4001 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT) 4002 return; 4003 4004 opcode = buffer[0] & ISCSI_OPCODE_MASK; 4005 4006 if (conn->sess->sess_ops->SessionType && 4007 ((!(opcode & ISCSI_OP_TEXT)) || 4008 (!(opcode & ISCSI_OP_LOGOUT)))) { 4009 pr_err("Received illegal iSCSI Opcode: 0x%02x" 4010 " while in Discovery Session, rejecting.\n", opcode); 4011 iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 4012 buffer); 4013 return; 4014 } 4015 4016 ret = iscsi_target_rx_opcode(conn, buffer); 4017 if (ret < 0) 4018 return; 4019 } 4020 } 4021 4022 int iscsi_target_rx_thread(void *arg) 4023 { 4024 int rc; 4025 struct iscsi_conn *conn = arg; 4026 bool conn_freed = false; 4027 4028 /* 4029 * Allow ourselves to be interrupted by SIGINT so that a 4030 * connection recovery / failure event can be triggered externally. 4031 */ 4032 allow_signal(SIGINT); 4033 /* 4034 * Wait for iscsi_post_login_handler() to complete before allowing 4035 * incoming iscsi/tcp socket I/O, and/or failing the connection. 4036 */ 4037 rc = wait_for_completion_interruptible(&conn->rx_login_comp); 4038 if (rc < 0 || iscsi_target_check_conn_state(conn)) 4039 goto out; 4040 4041 if (!conn->conn_transport->iscsit_get_rx_pdu) 4042 return 0; 4043 4044 conn->conn_transport->iscsit_get_rx_pdu(conn); 4045 4046 if (!signal_pending(current)) 4047 atomic_set(&conn->transport_failed, 1); 4048 iscsit_take_action_for_connection_exit(conn, &conn_freed); 4049 4050 out: 4051 if (!conn_freed) { 4052 while (!kthread_should_stop()) { 4053 msleep(100); 4054 } 4055 } 4056 4057 return 0; 4058 } 4059 4060 static void iscsit_release_commands_from_conn(struct iscsi_conn *conn) 4061 { 4062 LIST_HEAD(tmp_list); 4063 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL; 4064 struct iscsi_session *sess = conn->sess; 4065 /* 4066 * We expect this function to only ever be called from either RX or TX 4067 * thread context via iscsit_close_connection() once the other context 4068 * has been reset -> returned sleeping pre-handler state. 4069 */ 4070 spin_lock_bh(&conn->cmd_lock); 4071 list_splice_init(&conn->conn_cmd_list, &tmp_list); 4072 4073 list_for_each_entry(cmd, &tmp_list, i_conn_node) { 4074 struct se_cmd *se_cmd = &cmd->se_cmd; 4075 4076 if (se_cmd->se_tfo != NULL) { 4077 spin_lock(&se_cmd->t_state_lock); 4078 se_cmd->transport_state |= CMD_T_FABRIC_STOP; 4079 spin_unlock(&se_cmd->t_state_lock); 4080 } 4081 } 4082 spin_unlock_bh(&conn->cmd_lock); 4083 4084 list_for_each_entry_safe(cmd, cmd_tmp, &tmp_list, i_conn_node) { 4085 list_del_init(&cmd->i_conn_node); 4086 4087 iscsit_increment_maxcmdsn(cmd, sess); 4088 iscsit_free_cmd(cmd, true); 4089 4090 } 4091 } 4092 4093 static void iscsit_stop_timers_for_cmds( 4094 struct iscsi_conn *conn) 4095 { 4096 struct iscsi_cmd *cmd; 4097 4098 spin_lock_bh(&conn->cmd_lock); 4099 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) { 4100 if (cmd->data_direction == DMA_TO_DEVICE) 4101 iscsit_stop_dataout_timer(cmd); 4102 } 4103 spin_unlock_bh(&conn->cmd_lock); 4104 } 4105 4106 int iscsit_close_connection( 4107 struct iscsi_conn *conn) 4108 { 4109 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT); 4110 struct iscsi_session *sess = conn->sess; 4111 4112 pr_debug("Closing iSCSI connection CID %hu on SID:" 4113 " %u\n", conn->cid, sess->sid); 4114 /* 4115 * Always up conn_logout_comp for the traditional TCP and HW_OFFLOAD 4116 * case just in case the RX Thread in iscsi_target_rx_opcode() is 4117 * sleeping and the logout response never got sent because the 4118 * connection failed. 4119 * 4120 * However for iser-target, isert_wait4logout() is using conn_logout_comp 4121 * to signal logout response TX interrupt completion. Go ahead and skip 4122 * this for iser since isert_rx_opcode() does not wait on logout failure, 4123 * and to avoid iscsi_conn pointer dereference in iser-target code. 4124 */ 4125 if (!conn->conn_transport->rdma_shutdown) 4126 complete(&conn->conn_logout_comp); 4127 4128 if (!strcmp(current->comm, ISCSI_RX_THREAD_NAME)) { 4129 if (conn->tx_thread && 4130 cmpxchg(&conn->tx_thread_active, true, false)) { 4131 send_sig(SIGINT, conn->tx_thread, 1); 4132 kthread_stop(conn->tx_thread); 4133 } 4134 } else if (!strcmp(current->comm, ISCSI_TX_THREAD_NAME)) { 4135 if (conn->rx_thread && 4136 cmpxchg(&conn->rx_thread_active, true, false)) { 4137 send_sig(SIGINT, conn->rx_thread, 1); 4138 kthread_stop(conn->rx_thread); 4139 } 4140 } 4141 4142 spin_lock(&iscsit_global->ts_bitmap_lock); 4143 bitmap_release_region(iscsit_global->ts_bitmap, conn->bitmap_id, 4144 get_order(1)); 4145 spin_unlock(&iscsit_global->ts_bitmap_lock); 4146 4147 iscsit_stop_timers_for_cmds(conn); 4148 iscsit_stop_nopin_response_timer(conn); 4149 iscsit_stop_nopin_timer(conn); 4150 4151 if (conn->conn_transport->iscsit_wait_conn) 4152 conn->conn_transport->iscsit_wait_conn(conn); 4153 4154 /* 4155 * During Connection recovery drop unacknowledged out of order 4156 * commands for this connection, and prepare the other commands 4157 * for reallegiance. 4158 * 4159 * During normal operation clear the out of order commands (but 4160 * do not free the struct iscsi_ooo_cmdsn's) and release all 4161 * struct iscsi_cmds. 4162 */ 4163 if (atomic_read(&conn->connection_recovery)) { 4164 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn); 4165 iscsit_prepare_cmds_for_reallegiance(conn); 4166 } else { 4167 iscsit_clear_ooo_cmdsns_for_conn(conn); 4168 iscsit_release_commands_from_conn(conn); 4169 } 4170 iscsit_free_queue_reqs_for_conn(conn); 4171 4172 /* 4173 * Handle decrementing session or connection usage count if 4174 * a logout response was not able to be sent because the 4175 * connection failed. Fall back to Session Recovery here. 4176 */ 4177 if (atomic_read(&conn->conn_logout_remove)) { 4178 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) { 4179 iscsit_dec_conn_usage_count(conn); 4180 iscsit_dec_session_usage_count(sess); 4181 } 4182 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) 4183 iscsit_dec_conn_usage_count(conn); 4184 4185 atomic_set(&conn->conn_logout_remove, 0); 4186 atomic_set(&sess->session_reinstatement, 0); 4187 atomic_set(&sess->session_fall_back_to_erl0, 1); 4188 } 4189 4190 spin_lock_bh(&sess->conn_lock); 4191 list_del(&conn->conn_list); 4192 4193 /* 4194 * Attempt to let the Initiator know this connection failed by 4195 * sending an Connection Dropped Async Message on another 4196 * active connection. 4197 */ 4198 if (atomic_read(&conn->connection_recovery)) 4199 iscsit_build_conn_drop_async_message(conn); 4200 4201 spin_unlock_bh(&sess->conn_lock); 4202 4203 /* 4204 * If connection reinstatement is being performed on this connection, 4205 * up the connection reinstatement semaphore that is being blocked on 4206 * in iscsit_cause_connection_reinstatement(). 4207 */ 4208 spin_lock_bh(&conn->state_lock); 4209 if (atomic_read(&conn->sleep_on_conn_wait_comp)) { 4210 spin_unlock_bh(&conn->state_lock); 4211 complete(&conn->conn_wait_comp); 4212 wait_for_completion(&conn->conn_post_wait_comp); 4213 spin_lock_bh(&conn->state_lock); 4214 } 4215 4216 /* 4217 * If connection reinstatement is being performed on this connection 4218 * by receiving a REMOVECONNFORRECOVERY logout request, up the 4219 * connection wait rcfr semaphore that is being blocked on 4220 * an iscsit_connection_reinstatement_rcfr(). 4221 */ 4222 if (atomic_read(&conn->connection_wait_rcfr)) { 4223 spin_unlock_bh(&conn->state_lock); 4224 complete(&conn->conn_wait_rcfr_comp); 4225 wait_for_completion(&conn->conn_post_wait_comp); 4226 spin_lock_bh(&conn->state_lock); 4227 } 4228 atomic_set(&conn->connection_reinstatement, 1); 4229 spin_unlock_bh(&conn->state_lock); 4230 4231 /* 4232 * If any other processes are accessing this connection pointer we 4233 * must wait until they have completed. 4234 */ 4235 iscsit_check_conn_usage_count(conn); 4236 4237 ahash_request_free(conn->conn_tx_hash); 4238 if (conn->conn_rx_hash) { 4239 struct crypto_ahash *tfm; 4240 4241 tfm = crypto_ahash_reqtfm(conn->conn_rx_hash); 4242 ahash_request_free(conn->conn_rx_hash); 4243 crypto_free_ahash(tfm); 4244 } 4245 4246 free_cpumask_var(conn->conn_cpumask); 4247 4248 kfree(conn->conn_ops); 4249 conn->conn_ops = NULL; 4250 4251 if (conn->sock) 4252 sock_release(conn->sock); 4253 4254 if (conn->conn_transport->iscsit_free_conn) 4255 conn->conn_transport->iscsit_free_conn(conn); 4256 4257 iscsit_put_transport(conn->conn_transport); 4258 4259 pr_debug("Moving to TARG_CONN_STATE_FREE.\n"); 4260 conn->conn_state = TARG_CONN_STATE_FREE; 4261 kfree(conn); 4262 4263 spin_lock_bh(&sess->conn_lock); 4264 atomic_dec(&sess->nconn); 4265 pr_debug("Decremented iSCSI connection count to %hu from node:" 4266 " %s\n", atomic_read(&sess->nconn), 4267 sess->sess_ops->InitiatorName); 4268 /* 4269 * Make sure that if one connection fails in an non ERL=2 iSCSI 4270 * Session that they all fail. 4271 */ 4272 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout && 4273 !atomic_read(&sess->session_logout)) 4274 atomic_set(&sess->session_fall_back_to_erl0, 1); 4275 4276 /* 4277 * If this was not the last connection in the session, and we are 4278 * performing session reinstatement or falling back to ERL=0, call 4279 * iscsit_stop_session() without sleeping to shutdown the other 4280 * active connections. 4281 */ 4282 if (atomic_read(&sess->nconn)) { 4283 if (!atomic_read(&sess->session_reinstatement) && 4284 !atomic_read(&sess->session_fall_back_to_erl0)) { 4285 spin_unlock_bh(&sess->conn_lock); 4286 return 0; 4287 } 4288 if (!atomic_read(&sess->session_stop_active)) { 4289 atomic_set(&sess->session_stop_active, 1); 4290 spin_unlock_bh(&sess->conn_lock); 4291 iscsit_stop_session(sess, 0, 0); 4292 return 0; 4293 } 4294 spin_unlock_bh(&sess->conn_lock); 4295 return 0; 4296 } 4297 4298 /* 4299 * If this was the last connection in the session and one of the 4300 * following is occurring: 4301 * 4302 * Session Reinstatement is not being performed, and are falling back 4303 * to ERL=0 call iscsit_close_session(). 4304 * 4305 * Session Logout was requested. iscsit_close_session() will be called 4306 * elsewhere. 4307 * 4308 * Session Continuation is not being performed, start the Time2Retain 4309 * handler and check if sleep_on_sess_wait_sem is active. 4310 */ 4311 if (!atomic_read(&sess->session_reinstatement) && 4312 atomic_read(&sess->session_fall_back_to_erl0)) { 4313 spin_unlock_bh(&sess->conn_lock); 4314 iscsit_close_session(sess); 4315 4316 return 0; 4317 } else if (atomic_read(&sess->session_logout)) { 4318 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4319 sess->session_state = TARG_SESS_STATE_FREE; 4320 spin_unlock_bh(&sess->conn_lock); 4321 4322 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4323 complete(&sess->session_wait_comp); 4324 4325 return 0; 4326 } else { 4327 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4328 sess->session_state = TARG_SESS_STATE_FAILED; 4329 4330 if (!atomic_read(&sess->session_continuation)) { 4331 spin_unlock_bh(&sess->conn_lock); 4332 iscsit_start_time2retain_handler(sess); 4333 } else 4334 spin_unlock_bh(&sess->conn_lock); 4335 4336 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4337 complete(&sess->session_wait_comp); 4338 4339 return 0; 4340 } 4341 } 4342 4343 /* 4344 * If the iSCSI Session for the iSCSI Initiator Node exists, 4345 * forcefully shutdown the iSCSI NEXUS. 4346 */ 4347 int iscsit_close_session(struct iscsi_session *sess) 4348 { 4349 struct iscsi_portal_group *tpg = sess->tpg; 4350 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4351 4352 if (atomic_read(&sess->nconn)) { 4353 pr_err("%d connection(s) still exist for iSCSI session" 4354 " to %s\n", atomic_read(&sess->nconn), 4355 sess->sess_ops->InitiatorName); 4356 BUG(); 4357 } 4358 4359 spin_lock_bh(&se_tpg->session_lock); 4360 atomic_set(&sess->session_logout, 1); 4361 atomic_set(&sess->session_reinstatement, 1); 4362 iscsit_stop_time2retain_timer(sess); 4363 spin_unlock_bh(&se_tpg->session_lock); 4364 4365 /* 4366 * transport_deregister_session_configfs() will clear the 4367 * struct se_node_acl->nacl_sess pointer now as a iscsi_np process context 4368 * can be setting it again with __transport_register_session() in 4369 * iscsi_post_login_handler() again after the iscsit_stop_session() 4370 * completes in iscsi_np context. 4371 */ 4372 transport_deregister_session_configfs(sess->se_sess); 4373 4374 /* 4375 * If any other processes are accessing this session pointer we must 4376 * wait until they have completed. If we are in an interrupt (the 4377 * time2retain handler) and contain and active session usage count we 4378 * restart the timer and exit. 4379 */ 4380 if (!in_interrupt()) { 4381 if (iscsit_check_session_usage_count(sess) == 1) 4382 iscsit_stop_session(sess, 1, 1); 4383 } else { 4384 if (iscsit_check_session_usage_count(sess) == 2) { 4385 atomic_set(&sess->session_logout, 0); 4386 iscsit_start_time2retain_handler(sess); 4387 return 0; 4388 } 4389 } 4390 4391 transport_deregister_session(sess->se_sess); 4392 4393 if (sess->sess_ops->ErrorRecoveryLevel == 2) 4394 iscsit_free_connection_recovery_entires(sess); 4395 4396 iscsit_free_all_ooo_cmdsns(sess); 4397 4398 spin_lock_bh(&se_tpg->session_lock); 4399 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4400 sess->session_state = TARG_SESS_STATE_FREE; 4401 pr_debug("Released iSCSI session from node: %s\n", 4402 sess->sess_ops->InitiatorName); 4403 tpg->nsessions--; 4404 if (tpg->tpg_tiqn) 4405 tpg->tpg_tiqn->tiqn_nsessions--; 4406 4407 pr_debug("Decremented number of active iSCSI Sessions on" 4408 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions); 4409 4410 spin_lock(&sess_idr_lock); 4411 idr_remove(&sess_idr, sess->session_index); 4412 spin_unlock(&sess_idr_lock); 4413 4414 kfree(sess->sess_ops); 4415 sess->sess_ops = NULL; 4416 spin_unlock_bh(&se_tpg->session_lock); 4417 4418 kfree(sess); 4419 return 0; 4420 } 4421 4422 static void iscsit_logout_post_handler_closesession( 4423 struct iscsi_conn *conn) 4424 { 4425 struct iscsi_session *sess = conn->sess; 4426 int sleep = 1; 4427 /* 4428 * Traditional iscsi/tcp will invoke this logic from TX thread 4429 * context during session logout, so clear tx_thread_active and 4430 * sleep if iscsit_close_connection() has not already occured. 4431 * 4432 * Since iser-target invokes this logic from it's own workqueue, 4433 * always sleep waiting for RX/TX thread shutdown to complete 4434 * within iscsit_close_connection(). 4435 */ 4436 if (!conn->conn_transport->rdma_shutdown) { 4437 sleep = cmpxchg(&conn->tx_thread_active, true, false); 4438 if (!sleep) 4439 return; 4440 } 4441 4442 atomic_set(&conn->conn_logout_remove, 0); 4443 complete(&conn->conn_logout_comp); 4444 4445 iscsit_dec_conn_usage_count(conn); 4446 iscsit_stop_session(sess, sleep, sleep); 4447 iscsit_dec_session_usage_count(sess); 4448 iscsit_close_session(sess); 4449 } 4450 4451 static void iscsit_logout_post_handler_samecid( 4452 struct iscsi_conn *conn) 4453 { 4454 int sleep = 1; 4455 4456 if (!conn->conn_transport->rdma_shutdown) { 4457 sleep = cmpxchg(&conn->tx_thread_active, true, false); 4458 if (!sleep) 4459 return; 4460 } 4461 4462 atomic_set(&conn->conn_logout_remove, 0); 4463 complete(&conn->conn_logout_comp); 4464 4465 iscsit_cause_connection_reinstatement(conn, sleep); 4466 iscsit_dec_conn_usage_count(conn); 4467 } 4468 4469 static void iscsit_logout_post_handler_diffcid( 4470 struct iscsi_conn *conn, 4471 u16 cid) 4472 { 4473 struct iscsi_conn *l_conn; 4474 struct iscsi_session *sess = conn->sess; 4475 bool conn_found = false; 4476 4477 if (!sess) 4478 return; 4479 4480 spin_lock_bh(&sess->conn_lock); 4481 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) { 4482 if (l_conn->cid == cid) { 4483 iscsit_inc_conn_usage_count(l_conn); 4484 conn_found = true; 4485 break; 4486 } 4487 } 4488 spin_unlock_bh(&sess->conn_lock); 4489 4490 if (!conn_found) 4491 return; 4492 4493 if (l_conn->sock) 4494 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN); 4495 4496 spin_lock_bh(&l_conn->state_lock); 4497 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 4498 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 4499 spin_unlock_bh(&l_conn->state_lock); 4500 4501 iscsit_cause_connection_reinstatement(l_conn, 1); 4502 iscsit_dec_conn_usage_count(l_conn); 4503 } 4504 4505 /* 4506 * Return of 0 causes the TX thread to restart. 4507 */ 4508 int iscsit_logout_post_handler( 4509 struct iscsi_cmd *cmd, 4510 struct iscsi_conn *conn) 4511 { 4512 int ret = 0; 4513 4514 switch (cmd->logout_reason) { 4515 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 4516 switch (cmd->logout_response) { 4517 case ISCSI_LOGOUT_SUCCESS: 4518 case ISCSI_LOGOUT_CLEANUP_FAILED: 4519 default: 4520 iscsit_logout_post_handler_closesession(conn); 4521 break; 4522 } 4523 ret = 0; 4524 break; 4525 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 4526 if (conn->cid == cmd->logout_cid) { 4527 switch (cmd->logout_response) { 4528 case ISCSI_LOGOUT_SUCCESS: 4529 case ISCSI_LOGOUT_CLEANUP_FAILED: 4530 default: 4531 iscsit_logout_post_handler_samecid(conn); 4532 break; 4533 } 4534 ret = 0; 4535 } else { 4536 switch (cmd->logout_response) { 4537 case ISCSI_LOGOUT_SUCCESS: 4538 iscsit_logout_post_handler_diffcid(conn, 4539 cmd->logout_cid); 4540 break; 4541 case ISCSI_LOGOUT_CID_NOT_FOUND: 4542 case ISCSI_LOGOUT_CLEANUP_FAILED: 4543 default: 4544 break; 4545 } 4546 ret = 1; 4547 } 4548 break; 4549 case ISCSI_LOGOUT_REASON_RECOVERY: 4550 switch (cmd->logout_response) { 4551 case ISCSI_LOGOUT_SUCCESS: 4552 case ISCSI_LOGOUT_CID_NOT_FOUND: 4553 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED: 4554 case ISCSI_LOGOUT_CLEANUP_FAILED: 4555 default: 4556 break; 4557 } 4558 ret = 1; 4559 break; 4560 default: 4561 break; 4562 4563 } 4564 return ret; 4565 } 4566 EXPORT_SYMBOL(iscsit_logout_post_handler); 4567 4568 void iscsit_fail_session(struct iscsi_session *sess) 4569 { 4570 struct iscsi_conn *conn; 4571 4572 spin_lock_bh(&sess->conn_lock); 4573 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) { 4574 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n"); 4575 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT; 4576 } 4577 spin_unlock_bh(&sess->conn_lock); 4578 4579 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4580 sess->session_state = TARG_SESS_STATE_FAILED; 4581 } 4582 4583 int iscsit_free_session(struct iscsi_session *sess) 4584 { 4585 u16 conn_count = atomic_read(&sess->nconn); 4586 struct iscsi_conn *conn, *conn_tmp = NULL; 4587 int is_last; 4588 4589 spin_lock_bh(&sess->conn_lock); 4590 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4591 4592 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4593 conn_list) { 4594 if (conn_count == 0) 4595 break; 4596 4597 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4598 is_last = 1; 4599 } else { 4600 iscsit_inc_conn_usage_count(conn_tmp); 4601 is_last = 0; 4602 } 4603 iscsit_inc_conn_usage_count(conn); 4604 4605 spin_unlock_bh(&sess->conn_lock); 4606 iscsit_cause_connection_reinstatement(conn, 1); 4607 spin_lock_bh(&sess->conn_lock); 4608 4609 iscsit_dec_conn_usage_count(conn); 4610 if (is_last == 0) 4611 iscsit_dec_conn_usage_count(conn_tmp); 4612 4613 conn_count--; 4614 } 4615 4616 if (atomic_read(&sess->nconn)) { 4617 spin_unlock_bh(&sess->conn_lock); 4618 wait_for_completion(&sess->session_wait_comp); 4619 } else 4620 spin_unlock_bh(&sess->conn_lock); 4621 4622 iscsit_close_session(sess); 4623 return 0; 4624 } 4625 4626 void iscsit_stop_session( 4627 struct iscsi_session *sess, 4628 int session_sleep, 4629 int connection_sleep) 4630 { 4631 u16 conn_count = atomic_read(&sess->nconn); 4632 struct iscsi_conn *conn, *conn_tmp = NULL; 4633 int is_last; 4634 4635 spin_lock_bh(&sess->conn_lock); 4636 if (session_sleep) 4637 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4638 4639 if (connection_sleep) { 4640 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4641 conn_list) { 4642 if (conn_count == 0) 4643 break; 4644 4645 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4646 is_last = 1; 4647 } else { 4648 iscsit_inc_conn_usage_count(conn_tmp); 4649 is_last = 0; 4650 } 4651 iscsit_inc_conn_usage_count(conn); 4652 4653 spin_unlock_bh(&sess->conn_lock); 4654 iscsit_cause_connection_reinstatement(conn, 1); 4655 spin_lock_bh(&sess->conn_lock); 4656 4657 iscsit_dec_conn_usage_count(conn); 4658 if (is_last == 0) 4659 iscsit_dec_conn_usage_count(conn_tmp); 4660 conn_count--; 4661 } 4662 } else { 4663 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) 4664 iscsit_cause_connection_reinstatement(conn, 0); 4665 } 4666 4667 if (session_sleep && atomic_read(&sess->nconn)) { 4668 spin_unlock_bh(&sess->conn_lock); 4669 wait_for_completion(&sess->session_wait_comp); 4670 } else 4671 spin_unlock_bh(&sess->conn_lock); 4672 } 4673 4674 int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force) 4675 { 4676 struct iscsi_session *sess; 4677 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4678 struct se_session *se_sess, *se_sess_tmp; 4679 LIST_HEAD(free_list); 4680 int session_count = 0; 4681 4682 spin_lock_bh(&se_tpg->session_lock); 4683 if (tpg->nsessions && !force) { 4684 spin_unlock_bh(&se_tpg->session_lock); 4685 return -1; 4686 } 4687 4688 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list, 4689 sess_list) { 4690 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4691 4692 spin_lock(&sess->conn_lock); 4693 if (atomic_read(&sess->session_fall_back_to_erl0) || 4694 atomic_read(&sess->session_logout) || 4695 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) { 4696 spin_unlock(&sess->conn_lock); 4697 continue; 4698 } 4699 atomic_set(&sess->session_reinstatement, 1); 4700 atomic_set(&sess->session_fall_back_to_erl0, 1); 4701 spin_unlock(&sess->conn_lock); 4702 4703 list_move_tail(&se_sess->sess_list, &free_list); 4704 } 4705 spin_unlock_bh(&se_tpg->session_lock); 4706 4707 list_for_each_entry_safe(se_sess, se_sess_tmp, &free_list, sess_list) { 4708 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4709 4710 iscsit_free_session(sess); 4711 session_count++; 4712 } 4713 4714 pr_debug("Released %d iSCSI Session(s) from Target Portal" 4715 " Group: %hu\n", session_count, tpg->tpgt); 4716 return 0; 4717 } 4718 4719 MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure"); 4720 MODULE_VERSION("4.1.x"); 4721 MODULE_AUTHOR("nab@Linux-iSCSI.org"); 4722 MODULE_LICENSE("GPL"); 4723 4724 module_init(iscsi_target_init_module); 4725 module_exit(iscsi_target_cleanup_module); 4726