xref: /linux/drivers/target/iscsi/iscsi_target_login.c (revision 0d3b051adbb72ed81956447d0d1e54d5943ee6f5)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*******************************************************************************
3  * This file contains the login functions used by the iSCSI Target driver.
4  *
5  * (c) Copyright 2007-2013 Datera, Inc.
6  *
7  * Author: Nicholas A. Bellinger <nab@linux-iscsi.org>
8  *
9  ******************************************************************************/
10 
11 #include <crypto/hash.h>
12 #include <linux/module.h>
13 #include <linux/string.h>
14 #include <linux/kthread.h>
15 #include <linux/sched/signal.h>
16 #include <linux/idr.h>
17 #include <linux/tcp.h>        /* TCP_NODELAY */
18 #include <net/ip.h>
19 #include <net/ipv6.h>         /* ipv6_addr_v4mapped() */
20 #include <scsi/iscsi_proto.h>
21 #include <target/target_core_base.h>
22 #include <target/target_core_fabric.h>
23 
24 #include <target/iscsi/iscsi_target_core.h>
25 #include <target/iscsi/iscsi_target_stat.h>
26 #include "iscsi_target_device.h"
27 #include "iscsi_target_nego.h"
28 #include "iscsi_target_erl0.h"
29 #include "iscsi_target_erl2.h"
30 #include "iscsi_target_login.h"
31 #include "iscsi_target_tpg.h"
32 #include "iscsi_target_util.h"
33 #include "iscsi_target.h"
34 #include "iscsi_target_parameters.h"
35 
36 #include <target/iscsi/iscsi_transport.h>
37 
38 static struct iscsi_login *iscsi_login_init_conn(struct iscsi_conn *conn)
39 {
40 	struct iscsi_login *login;
41 
42 	login = kzalloc(sizeof(struct iscsi_login), GFP_KERNEL);
43 	if (!login) {
44 		pr_err("Unable to allocate memory for struct iscsi_login.\n");
45 		return NULL;
46 	}
47 	conn->login = login;
48 	login->conn = conn;
49 	login->first_request = 1;
50 
51 	login->req_buf = kzalloc(MAX_KEY_VALUE_PAIRS, GFP_KERNEL);
52 	if (!login->req_buf) {
53 		pr_err("Unable to allocate memory for response buffer.\n");
54 		goto out_login;
55 	}
56 
57 	login->rsp_buf = kzalloc(MAX_KEY_VALUE_PAIRS, GFP_KERNEL);
58 	if (!login->rsp_buf) {
59 		pr_err("Unable to allocate memory for request buffer.\n");
60 		goto out_req_buf;
61 	}
62 
63 	conn->conn_login = login;
64 
65 	return login;
66 
67 out_req_buf:
68 	kfree(login->req_buf);
69 out_login:
70 	kfree(login);
71 	return NULL;
72 }
73 
74 /*
75  * Used by iscsi_target_nego.c:iscsi_target_locate_portal() to setup
76  * per struct iscsi_conn libcrypto contexts for crc32c and crc32-intel
77  */
78 int iscsi_login_setup_crypto(struct iscsi_conn *conn)
79 {
80 	struct crypto_ahash *tfm;
81 
82 	/*
83 	 * Setup slicing by CRC32C algorithm for RX and TX libcrypto contexts
84 	 * which will default to crc32c_intel.ko for cpu_has_xmm4_2, or fallback
85 	 * to software 1x8 byte slicing from crc32c.ko
86 	 */
87 	tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC);
88 	if (IS_ERR(tfm)) {
89 		pr_err("crypto_alloc_ahash() failed\n");
90 		return -ENOMEM;
91 	}
92 
93 	conn->conn_rx_hash = ahash_request_alloc(tfm, GFP_KERNEL);
94 	if (!conn->conn_rx_hash) {
95 		pr_err("ahash_request_alloc() failed for conn_rx_hash\n");
96 		crypto_free_ahash(tfm);
97 		return -ENOMEM;
98 	}
99 	ahash_request_set_callback(conn->conn_rx_hash, 0, NULL, NULL);
100 
101 	conn->conn_tx_hash = ahash_request_alloc(tfm, GFP_KERNEL);
102 	if (!conn->conn_tx_hash) {
103 		pr_err("ahash_request_alloc() failed for conn_tx_hash\n");
104 		ahash_request_free(conn->conn_rx_hash);
105 		conn->conn_rx_hash = NULL;
106 		crypto_free_ahash(tfm);
107 		return -ENOMEM;
108 	}
109 	ahash_request_set_callback(conn->conn_tx_hash, 0, NULL, NULL);
110 
111 	return 0;
112 }
113 
114 static int iscsi_login_check_initiator_version(
115 	struct iscsi_conn *conn,
116 	u8 version_max,
117 	u8 version_min)
118 {
119 	if ((version_max != 0x00) || (version_min != 0x00)) {
120 		pr_err("Unsupported iSCSI IETF Pre-RFC Revision,"
121 			" version Min/Max 0x%02x/0x%02x, rejecting login.\n",
122 			version_min, version_max);
123 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
124 				ISCSI_LOGIN_STATUS_NO_VERSION);
125 		return -1;
126 	}
127 
128 	return 0;
129 }
130 
131 int iscsi_check_for_session_reinstatement(struct iscsi_conn *conn)
132 {
133 	int sessiontype;
134 	struct iscsi_param *initiatorname_param = NULL, *sessiontype_param = NULL;
135 	struct iscsi_portal_group *tpg = conn->tpg;
136 	struct iscsi_session *sess = NULL, *sess_p = NULL;
137 	struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
138 	struct se_session *se_sess, *se_sess_tmp;
139 
140 	initiatorname_param = iscsi_find_param_from_key(
141 			INITIATORNAME, conn->param_list);
142 	sessiontype_param = iscsi_find_param_from_key(
143 			SESSIONTYPE, conn->param_list);
144 	if (!initiatorname_param || !sessiontype_param) {
145 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
146 			ISCSI_LOGIN_STATUS_MISSING_FIELDS);
147 		return -1;
148 	}
149 
150 	sessiontype = (strncmp(sessiontype_param->value, NORMAL, 6)) ? 1 : 0;
151 
152 	spin_lock_bh(&se_tpg->session_lock);
153 	list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list,
154 			sess_list) {
155 
156 		sess_p = se_sess->fabric_sess_ptr;
157 		spin_lock(&sess_p->conn_lock);
158 		if (atomic_read(&sess_p->session_fall_back_to_erl0) ||
159 		    atomic_read(&sess_p->session_logout) ||
160 		    atomic_read(&sess_p->session_close) ||
161 		    (sess_p->time2retain_timer_flags & ISCSI_TF_EXPIRED)) {
162 			spin_unlock(&sess_p->conn_lock);
163 			continue;
164 		}
165 		if (!memcmp(sess_p->isid, conn->sess->isid, 6) &&
166 		   (!strcmp(sess_p->sess_ops->InitiatorName,
167 			    initiatorname_param->value) &&
168 		   (sess_p->sess_ops->SessionType == sessiontype))) {
169 			atomic_set(&sess_p->session_reinstatement, 1);
170 			atomic_set(&sess_p->session_fall_back_to_erl0, 1);
171 			atomic_set(&sess_p->session_close, 1);
172 			spin_unlock(&sess_p->conn_lock);
173 			iscsit_inc_session_usage_count(sess_p);
174 			iscsit_stop_time2retain_timer(sess_p);
175 			sess = sess_p;
176 			break;
177 		}
178 		spin_unlock(&sess_p->conn_lock);
179 	}
180 	spin_unlock_bh(&se_tpg->session_lock);
181 	/*
182 	 * If the Time2Retain handler has expired, the session is already gone.
183 	 */
184 	if (!sess)
185 		return 0;
186 
187 	pr_debug("%s iSCSI Session SID %u is still active for %s,"
188 		" performing session reinstatement.\n", (sessiontype) ?
189 		"Discovery" : "Normal", sess->sid,
190 		sess->sess_ops->InitiatorName);
191 
192 	spin_lock_bh(&sess->conn_lock);
193 	if (sess->session_state == TARG_SESS_STATE_FAILED) {
194 		spin_unlock_bh(&sess->conn_lock);
195 		iscsit_dec_session_usage_count(sess);
196 		return 0;
197 	}
198 	spin_unlock_bh(&sess->conn_lock);
199 
200 	iscsit_stop_session(sess, 1, 1);
201 	iscsit_dec_session_usage_count(sess);
202 
203 	return 0;
204 }
205 
206 static int iscsi_login_set_conn_values(
207 	struct iscsi_session *sess,
208 	struct iscsi_conn *conn,
209 	__be16 cid)
210 {
211 	int ret;
212 	conn->sess		= sess;
213 	conn->cid		= be16_to_cpu(cid);
214 	/*
215 	 * Generate a random Status sequence number (statsn) for the new
216 	 * iSCSI connection.
217 	 */
218 	ret = get_random_bytes_wait(&conn->stat_sn, sizeof(u32));
219 	if (unlikely(ret))
220 		return ret;
221 
222 	mutex_lock(&auth_id_lock);
223 	conn->auth_id		= iscsit_global->auth_id++;
224 	mutex_unlock(&auth_id_lock);
225 	return 0;
226 }
227 
228 __printf(2, 3) int iscsi_change_param_sprintf(
229 	struct iscsi_conn *conn,
230 	const char *fmt, ...)
231 {
232 	va_list args;
233 	unsigned char buf[64];
234 
235 	memset(buf, 0, sizeof buf);
236 
237 	va_start(args, fmt);
238 	vsnprintf(buf, sizeof buf, fmt, args);
239 	va_end(args);
240 
241 	if (iscsi_change_param_value(buf, conn->param_list, 0) < 0) {
242 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
243 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
244 		return -1;
245 	}
246 
247 	return 0;
248 }
249 EXPORT_SYMBOL(iscsi_change_param_sprintf);
250 
251 /*
252  *	This is the leading connection of a new session,
253  *	or session reinstatement.
254  */
255 static int iscsi_login_zero_tsih_s1(
256 	struct iscsi_conn *conn,
257 	unsigned char *buf)
258 {
259 	struct iscsi_session *sess = NULL;
260 	struct iscsi_login_req *pdu = (struct iscsi_login_req *)buf;
261 	int ret;
262 
263 	sess = kzalloc(sizeof(struct iscsi_session), GFP_KERNEL);
264 	if (!sess) {
265 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
266 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
267 		pr_err("Could not allocate memory for session\n");
268 		return -ENOMEM;
269 	}
270 
271 	if (iscsi_login_set_conn_values(sess, conn, pdu->cid))
272 		goto free_sess;
273 
274 	sess->init_task_tag	= pdu->itt;
275 	memcpy(&sess->isid, pdu->isid, 6);
276 	sess->exp_cmd_sn	= be32_to_cpu(pdu->cmdsn);
277 	INIT_LIST_HEAD(&sess->sess_conn_list);
278 	INIT_LIST_HEAD(&sess->sess_ooo_cmdsn_list);
279 	INIT_LIST_HEAD(&sess->cr_active_list);
280 	INIT_LIST_HEAD(&sess->cr_inactive_list);
281 	init_completion(&sess->async_msg_comp);
282 	init_completion(&sess->reinstatement_comp);
283 	init_completion(&sess->session_wait_comp);
284 	init_completion(&sess->session_waiting_on_uc_comp);
285 	mutex_init(&sess->cmdsn_mutex);
286 	spin_lock_init(&sess->conn_lock);
287 	spin_lock_init(&sess->cr_a_lock);
288 	spin_lock_init(&sess->cr_i_lock);
289 	spin_lock_init(&sess->session_usage_lock);
290 	spin_lock_init(&sess->ttt_lock);
291 
292 	timer_setup(&sess->time2retain_timer,
293 		    iscsit_handle_time2retain_timeout, 0);
294 
295 	ret = ida_alloc(&sess_ida, GFP_KERNEL);
296 	if (ret < 0) {
297 		pr_err("Session ID allocation failed %d\n", ret);
298 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
299 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
300 		goto free_sess;
301 	}
302 
303 	sess->session_index = ret;
304 	sess->creation_time = get_jiffies_64();
305 	/*
306 	 * The FFP CmdSN window values will be allocated from the TPG's
307 	 * Initiator Node's ACL once the login has been successfully completed.
308 	 */
309 	atomic_set(&sess->max_cmd_sn, be32_to_cpu(pdu->cmdsn));
310 
311 	sess->sess_ops = kzalloc(sizeof(struct iscsi_sess_ops), GFP_KERNEL);
312 	if (!sess->sess_ops) {
313 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
314 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
315 		pr_err("Unable to allocate memory for"
316 				" struct iscsi_sess_ops.\n");
317 		goto free_id;
318 	}
319 
320 	sess->se_sess = transport_alloc_session(TARGET_PROT_NORMAL);
321 	if (IS_ERR(sess->se_sess)) {
322 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
323 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
324 		goto free_ops;
325 	}
326 
327 	return 0;
328 
329 free_ops:
330 	kfree(sess->sess_ops);
331 free_id:
332 	ida_free(&sess_ida, sess->session_index);
333 free_sess:
334 	kfree(sess);
335 	conn->sess = NULL;
336 	return -ENOMEM;
337 }
338 
339 static int iscsi_login_zero_tsih_s2(
340 	struct iscsi_conn *conn)
341 {
342 	struct iscsi_node_attrib *na;
343 	struct iscsi_session *sess = conn->sess;
344 	bool iser = false;
345 
346 	sess->tpg = conn->tpg;
347 
348 	/*
349 	 * Assign a new TPG Session Handle.  Note this is protected with
350 	 * struct iscsi_portal_group->np_login_sem from iscsit_access_np().
351 	 */
352 	sess->tsih = ++sess->tpg->ntsih;
353 	if (!sess->tsih)
354 		sess->tsih = ++sess->tpg->ntsih;
355 
356 	/*
357 	 * Create the default params from user defined values..
358 	 */
359 	if (iscsi_copy_param_list(&conn->param_list,
360 				conn->tpg->param_list, 1) < 0) {
361 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
362 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
363 		return -1;
364 	}
365 
366 	if (conn->conn_transport->transport_type == ISCSI_INFINIBAND)
367 		iser = true;
368 
369 	iscsi_set_keys_to_negotiate(conn->param_list, iser);
370 
371 	if (sess->sess_ops->SessionType)
372 		return iscsi_set_keys_irrelevant_for_discovery(
373 				conn->param_list);
374 
375 	na = iscsit_tpg_get_node_attrib(sess);
376 
377 	/*
378 	 * Need to send TargetPortalGroupTag back in first login response
379 	 * on any iSCSI connection where the Initiator provides TargetName.
380 	 * See 5.3.1.  Login Phase Start
381 	 *
382 	 * In our case, we have already located the struct iscsi_tiqn at this point.
383 	 */
384 	if (iscsi_change_param_sprintf(conn, "TargetPortalGroupTag=%hu", sess->tpg->tpgt))
385 		return -1;
386 
387 	/*
388 	 * Workaround for Initiators that have broken connection recovery logic.
389 	 *
390 	 * "We would really like to get rid of this." Linux-iSCSI.org team
391 	 */
392 	if (iscsi_change_param_sprintf(conn, "ErrorRecoveryLevel=%d", na->default_erl))
393 		return -1;
394 
395 	/*
396 	 * Set RDMAExtensions=Yes by default for iSER enabled network portals
397 	 */
398 	if (iser) {
399 		struct iscsi_param *param;
400 		unsigned long mrdsl, off;
401 		int rc;
402 
403 		if (iscsi_change_param_sprintf(conn, "RDMAExtensions=Yes"))
404 			return -1;
405 
406 		/*
407 		 * Make MaxRecvDataSegmentLength PAGE_SIZE aligned for
408 		 * Immediate Data + Unsolicited Data-OUT if necessary..
409 		 */
410 		param = iscsi_find_param_from_key("MaxRecvDataSegmentLength",
411 						  conn->param_list);
412 		if (!param) {
413 			iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
414 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
415 			return -1;
416 		}
417 		rc = kstrtoul(param->value, 0, &mrdsl);
418 		if (rc < 0) {
419 			iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
420 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
421 			return -1;
422 		}
423 		off = mrdsl % PAGE_SIZE;
424 		if (!off)
425 			goto check_prot;
426 
427 		if (mrdsl < PAGE_SIZE)
428 			mrdsl = PAGE_SIZE;
429 		else
430 			mrdsl -= off;
431 
432 		pr_warn("Aligning ISER MaxRecvDataSegmentLength: %lu down"
433 			" to PAGE_SIZE\n", mrdsl);
434 
435 		if (iscsi_change_param_sprintf(conn, "MaxRecvDataSegmentLength=%lu\n", mrdsl))
436 			return -1;
437 		/*
438 		 * ISER currently requires that ImmediateData + Unsolicited
439 		 * Data be disabled when protection / signature MRs are enabled.
440 		 */
441 check_prot:
442 		if (sess->se_sess->sup_prot_ops &
443 		   (TARGET_PROT_DOUT_STRIP | TARGET_PROT_DOUT_PASS |
444 		    TARGET_PROT_DOUT_INSERT)) {
445 
446 			if (iscsi_change_param_sprintf(conn, "ImmediateData=No"))
447 				return -1;
448 
449 			if (iscsi_change_param_sprintf(conn, "InitialR2T=Yes"))
450 				return -1;
451 
452 			pr_debug("Forcing ImmediateData=No + InitialR2T=Yes for"
453 				 " T10-PI enabled ISER session\n");
454 		}
455 	}
456 
457 	return 0;
458 }
459 
460 static int iscsi_login_non_zero_tsih_s1(
461 	struct iscsi_conn *conn,
462 	unsigned char *buf)
463 {
464 	struct iscsi_login_req *pdu = (struct iscsi_login_req *)buf;
465 
466 	return iscsi_login_set_conn_values(NULL, conn, pdu->cid);
467 }
468 
469 /*
470  *	Add a new connection to an existing session.
471  */
472 static int iscsi_login_non_zero_tsih_s2(
473 	struct iscsi_conn *conn,
474 	unsigned char *buf)
475 {
476 	struct iscsi_portal_group *tpg = conn->tpg;
477 	struct iscsi_session *sess = NULL, *sess_p = NULL;
478 	struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
479 	struct se_session *se_sess, *se_sess_tmp;
480 	struct iscsi_login_req *pdu = (struct iscsi_login_req *)buf;
481 	bool iser = false;
482 
483 	spin_lock_bh(&se_tpg->session_lock);
484 	list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list,
485 			sess_list) {
486 
487 		sess_p = (struct iscsi_session *)se_sess->fabric_sess_ptr;
488 		if (atomic_read(&sess_p->session_fall_back_to_erl0) ||
489 		    atomic_read(&sess_p->session_logout) ||
490 		    atomic_read(&sess_p->session_close) ||
491 		   (sess_p->time2retain_timer_flags & ISCSI_TF_EXPIRED))
492 			continue;
493 		if (!memcmp(sess_p->isid, pdu->isid, 6) &&
494 		     (sess_p->tsih == be16_to_cpu(pdu->tsih))) {
495 			iscsit_inc_session_usage_count(sess_p);
496 			iscsit_stop_time2retain_timer(sess_p);
497 			sess = sess_p;
498 			break;
499 		}
500 	}
501 	spin_unlock_bh(&se_tpg->session_lock);
502 
503 	/*
504 	 * If the Time2Retain handler has expired, the session is already gone.
505 	 */
506 	if (!sess) {
507 		pr_err("Initiator attempting to add a connection to"
508 			" a non-existent session, rejecting iSCSI Login.\n");
509 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
510 				ISCSI_LOGIN_STATUS_NO_SESSION);
511 		return -1;
512 	}
513 
514 	/*
515 	 * Stop the Time2Retain timer if this is a failed session, we restart
516 	 * the timer if the login is not successful.
517 	 */
518 	spin_lock_bh(&sess->conn_lock);
519 	if (sess->session_state == TARG_SESS_STATE_FAILED)
520 		atomic_set(&sess->session_continuation, 1);
521 	spin_unlock_bh(&sess->conn_lock);
522 
523 	if (iscsi_login_set_conn_values(sess, conn, pdu->cid) < 0 ||
524 	    iscsi_copy_param_list(&conn->param_list,
525 			conn->tpg->param_list, 0) < 0) {
526 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
527 				ISCSI_LOGIN_STATUS_NO_RESOURCES);
528 		return -1;
529 	}
530 
531 	if (conn->conn_transport->transport_type == ISCSI_INFINIBAND)
532 		iser = true;
533 
534 	iscsi_set_keys_to_negotiate(conn->param_list, iser);
535 	/*
536 	 * Need to send TargetPortalGroupTag back in first login response
537 	 * on any iSCSI connection where the Initiator provides TargetName.
538 	 * See 5.3.1.  Login Phase Start
539 	 *
540 	 * In our case, we have already located the struct iscsi_tiqn at this point.
541 	 */
542 	if (iscsi_change_param_sprintf(conn, "TargetPortalGroupTag=%hu", sess->tpg->tpgt))
543 		return -1;
544 
545 	return 0;
546 }
547 
548 int iscsi_login_post_auth_non_zero_tsih(
549 	struct iscsi_conn *conn,
550 	u16 cid,
551 	u32 exp_statsn)
552 {
553 	struct iscsi_conn *conn_ptr = NULL;
554 	struct iscsi_conn_recovery *cr = NULL;
555 	struct iscsi_session *sess = conn->sess;
556 
557 	/*
558 	 * By following item 5 in the login table,  if we have found
559 	 * an existing ISID and a valid/existing TSIH and an existing
560 	 * CID we do connection reinstatement.  Currently we dont not
561 	 * support it so we send back an non-zero status class to the
562 	 * initiator and release the new connection.
563 	 */
564 	conn_ptr = iscsit_get_conn_from_cid_rcfr(sess, cid);
565 	if (conn_ptr) {
566 		pr_err("Connection exists with CID %hu for %s,"
567 			" performing connection reinstatement.\n",
568 			conn_ptr->cid, sess->sess_ops->InitiatorName);
569 
570 		iscsit_connection_reinstatement_rcfr(conn_ptr);
571 		iscsit_dec_conn_usage_count(conn_ptr);
572 	}
573 
574 	/*
575 	 * Check for any connection recovery entries containing CID.
576 	 * We use the original ExpStatSN sent in the first login request
577 	 * to acknowledge commands for the failed connection.
578 	 *
579 	 * Also note that an explict logout may have already been sent,
580 	 * but the response may not be sent due to additional connection
581 	 * loss.
582 	 */
583 	if (sess->sess_ops->ErrorRecoveryLevel == 2) {
584 		cr = iscsit_get_inactive_connection_recovery_entry(
585 				sess, cid);
586 		if (cr) {
587 			pr_debug("Performing implicit logout"
588 				" for connection recovery on CID: %hu\n",
589 					conn->cid);
590 			iscsit_discard_cr_cmds_by_expstatsn(cr, exp_statsn);
591 		}
592 	}
593 
594 	/*
595 	 * Else we follow item 4 from the login table in that we have
596 	 * found an existing ISID and a valid/existing TSIH and a new
597 	 * CID we go ahead and continue to add a new connection to the
598 	 * session.
599 	 */
600 	pr_debug("Adding CID %hu to existing session for %s.\n",
601 			cid, sess->sess_ops->InitiatorName);
602 
603 	if ((atomic_read(&sess->nconn) + 1) > sess->sess_ops->MaxConnections) {
604 		pr_err("Adding additional connection to this session"
605 			" would exceed MaxConnections %d, login failed.\n",
606 				sess->sess_ops->MaxConnections);
607 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
608 				ISCSI_LOGIN_STATUS_ISID_ERROR);
609 		return -1;
610 	}
611 
612 	return 0;
613 }
614 
615 static void iscsi_post_login_start_timers(struct iscsi_conn *conn)
616 {
617 	struct iscsi_session *sess = conn->sess;
618 	/*
619 	 * FIXME: Unsolicited NopIN support for ISER
620 	 */
621 	if (conn->conn_transport->transport_type == ISCSI_INFINIBAND)
622 		return;
623 
624 	if (!sess->sess_ops->SessionType)
625 		iscsit_start_nopin_timer(conn);
626 }
627 
628 int iscsit_start_kthreads(struct iscsi_conn *conn)
629 {
630 	int ret = 0;
631 
632 	spin_lock(&iscsit_global->ts_bitmap_lock);
633 	conn->bitmap_id = bitmap_find_free_region(iscsit_global->ts_bitmap,
634 					ISCSIT_BITMAP_BITS, get_order(1));
635 	spin_unlock(&iscsit_global->ts_bitmap_lock);
636 
637 	if (conn->bitmap_id < 0) {
638 		pr_err("bitmap_find_free_region() failed for"
639 		       " iscsit_start_kthreads()\n");
640 		return -ENOMEM;
641 	}
642 
643 	conn->tx_thread = kthread_run(iscsi_target_tx_thread, conn,
644 				      "%s", ISCSI_TX_THREAD_NAME);
645 	if (IS_ERR(conn->tx_thread)) {
646 		pr_err("Unable to start iscsi_target_tx_thread\n");
647 		ret = PTR_ERR(conn->tx_thread);
648 		goto out_bitmap;
649 	}
650 	conn->tx_thread_active = true;
651 
652 	conn->rx_thread = kthread_run(iscsi_target_rx_thread, conn,
653 				      "%s", ISCSI_RX_THREAD_NAME);
654 	if (IS_ERR(conn->rx_thread)) {
655 		pr_err("Unable to start iscsi_target_rx_thread\n");
656 		ret = PTR_ERR(conn->rx_thread);
657 		goto out_tx;
658 	}
659 	conn->rx_thread_active = true;
660 
661 	return 0;
662 out_tx:
663 	send_sig(SIGINT, conn->tx_thread, 1);
664 	kthread_stop(conn->tx_thread);
665 	conn->tx_thread_active = false;
666 out_bitmap:
667 	spin_lock(&iscsit_global->ts_bitmap_lock);
668 	bitmap_release_region(iscsit_global->ts_bitmap, conn->bitmap_id,
669 			      get_order(1));
670 	spin_unlock(&iscsit_global->ts_bitmap_lock);
671 	return ret;
672 }
673 
674 void iscsi_post_login_handler(
675 	struct iscsi_np *np,
676 	struct iscsi_conn *conn,
677 	u8 zero_tsih)
678 {
679 	int stop_timer = 0;
680 	struct iscsi_session *sess = conn->sess;
681 	struct se_session *se_sess = sess->se_sess;
682 	struct iscsi_portal_group *tpg = sess->tpg;
683 	struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
684 
685 	iscsit_inc_conn_usage_count(conn);
686 
687 	iscsit_collect_login_stats(conn, ISCSI_STATUS_CLS_SUCCESS,
688 			ISCSI_LOGIN_STATUS_ACCEPT);
689 
690 	pr_debug("Moving to TARG_CONN_STATE_LOGGED_IN.\n");
691 	conn->conn_state = TARG_CONN_STATE_LOGGED_IN;
692 
693 	iscsi_set_connection_parameters(conn->conn_ops, conn->param_list);
694 	/*
695 	 * SCSI Initiator -> SCSI Target Port Mapping
696 	 */
697 	if (!zero_tsih) {
698 		iscsi_set_session_parameters(sess->sess_ops,
699 				conn->param_list, 0);
700 		iscsi_release_param_list(conn->param_list);
701 		conn->param_list = NULL;
702 
703 		spin_lock_bh(&sess->conn_lock);
704 		atomic_set(&sess->session_continuation, 0);
705 		if (sess->session_state == TARG_SESS_STATE_FAILED) {
706 			pr_debug("Moving to"
707 					" TARG_SESS_STATE_LOGGED_IN.\n");
708 			sess->session_state = TARG_SESS_STATE_LOGGED_IN;
709 			stop_timer = 1;
710 		}
711 
712 		pr_debug("iSCSI Login successful on CID: %hu from %pISpc to"
713 			" %pISpc,%hu\n", conn->cid, &conn->login_sockaddr,
714 			&conn->local_sockaddr, tpg->tpgt);
715 
716 		list_add_tail(&conn->conn_list, &sess->sess_conn_list);
717 		atomic_inc(&sess->nconn);
718 		pr_debug("Incremented iSCSI Connection count to %hu"
719 			" from node: %s\n", atomic_read(&sess->nconn),
720 			sess->sess_ops->InitiatorName);
721 		spin_unlock_bh(&sess->conn_lock);
722 
723 		iscsi_post_login_start_timers(conn);
724 		/*
725 		 * Determine CPU mask to ensure connection's RX and TX kthreads
726 		 * are scheduled on the same CPU.
727 		 */
728 		iscsit_thread_get_cpumask(conn);
729 		conn->conn_rx_reset_cpumask = 1;
730 		conn->conn_tx_reset_cpumask = 1;
731 		/*
732 		 * Wakeup the sleeping iscsi_target_rx_thread() now that
733 		 * iscsi_conn is in TARG_CONN_STATE_LOGGED_IN state.
734 		 */
735 		complete(&conn->rx_login_comp);
736 		iscsit_dec_conn_usage_count(conn);
737 
738 		if (stop_timer) {
739 			spin_lock_bh(&se_tpg->session_lock);
740 			iscsit_stop_time2retain_timer(sess);
741 			spin_unlock_bh(&se_tpg->session_lock);
742 		}
743 		iscsit_dec_session_usage_count(sess);
744 		return;
745 	}
746 
747 	iscsi_set_session_parameters(sess->sess_ops, conn->param_list, 1);
748 	iscsi_release_param_list(conn->param_list);
749 	conn->param_list = NULL;
750 
751 	iscsit_determine_maxcmdsn(sess);
752 
753 	spin_lock_bh(&se_tpg->session_lock);
754 	__transport_register_session(&sess->tpg->tpg_se_tpg,
755 			se_sess->se_node_acl, se_sess, sess);
756 	pr_debug("Moving to TARG_SESS_STATE_LOGGED_IN.\n");
757 	sess->session_state = TARG_SESS_STATE_LOGGED_IN;
758 
759 	pr_debug("iSCSI Login successful on CID: %hu from %pISpc to %pISpc,%hu\n",
760 		conn->cid, &conn->login_sockaddr, &conn->local_sockaddr,
761 		tpg->tpgt);
762 
763 	spin_lock_bh(&sess->conn_lock);
764 	list_add_tail(&conn->conn_list, &sess->sess_conn_list);
765 	atomic_inc(&sess->nconn);
766 	pr_debug("Incremented iSCSI Connection count to %hu from node:"
767 		" %s\n", atomic_read(&sess->nconn),
768 		sess->sess_ops->InitiatorName);
769 	spin_unlock_bh(&sess->conn_lock);
770 
771 	sess->sid = tpg->sid++;
772 	if (!sess->sid)
773 		sess->sid = tpg->sid++;
774 	pr_debug("Established iSCSI session from node: %s\n",
775 			sess->sess_ops->InitiatorName);
776 
777 	tpg->nsessions++;
778 	if (tpg->tpg_tiqn)
779 		tpg->tpg_tiqn->tiqn_nsessions++;
780 
781 	pr_debug("Incremented number of active iSCSI sessions to %u on"
782 		" iSCSI Target Portal Group: %hu\n", tpg->nsessions, tpg->tpgt);
783 	spin_unlock_bh(&se_tpg->session_lock);
784 
785 	iscsi_post_login_start_timers(conn);
786 	/*
787 	 * Determine CPU mask to ensure connection's RX and TX kthreads
788 	 * are scheduled on the same CPU.
789 	 */
790 	iscsit_thread_get_cpumask(conn);
791 	conn->conn_rx_reset_cpumask = 1;
792 	conn->conn_tx_reset_cpumask = 1;
793 	/*
794 	 * Wakeup the sleeping iscsi_target_rx_thread() now that
795 	 * iscsi_conn is in TARG_CONN_STATE_LOGGED_IN state.
796 	 */
797 	complete(&conn->rx_login_comp);
798 	iscsit_dec_conn_usage_count(conn);
799 }
800 
801 void iscsi_handle_login_thread_timeout(struct timer_list *t)
802 {
803 	struct iscsi_np *np = from_timer(np, t, np_login_timer);
804 
805 	spin_lock_bh(&np->np_thread_lock);
806 	pr_err("iSCSI Login timeout on Network Portal %pISpc\n",
807 			&np->np_sockaddr);
808 
809 	if (np->np_login_timer_flags & ISCSI_TF_STOP) {
810 		spin_unlock_bh(&np->np_thread_lock);
811 		return;
812 	}
813 
814 	if (np->np_thread)
815 		send_sig(SIGINT, np->np_thread, 1);
816 
817 	np->np_login_timer_flags &= ~ISCSI_TF_RUNNING;
818 	spin_unlock_bh(&np->np_thread_lock);
819 }
820 
821 static void iscsi_start_login_thread_timer(struct iscsi_np *np)
822 {
823 	/*
824 	 * This used the TA_LOGIN_TIMEOUT constant because at this
825 	 * point we do not have access to ISCSI_TPG_ATTRIB(tpg)->login_timeout
826 	 */
827 	spin_lock_bh(&np->np_thread_lock);
828 	np->np_login_timer_flags &= ~ISCSI_TF_STOP;
829 	np->np_login_timer_flags |= ISCSI_TF_RUNNING;
830 	mod_timer(&np->np_login_timer, jiffies + TA_LOGIN_TIMEOUT * HZ);
831 
832 	pr_debug("Added timeout timer to iSCSI login request for"
833 			" %u seconds.\n", TA_LOGIN_TIMEOUT);
834 	spin_unlock_bh(&np->np_thread_lock);
835 }
836 
837 static void iscsi_stop_login_thread_timer(struct iscsi_np *np)
838 {
839 	spin_lock_bh(&np->np_thread_lock);
840 	if (!(np->np_login_timer_flags & ISCSI_TF_RUNNING)) {
841 		spin_unlock_bh(&np->np_thread_lock);
842 		return;
843 	}
844 	np->np_login_timer_flags |= ISCSI_TF_STOP;
845 	spin_unlock_bh(&np->np_thread_lock);
846 
847 	del_timer_sync(&np->np_login_timer);
848 
849 	spin_lock_bh(&np->np_thread_lock);
850 	np->np_login_timer_flags &= ~ISCSI_TF_RUNNING;
851 	spin_unlock_bh(&np->np_thread_lock);
852 }
853 
854 int iscsit_setup_np(
855 	struct iscsi_np *np,
856 	struct sockaddr_storage *sockaddr)
857 {
858 	struct socket *sock = NULL;
859 	int backlog = ISCSIT_TCP_BACKLOG, ret, len;
860 
861 	switch (np->np_network_transport) {
862 	case ISCSI_TCP:
863 		np->np_ip_proto = IPPROTO_TCP;
864 		np->np_sock_type = SOCK_STREAM;
865 		break;
866 	case ISCSI_SCTP_TCP:
867 		np->np_ip_proto = IPPROTO_SCTP;
868 		np->np_sock_type = SOCK_STREAM;
869 		break;
870 	case ISCSI_SCTP_UDP:
871 		np->np_ip_proto = IPPROTO_SCTP;
872 		np->np_sock_type = SOCK_SEQPACKET;
873 		break;
874 	default:
875 		pr_err("Unsupported network_transport: %d\n",
876 				np->np_network_transport);
877 		return -EINVAL;
878 	}
879 
880 	ret = sock_create(sockaddr->ss_family, np->np_sock_type,
881 			np->np_ip_proto, &sock);
882 	if (ret < 0) {
883 		pr_err("sock_create() failed.\n");
884 		return ret;
885 	}
886 	np->np_socket = sock;
887 	/*
888 	 * Setup the np->np_sockaddr from the passed sockaddr setup
889 	 * in iscsi_target_configfs.c code..
890 	 */
891 	memcpy(&np->np_sockaddr, sockaddr,
892 			sizeof(struct sockaddr_storage));
893 
894 	if (sockaddr->ss_family == AF_INET6)
895 		len = sizeof(struct sockaddr_in6);
896 	else
897 		len = sizeof(struct sockaddr_in);
898 	/*
899 	 * Set SO_REUSEADDR, and disable Nagel Algorithm with TCP_NODELAY.
900 	 */
901 	if (np->np_network_transport == ISCSI_TCP)
902 		tcp_sock_set_nodelay(sock->sk);
903 	sock_set_reuseaddr(sock->sk);
904 	ip_sock_set_freebind(sock->sk);
905 
906 	ret = kernel_bind(sock, (struct sockaddr *)&np->np_sockaddr, len);
907 	if (ret < 0) {
908 		pr_err("kernel_bind() failed: %d\n", ret);
909 		goto fail;
910 	}
911 
912 	ret = kernel_listen(sock, backlog);
913 	if (ret != 0) {
914 		pr_err("kernel_listen() failed: %d\n", ret);
915 		goto fail;
916 	}
917 
918 	return 0;
919 fail:
920 	np->np_socket = NULL;
921 	sock_release(sock);
922 	return ret;
923 }
924 
925 int iscsi_target_setup_login_socket(
926 	struct iscsi_np *np,
927 	struct sockaddr_storage *sockaddr)
928 {
929 	struct iscsit_transport *t;
930 	int rc;
931 
932 	t = iscsit_get_transport(np->np_network_transport);
933 	if (!t)
934 		return -EINVAL;
935 
936 	rc = t->iscsit_setup_np(np, sockaddr);
937 	if (rc < 0) {
938 		iscsit_put_transport(t);
939 		return rc;
940 	}
941 
942 	np->np_transport = t;
943 	np->enabled = true;
944 	return 0;
945 }
946 
947 int iscsit_accept_np(struct iscsi_np *np, struct iscsi_conn *conn)
948 {
949 	struct socket *new_sock, *sock = np->np_socket;
950 	struct sockaddr_in sock_in;
951 	struct sockaddr_in6 sock_in6;
952 	int rc;
953 
954 	rc = kernel_accept(sock, &new_sock, 0);
955 	if (rc < 0)
956 		return rc;
957 
958 	conn->sock = new_sock;
959 	conn->login_family = np->np_sockaddr.ss_family;
960 
961 	if (np->np_sockaddr.ss_family == AF_INET6) {
962 		memset(&sock_in6, 0, sizeof(struct sockaddr_in6));
963 
964 		rc = conn->sock->ops->getname(conn->sock,
965 				(struct sockaddr *)&sock_in6, 1);
966 		if (rc >= 0) {
967 			if (!ipv6_addr_v4mapped(&sock_in6.sin6_addr)) {
968 				memcpy(&conn->login_sockaddr, &sock_in6, sizeof(sock_in6));
969 			} else {
970 				/* Pretend to be an ipv4 socket */
971 				sock_in.sin_family = AF_INET;
972 				sock_in.sin_port = sock_in6.sin6_port;
973 				memcpy(&sock_in.sin_addr, &sock_in6.sin6_addr.s6_addr32[3], 4);
974 				memcpy(&conn->login_sockaddr, &sock_in, sizeof(sock_in));
975 			}
976 		}
977 
978 		rc = conn->sock->ops->getname(conn->sock,
979 				(struct sockaddr *)&sock_in6, 0);
980 		if (rc >= 0) {
981 			if (!ipv6_addr_v4mapped(&sock_in6.sin6_addr)) {
982 				memcpy(&conn->local_sockaddr, &sock_in6, sizeof(sock_in6));
983 			} else {
984 				/* Pretend to be an ipv4 socket */
985 				sock_in.sin_family = AF_INET;
986 				sock_in.sin_port = sock_in6.sin6_port;
987 				memcpy(&sock_in.sin_addr, &sock_in6.sin6_addr.s6_addr32[3], 4);
988 				memcpy(&conn->local_sockaddr, &sock_in, sizeof(sock_in));
989 			}
990 		}
991 	} else {
992 		memset(&sock_in, 0, sizeof(struct sockaddr_in));
993 
994 		rc = conn->sock->ops->getname(conn->sock,
995 				(struct sockaddr *)&sock_in, 1);
996 		if (rc >= 0)
997 			memcpy(&conn->login_sockaddr, &sock_in, sizeof(sock_in));
998 
999 		rc = conn->sock->ops->getname(conn->sock,
1000 				(struct sockaddr *)&sock_in, 0);
1001 		if (rc >= 0)
1002 			memcpy(&conn->local_sockaddr, &sock_in, sizeof(sock_in));
1003 	}
1004 
1005 	return 0;
1006 }
1007 
1008 int iscsit_get_login_rx(struct iscsi_conn *conn, struct iscsi_login *login)
1009 {
1010 	struct iscsi_login_req *login_req;
1011 	u32 padding = 0, payload_length;
1012 
1013 	if (iscsi_login_rx_data(conn, login->req, ISCSI_HDR_LEN) < 0)
1014 		return -1;
1015 
1016 	login_req = (struct iscsi_login_req *)login->req;
1017 	payload_length	= ntoh24(login_req->dlength);
1018 	padding = ((-payload_length) & 3);
1019 
1020 	pr_debug("Got Login Command, Flags 0x%02x, ITT: 0x%08x,"
1021 		" CmdSN: 0x%08x, ExpStatSN: 0x%08x, CID: %hu, Length: %u\n",
1022 		login_req->flags, login_req->itt, login_req->cmdsn,
1023 		login_req->exp_statsn, login_req->cid, payload_length);
1024 	/*
1025 	 * Setup the initial iscsi_login values from the leading
1026 	 * login request PDU.
1027 	 */
1028 	if (login->first_request) {
1029 		login_req = (struct iscsi_login_req *)login->req;
1030 		login->leading_connection = (!login_req->tsih) ? 1 : 0;
1031 		login->current_stage	= ISCSI_LOGIN_CURRENT_STAGE(login_req->flags);
1032 		login->version_min	= login_req->min_version;
1033 		login->version_max	= login_req->max_version;
1034 		memcpy(login->isid, login_req->isid, 6);
1035 		login->cmd_sn		= be32_to_cpu(login_req->cmdsn);
1036 		login->init_task_tag	= login_req->itt;
1037 		login->initial_exp_statsn = be32_to_cpu(login_req->exp_statsn);
1038 		login->cid		= be16_to_cpu(login_req->cid);
1039 		login->tsih		= be16_to_cpu(login_req->tsih);
1040 	}
1041 
1042 	if (iscsi_target_check_login_request(conn, login) < 0)
1043 		return -1;
1044 
1045 	memset(login->req_buf, 0, MAX_KEY_VALUE_PAIRS);
1046 	if (iscsi_login_rx_data(conn, login->req_buf,
1047 				payload_length + padding) < 0)
1048 		return -1;
1049 
1050 	return 0;
1051 }
1052 
1053 int iscsit_put_login_tx(struct iscsi_conn *conn, struct iscsi_login *login,
1054 			u32 length)
1055 {
1056 	if (iscsi_login_tx_data(conn, login->rsp, login->rsp_buf, length) < 0)
1057 		return -1;
1058 
1059 	return 0;
1060 }
1061 
1062 static int
1063 iscsit_conn_set_transport(struct iscsi_conn *conn, struct iscsit_transport *t)
1064 {
1065 	int rc;
1066 
1067 	if (!t->owner) {
1068 		conn->conn_transport = t;
1069 		return 0;
1070 	}
1071 
1072 	rc = try_module_get(t->owner);
1073 	if (!rc) {
1074 		pr_err("try_module_get() failed for %s\n", t->name);
1075 		return -EINVAL;
1076 	}
1077 
1078 	conn->conn_transport = t;
1079 	return 0;
1080 }
1081 
1082 static struct iscsi_conn *iscsit_alloc_conn(struct iscsi_np *np)
1083 {
1084 	struct iscsi_conn *conn;
1085 
1086 	conn = kzalloc(sizeof(struct iscsi_conn), GFP_KERNEL);
1087 	if (!conn) {
1088 		pr_err("Could not allocate memory for new connection\n");
1089 		return NULL;
1090 	}
1091 	pr_debug("Moving to TARG_CONN_STATE_FREE.\n");
1092 	conn->conn_state = TARG_CONN_STATE_FREE;
1093 
1094 	init_waitqueue_head(&conn->queues_wq);
1095 	INIT_LIST_HEAD(&conn->conn_list);
1096 	INIT_LIST_HEAD(&conn->conn_cmd_list);
1097 	INIT_LIST_HEAD(&conn->immed_queue_list);
1098 	INIT_LIST_HEAD(&conn->response_queue_list);
1099 	init_completion(&conn->conn_post_wait_comp);
1100 	init_completion(&conn->conn_wait_comp);
1101 	init_completion(&conn->conn_wait_rcfr_comp);
1102 	init_completion(&conn->conn_waiting_on_uc_comp);
1103 	init_completion(&conn->conn_logout_comp);
1104 	init_completion(&conn->rx_half_close_comp);
1105 	init_completion(&conn->tx_half_close_comp);
1106 	init_completion(&conn->rx_login_comp);
1107 	spin_lock_init(&conn->cmd_lock);
1108 	spin_lock_init(&conn->conn_usage_lock);
1109 	spin_lock_init(&conn->immed_queue_lock);
1110 	spin_lock_init(&conn->nopin_timer_lock);
1111 	spin_lock_init(&conn->response_queue_lock);
1112 	spin_lock_init(&conn->state_lock);
1113 
1114 	timer_setup(&conn->nopin_response_timer,
1115 		    iscsit_handle_nopin_response_timeout, 0);
1116 	timer_setup(&conn->nopin_timer, iscsit_handle_nopin_timeout, 0);
1117 
1118 	if (iscsit_conn_set_transport(conn, np->np_transport) < 0)
1119 		goto free_conn;
1120 
1121 	conn->conn_ops = kzalloc(sizeof(struct iscsi_conn_ops), GFP_KERNEL);
1122 	if (!conn->conn_ops) {
1123 		pr_err("Unable to allocate memory for struct iscsi_conn_ops.\n");
1124 		goto put_transport;
1125 	}
1126 
1127 	if (!zalloc_cpumask_var(&conn->conn_cpumask, GFP_KERNEL)) {
1128 		pr_err("Unable to allocate conn->conn_cpumask\n");
1129 		goto free_conn_ops;
1130 	}
1131 
1132 	return conn;
1133 
1134 free_conn_ops:
1135 	kfree(conn->conn_ops);
1136 put_transport:
1137 	iscsit_put_transport(conn->conn_transport);
1138 free_conn:
1139 	kfree(conn);
1140 	return NULL;
1141 }
1142 
1143 void iscsit_free_conn(struct iscsi_conn *conn)
1144 {
1145 	free_cpumask_var(conn->conn_cpumask);
1146 	kfree(conn->conn_ops);
1147 	iscsit_put_transport(conn->conn_transport);
1148 	kfree(conn);
1149 }
1150 
1151 void iscsi_target_login_sess_out(struct iscsi_conn *conn,
1152 				 bool zero_tsih, bool new_sess)
1153 {
1154 	if (!new_sess)
1155 		goto old_sess_out;
1156 
1157 	pr_err("iSCSI Login negotiation failed.\n");
1158 	iscsit_collect_login_stats(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
1159 				   ISCSI_LOGIN_STATUS_INIT_ERR);
1160 	if (!zero_tsih || !conn->sess)
1161 		goto old_sess_out;
1162 
1163 	transport_free_session(conn->sess->se_sess);
1164 	ida_free(&sess_ida, conn->sess->session_index);
1165 	kfree(conn->sess->sess_ops);
1166 	kfree(conn->sess);
1167 	conn->sess = NULL;
1168 
1169 old_sess_out:
1170 	/*
1171 	 * If login negotiation fails check if the Time2Retain timer
1172 	 * needs to be restarted.
1173 	 */
1174 	if (!zero_tsih && conn->sess) {
1175 		spin_lock_bh(&conn->sess->conn_lock);
1176 		if (conn->sess->session_state == TARG_SESS_STATE_FAILED) {
1177 			struct se_portal_group *se_tpg =
1178 					&conn->tpg->tpg_se_tpg;
1179 
1180 			atomic_set(&conn->sess->session_continuation, 0);
1181 			spin_unlock_bh(&conn->sess->conn_lock);
1182 			spin_lock_bh(&se_tpg->session_lock);
1183 			iscsit_start_time2retain_handler(conn->sess);
1184 			spin_unlock_bh(&se_tpg->session_lock);
1185 		} else
1186 			spin_unlock_bh(&conn->sess->conn_lock);
1187 		iscsit_dec_session_usage_count(conn->sess);
1188 	}
1189 
1190 	ahash_request_free(conn->conn_tx_hash);
1191 	if (conn->conn_rx_hash) {
1192 		struct crypto_ahash *tfm;
1193 
1194 		tfm = crypto_ahash_reqtfm(conn->conn_rx_hash);
1195 		ahash_request_free(conn->conn_rx_hash);
1196 		crypto_free_ahash(tfm);
1197 	}
1198 
1199 	if (conn->param_list) {
1200 		iscsi_release_param_list(conn->param_list);
1201 		conn->param_list = NULL;
1202 	}
1203 	iscsi_target_nego_release(conn);
1204 
1205 	if (conn->sock) {
1206 		sock_release(conn->sock);
1207 		conn->sock = NULL;
1208 	}
1209 
1210 	if (conn->conn_transport->iscsit_wait_conn)
1211 		conn->conn_transport->iscsit_wait_conn(conn);
1212 
1213 	if (conn->conn_transport->iscsit_free_conn)
1214 		conn->conn_transport->iscsit_free_conn(conn);
1215 
1216 	iscsit_free_conn(conn);
1217 }
1218 
1219 static int __iscsi_target_login_thread(struct iscsi_np *np)
1220 {
1221 	u8 *buffer, zero_tsih = 0;
1222 	int ret = 0, rc;
1223 	struct iscsi_conn *conn = NULL;
1224 	struct iscsi_login *login;
1225 	struct iscsi_portal_group *tpg = NULL;
1226 	struct iscsi_login_req *pdu;
1227 	struct iscsi_tpg_np *tpg_np;
1228 	bool new_sess = false;
1229 
1230 	flush_signals(current);
1231 
1232 	spin_lock_bh(&np->np_thread_lock);
1233 	if (atomic_dec_if_positive(&np->np_reset_count) >= 0) {
1234 		np->np_thread_state = ISCSI_NP_THREAD_ACTIVE;
1235 		spin_unlock_bh(&np->np_thread_lock);
1236 		complete(&np->np_restart_comp);
1237 		return 1;
1238 	} else if (np->np_thread_state == ISCSI_NP_THREAD_SHUTDOWN) {
1239 		spin_unlock_bh(&np->np_thread_lock);
1240 		goto exit;
1241 	} else {
1242 		np->np_thread_state = ISCSI_NP_THREAD_ACTIVE;
1243 	}
1244 	spin_unlock_bh(&np->np_thread_lock);
1245 
1246 	conn = iscsit_alloc_conn(np);
1247 	if (!conn) {
1248 		/* Get another socket */
1249 		return 1;
1250 	}
1251 
1252 	rc = np->np_transport->iscsit_accept_np(np, conn);
1253 	if (rc == -ENOSYS) {
1254 		complete(&np->np_restart_comp);
1255 		iscsit_free_conn(conn);
1256 		goto exit;
1257 	} else if (rc < 0) {
1258 		spin_lock_bh(&np->np_thread_lock);
1259 		if (atomic_dec_if_positive(&np->np_reset_count) >= 0) {
1260 			np->np_thread_state = ISCSI_NP_THREAD_ACTIVE;
1261 			spin_unlock_bh(&np->np_thread_lock);
1262 			complete(&np->np_restart_comp);
1263 			iscsit_free_conn(conn);
1264 			/* Get another socket */
1265 			return 1;
1266 		}
1267 		spin_unlock_bh(&np->np_thread_lock);
1268 		iscsit_free_conn(conn);
1269 		return 1;
1270 	}
1271 	/*
1272 	 * Perform the remaining iSCSI connection initialization items..
1273 	 */
1274 	login = iscsi_login_init_conn(conn);
1275 	if (!login) {
1276 		goto new_sess_out;
1277 	}
1278 
1279 	iscsi_start_login_thread_timer(np);
1280 
1281 	pr_debug("Moving to TARG_CONN_STATE_XPT_UP.\n");
1282 	conn->conn_state = TARG_CONN_STATE_XPT_UP;
1283 	/*
1284 	 * This will process the first login request + payload..
1285 	 */
1286 	rc = np->np_transport->iscsit_get_login_rx(conn, login);
1287 	if (rc == 1)
1288 		return 1;
1289 	else if (rc < 0)
1290 		goto new_sess_out;
1291 
1292 	buffer = &login->req[0];
1293 	pdu = (struct iscsi_login_req *)buffer;
1294 	/*
1295 	 * Used by iscsit_tx_login_rsp() for Login Resonses PDUs
1296 	 * when Status-Class != 0.
1297 	*/
1298 	conn->login_itt	= pdu->itt;
1299 
1300 	spin_lock_bh(&np->np_thread_lock);
1301 	if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) {
1302 		spin_unlock_bh(&np->np_thread_lock);
1303 		pr_err("iSCSI Network Portal on %pISpc currently not"
1304 			" active.\n", &np->np_sockaddr);
1305 		iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1306 				ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
1307 		goto new_sess_out;
1308 	}
1309 	spin_unlock_bh(&np->np_thread_lock);
1310 
1311 	conn->network_transport = np->np_network_transport;
1312 
1313 	pr_debug("Received iSCSI login request from %pISpc on %s Network"
1314 		" Portal %pISpc\n", &conn->login_sockaddr, np->np_transport->name,
1315 		&conn->local_sockaddr);
1316 
1317 	pr_debug("Moving to TARG_CONN_STATE_IN_LOGIN.\n");
1318 	conn->conn_state	= TARG_CONN_STATE_IN_LOGIN;
1319 
1320 	if (iscsi_login_check_initiator_version(conn, pdu->max_version,
1321 			pdu->min_version) < 0)
1322 		goto new_sess_out;
1323 
1324 	zero_tsih = (pdu->tsih == 0x0000);
1325 	if (zero_tsih) {
1326 		/*
1327 		 * This is the leading connection of a new session.
1328 		 * We wait until after authentication to check for
1329 		 * session reinstatement.
1330 		 */
1331 		if (iscsi_login_zero_tsih_s1(conn, buffer) < 0)
1332 			goto new_sess_out;
1333 	} else {
1334 		/*
1335 		 * Add a new connection to an existing session.
1336 		 * We check for a non-existant session in
1337 		 * iscsi_login_non_zero_tsih_s2() below based
1338 		 * on ISID/TSIH, but wait until after authentication
1339 		 * to check for connection reinstatement, etc.
1340 		 */
1341 		if (iscsi_login_non_zero_tsih_s1(conn, buffer) < 0)
1342 			goto new_sess_out;
1343 	}
1344 	/*
1345 	 * SessionType: Discovery
1346 	 *
1347 	 * 	Locates Default Portal
1348 	 *
1349 	 * SessionType: Normal
1350 	 *
1351 	 * 	Locates Target Portal from NP -> Target IQN
1352 	 */
1353 	rc = iscsi_target_locate_portal(np, conn, login);
1354 	if (rc < 0) {
1355 		tpg = conn->tpg;
1356 		goto new_sess_out;
1357 	}
1358 	login->zero_tsih = zero_tsih;
1359 
1360 	if (conn->sess)
1361 		conn->sess->se_sess->sup_prot_ops =
1362 			conn->conn_transport->iscsit_get_sup_prot_ops(conn);
1363 
1364 	tpg = conn->tpg;
1365 	if (!tpg) {
1366 		pr_err("Unable to locate struct iscsi_conn->tpg\n");
1367 		goto new_sess_out;
1368 	}
1369 
1370 	if (zero_tsih) {
1371 		if (iscsi_login_zero_tsih_s2(conn) < 0)
1372 			goto new_sess_out;
1373 	} else {
1374 		if (iscsi_login_non_zero_tsih_s2(conn, buffer) < 0)
1375 			goto old_sess_out;
1376 	}
1377 
1378 	if (conn->conn_transport->iscsit_validate_params) {
1379 		ret = conn->conn_transport->iscsit_validate_params(conn);
1380 		if (ret < 0) {
1381 			if (zero_tsih)
1382 				goto new_sess_out;
1383 			else
1384 				goto old_sess_out;
1385 		}
1386 	}
1387 
1388 	ret = iscsi_target_start_negotiation(login, conn);
1389 	if (ret < 0)
1390 		goto new_sess_out;
1391 
1392 	iscsi_stop_login_thread_timer(np);
1393 
1394 	if (ret == 1) {
1395 		tpg_np = conn->tpg_np;
1396 
1397 		iscsi_post_login_handler(np, conn, zero_tsih);
1398 		iscsit_deaccess_np(np, tpg, tpg_np);
1399 	}
1400 
1401 	tpg = NULL;
1402 	tpg_np = NULL;
1403 	/* Get another socket */
1404 	return 1;
1405 
1406 new_sess_out:
1407 	new_sess = true;
1408 old_sess_out:
1409 	iscsi_stop_login_thread_timer(np);
1410 	tpg_np = conn->tpg_np;
1411 	iscsi_target_login_sess_out(conn, zero_tsih, new_sess);
1412 	new_sess = false;
1413 
1414 	if (tpg) {
1415 		iscsit_deaccess_np(np, tpg, tpg_np);
1416 		tpg = NULL;
1417 		tpg_np = NULL;
1418 	}
1419 
1420 	return 1;
1421 
1422 exit:
1423 	iscsi_stop_login_thread_timer(np);
1424 	spin_lock_bh(&np->np_thread_lock);
1425 	np->np_thread_state = ISCSI_NP_THREAD_EXIT;
1426 	spin_unlock_bh(&np->np_thread_lock);
1427 
1428 	return 0;
1429 }
1430 
1431 int iscsi_target_login_thread(void *arg)
1432 {
1433 	struct iscsi_np *np = arg;
1434 	int ret;
1435 
1436 	allow_signal(SIGINT);
1437 
1438 	while (1) {
1439 		ret = __iscsi_target_login_thread(np);
1440 		/*
1441 		 * We break and exit here unless another sock_accept() call
1442 		 * is expected.
1443 		 */
1444 		if (ret != 1)
1445 			break;
1446 	}
1447 
1448 	while (!kthread_should_stop()) {
1449 		msleep(100);
1450 	}
1451 
1452 	return 0;
1453 }
1454