iscsi_target.c revision 186a9647019587b3784694894c4d136fd00cfd7b
1/******************************************************************************* 2 * This file contains main functions related to the iSCSI Target Core Driver. 3 * 4 * \u00a9 Copyright 2007-2011 RisingTide Systems LLC. 5 * 6 * Licensed to the Linux Foundation under the General Public License (GPL) version 2. 7 * 8 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License as published by 12 * the Free Software Foundation; either version 2 of the License, or 13 * (at your option) any later version. 14 * 15 * This program is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 ******************************************************************************/ 20 21#include <linux/string.h> 22#include <linux/kthread.h> 23#include <linux/crypto.h> 24#include <linux/completion.h> 25#include <linux/module.h> 26#include <linux/idr.h> 27#include <asm/unaligned.h> 28#include <scsi/scsi_device.h> 29#include <scsi/iscsi_proto.h> 30#include <scsi/scsi_tcq.h> 31#include <target/target_core_base.h> 32#include <target/target_core_fabric.h> 33#include <target/target_core_configfs.h> 34 35#include "iscsi_target_core.h" 36#include "iscsi_target_parameters.h" 37#include "iscsi_target_seq_pdu_list.h" 38#include "iscsi_target_tq.h" 39#include "iscsi_target_configfs.h" 40#include "iscsi_target_datain_values.h" 41#include "iscsi_target_erl0.h" 42#include "iscsi_target_erl1.h" 43#include "iscsi_target_erl2.h" 44#include "iscsi_target_login.h" 45#include "iscsi_target_tmr.h" 46#include "iscsi_target_tpg.h" 47#include "iscsi_target_util.h" 48#include "iscsi_target.h" 49#include "iscsi_target_device.h" 50#include "iscsi_target_stat.h" 51 52#include <target/iscsi/iscsi_transport.h> 53 54static LIST_HEAD(g_tiqn_list); 55static LIST_HEAD(g_np_list); 56static DEFINE_SPINLOCK(tiqn_lock); 57static DEFINE_SPINLOCK(np_lock); 58 59static struct idr tiqn_idr; 60struct idr sess_idr; 61struct mutex auth_id_lock; 62spinlock_t sess_idr_lock; 63 64struct iscsit_global *iscsit_global; 65 66struct kmem_cache *lio_cmd_cache; 67struct kmem_cache *lio_qr_cache; 68struct kmem_cache *lio_dr_cache; 69struct kmem_cache *lio_ooo_cache; 70struct kmem_cache *lio_r2t_cache; 71 72static int iscsit_handle_immediate_data(struct iscsi_cmd *, 73 struct iscsi_scsi_req *, u32); 74 75struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf) 76{ 77 struct iscsi_tiqn *tiqn = NULL; 78 79 spin_lock(&tiqn_lock); 80 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 81 if (!strcmp(tiqn->tiqn, buf)) { 82 83 spin_lock(&tiqn->tiqn_state_lock); 84 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 85 tiqn->tiqn_access_count++; 86 spin_unlock(&tiqn->tiqn_state_lock); 87 spin_unlock(&tiqn_lock); 88 return tiqn; 89 } 90 spin_unlock(&tiqn->tiqn_state_lock); 91 } 92 } 93 spin_unlock(&tiqn_lock); 94 95 return NULL; 96} 97 98static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn) 99{ 100 spin_lock(&tiqn->tiqn_state_lock); 101 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 102 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN; 103 spin_unlock(&tiqn->tiqn_state_lock); 104 return 0; 105 } 106 spin_unlock(&tiqn->tiqn_state_lock); 107 108 return -1; 109} 110 111void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn) 112{ 113 spin_lock(&tiqn->tiqn_state_lock); 114 tiqn->tiqn_access_count--; 115 spin_unlock(&tiqn->tiqn_state_lock); 116} 117 118/* 119 * Note that IQN formatting is expected to be done in userspace, and 120 * no explict IQN format checks are done here. 121 */ 122struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf) 123{ 124 struct iscsi_tiqn *tiqn = NULL; 125 int ret; 126 127 if (strlen(buf) >= ISCSI_IQN_LEN) { 128 pr_err("Target IQN exceeds %d bytes\n", 129 ISCSI_IQN_LEN); 130 return ERR_PTR(-EINVAL); 131 } 132 133 tiqn = kzalloc(sizeof(struct iscsi_tiqn), GFP_KERNEL); 134 if (!tiqn) { 135 pr_err("Unable to allocate struct iscsi_tiqn\n"); 136 return ERR_PTR(-ENOMEM); 137 } 138 139 sprintf(tiqn->tiqn, "%s", buf); 140 INIT_LIST_HEAD(&tiqn->tiqn_list); 141 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list); 142 spin_lock_init(&tiqn->tiqn_state_lock); 143 spin_lock_init(&tiqn->tiqn_tpg_lock); 144 spin_lock_init(&tiqn->sess_err_stats.lock); 145 spin_lock_init(&tiqn->login_stats.lock); 146 spin_lock_init(&tiqn->logout_stats.lock); 147 148 tiqn->tiqn_state = TIQN_STATE_ACTIVE; 149 150 idr_preload(GFP_KERNEL); 151 spin_lock(&tiqn_lock); 152 153 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT); 154 if (ret < 0) { 155 pr_err("idr_alloc() failed for tiqn->tiqn_index\n"); 156 spin_unlock(&tiqn_lock); 157 idr_preload_end(); 158 kfree(tiqn); 159 return ERR_PTR(ret); 160 } 161 tiqn->tiqn_index = ret; 162 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list); 163 164 spin_unlock(&tiqn_lock); 165 idr_preload_end(); 166 167 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn); 168 169 return tiqn; 170 171} 172 173static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn) 174{ 175 /* 176 * Wait for accesses to said struct iscsi_tiqn to end. 177 */ 178 spin_lock(&tiqn->tiqn_state_lock); 179 while (tiqn->tiqn_access_count != 0) { 180 spin_unlock(&tiqn->tiqn_state_lock); 181 msleep(10); 182 spin_lock(&tiqn->tiqn_state_lock); 183 } 184 spin_unlock(&tiqn->tiqn_state_lock); 185} 186 187void iscsit_del_tiqn(struct iscsi_tiqn *tiqn) 188{ 189 /* 190 * iscsit_set_tiqn_shutdown sets tiqn->tiqn_state = TIQN_STATE_SHUTDOWN 191 * while holding tiqn->tiqn_state_lock. This means that all subsequent 192 * attempts to access this struct iscsi_tiqn will fail from both transport 193 * fabric and control code paths. 194 */ 195 if (iscsit_set_tiqn_shutdown(tiqn) < 0) { 196 pr_err("iscsit_set_tiqn_shutdown() failed\n"); 197 return; 198 } 199 200 iscsit_wait_for_tiqn(tiqn); 201 202 spin_lock(&tiqn_lock); 203 list_del(&tiqn->tiqn_list); 204 idr_remove(&tiqn_idr, tiqn->tiqn_index); 205 spin_unlock(&tiqn_lock); 206 207 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n", 208 tiqn->tiqn); 209 kfree(tiqn); 210} 211 212int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg) 213{ 214 int ret; 215 /* 216 * Determine if the network portal is accepting storage traffic. 217 */ 218 spin_lock_bh(&np->np_thread_lock); 219 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 220 spin_unlock_bh(&np->np_thread_lock); 221 return -1; 222 } 223 if (np->np_login_tpg) { 224 pr_err("np->np_login_tpg() is not NULL!\n"); 225 spin_unlock_bh(&np->np_thread_lock); 226 return -1; 227 } 228 spin_unlock_bh(&np->np_thread_lock); 229 /* 230 * Determine if the portal group is accepting storage traffic. 231 */ 232 spin_lock_bh(&tpg->tpg_state_lock); 233 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 234 spin_unlock_bh(&tpg->tpg_state_lock); 235 return -1; 236 } 237 spin_unlock_bh(&tpg->tpg_state_lock); 238 239 /* 240 * Here we serialize access across the TIQN+TPG Tuple. 241 */ 242 ret = mutex_lock_interruptible(&tpg->np_login_lock); 243 if ((ret != 0) || signal_pending(current)) 244 return -1; 245 246 spin_lock_bh(&np->np_thread_lock); 247 np->np_login_tpg = tpg; 248 spin_unlock_bh(&np->np_thread_lock); 249 250 return 0; 251} 252 253int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg) 254{ 255 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn; 256 257 spin_lock_bh(&np->np_thread_lock); 258 np->np_login_tpg = NULL; 259 spin_unlock_bh(&np->np_thread_lock); 260 261 mutex_unlock(&tpg->np_login_lock); 262 263 if (tiqn) 264 iscsit_put_tiqn_for_login(tiqn); 265 266 return 0; 267} 268 269bool iscsit_check_np_match( 270 struct __kernel_sockaddr_storage *sockaddr, 271 struct iscsi_np *np, 272 int network_transport) 273{ 274 struct sockaddr_in *sock_in, *sock_in_e; 275 struct sockaddr_in6 *sock_in6, *sock_in6_e; 276 bool ip_match = false; 277 u16 port; 278 279 if (sockaddr->ss_family == AF_INET6) { 280 sock_in6 = (struct sockaddr_in6 *)sockaddr; 281 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr; 282 283 if (!memcmp(&sock_in6->sin6_addr.in6_u, 284 &sock_in6_e->sin6_addr.in6_u, 285 sizeof(struct in6_addr))) 286 ip_match = true; 287 288 port = ntohs(sock_in6->sin6_port); 289 } else { 290 sock_in = (struct sockaddr_in *)sockaddr; 291 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr; 292 293 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr) 294 ip_match = true; 295 296 port = ntohs(sock_in->sin_port); 297 } 298 299 if ((ip_match == true) && (np->np_port == port) && 300 (np->np_network_transport == network_transport)) 301 return true; 302 303 return false; 304} 305 306static struct iscsi_np *iscsit_get_np( 307 struct __kernel_sockaddr_storage *sockaddr, 308 int network_transport) 309{ 310 struct iscsi_np *np; 311 bool match; 312 313 spin_lock_bh(&np_lock); 314 list_for_each_entry(np, &g_np_list, np_list) { 315 spin_lock(&np->np_thread_lock); 316 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 317 spin_unlock(&np->np_thread_lock); 318 continue; 319 } 320 321 match = iscsit_check_np_match(sockaddr, np, network_transport); 322 if (match == true) { 323 /* 324 * Increment the np_exports reference count now to 325 * prevent iscsit_del_np() below from being called 326 * while iscsi_tpg_add_network_portal() is called. 327 */ 328 np->np_exports++; 329 spin_unlock(&np->np_thread_lock); 330 spin_unlock_bh(&np_lock); 331 return np; 332 } 333 spin_unlock(&np->np_thread_lock); 334 } 335 spin_unlock_bh(&np_lock); 336 337 return NULL; 338} 339 340struct iscsi_np *iscsit_add_np( 341 struct __kernel_sockaddr_storage *sockaddr, 342 char *ip_str, 343 int network_transport) 344{ 345 struct sockaddr_in *sock_in; 346 struct sockaddr_in6 *sock_in6; 347 struct iscsi_np *np; 348 int ret; 349 /* 350 * Locate the existing struct iscsi_np if already active.. 351 */ 352 np = iscsit_get_np(sockaddr, network_transport); 353 if (np) 354 return np; 355 356 np = kzalloc(sizeof(struct iscsi_np), GFP_KERNEL); 357 if (!np) { 358 pr_err("Unable to allocate memory for struct iscsi_np\n"); 359 return ERR_PTR(-ENOMEM); 360 } 361 362 np->np_flags |= NPF_IP_NETWORK; 363 if (sockaddr->ss_family == AF_INET6) { 364 sock_in6 = (struct sockaddr_in6 *)sockaddr; 365 snprintf(np->np_ip, IPV6_ADDRESS_SPACE, "%s", ip_str); 366 np->np_port = ntohs(sock_in6->sin6_port); 367 } else { 368 sock_in = (struct sockaddr_in *)sockaddr; 369 sprintf(np->np_ip, "%s", ip_str); 370 np->np_port = ntohs(sock_in->sin_port); 371 } 372 373 np->np_network_transport = network_transport; 374 spin_lock_init(&np->np_thread_lock); 375 init_completion(&np->np_restart_comp); 376 INIT_LIST_HEAD(&np->np_list); 377 378 ret = iscsi_target_setup_login_socket(np, sockaddr); 379 if (ret != 0) { 380 kfree(np); 381 return ERR_PTR(ret); 382 } 383 384 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np"); 385 if (IS_ERR(np->np_thread)) { 386 pr_err("Unable to create kthread: iscsi_np\n"); 387 ret = PTR_ERR(np->np_thread); 388 kfree(np); 389 return ERR_PTR(ret); 390 } 391 /* 392 * Increment the np_exports reference count now to prevent 393 * iscsit_del_np() below from being run while a new call to 394 * iscsi_tpg_add_network_portal() for a matching iscsi_np is 395 * active. We don't need to hold np->np_thread_lock at this 396 * point because iscsi_np has not been added to g_np_list yet. 397 */ 398 np->np_exports = 1; 399 400 spin_lock_bh(&np_lock); 401 list_add_tail(&np->np_list, &g_np_list); 402 spin_unlock_bh(&np_lock); 403 404 pr_debug("CORE[0] - Added Network Portal: %s:%hu on %s\n", 405 np->np_ip, np->np_port, np->np_transport->name); 406 407 return np; 408} 409 410int iscsit_reset_np_thread( 411 struct iscsi_np *np, 412 struct iscsi_tpg_np *tpg_np, 413 struct iscsi_portal_group *tpg) 414{ 415 spin_lock_bh(&np->np_thread_lock); 416 if (tpg && tpg_np) { 417 /* 418 * The reset operation need only be performed when the 419 * passed struct iscsi_portal_group has a login in progress 420 * to one of the network portals. 421 */ 422 if (tpg_np->tpg_np->np_login_tpg != tpg) { 423 spin_unlock_bh(&np->np_thread_lock); 424 return 0; 425 } 426 } 427 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) { 428 spin_unlock_bh(&np->np_thread_lock); 429 return 0; 430 } 431 np->np_thread_state = ISCSI_NP_THREAD_RESET; 432 433 if (np->np_thread) { 434 spin_unlock_bh(&np->np_thread_lock); 435 send_sig(SIGINT, np->np_thread, 1); 436 wait_for_completion(&np->np_restart_comp); 437 spin_lock_bh(&np->np_thread_lock); 438 } 439 spin_unlock_bh(&np->np_thread_lock); 440 441 return 0; 442} 443 444static void iscsit_free_np(struct iscsi_np *np) 445{ 446 if (np->np_socket) 447 sock_release(np->np_socket); 448} 449 450int iscsit_del_np(struct iscsi_np *np) 451{ 452 spin_lock_bh(&np->np_thread_lock); 453 np->np_exports--; 454 if (np->np_exports) { 455 spin_unlock_bh(&np->np_thread_lock); 456 return 0; 457 } 458 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN; 459 spin_unlock_bh(&np->np_thread_lock); 460 461 if (np->np_thread) { 462 /* 463 * We need to send the signal to wakeup Linux/Net 464 * which may be sleeping in sock_accept().. 465 */ 466 send_sig(SIGINT, np->np_thread, 1); 467 kthread_stop(np->np_thread); 468 } 469 470 np->np_transport->iscsit_free_np(np); 471 472 spin_lock_bh(&np_lock); 473 list_del(&np->np_list); 474 spin_unlock_bh(&np_lock); 475 476 pr_debug("CORE[0] - Removed Network Portal: %s:%hu on %s\n", 477 np->np_ip, np->np_port, np->np_transport->name); 478 479 iscsit_put_transport(np->np_transport); 480 kfree(np); 481 return 0; 482} 483 484static int iscsit_immediate_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 485static int iscsit_response_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 486 487static int iscsit_queue_rsp(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 488{ 489 iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state); 490 return 0; 491} 492 493static struct iscsit_transport iscsi_target_transport = { 494 .name = "iSCSI/TCP", 495 .transport_type = ISCSI_TCP, 496 .owner = NULL, 497 .iscsit_setup_np = iscsit_setup_np, 498 .iscsit_accept_np = iscsit_accept_np, 499 .iscsit_free_np = iscsit_free_np, 500 .iscsit_alloc_cmd = iscsit_alloc_cmd, 501 .iscsit_get_login_rx = iscsit_get_login_rx, 502 .iscsit_put_login_tx = iscsit_put_login_tx, 503 .iscsit_get_dataout = iscsit_build_r2ts_for_cmd, 504 .iscsit_immediate_queue = iscsit_immediate_queue, 505 .iscsit_response_queue = iscsit_response_queue, 506 .iscsit_queue_data_in = iscsit_queue_rsp, 507 .iscsit_queue_status = iscsit_queue_rsp, 508}; 509 510static int __init iscsi_target_init_module(void) 511{ 512 int ret = 0; 513 514 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n"); 515 516 iscsit_global = kzalloc(sizeof(struct iscsit_global), GFP_KERNEL); 517 if (!iscsit_global) { 518 pr_err("Unable to allocate memory for iscsit_global\n"); 519 return -1; 520 } 521 mutex_init(&auth_id_lock); 522 spin_lock_init(&sess_idr_lock); 523 idr_init(&tiqn_idr); 524 idr_init(&sess_idr); 525 526 ret = iscsi_target_register_configfs(); 527 if (ret < 0) 528 goto out; 529 530 ret = iscsi_thread_set_init(); 531 if (ret < 0) 532 goto configfs_out; 533 534 if (iscsi_allocate_thread_sets(TARGET_THREAD_SET_COUNT) != 535 TARGET_THREAD_SET_COUNT) { 536 pr_err("iscsi_allocate_thread_sets() returned" 537 " unexpected value!\n"); 538 goto ts_out1; 539 } 540 541 lio_cmd_cache = kmem_cache_create("lio_cmd_cache", 542 sizeof(struct iscsi_cmd), __alignof__(struct iscsi_cmd), 543 0, NULL); 544 if (!lio_cmd_cache) { 545 pr_err("Unable to kmem_cache_create() for" 546 " lio_cmd_cache\n"); 547 goto ts_out2; 548 } 549 550 lio_qr_cache = kmem_cache_create("lio_qr_cache", 551 sizeof(struct iscsi_queue_req), 552 __alignof__(struct iscsi_queue_req), 0, NULL); 553 if (!lio_qr_cache) { 554 pr_err("nable to kmem_cache_create() for" 555 " lio_qr_cache\n"); 556 goto cmd_out; 557 } 558 559 lio_dr_cache = kmem_cache_create("lio_dr_cache", 560 sizeof(struct iscsi_datain_req), 561 __alignof__(struct iscsi_datain_req), 0, NULL); 562 if (!lio_dr_cache) { 563 pr_err("Unable to kmem_cache_create() for" 564 " lio_dr_cache\n"); 565 goto qr_out; 566 } 567 568 lio_ooo_cache = kmem_cache_create("lio_ooo_cache", 569 sizeof(struct iscsi_ooo_cmdsn), 570 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL); 571 if (!lio_ooo_cache) { 572 pr_err("Unable to kmem_cache_create() for" 573 " lio_ooo_cache\n"); 574 goto dr_out; 575 } 576 577 lio_r2t_cache = kmem_cache_create("lio_r2t_cache", 578 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t), 579 0, NULL); 580 if (!lio_r2t_cache) { 581 pr_err("Unable to kmem_cache_create() for" 582 " lio_r2t_cache\n"); 583 goto ooo_out; 584 } 585 586 iscsit_register_transport(&iscsi_target_transport); 587 588 if (iscsit_load_discovery_tpg() < 0) 589 goto r2t_out; 590 591 return ret; 592r2t_out: 593 kmem_cache_destroy(lio_r2t_cache); 594ooo_out: 595 kmem_cache_destroy(lio_ooo_cache); 596dr_out: 597 kmem_cache_destroy(lio_dr_cache); 598qr_out: 599 kmem_cache_destroy(lio_qr_cache); 600cmd_out: 601 kmem_cache_destroy(lio_cmd_cache); 602ts_out2: 603 iscsi_deallocate_thread_sets(); 604ts_out1: 605 iscsi_thread_set_free(); 606configfs_out: 607 iscsi_target_deregister_configfs(); 608out: 609 kfree(iscsit_global); 610 return -ENOMEM; 611} 612 613static void __exit iscsi_target_cleanup_module(void) 614{ 615 iscsi_deallocate_thread_sets(); 616 iscsi_thread_set_free(); 617 iscsit_release_discovery_tpg(); 618 iscsit_unregister_transport(&iscsi_target_transport); 619 kmem_cache_destroy(lio_cmd_cache); 620 kmem_cache_destroy(lio_qr_cache); 621 kmem_cache_destroy(lio_dr_cache); 622 kmem_cache_destroy(lio_ooo_cache); 623 kmem_cache_destroy(lio_r2t_cache); 624 625 iscsi_target_deregister_configfs(); 626 627 kfree(iscsit_global); 628} 629 630static int iscsit_add_reject( 631 struct iscsi_conn *conn, 632 u8 reason, 633 unsigned char *buf) 634{ 635 struct iscsi_cmd *cmd; 636 637 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 638 if (!cmd) 639 return -1; 640 641 cmd->iscsi_opcode = ISCSI_OP_REJECT; 642 cmd->reject_reason = reason; 643 644 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 645 if (!cmd->buf_ptr) { 646 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 647 iscsit_free_cmd(cmd, false); 648 return -1; 649 } 650 651 spin_lock_bh(&conn->cmd_lock); 652 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 653 spin_unlock_bh(&conn->cmd_lock); 654 655 cmd->i_state = ISTATE_SEND_REJECT; 656 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 657 658 return -1; 659} 660 661static int iscsit_add_reject_from_cmd( 662 struct iscsi_cmd *cmd, 663 u8 reason, 664 bool add_to_conn, 665 unsigned char *buf) 666{ 667 struct iscsi_conn *conn; 668 669 if (!cmd->conn) { 670 pr_err("cmd->conn is NULL for ITT: 0x%08x\n", 671 cmd->init_task_tag); 672 return -1; 673 } 674 conn = cmd->conn; 675 676 cmd->iscsi_opcode = ISCSI_OP_REJECT; 677 cmd->reject_reason = reason; 678 679 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 680 if (!cmd->buf_ptr) { 681 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 682 iscsit_free_cmd(cmd, false); 683 return -1; 684 } 685 686 if (add_to_conn) { 687 spin_lock_bh(&conn->cmd_lock); 688 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 689 spin_unlock_bh(&conn->cmd_lock); 690 } 691 692 cmd->i_state = ISTATE_SEND_REJECT; 693 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 694 /* 695 * Perform the kref_put now if se_cmd has already been setup by 696 * scsit_setup_scsi_cmd() 697 */ 698 if (cmd->se_cmd.se_tfo != NULL) { 699 pr_debug("iscsi reject: calling target_put_sess_cmd >>>>>>\n"); 700 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 701 } 702 return -1; 703} 704 705static int iscsit_add_reject_cmd(struct iscsi_cmd *cmd, u8 reason, 706 unsigned char *buf) 707{ 708 return iscsit_add_reject_from_cmd(cmd, reason, true, buf); 709} 710 711int iscsit_reject_cmd(struct iscsi_cmd *cmd, u8 reason, unsigned char *buf) 712{ 713 return iscsit_add_reject_from_cmd(cmd, reason, false, buf); 714} 715 716/* 717 * Map some portion of the allocated scatterlist to an iovec, suitable for 718 * kernel sockets to copy data in/out. 719 */ 720static int iscsit_map_iovec( 721 struct iscsi_cmd *cmd, 722 struct kvec *iov, 723 u32 data_offset, 724 u32 data_length) 725{ 726 u32 i = 0; 727 struct scatterlist *sg; 728 unsigned int page_off; 729 730 /* 731 * We know each entry in t_data_sg contains a page. 732 */ 733 sg = &cmd->se_cmd.t_data_sg[data_offset / PAGE_SIZE]; 734 page_off = (data_offset % PAGE_SIZE); 735 736 cmd->first_data_sg = sg; 737 cmd->first_data_sg_off = page_off; 738 739 while (data_length) { 740 u32 cur_len = min_t(u32, data_length, sg->length - page_off); 741 742 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off; 743 iov[i].iov_len = cur_len; 744 745 data_length -= cur_len; 746 page_off = 0; 747 sg = sg_next(sg); 748 i++; 749 } 750 751 cmd->kmapped_nents = i; 752 753 return i; 754} 755 756static void iscsit_unmap_iovec(struct iscsi_cmd *cmd) 757{ 758 u32 i; 759 struct scatterlist *sg; 760 761 sg = cmd->first_data_sg; 762 763 for (i = 0; i < cmd->kmapped_nents; i++) 764 kunmap(sg_page(&sg[i])); 765} 766 767static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn) 768{ 769 struct iscsi_cmd *cmd; 770 771 conn->exp_statsn = exp_statsn; 772 773 if (conn->sess->sess_ops->RDMAExtensions) 774 return; 775 776 spin_lock_bh(&conn->cmd_lock); 777 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) { 778 spin_lock(&cmd->istate_lock); 779 if ((cmd->i_state == ISTATE_SENT_STATUS) && 780 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) { 781 cmd->i_state = ISTATE_REMOVE; 782 spin_unlock(&cmd->istate_lock); 783 iscsit_add_cmd_to_immediate_queue(cmd, conn, 784 cmd->i_state); 785 continue; 786 } 787 spin_unlock(&cmd->istate_lock); 788 } 789 spin_unlock_bh(&conn->cmd_lock); 790} 791 792static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd) 793{ 794 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE)); 795 796 iov_count += ISCSI_IOV_DATA_BUFFER; 797 798 cmd->iov_data = kzalloc(iov_count * sizeof(struct kvec), GFP_KERNEL); 799 if (!cmd->iov_data) { 800 pr_err("Unable to allocate cmd->iov_data\n"); 801 return -ENOMEM; 802 } 803 804 cmd->orig_iov_data_count = iov_count; 805 return 0; 806} 807 808int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 809 unsigned char *buf) 810{ 811 int data_direction, payload_length; 812 struct iscsi_scsi_req *hdr; 813 int iscsi_task_attr; 814 int sam_task_attr; 815 816 spin_lock_bh(&conn->sess->session_stats_lock); 817 conn->sess->cmd_pdus++; 818 if (conn->sess->se_sess->se_node_acl) { 819 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock); 820 conn->sess->se_sess->se_node_acl->num_cmds++; 821 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock); 822 } 823 spin_unlock_bh(&conn->sess->session_stats_lock); 824 825 hdr = (struct iscsi_scsi_req *) buf; 826 payload_length = ntoh24(hdr->dlength); 827 828 /* FIXME; Add checks for AdditionalHeaderSegment */ 829 830 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) && 831 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 832 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL" 833 " not set. Bad iSCSI Initiator.\n"); 834 return iscsit_add_reject_cmd(cmd, 835 ISCSI_REASON_BOOKMARK_INVALID, buf); 836 } 837 838 if (((hdr->flags & ISCSI_FLAG_CMD_READ) || 839 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { 840 /* 841 * Vmware ESX v3.0 uses a modified Cisco Initiator (v3.4.2) 842 * that adds support for RESERVE/RELEASE. There is a bug 843 * add with this new functionality that sets R/W bits when 844 * neither CDB carries any READ or WRITE datapayloads. 845 */ 846 if ((hdr->cdb[0] == 0x16) || (hdr->cdb[0] == 0x17)) { 847 hdr->flags &= ~ISCSI_FLAG_CMD_READ; 848 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; 849 goto done; 850 } 851 852 pr_err("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" 853 " set when Expected Data Transfer Length is 0 for" 854 " CDB: 0x%02x. Bad iSCSI Initiator.\n", hdr->cdb[0]); 855 return iscsit_add_reject_cmd(cmd, 856 ISCSI_REASON_BOOKMARK_INVALID, buf); 857 } 858done: 859 860 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && 861 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { 862 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE" 863 " MUST be set if Expected Data Transfer Length is not 0." 864 " Bad iSCSI Initiator\n"); 865 return iscsit_add_reject_cmd(cmd, 866 ISCSI_REASON_BOOKMARK_INVALID, buf); 867 } 868 869 if ((hdr->flags & ISCSI_FLAG_CMD_READ) && 870 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) { 871 pr_err("Bidirectional operations not supported!\n"); 872 return iscsit_add_reject_cmd(cmd, 873 ISCSI_REASON_BOOKMARK_INVALID, buf); 874 } 875 876 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 877 pr_err("Illegally set Immediate Bit in iSCSI Initiator" 878 " Scsi Command PDU.\n"); 879 return iscsit_add_reject_cmd(cmd, 880 ISCSI_REASON_BOOKMARK_INVALID, buf); 881 } 882 883 if (payload_length && !conn->sess->sess_ops->ImmediateData) { 884 pr_err("ImmediateData=No but DataSegmentLength=%u," 885 " protocol error.\n", payload_length); 886 return iscsit_add_reject_cmd(cmd, 887 ISCSI_REASON_PROTOCOL_ERROR, buf); 888 } 889 890 if ((be32_to_cpu(hdr->data_length) == payload_length) && 891 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) { 892 pr_err("Expected Data Transfer Length and Length of" 893 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL" 894 " bit is not set protocol error\n"); 895 return iscsit_add_reject_cmd(cmd, 896 ISCSI_REASON_PROTOCOL_ERROR, buf); 897 } 898 899 if (payload_length > be32_to_cpu(hdr->data_length)) { 900 pr_err("DataSegmentLength: %u is greater than" 901 " EDTL: %u, protocol error.\n", payload_length, 902 hdr->data_length); 903 return iscsit_add_reject_cmd(cmd, 904 ISCSI_REASON_PROTOCOL_ERROR, buf); 905 } 906 907 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 908 pr_err("DataSegmentLength: %u is greater than" 909 " MaxXmitDataSegmentLength: %u, protocol error.\n", 910 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 911 return iscsit_add_reject_cmd(cmd, 912 ISCSI_REASON_PROTOCOL_ERROR, buf); 913 } 914 915 if (payload_length > conn->sess->sess_ops->FirstBurstLength) { 916 pr_err("DataSegmentLength: %u is greater than" 917 " FirstBurstLength: %u, protocol error.\n", 918 payload_length, conn->sess->sess_ops->FirstBurstLength); 919 return iscsit_add_reject_cmd(cmd, 920 ISCSI_REASON_BOOKMARK_INVALID, buf); 921 } 922 923 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE : 924 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE : 925 DMA_NONE; 926 927 cmd->data_direction = data_direction; 928 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK; 929 /* 930 * Figure out the SAM Task Attribute for the incoming SCSI CDB 931 */ 932 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) || 933 (iscsi_task_attr == ISCSI_ATTR_SIMPLE)) 934 sam_task_attr = MSG_SIMPLE_TAG; 935 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED) 936 sam_task_attr = MSG_ORDERED_TAG; 937 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE) 938 sam_task_attr = MSG_HEAD_TAG; 939 else if (iscsi_task_attr == ISCSI_ATTR_ACA) 940 sam_task_attr = MSG_ACA_TAG; 941 else { 942 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using" 943 " MSG_SIMPLE_TAG\n", iscsi_task_attr); 944 sam_task_attr = MSG_SIMPLE_TAG; 945 } 946 947 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD; 948 cmd->i_state = ISTATE_NEW_CMD; 949 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 950 cmd->immediate_data = (payload_length) ? 1 : 0; 951 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) && 952 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0); 953 if (cmd->unsolicited_data) 954 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA; 955 956 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 957 if (hdr->flags & ISCSI_FLAG_CMD_READ) { 958 spin_lock_bh(&conn->sess->ttt_lock); 959 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++; 960 if (cmd->targ_xfer_tag == 0xFFFFFFFF) 961 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++; 962 spin_unlock_bh(&conn->sess->ttt_lock); 963 } else if (hdr->flags & ISCSI_FLAG_CMD_WRITE) 964 cmd->targ_xfer_tag = 0xFFFFFFFF; 965 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 966 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 967 cmd->first_burst_len = payload_length; 968 969 if (!conn->sess->sess_ops->RDMAExtensions && 970 cmd->data_direction == DMA_FROM_DEVICE) { 971 struct iscsi_datain_req *dr; 972 973 dr = iscsit_allocate_datain_req(); 974 if (!dr) 975 return iscsit_add_reject_cmd(cmd, 976 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 977 978 iscsit_attach_datain_req(cmd, dr); 979 } 980 981 /* 982 * Initialize struct se_cmd descriptor from target_core_mod infrastructure 983 */ 984 transport_init_se_cmd(&cmd->se_cmd, &lio_target_fabric_configfs->tf_ops, 985 conn->sess->se_sess, be32_to_cpu(hdr->data_length), 986 cmd->data_direction, sam_task_attr, 987 cmd->sense_buffer + 2); 988 989 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x," 990 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt, 991 hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length, 992 conn->cid); 993 994 target_get_sess_cmd(conn->sess->se_sess, &cmd->se_cmd, true); 995 996 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd, 997 scsilun_to_int(&hdr->lun)); 998 if (cmd->sense_reason) 999 goto attach_cmd; 1000 1001 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb); 1002 if (cmd->sense_reason) { 1003 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) { 1004 return iscsit_add_reject_cmd(cmd, 1005 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1006 } 1007 1008 goto attach_cmd; 1009 } 1010 1011 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) { 1012 return iscsit_add_reject_cmd(cmd, 1013 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1014 } 1015 1016attach_cmd: 1017 spin_lock_bh(&conn->cmd_lock); 1018 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1019 spin_unlock_bh(&conn->cmd_lock); 1020 /* 1021 * Check if we need to delay processing because of ALUA 1022 * Active/NonOptimized primary access state.. 1023 */ 1024 core_alua_check_nonop_delay(&cmd->se_cmd); 1025 1026 return 0; 1027} 1028EXPORT_SYMBOL(iscsit_setup_scsi_cmd); 1029 1030void iscsit_set_unsoliticed_dataout(struct iscsi_cmd *cmd) 1031{ 1032 iscsit_set_dataout_sequence_values(cmd); 1033 1034 spin_lock_bh(&cmd->dataout_timeout_lock); 1035 iscsit_start_dataout_timer(cmd, cmd->conn); 1036 spin_unlock_bh(&cmd->dataout_timeout_lock); 1037} 1038EXPORT_SYMBOL(iscsit_set_unsoliticed_dataout); 1039 1040int iscsit_process_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1041 struct iscsi_scsi_req *hdr) 1042{ 1043 int cmdsn_ret = 0; 1044 /* 1045 * Check the CmdSN against ExpCmdSN/MaxCmdSN here if 1046 * the Immediate Bit is not set, and no Immediate 1047 * Data is attached. 1048 * 1049 * A PDU/CmdSN carrying Immediate Data can only 1050 * be processed after the DataCRC has passed. 1051 * If the DataCRC fails, the CmdSN MUST NOT 1052 * be acknowledged. (See below) 1053 */ 1054 if (!cmd->immediate_data) { 1055 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1056 (unsigned char *)hdr, hdr->cmdsn); 1057 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1058 return -1; 1059 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1060 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1061 return 0; 1062 } 1063 } 1064 1065 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1066 1067 /* 1068 * If no Immediate Data is attached, it's OK to return now. 1069 */ 1070 if (!cmd->immediate_data) { 1071 if (!cmd->sense_reason && cmd->unsolicited_data) 1072 iscsit_set_unsoliticed_dataout(cmd); 1073 if (!cmd->sense_reason) 1074 return 0; 1075 1076 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1077 return 0; 1078 } 1079 1080 /* 1081 * Early CHECK_CONDITIONs with ImmediateData never make it to command 1082 * execution. These exceptions are processed in CmdSN order using 1083 * iscsit_check_received_cmdsn() in iscsit_get_immediate_data() below. 1084 */ 1085 if (cmd->sense_reason) { 1086 if (cmd->reject_reason) 1087 return 0; 1088 1089 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1090 return 1; 1091 } 1092 /* 1093 * Call directly into transport_generic_new_cmd() to perform 1094 * the backend memory allocation. 1095 */ 1096 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd); 1097 if (cmd->sense_reason) 1098 return 1; 1099 1100 return 0; 1101} 1102EXPORT_SYMBOL(iscsit_process_scsi_cmd); 1103 1104static int 1105iscsit_get_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr, 1106 bool dump_payload) 1107{ 1108 struct iscsi_conn *conn = cmd->conn; 1109 int cmdsn_ret = 0, immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION; 1110 /* 1111 * Special case for Unsupported SAM WRITE Opcodes and ImmediateData=Yes. 1112 */ 1113 if (dump_payload == true) 1114 goto after_immediate_data; 1115 1116 immed_ret = iscsit_handle_immediate_data(cmd, hdr, 1117 cmd->first_burst_len); 1118after_immediate_data: 1119 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) { 1120 /* 1121 * A PDU/CmdSN carrying Immediate Data passed 1122 * DataCRC, check against ExpCmdSN/MaxCmdSN if 1123 * Immediate Bit is not set. 1124 */ 1125 cmdsn_ret = iscsit_sequence_cmd(cmd->conn, cmd, 1126 (unsigned char *)hdr, hdr->cmdsn); 1127 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) { 1128 return -1; 1129 } else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1130 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1131 return 0; 1132 } 1133 1134 if (cmd->sense_reason) { 1135 int rc; 1136 1137 rc = iscsit_dump_data_payload(cmd->conn, 1138 cmd->first_burst_len, 1); 1139 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1140 return rc; 1141 } else if (cmd->unsolicited_data) 1142 iscsit_set_unsoliticed_dataout(cmd); 1143 1144 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) { 1145 /* 1146 * Immediate Data failed DataCRC and ERL>=1, 1147 * silently drop this PDU and let the initiator 1148 * plug the CmdSN gap. 1149 * 1150 * FIXME: Send Unsolicited NOPIN with reserved 1151 * TTT here to help the initiator figure out 1152 * the missing CmdSN, although they should be 1153 * intelligent enough to determine the missing 1154 * CmdSN and issue a retry to plug the sequence. 1155 */ 1156 cmd->i_state = ISTATE_REMOVE; 1157 iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, cmd->i_state); 1158 } else /* immed_ret == IMMEDIATE_DATA_CANNOT_RECOVER */ 1159 return -1; 1160 1161 return 0; 1162} 1163 1164static int 1165iscsit_handle_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1166 unsigned char *buf) 1167{ 1168 struct iscsi_scsi_req *hdr = (struct iscsi_scsi_req *)buf; 1169 int rc, immed_data; 1170 bool dump_payload = false; 1171 1172 rc = iscsit_setup_scsi_cmd(conn, cmd, buf); 1173 if (rc < 0) 1174 return 0; 1175 /* 1176 * Allocation iovecs needed for struct socket operations for 1177 * traditional iSCSI block I/O. 1178 */ 1179 if (iscsit_allocate_iovecs(cmd) < 0) { 1180 return iscsit_add_reject_cmd(cmd, 1181 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1182 } 1183 immed_data = cmd->immediate_data; 1184 1185 rc = iscsit_process_scsi_cmd(conn, cmd, hdr); 1186 if (rc < 0) 1187 return rc; 1188 else if (rc > 0) 1189 dump_payload = true; 1190 1191 if (!immed_data) 1192 return 0; 1193 1194 return iscsit_get_immediate_data(cmd, hdr, dump_payload); 1195} 1196 1197static u32 iscsit_do_crypto_hash_sg( 1198 struct hash_desc *hash, 1199 struct iscsi_cmd *cmd, 1200 u32 data_offset, 1201 u32 data_length, 1202 u32 padding, 1203 u8 *pad_bytes) 1204{ 1205 u32 data_crc; 1206 u32 i; 1207 struct scatterlist *sg; 1208 unsigned int page_off; 1209 1210 crypto_hash_init(hash); 1211 1212 sg = cmd->first_data_sg; 1213 page_off = cmd->first_data_sg_off; 1214 1215 i = 0; 1216 while (data_length) { 1217 u32 cur_len = min_t(u32, data_length, (sg[i].length - page_off)); 1218 1219 crypto_hash_update(hash, &sg[i], cur_len); 1220 1221 data_length -= cur_len; 1222 page_off = 0; 1223 i++; 1224 } 1225 1226 if (padding) { 1227 struct scatterlist pad_sg; 1228 1229 sg_init_one(&pad_sg, pad_bytes, padding); 1230 crypto_hash_update(hash, &pad_sg, padding); 1231 } 1232 crypto_hash_final(hash, (u8 *) &data_crc); 1233 1234 return data_crc; 1235} 1236 1237static void iscsit_do_crypto_hash_buf( 1238 struct hash_desc *hash, 1239 const void *buf, 1240 u32 payload_length, 1241 u32 padding, 1242 u8 *pad_bytes, 1243 u8 *data_crc) 1244{ 1245 struct scatterlist sg; 1246 1247 crypto_hash_init(hash); 1248 1249 sg_init_one(&sg, buf, payload_length); 1250 crypto_hash_update(hash, &sg, payload_length); 1251 1252 if (padding) { 1253 sg_init_one(&sg, pad_bytes, padding); 1254 crypto_hash_update(hash, &sg, padding); 1255 } 1256 crypto_hash_final(hash, data_crc); 1257} 1258 1259int 1260iscsit_check_dataout_hdr(struct iscsi_conn *conn, unsigned char *buf, 1261 struct iscsi_cmd **out_cmd) 1262{ 1263 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1264 struct iscsi_cmd *cmd = NULL; 1265 struct se_cmd *se_cmd; 1266 u32 payload_length = ntoh24(hdr->dlength); 1267 int rc; 1268 1269 if (!payload_length) { 1270 pr_err("DataOUT payload is ZERO, protocol error.\n"); 1271 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1272 buf); 1273 } 1274 1275 /* iSCSI write */ 1276 spin_lock_bh(&conn->sess->session_stats_lock); 1277 conn->sess->rx_data_octets += payload_length; 1278 if (conn->sess->se_sess->se_node_acl) { 1279 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock); 1280 conn->sess->se_sess->se_node_acl->write_bytes += payload_length; 1281 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock); 1282 } 1283 spin_unlock_bh(&conn->sess->session_stats_lock); 1284 1285 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1286 pr_err("DataSegmentLength: %u is greater than" 1287 " MaxXmitDataSegmentLength: %u\n", payload_length, 1288 conn->conn_ops->MaxXmitDataSegmentLength); 1289 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1290 buf); 1291 } 1292 1293 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt, 1294 payload_length); 1295 if (!cmd) 1296 return 0; 1297 1298 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x," 1299 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 1300 hdr->itt, hdr->ttt, hdr->datasn, ntohl(hdr->offset), 1301 payload_length, conn->cid); 1302 1303 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) { 1304 pr_err("Command ITT: 0x%08x received DataOUT after" 1305 " last DataOUT received, dumping payload\n", 1306 cmd->init_task_tag); 1307 return iscsit_dump_data_payload(conn, payload_length, 1); 1308 } 1309 1310 if (cmd->data_direction != DMA_TO_DEVICE) { 1311 pr_err("Command ITT: 0x%08x received DataOUT for a" 1312 " NON-WRITE command.\n", cmd->init_task_tag); 1313 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 1314 } 1315 se_cmd = &cmd->se_cmd; 1316 iscsit_mod_dataout_timer(cmd); 1317 1318 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) { 1319 pr_err("DataOut Offset: %u, Length %u greater than" 1320 " iSCSI Command EDTL %u, protocol error.\n", 1321 hdr->offset, payload_length, cmd->se_cmd.data_length); 1322 return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID, buf); 1323 } 1324 1325 if (cmd->unsolicited_data) { 1326 int dump_unsolicited_data = 0; 1327 1328 if (conn->sess->sess_ops->InitialR2T) { 1329 pr_err("Received unexpected unsolicited data" 1330 " while InitialR2T=Yes, protocol error.\n"); 1331 transport_send_check_condition_and_sense(&cmd->se_cmd, 1332 TCM_UNEXPECTED_UNSOLICITED_DATA, 0); 1333 return -1; 1334 } 1335 /* 1336 * Special case for dealing with Unsolicited DataOUT 1337 * and Unsupported SAM WRITE Opcodes and SE resource allocation 1338 * failures; 1339 */ 1340 1341 /* Something's amiss if we're not in WRITE_PENDING state... */ 1342 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING); 1343 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE)) 1344 dump_unsolicited_data = 1; 1345 1346 if (dump_unsolicited_data) { 1347 /* 1348 * Check if a delayed TASK_ABORTED status needs to 1349 * be sent now if the ISCSI_FLAG_CMD_FINAL has been 1350 * received with the unsolicitied data out. 1351 */ 1352 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1353 iscsit_stop_dataout_timer(cmd); 1354 1355 transport_check_aborted_status(se_cmd, 1356 (hdr->flags & ISCSI_FLAG_CMD_FINAL)); 1357 return iscsit_dump_data_payload(conn, payload_length, 1); 1358 } 1359 } else { 1360 /* 1361 * For the normal solicited data path: 1362 * 1363 * Check for a delayed TASK_ABORTED status and dump any 1364 * incoming data out payload if one exists. Also, when the 1365 * ISCSI_FLAG_CMD_FINAL is set to denote the end of the current 1366 * data out sequence, we decrement outstanding_r2ts. Once 1367 * outstanding_r2ts reaches zero, go ahead and send the delayed 1368 * TASK_ABORTED status. 1369 */ 1370 if (se_cmd->transport_state & CMD_T_ABORTED) { 1371 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1372 if (--cmd->outstanding_r2ts < 1) { 1373 iscsit_stop_dataout_timer(cmd); 1374 transport_check_aborted_status( 1375 se_cmd, 1); 1376 } 1377 1378 return iscsit_dump_data_payload(conn, payload_length, 1); 1379 } 1380 } 1381 /* 1382 * Preform DataSN, DataSequenceInOrder, DataPDUInOrder, and 1383 * within-command recovery checks before receiving the payload. 1384 */ 1385 rc = iscsit_check_pre_dataout(cmd, buf); 1386 if (rc == DATAOUT_WITHIN_COMMAND_RECOVERY) 1387 return 0; 1388 else if (rc == DATAOUT_CANNOT_RECOVER) 1389 return -1; 1390 1391 *out_cmd = cmd; 1392 return 0; 1393} 1394EXPORT_SYMBOL(iscsit_check_dataout_hdr); 1395 1396static int 1397iscsit_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1398 struct iscsi_data *hdr) 1399{ 1400 struct kvec *iov; 1401 u32 checksum, iov_count = 0, padding = 0, rx_got = 0, rx_size = 0; 1402 u32 payload_length = ntoh24(hdr->dlength); 1403 int iov_ret, data_crc_failed = 0; 1404 1405 rx_size += payload_length; 1406 iov = &cmd->iov_data[0]; 1407 1408 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset), 1409 payload_length); 1410 if (iov_ret < 0) 1411 return -1; 1412 1413 iov_count += iov_ret; 1414 1415 padding = ((-payload_length) & 3); 1416 if (padding != 0) { 1417 iov[iov_count].iov_base = cmd->pad_bytes; 1418 iov[iov_count++].iov_len = padding; 1419 rx_size += padding; 1420 pr_debug("Receiving %u padding bytes.\n", padding); 1421 } 1422 1423 if (conn->conn_ops->DataDigest) { 1424 iov[iov_count].iov_base = &checksum; 1425 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 1426 rx_size += ISCSI_CRC_LEN; 1427 } 1428 1429 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 1430 1431 iscsit_unmap_iovec(cmd); 1432 1433 if (rx_got != rx_size) 1434 return -1; 1435 1436 if (conn->conn_ops->DataDigest) { 1437 u32 data_crc; 1438 1439 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd, 1440 be32_to_cpu(hdr->offset), 1441 payload_length, padding, 1442 cmd->pad_bytes); 1443 1444 if (checksum != data_crc) { 1445 pr_err("ITT: 0x%08x, Offset: %u, Length: %u," 1446 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x" 1447 " does not match computed 0x%08x\n", 1448 hdr->itt, hdr->offset, payload_length, 1449 hdr->datasn, checksum, data_crc); 1450 data_crc_failed = 1; 1451 } else { 1452 pr_debug("Got CRC32C DataDigest 0x%08x for" 1453 " %u bytes of Data Out\n", checksum, 1454 payload_length); 1455 } 1456 } 1457 1458 return data_crc_failed; 1459} 1460 1461int 1462iscsit_check_dataout_payload(struct iscsi_cmd *cmd, struct iscsi_data *hdr, 1463 bool data_crc_failed) 1464{ 1465 struct iscsi_conn *conn = cmd->conn; 1466 int rc, ooo_cmdsn; 1467 /* 1468 * Increment post receive data and CRC values or perform 1469 * within-command recovery. 1470 */ 1471 rc = iscsit_check_post_dataout(cmd, (unsigned char *)hdr, data_crc_failed); 1472 if ((rc == DATAOUT_NORMAL) || (rc == DATAOUT_WITHIN_COMMAND_RECOVERY)) 1473 return 0; 1474 else if (rc == DATAOUT_SEND_R2T) { 1475 iscsit_set_dataout_sequence_values(cmd); 1476 conn->conn_transport->iscsit_get_dataout(conn, cmd, false); 1477 } else if (rc == DATAOUT_SEND_TO_TRANSPORT) { 1478 /* 1479 * Handle extra special case for out of order 1480 * Unsolicited Data Out. 1481 */ 1482 spin_lock_bh(&cmd->istate_lock); 1483 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN); 1484 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 1485 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 1486 spin_unlock_bh(&cmd->istate_lock); 1487 1488 iscsit_stop_dataout_timer(cmd); 1489 if (ooo_cmdsn) 1490 return 0; 1491 target_execute_cmd(&cmd->se_cmd); 1492 return 0; 1493 } else /* DATAOUT_CANNOT_RECOVER */ 1494 return -1; 1495 1496 return 0; 1497} 1498EXPORT_SYMBOL(iscsit_check_dataout_payload); 1499 1500static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) 1501{ 1502 struct iscsi_cmd *cmd; 1503 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1504 int rc; 1505 bool data_crc_failed = false; 1506 1507 rc = iscsit_check_dataout_hdr(conn, buf, &cmd); 1508 if (rc < 0) 1509 return 0; 1510 else if (!cmd) 1511 return 0; 1512 1513 rc = iscsit_get_dataout(conn, cmd, hdr); 1514 if (rc < 0) 1515 return rc; 1516 else if (rc > 0) 1517 data_crc_failed = true; 1518 1519 return iscsit_check_dataout_payload(cmd, hdr, data_crc_failed); 1520} 1521 1522int iscsit_setup_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1523 struct iscsi_nopout *hdr) 1524{ 1525 u32 payload_length = ntoh24(hdr->dlength); 1526 1527 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1528 pr_err("NOPOUT ITT is reserved, but Immediate Bit is" 1529 " not set, protocol error.\n"); 1530 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1531 (unsigned char *)hdr); 1532 } 1533 1534 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1535 pr_err("NOPOUT Ping Data DataSegmentLength: %u is" 1536 " greater than MaxXmitDataSegmentLength: %u, protocol" 1537 " error.\n", payload_length, 1538 conn->conn_ops->MaxXmitDataSegmentLength); 1539 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1540 (unsigned char *)hdr); 1541 } 1542 1543 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%08x," 1544 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n", 1545 hdr->itt == RESERVED_ITT ? "Response" : "Request", 1546 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn, 1547 payload_length); 1548 /* 1549 * This is not a response to a Unsolicited NopIN, which means 1550 * it can either be a NOPOUT ping request (with a valid ITT), 1551 * or a NOPOUT not requesting a NOPIN (with a reserved ITT). 1552 * Either way, make sure we allocate an struct iscsi_cmd, as both 1553 * can contain ping data. 1554 */ 1555 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1556 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT; 1557 cmd->i_state = ISTATE_SEND_NOPIN; 1558 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1559 1 : 0); 1560 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1561 cmd->targ_xfer_tag = 0xFFFFFFFF; 1562 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1563 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1564 cmd->data_direction = DMA_NONE; 1565 } 1566 1567 return 0; 1568} 1569EXPORT_SYMBOL(iscsit_setup_nop_out); 1570 1571int iscsit_process_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1572 struct iscsi_nopout *hdr) 1573{ 1574 struct iscsi_cmd *cmd_p = NULL; 1575 int cmdsn_ret = 0; 1576 /* 1577 * Initiator is expecting a NopIN ping reply.. 1578 */ 1579 if (hdr->itt != RESERVED_ITT) { 1580 BUG_ON(!cmd); 1581 1582 spin_lock_bh(&conn->cmd_lock); 1583 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1584 spin_unlock_bh(&conn->cmd_lock); 1585 1586 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1587 1588 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 1589 iscsit_add_cmd_to_response_queue(cmd, conn, 1590 cmd->i_state); 1591 return 0; 1592 } 1593 1594 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1595 (unsigned char *)hdr, hdr->cmdsn); 1596 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1597 return 0; 1598 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1599 return -1; 1600 1601 return 0; 1602 } 1603 /* 1604 * This was a response to a unsolicited NOPIN ping. 1605 */ 1606 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 1607 cmd_p = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt)); 1608 if (!cmd_p) 1609 return -EINVAL; 1610 1611 iscsit_stop_nopin_response_timer(conn); 1612 1613 cmd_p->i_state = ISTATE_REMOVE; 1614 iscsit_add_cmd_to_immediate_queue(cmd_p, conn, cmd_p->i_state); 1615 1616 iscsit_start_nopin_timer(conn); 1617 return 0; 1618 } 1619 /* 1620 * Otherwise, initiator is not expecting a NOPIN is response. 1621 * Just ignore for now. 1622 */ 1623 return 0; 1624} 1625EXPORT_SYMBOL(iscsit_process_nop_out); 1626 1627static int iscsit_handle_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1628 unsigned char *buf) 1629{ 1630 unsigned char *ping_data = NULL; 1631 struct iscsi_nopout *hdr = (struct iscsi_nopout *)buf; 1632 struct kvec *iov = NULL; 1633 u32 payload_length = ntoh24(hdr->dlength); 1634 int ret; 1635 1636 ret = iscsit_setup_nop_out(conn, cmd, hdr); 1637 if (ret < 0) 1638 return 0; 1639 /* 1640 * Handle NOP-OUT payload for traditional iSCSI sockets 1641 */ 1642 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1643 u32 checksum, data_crc, padding = 0; 1644 int niov = 0, rx_got, rx_size = payload_length; 1645 1646 ping_data = kzalloc(payload_length + 1, GFP_KERNEL); 1647 if (!ping_data) { 1648 pr_err("Unable to allocate memory for" 1649 " NOPOUT ping data.\n"); 1650 ret = -1; 1651 goto out; 1652 } 1653 1654 iov = &cmd->iov_misc[0]; 1655 iov[niov].iov_base = ping_data; 1656 iov[niov++].iov_len = payload_length; 1657 1658 padding = ((-payload_length) & 3); 1659 if (padding != 0) { 1660 pr_debug("Receiving %u additional bytes" 1661 " for padding.\n", padding); 1662 iov[niov].iov_base = &cmd->pad_bytes; 1663 iov[niov++].iov_len = padding; 1664 rx_size += padding; 1665 } 1666 if (conn->conn_ops->DataDigest) { 1667 iov[niov].iov_base = &checksum; 1668 iov[niov++].iov_len = ISCSI_CRC_LEN; 1669 rx_size += ISCSI_CRC_LEN; 1670 } 1671 1672 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size); 1673 if (rx_got != rx_size) { 1674 ret = -1; 1675 goto out; 1676 } 1677 1678 if (conn->conn_ops->DataDigest) { 1679 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 1680 ping_data, payload_length, 1681 padding, cmd->pad_bytes, 1682 (u8 *)&data_crc); 1683 1684 if (checksum != data_crc) { 1685 pr_err("Ping data CRC32C DataDigest" 1686 " 0x%08x does not match computed 0x%08x\n", 1687 checksum, data_crc); 1688 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 1689 pr_err("Unable to recover from" 1690 " NOPOUT Ping DataCRC failure while in" 1691 " ERL=0.\n"); 1692 ret = -1; 1693 goto out; 1694 } else { 1695 /* 1696 * Silently drop this PDU and let the 1697 * initiator plug the CmdSN gap. 1698 */ 1699 pr_debug("Dropping NOPOUT" 1700 " Command CmdSN: 0x%08x due to" 1701 " DataCRC error.\n", hdr->cmdsn); 1702 ret = 0; 1703 goto out; 1704 } 1705 } else { 1706 pr_debug("Got CRC32C DataDigest" 1707 " 0x%08x for %u bytes of ping data.\n", 1708 checksum, payload_length); 1709 } 1710 } 1711 1712 ping_data[payload_length] = '\0'; 1713 /* 1714 * Attach ping data to struct iscsi_cmd->buf_ptr. 1715 */ 1716 cmd->buf_ptr = ping_data; 1717 cmd->buf_ptr_size = payload_length; 1718 1719 pr_debug("Got %u bytes of NOPOUT ping" 1720 " data.\n", payload_length); 1721 pr_debug("Ping Data: \"%s\"\n", ping_data); 1722 } 1723 1724 return iscsit_process_nop_out(conn, cmd, hdr); 1725out: 1726 if (cmd) 1727 iscsit_free_cmd(cmd, false); 1728 1729 kfree(ping_data); 1730 return ret; 1731} 1732 1733int 1734iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1735 unsigned char *buf) 1736{ 1737 struct se_tmr_req *se_tmr; 1738 struct iscsi_tmr_req *tmr_req; 1739 struct iscsi_tm *hdr; 1740 int out_of_order_cmdsn = 0, ret; 1741 bool sess_ref = false; 1742 u8 function; 1743 1744 hdr = (struct iscsi_tm *) buf; 1745 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 1746 function = hdr->flags; 1747 1748 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:" 1749 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:" 1750 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function, 1751 hdr->rtt, hdr->refcmdsn, conn->cid); 1752 1753 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1754 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1755 hdr->rtt != RESERVED_ITT)) { 1756 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n"); 1757 hdr->rtt = RESERVED_ITT; 1758 } 1759 1760 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) && 1761 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1762 pr_err("Task Management Request TASK_REASSIGN not" 1763 " issued as immediate command, bad iSCSI Initiator" 1764 "implementation\n"); 1765 return iscsit_add_reject_cmd(cmd, 1766 ISCSI_REASON_PROTOCOL_ERROR, buf); 1767 } 1768 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1769 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG) 1770 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG); 1771 1772 cmd->data_direction = DMA_NONE; 1773 1774 cmd->tmr_req = kzalloc(sizeof(struct iscsi_tmr_req), GFP_KERNEL); 1775 if (!cmd->tmr_req) { 1776 pr_err("Unable to allocate memory for" 1777 " Task Management command!\n"); 1778 return iscsit_add_reject_cmd(cmd, 1779 ISCSI_REASON_BOOKMARK_NO_RESOURCES, 1780 buf); 1781 } 1782 1783 /* 1784 * TASK_REASSIGN for ERL=2 / connection stays inside of 1785 * LIO-Target $FABRIC_MOD 1786 */ 1787 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1788 1789 u8 tcm_function; 1790 int ret; 1791 1792 transport_init_se_cmd(&cmd->se_cmd, 1793 &lio_target_fabric_configfs->tf_ops, 1794 conn->sess->se_sess, 0, DMA_NONE, 1795 MSG_SIMPLE_TAG, cmd->sense_buffer + 2); 1796 1797 target_get_sess_cmd(conn->sess->se_sess, &cmd->se_cmd, true); 1798 sess_ref = true; 1799 1800 switch (function) { 1801 case ISCSI_TM_FUNC_ABORT_TASK: 1802 tcm_function = TMR_ABORT_TASK; 1803 break; 1804 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1805 tcm_function = TMR_ABORT_TASK_SET; 1806 break; 1807 case ISCSI_TM_FUNC_CLEAR_ACA: 1808 tcm_function = TMR_CLEAR_ACA; 1809 break; 1810 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1811 tcm_function = TMR_CLEAR_TASK_SET; 1812 break; 1813 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1814 tcm_function = TMR_LUN_RESET; 1815 break; 1816 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1817 tcm_function = TMR_TARGET_WARM_RESET; 1818 break; 1819 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1820 tcm_function = TMR_TARGET_COLD_RESET; 1821 break; 1822 default: 1823 pr_err("Unknown iSCSI TMR Function:" 1824 " 0x%02x\n", function); 1825 return iscsit_add_reject_cmd(cmd, 1826 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1827 } 1828 1829 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req, 1830 tcm_function, GFP_KERNEL); 1831 if (ret < 0) 1832 return iscsit_add_reject_cmd(cmd, 1833 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1834 1835 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req; 1836 } 1837 1838 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC; 1839 cmd->i_state = ISTATE_SEND_TASKMGTRSP; 1840 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1841 cmd->init_task_tag = hdr->itt; 1842 cmd->targ_xfer_tag = 0xFFFFFFFF; 1843 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1844 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1845 se_tmr = cmd->se_cmd.se_tmr_req; 1846 tmr_req = cmd->tmr_req; 1847 /* 1848 * Locate the struct se_lun for all TMRs not related to ERL=2 TASK_REASSIGN 1849 */ 1850 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1851 ret = transport_lookup_tmr_lun(&cmd->se_cmd, 1852 scsilun_to_int(&hdr->lun)); 1853 if (ret < 0) { 1854 se_tmr->response = ISCSI_TMF_RSP_NO_LUN; 1855 goto attach; 1856 } 1857 } 1858 1859 switch (function) { 1860 case ISCSI_TM_FUNC_ABORT_TASK: 1861 se_tmr->response = iscsit_tmr_abort_task(cmd, buf); 1862 if (se_tmr->response) 1863 goto attach; 1864 break; 1865 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1866 case ISCSI_TM_FUNC_CLEAR_ACA: 1867 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1868 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1869 break; 1870 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1871 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) { 1872 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1873 goto attach; 1874 } 1875 break; 1876 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1877 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) { 1878 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1879 goto attach; 1880 } 1881 break; 1882 case ISCSI_TM_FUNC_TASK_REASSIGN: 1883 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf); 1884 /* 1885 * Perform sanity checks on the ExpDataSN only if the 1886 * TASK_REASSIGN was successful. 1887 */ 1888 if (se_tmr->response) 1889 break; 1890 1891 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0) 1892 return iscsit_add_reject_cmd(cmd, 1893 ISCSI_REASON_BOOKMARK_INVALID, buf); 1894 break; 1895 default: 1896 pr_err("Unknown TMR function: 0x%02x, protocol" 1897 " error.\n", function); 1898 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED; 1899 goto attach; 1900 } 1901 1902 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1903 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE)) 1904 se_tmr->call_transport = 1; 1905attach: 1906 spin_lock_bh(&conn->cmd_lock); 1907 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1908 spin_unlock_bh(&conn->cmd_lock); 1909 1910 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1911 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 1912 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP) 1913 out_of_order_cmdsn = 1; 1914 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1915 return 0; 1916 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1917 return -1; 1918 } 1919 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1920 1921 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE)) 1922 return 0; 1923 /* 1924 * Found the referenced task, send to transport for processing. 1925 */ 1926 if (se_tmr->call_transport) 1927 return transport_generic_handle_tmr(&cmd->se_cmd); 1928 1929 /* 1930 * Could not find the referenced LUN, task, or Task Management 1931 * command not authorized or supported. Change state and 1932 * let the tx_thread send the response. 1933 * 1934 * For connection recovery, this is also the default action for 1935 * TMR TASK_REASSIGN. 1936 */ 1937 if (sess_ref) { 1938 pr_debug("Handle TMR, using sess_ref=true check\n"); 1939 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1940 } 1941 1942 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 1943 return 0; 1944} 1945EXPORT_SYMBOL(iscsit_handle_task_mgt_cmd); 1946 1947/* #warning FIXME: Support Text Command parameters besides SendTargets */ 1948int 1949iscsit_setup_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1950 struct iscsi_text *hdr) 1951{ 1952 u32 payload_length = ntoh24(hdr->dlength); 1953 1954 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1955 pr_err("Unable to accept text parameter length: %u" 1956 "greater than MaxXmitDataSegmentLength %u.\n", 1957 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 1958 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1959 (unsigned char *)hdr); 1960 } 1961 1962 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x," 1963 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn, 1964 hdr->exp_statsn, payload_length); 1965 1966 cmd->iscsi_opcode = ISCSI_OP_TEXT; 1967 cmd->i_state = ISTATE_SEND_TEXTRSP; 1968 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1969 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1970 cmd->targ_xfer_tag = 0xFFFFFFFF; 1971 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1972 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1973 cmd->data_direction = DMA_NONE; 1974 1975 return 0; 1976} 1977EXPORT_SYMBOL(iscsit_setup_text_cmd); 1978 1979int 1980iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1981 struct iscsi_text *hdr) 1982{ 1983 unsigned char *text_in = cmd->text_in_ptr, *text_ptr; 1984 int cmdsn_ret; 1985 1986 if (!text_in) { 1987 pr_err("Unable to locate text_in buffer for sendtargets" 1988 " discovery\n"); 1989 goto reject; 1990 } 1991 if (strncmp("SendTargets", text_in, 11) != 0) { 1992 pr_err("Received Text Data that is not" 1993 " SendTargets, cannot continue.\n"); 1994 goto reject; 1995 } 1996 text_ptr = strchr(text_in, '='); 1997 if (!text_ptr) { 1998 pr_err("No \"=\" separator found in Text Data," 1999 " cannot continue.\n"); 2000 goto reject; 2001 } 2002 if (!strncmp("=All", text_ptr, 4)) { 2003 cmd->cmd_flags |= IFC_SENDTARGETS_ALL; 2004 } else if (!strncmp("=iqn.", text_ptr, 5) || 2005 !strncmp("=eui.", text_ptr, 5)) { 2006 cmd->cmd_flags |= IFC_SENDTARGETS_SINGLE; 2007 } else { 2008 pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr); 2009 goto reject; 2010 } 2011 2012 spin_lock_bh(&conn->cmd_lock); 2013 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2014 spin_unlock_bh(&conn->cmd_lock); 2015 2016 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2017 2018 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 2019 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 2020 (unsigned char *)hdr, hdr->cmdsn); 2021 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2022 return -1; 2023 2024 return 0; 2025 } 2026 2027 return iscsit_execute_cmd(cmd, 0); 2028 2029reject: 2030 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 2031 (unsigned char *)hdr); 2032} 2033EXPORT_SYMBOL(iscsit_process_text_cmd); 2034 2035static int 2036iscsit_handle_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2037 unsigned char *buf) 2038{ 2039 struct iscsi_text *hdr = (struct iscsi_text *)buf; 2040 char *text_in = NULL; 2041 u32 payload_length = ntoh24(hdr->dlength); 2042 int rx_size, rc; 2043 2044 rc = iscsit_setup_text_cmd(conn, cmd, hdr); 2045 if (rc < 0) 2046 return 0; 2047 2048 rx_size = payload_length; 2049 if (payload_length) { 2050 u32 checksum = 0, data_crc = 0; 2051 u32 padding = 0, pad_bytes = 0; 2052 int niov = 0, rx_got; 2053 struct kvec iov[3]; 2054 2055 text_in = kzalloc(payload_length, GFP_KERNEL); 2056 if (!text_in) { 2057 pr_err("Unable to allocate memory for" 2058 " incoming text parameters\n"); 2059 goto reject; 2060 } 2061 cmd->text_in_ptr = text_in; 2062 2063 memset(iov, 0, 3 * sizeof(struct kvec)); 2064 iov[niov].iov_base = text_in; 2065 iov[niov++].iov_len = payload_length; 2066 2067 padding = ((-payload_length) & 3); 2068 if (padding != 0) { 2069 iov[niov].iov_base = &pad_bytes; 2070 iov[niov++].iov_len = padding; 2071 rx_size += padding; 2072 pr_debug("Receiving %u additional bytes" 2073 " for padding.\n", padding); 2074 } 2075 if (conn->conn_ops->DataDigest) { 2076 iov[niov].iov_base = &checksum; 2077 iov[niov++].iov_len = ISCSI_CRC_LEN; 2078 rx_size += ISCSI_CRC_LEN; 2079 } 2080 2081 rx_got = rx_data(conn, &iov[0], niov, rx_size); 2082 if (rx_got != rx_size) 2083 goto reject; 2084 2085 if (conn->conn_ops->DataDigest) { 2086 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 2087 text_in, payload_length, 2088 padding, (u8 *)&pad_bytes, 2089 (u8 *)&data_crc); 2090 2091 if (checksum != data_crc) { 2092 pr_err("Text data CRC32C DataDigest" 2093 " 0x%08x does not match computed" 2094 " 0x%08x\n", checksum, data_crc); 2095 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2096 pr_err("Unable to recover from" 2097 " Text Data digest failure while in" 2098 " ERL=0.\n"); 2099 goto reject; 2100 } else { 2101 /* 2102 * Silently drop this PDU and let the 2103 * initiator plug the CmdSN gap. 2104 */ 2105 pr_debug("Dropping Text" 2106 " Command CmdSN: 0x%08x due to" 2107 " DataCRC error.\n", hdr->cmdsn); 2108 kfree(text_in); 2109 return 0; 2110 } 2111 } else { 2112 pr_debug("Got CRC32C DataDigest" 2113 " 0x%08x for %u bytes of text data.\n", 2114 checksum, payload_length); 2115 } 2116 } 2117 text_in[payload_length - 1] = '\0'; 2118 pr_debug("Successfully read %d bytes of text" 2119 " data.\n", payload_length); 2120 } 2121 2122 return iscsit_process_text_cmd(conn, cmd, hdr); 2123 2124reject: 2125 kfree(cmd->text_in_ptr); 2126 cmd->text_in_ptr = NULL; 2127 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 2128} 2129EXPORT_SYMBOL(iscsit_handle_text_cmd); 2130 2131int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2132{ 2133 struct iscsi_conn *conn_p; 2134 struct iscsi_session *sess = conn->sess; 2135 2136 pr_debug("Received logout request CLOSESESSION on CID: %hu" 2137 " for SID: %u.\n", conn->cid, conn->sess->sid); 2138 2139 atomic_set(&sess->session_logout, 1); 2140 atomic_set(&conn->conn_logout_remove, 1); 2141 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION; 2142 2143 iscsit_inc_conn_usage_count(conn); 2144 iscsit_inc_session_usage_count(sess); 2145 2146 spin_lock_bh(&sess->conn_lock); 2147 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) { 2148 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN) 2149 continue; 2150 2151 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2152 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2153 } 2154 spin_unlock_bh(&sess->conn_lock); 2155 2156 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2157 2158 return 0; 2159} 2160 2161int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2162{ 2163 struct iscsi_conn *l_conn; 2164 struct iscsi_session *sess = conn->sess; 2165 2166 pr_debug("Received logout request CLOSECONNECTION for CID:" 2167 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2168 2169 /* 2170 * A Logout Request with a CLOSECONNECTION reason code for a CID 2171 * can arrive on a connection with a differing CID. 2172 */ 2173 if (conn->cid == cmd->logout_cid) { 2174 spin_lock_bh(&conn->state_lock); 2175 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2176 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2177 2178 atomic_set(&conn->conn_logout_remove, 1); 2179 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION; 2180 iscsit_inc_conn_usage_count(conn); 2181 2182 spin_unlock_bh(&conn->state_lock); 2183 } else { 2184 /* 2185 * Handle all different cid CLOSECONNECTION requests in 2186 * iscsit_logout_post_handler_diffcid() as to give enough 2187 * time for any non immediate command's CmdSN to be 2188 * acknowledged on the connection in question. 2189 * 2190 * Here we simply make sure the CID is still around. 2191 */ 2192 l_conn = iscsit_get_conn_from_cid(sess, 2193 cmd->logout_cid); 2194 if (!l_conn) { 2195 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2196 iscsit_add_cmd_to_response_queue(cmd, conn, 2197 cmd->i_state); 2198 return 0; 2199 } 2200 2201 iscsit_dec_conn_usage_count(l_conn); 2202 } 2203 2204 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2205 2206 return 0; 2207} 2208 2209int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2210{ 2211 struct iscsi_session *sess = conn->sess; 2212 2213 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for" 2214 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2215 2216 if (sess->sess_ops->ErrorRecoveryLevel != 2) { 2217 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2218 " while ERL!=2.\n"); 2219 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED; 2220 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2221 return 0; 2222 } 2223 2224 if (conn->cid == cmd->logout_cid) { 2225 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2226 " with CID: %hu on CID: %hu, implementation error.\n", 2227 cmd->logout_cid, conn->cid); 2228 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED; 2229 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2230 return 0; 2231 } 2232 2233 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2234 2235 return 0; 2236} 2237 2238int 2239iscsit_handle_logout_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2240 unsigned char *buf) 2241{ 2242 int cmdsn_ret, logout_remove = 0; 2243 u8 reason_code = 0; 2244 struct iscsi_logout *hdr; 2245 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn); 2246 2247 hdr = (struct iscsi_logout *) buf; 2248 reason_code = (hdr->flags & 0x7f); 2249 2250 if (tiqn) { 2251 spin_lock(&tiqn->logout_stats.lock); 2252 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) 2253 tiqn->logout_stats.normal_logouts++; 2254 else 2255 tiqn->logout_stats.abnormal_logouts++; 2256 spin_unlock(&tiqn->logout_stats.lock); 2257 } 2258 2259 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x" 2260 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n", 2261 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code, 2262 hdr->cid, conn->cid); 2263 2264 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) { 2265 pr_err("Received logout request on connection that" 2266 " is not in logged in state, ignoring request.\n"); 2267 iscsit_free_cmd(cmd, false); 2268 return 0; 2269 } 2270 2271 cmd->iscsi_opcode = ISCSI_OP_LOGOUT; 2272 cmd->i_state = ISTATE_SEND_LOGOUTRSP; 2273 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2274 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 2275 cmd->targ_xfer_tag = 0xFFFFFFFF; 2276 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2277 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2278 cmd->logout_cid = be16_to_cpu(hdr->cid); 2279 cmd->logout_reason = reason_code; 2280 cmd->data_direction = DMA_NONE; 2281 2282 /* 2283 * We need to sleep in these cases (by returning 1) until the Logout 2284 * Response gets sent in the tx thread. 2285 */ 2286 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) || 2287 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) && 2288 be16_to_cpu(hdr->cid) == conn->cid)) 2289 logout_remove = 1; 2290 2291 spin_lock_bh(&conn->cmd_lock); 2292 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2293 spin_unlock_bh(&conn->cmd_lock); 2294 2295 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY) 2296 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2297 2298 /* 2299 * Immediate commands are executed, well, immediately. 2300 * Non-Immediate Logout Commands are executed in CmdSN order. 2301 */ 2302 if (cmd->immediate_cmd) { 2303 int ret = iscsit_execute_cmd(cmd, 0); 2304 2305 if (ret < 0) 2306 return ret; 2307 } else { 2308 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 2309 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 2310 logout_remove = 0; 2311 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2312 return -1; 2313 } 2314 2315 return logout_remove; 2316} 2317EXPORT_SYMBOL(iscsit_handle_logout_cmd); 2318 2319static int iscsit_handle_snack( 2320 struct iscsi_conn *conn, 2321 unsigned char *buf) 2322{ 2323 struct iscsi_snack *hdr; 2324 2325 hdr = (struct iscsi_snack *) buf; 2326 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 2327 2328 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:" 2329 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x," 2330 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags, 2331 hdr->begrun, hdr->runlength, conn->cid); 2332 2333 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2334 pr_err("Initiator sent SNACK request while in" 2335 " ErrorRecoveryLevel=0.\n"); 2336 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2337 buf); 2338 } 2339 /* 2340 * SNACK_DATA and SNACK_R2T are both 0, so check which function to 2341 * call from inside iscsi_send_recovery_datain_or_r2t(). 2342 */ 2343 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) { 2344 case 0: 2345 return iscsit_handle_recovery_datain_or_r2t(conn, buf, 2346 hdr->itt, 2347 be32_to_cpu(hdr->ttt), 2348 be32_to_cpu(hdr->begrun), 2349 be32_to_cpu(hdr->runlength)); 2350 case ISCSI_FLAG_SNACK_TYPE_STATUS: 2351 return iscsit_handle_status_snack(conn, hdr->itt, 2352 be32_to_cpu(hdr->ttt), 2353 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength)); 2354 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK: 2355 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt), 2356 be32_to_cpu(hdr->begrun), 2357 be32_to_cpu(hdr->runlength)); 2358 case ISCSI_FLAG_SNACK_TYPE_RDATA: 2359 /* FIXME: Support R-Data SNACK */ 2360 pr_err("R-Data SNACK Not Supported.\n"); 2361 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2362 buf); 2363 default: 2364 pr_err("Unknown SNACK type 0x%02x, protocol" 2365 " error.\n", hdr->flags & 0x0f); 2366 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2367 buf); 2368 } 2369 2370 return 0; 2371} 2372 2373static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn) 2374{ 2375 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2376 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2377 wait_for_completion_interruptible_timeout( 2378 &conn->rx_half_close_comp, 2379 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ); 2380 } 2381} 2382 2383static int iscsit_handle_immediate_data( 2384 struct iscsi_cmd *cmd, 2385 struct iscsi_scsi_req *hdr, 2386 u32 length) 2387{ 2388 int iov_ret, rx_got = 0, rx_size = 0; 2389 u32 checksum, iov_count = 0, padding = 0; 2390 struct iscsi_conn *conn = cmd->conn; 2391 struct kvec *iov; 2392 2393 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length); 2394 if (iov_ret < 0) 2395 return IMMEDIATE_DATA_CANNOT_RECOVER; 2396 2397 rx_size = length; 2398 iov_count = iov_ret; 2399 iov = &cmd->iov_data[0]; 2400 2401 padding = ((-length) & 3); 2402 if (padding != 0) { 2403 iov[iov_count].iov_base = cmd->pad_bytes; 2404 iov[iov_count++].iov_len = padding; 2405 rx_size += padding; 2406 } 2407 2408 if (conn->conn_ops->DataDigest) { 2409 iov[iov_count].iov_base = &checksum; 2410 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2411 rx_size += ISCSI_CRC_LEN; 2412 } 2413 2414 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 2415 2416 iscsit_unmap_iovec(cmd); 2417 2418 if (rx_got != rx_size) { 2419 iscsit_rx_thread_wait_for_tcp(conn); 2420 return IMMEDIATE_DATA_CANNOT_RECOVER; 2421 } 2422 2423 if (conn->conn_ops->DataDigest) { 2424 u32 data_crc; 2425 2426 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd, 2427 cmd->write_data_done, length, padding, 2428 cmd->pad_bytes); 2429 2430 if (checksum != data_crc) { 2431 pr_err("ImmediateData CRC32C DataDigest 0x%08x" 2432 " does not match computed 0x%08x\n", checksum, 2433 data_crc); 2434 2435 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2436 pr_err("Unable to recover from" 2437 " Immediate Data digest failure while" 2438 " in ERL=0.\n"); 2439 iscsit_reject_cmd(cmd, 2440 ISCSI_REASON_DATA_DIGEST_ERROR, 2441 (unsigned char *)hdr); 2442 return IMMEDIATE_DATA_CANNOT_RECOVER; 2443 } else { 2444 iscsit_reject_cmd(cmd, 2445 ISCSI_REASON_DATA_DIGEST_ERROR, 2446 (unsigned char *)hdr); 2447 return IMMEDIATE_DATA_ERL1_CRC_FAILURE; 2448 } 2449 } else { 2450 pr_debug("Got CRC32C DataDigest 0x%08x for" 2451 " %u bytes of Immediate Data\n", checksum, 2452 length); 2453 } 2454 } 2455 2456 cmd->write_data_done += length; 2457 2458 if (cmd->write_data_done == cmd->se_cmd.data_length) { 2459 spin_lock_bh(&cmd->istate_lock); 2460 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 2461 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 2462 spin_unlock_bh(&cmd->istate_lock); 2463 } 2464 2465 return IMMEDIATE_DATA_NORMAL_OPERATION; 2466} 2467 2468/* 2469 * Called with sess->conn_lock held. 2470 */ 2471/* #warning iscsi_build_conn_drop_async_message() only sends out on connections 2472 with active network interface */ 2473static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn) 2474{ 2475 struct iscsi_cmd *cmd; 2476 struct iscsi_conn *conn_p; 2477 2478 /* 2479 * Only send a Asynchronous Message on connections whos network 2480 * interface is still functional. 2481 */ 2482 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) { 2483 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) { 2484 iscsit_inc_conn_usage_count(conn_p); 2485 break; 2486 } 2487 } 2488 2489 if (!conn_p) 2490 return; 2491 2492 cmd = iscsit_allocate_cmd(conn_p, GFP_ATOMIC); 2493 if (!cmd) { 2494 iscsit_dec_conn_usage_count(conn_p); 2495 return; 2496 } 2497 2498 cmd->logout_cid = conn->cid; 2499 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2500 cmd->i_state = ISTATE_SEND_ASYNCMSG; 2501 2502 spin_lock_bh(&conn_p->cmd_lock); 2503 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list); 2504 spin_unlock_bh(&conn_p->cmd_lock); 2505 2506 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state); 2507 iscsit_dec_conn_usage_count(conn_p); 2508} 2509 2510static int iscsit_send_conn_drop_async_message( 2511 struct iscsi_cmd *cmd, 2512 struct iscsi_conn *conn) 2513{ 2514 struct iscsi_async *hdr; 2515 2516 cmd->tx_size = ISCSI_HDR_LEN; 2517 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2518 2519 hdr = (struct iscsi_async *) cmd->pdu; 2520 hdr->opcode = ISCSI_OP_ASYNC_EVENT; 2521 hdr->flags = ISCSI_FLAG_CMD_FINAL; 2522 cmd->init_task_tag = RESERVED_ITT; 2523 cmd->targ_xfer_tag = 0xFFFFFFFF; 2524 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]); 2525 cmd->stat_sn = conn->stat_sn++; 2526 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2527 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2528 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2529 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION; 2530 hdr->param1 = cpu_to_be16(cmd->logout_cid); 2531 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait); 2532 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain); 2533 2534 if (conn->conn_ops->HeaderDigest) { 2535 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2536 2537 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2538 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2539 2540 cmd->tx_size += ISCSI_CRC_LEN; 2541 pr_debug("Attaching CRC32C HeaderDigest to" 2542 " Async Message 0x%08x\n", *header_digest); 2543 } 2544 2545 cmd->iov_misc[0].iov_base = cmd->pdu; 2546 cmd->iov_misc[0].iov_len = cmd->tx_size; 2547 cmd->iov_misc_count = 1; 2548 2549 pr_debug("Sending Connection Dropped Async Message StatSN:" 2550 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn, 2551 cmd->logout_cid, conn->cid); 2552 return 0; 2553} 2554 2555static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn) 2556{ 2557 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2558 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2559 wait_for_completion_interruptible_timeout( 2560 &conn->tx_half_close_comp, 2561 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ); 2562 } 2563} 2564 2565static void 2566iscsit_build_datain_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2567 struct iscsi_datain *datain, struct iscsi_data_rsp *hdr, 2568 bool set_statsn) 2569{ 2570 hdr->opcode = ISCSI_OP_SCSI_DATA_IN; 2571 hdr->flags = datain->flags; 2572 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) { 2573 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 2574 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW; 2575 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2576 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 2577 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW; 2578 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2579 } 2580 } 2581 hton24(hdr->dlength, datain->length); 2582 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2583 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 2584 (struct scsi_lun *)&hdr->lun); 2585 else 2586 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2587 2588 hdr->itt = cmd->init_task_tag; 2589 2590 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2591 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2592 else 2593 hdr->ttt = cpu_to_be32(0xFFFFFFFF); 2594 if (set_statsn) 2595 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2596 else 2597 hdr->statsn = cpu_to_be32(0xFFFFFFFF); 2598 2599 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2600 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2601 hdr->datasn = cpu_to_be32(datain->data_sn); 2602 hdr->offset = cpu_to_be32(datain->offset); 2603 2604 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x," 2605 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 2606 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn), 2607 ntohl(hdr->offset), datain->length, conn->cid); 2608} 2609 2610static int iscsit_send_datain(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2611{ 2612 struct iscsi_data_rsp *hdr = (struct iscsi_data_rsp *)&cmd->pdu[0]; 2613 struct iscsi_datain datain; 2614 struct iscsi_datain_req *dr; 2615 struct kvec *iov; 2616 u32 iov_count = 0, tx_size = 0; 2617 int eodr = 0, ret, iov_ret; 2618 bool set_statsn = false; 2619 2620 memset(&datain, 0, sizeof(struct iscsi_datain)); 2621 dr = iscsit_get_datain_values(cmd, &datain); 2622 if (!dr) { 2623 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n", 2624 cmd->init_task_tag); 2625 return -1; 2626 } 2627 /* 2628 * Be paranoid and double check the logic for now. 2629 */ 2630 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) { 2631 pr_err("Command ITT: 0x%08x, datain.offset: %u and" 2632 " datain.length: %u exceeds cmd->data_length: %u\n", 2633 cmd->init_task_tag, datain.offset, datain.length, 2634 cmd->se_cmd.data_length); 2635 return -1; 2636 } 2637 2638 spin_lock_bh(&conn->sess->session_stats_lock); 2639 conn->sess->tx_data_octets += datain.length; 2640 if (conn->sess->se_sess->se_node_acl) { 2641 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock); 2642 conn->sess->se_sess->se_node_acl->read_bytes += datain.length; 2643 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock); 2644 } 2645 spin_unlock_bh(&conn->sess->session_stats_lock); 2646 /* 2647 * Special case for successfully execution w/ both DATAIN 2648 * and Sense Data. 2649 */ 2650 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) && 2651 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE)) 2652 datain.flags &= ~ISCSI_FLAG_DATA_STATUS; 2653 else { 2654 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) || 2655 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) { 2656 iscsit_increment_maxcmdsn(cmd, conn->sess); 2657 cmd->stat_sn = conn->stat_sn++; 2658 set_statsn = true; 2659 } else if (dr->dr_complete == 2660 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY) 2661 set_statsn = true; 2662 } 2663 2664 iscsit_build_datain_pdu(cmd, conn, &datain, hdr, set_statsn); 2665 2666 iov = &cmd->iov_data[0]; 2667 iov[iov_count].iov_base = cmd->pdu; 2668 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 2669 tx_size += ISCSI_HDR_LEN; 2670 2671 if (conn->conn_ops->HeaderDigest) { 2672 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2673 2674 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu, 2675 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2676 2677 iov[0].iov_len += ISCSI_CRC_LEN; 2678 tx_size += ISCSI_CRC_LEN; 2679 2680 pr_debug("Attaching CRC32 HeaderDigest" 2681 " for DataIN PDU 0x%08x\n", *header_digest); 2682 } 2683 2684 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1], 2685 datain.offset, datain.length); 2686 if (iov_ret < 0) 2687 return -1; 2688 2689 iov_count += iov_ret; 2690 tx_size += datain.length; 2691 2692 cmd->padding = ((-datain.length) & 3); 2693 if (cmd->padding) { 2694 iov[iov_count].iov_base = cmd->pad_bytes; 2695 iov[iov_count++].iov_len = cmd->padding; 2696 tx_size += cmd->padding; 2697 2698 pr_debug("Attaching %u padding bytes\n", 2699 cmd->padding); 2700 } 2701 if (conn->conn_ops->DataDigest) { 2702 cmd->data_crc = iscsit_do_crypto_hash_sg(&conn->conn_tx_hash, cmd, 2703 datain.offset, datain.length, cmd->padding, cmd->pad_bytes); 2704 2705 iov[iov_count].iov_base = &cmd->data_crc; 2706 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2707 tx_size += ISCSI_CRC_LEN; 2708 2709 pr_debug("Attached CRC32C DataDigest %d bytes, crc" 2710 " 0x%08x\n", datain.length+cmd->padding, cmd->data_crc); 2711 } 2712 2713 cmd->iov_data_count = iov_count; 2714 cmd->tx_size = tx_size; 2715 2716 /* sendpage is preferred but can't insert markers */ 2717 if (!conn->conn_ops->IFMarker) 2718 ret = iscsit_fe_sendpage_sg(cmd, conn); 2719 else 2720 ret = iscsit_send_tx_data(cmd, conn, 0); 2721 2722 iscsit_unmap_iovec(cmd); 2723 2724 if (ret < 0) { 2725 iscsit_tx_thread_wait_for_tcp(conn); 2726 return ret; 2727 } 2728 2729 if (dr->dr_complete) { 2730 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ? 2731 2 : 1; 2732 iscsit_free_datain_req(cmd, dr); 2733 } 2734 2735 return eodr; 2736} 2737 2738int 2739iscsit_build_logout_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2740 struct iscsi_logout_rsp *hdr) 2741{ 2742 struct iscsi_conn *logout_conn = NULL; 2743 struct iscsi_conn_recovery *cr = NULL; 2744 struct iscsi_session *sess = conn->sess; 2745 /* 2746 * The actual shutting down of Sessions and/or Connections 2747 * for CLOSESESSION and CLOSECONNECTION Logout Requests 2748 * is done in scsi_logout_post_handler(). 2749 */ 2750 switch (cmd->logout_reason) { 2751 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 2752 pr_debug("iSCSI session logout successful, setting" 2753 " logout response to ISCSI_LOGOUT_SUCCESS.\n"); 2754 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2755 break; 2756 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 2757 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND) 2758 break; 2759 /* 2760 * For CLOSECONNECTION logout requests carrying 2761 * a matching logout CID -> local CID, the reference 2762 * for the local CID will have been incremented in 2763 * iscsi_logout_closeconnection(). 2764 * 2765 * For CLOSECONNECTION logout requests carrying 2766 * a different CID than the connection it arrived 2767 * on, the connection responding to cmd->logout_cid 2768 * is stopped in iscsit_logout_post_handler_diffcid(). 2769 */ 2770 2771 pr_debug("iSCSI CID: %hu logout on CID: %hu" 2772 " successful.\n", cmd->logout_cid, conn->cid); 2773 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2774 break; 2775 case ISCSI_LOGOUT_REASON_RECOVERY: 2776 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) || 2777 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED)) 2778 break; 2779 /* 2780 * If the connection is still active from our point of view 2781 * force connection recovery to occur. 2782 */ 2783 logout_conn = iscsit_get_conn_from_cid_rcfr(sess, 2784 cmd->logout_cid); 2785 if (logout_conn) { 2786 iscsit_connection_reinstatement_rcfr(logout_conn); 2787 iscsit_dec_conn_usage_count(logout_conn); 2788 } 2789 2790 cr = iscsit_get_inactive_connection_recovery_entry( 2791 conn->sess, cmd->logout_cid); 2792 if (!cr) { 2793 pr_err("Unable to locate CID: %hu for" 2794 " REMOVECONNFORRECOVERY Logout Request.\n", 2795 cmd->logout_cid); 2796 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2797 break; 2798 } 2799 2800 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn); 2801 2802 pr_debug("iSCSI REMOVECONNFORRECOVERY logout" 2803 " for recovery for CID: %hu on CID: %hu successful.\n", 2804 cmd->logout_cid, conn->cid); 2805 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2806 break; 2807 default: 2808 pr_err("Unknown cmd->logout_reason: 0x%02x\n", 2809 cmd->logout_reason); 2810 return -1; 2811 } 2812 2813 hdr->opcode = ISCSI_OP_LOGOUT_RSP; 2814 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2815 hdr->response = cmd->logout_response; 2816 hdr->itt = cmd->init_task_tag; 2817 cmd->stat_sn = conn->stat_sn++; 2818 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2819 2820 iscsit_increment_maxcmdsn(cmd, conn->sess); 2821 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2822 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2823 2824 pr_debug("Built Logout Response ITT: 0x%08x StatSN:" 2825 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n", 2826 cmd->init_task_tag, cmd->stat_sn, hdr->response, 2827 cmd->logout_cid, conn->cid); 2828 2829 return 0; 2830} 2831EXPORT_SYMBOL(iscsit_build_logout_rsp); 2832 2833static int 2834iscsit_send_logout(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2835{ 2836 struct kvec *iov; 2837 int niov = 0, tx_size, rc; 2838 2839 rc = iscsit_build_logout_rsp(cmd, conn, 2840 (struct iscsi_logout_rsp *)&cmd->pdu[0]); 2841 if (rc < 0) 2842 return rc; 2843 2844 tx_size = ISCSI_HDR_LEN; 2845 iov = &cmd->iov_misc[0]; 2846 iov[niov].iov_base = cmd->pdu; 2847 iov[niov++].iov_len = ISCSI_HDR_LEN; 2848 2849 if (conn->conn_ops->HeaderDigest) { 2850 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2851 2852 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, &cmd->pdu[0], 2853 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2854 2855 iov[0].iov_len += ISCSI_CRC_LEN; 2856 tx_size += ISCSI_CRC_LEN; 2857 pr_debug("Attaching CRC32C HeaderDigest to" 2858 " Logout Response 0x%08x\n", *header_digest); 2859 } 2860 cmd->iov_misc_count = niov; 2861 cmd->tx_size = tx_size; 2862 2863 return 0; 2864} 2865 2866void 2867iscsit_build_nopin_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2868 struct iscsi_nopin *hdr, bool nopout_response) 2869{ 2870 hdr->opcode = ISCSI_OP_NOOP_IN; 2871 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2872 hton24(hdr->dlength, cmd->buf_ptr_size); 2873 if (nopout_response) 2874 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2875 hdr->itt = cmd->init_task_tag; 2876 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2877 cmd->stat_sn = (nopout_response) ? conn->stat_sn++ : 2878 conn->stat_sn; 2879 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2880 2881 if (nopout_response) 2882 iscsit_increment_maxcmdsn(cmd, conn->sess); 2883 2884 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2885 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2886 2887 pr_debug("Built NOPIN %s Response ITT: 0x%08x, TTT: 0x%08x," 2888 " StatSN: 0x%08x, Length %u\n", (nopout_response) ? 2889 "Solicitied" : "Unsolicitied", cmd->init_task_tag, 2890 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size); 2891} 2892EXPORT_SYMBOL(iscsit_build_nopin_rsp); 2893 2894/* 2895 * Unsolicited NOPIN, either requesting a response or not. 2896 */ 2897static int iscsit_send_unsolicited_nopin( 2898 struct iscsi_cmd *cmd, 2899 struct iscsi_conn *conn, 2900 int want_response) 2901{ 2902 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2903 int tx_size = ISCSI_HDR_LEN, ret; 2904 2905 iscsit_build_nopin_rsp(cmd, conn, hdr, false); 2906 2907 if (conn->conn_ops->HeaderDigest) { 2908 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2909 2910 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2911 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2912 2913 tx_size += ISCSI_CRC_LEN; 2914 pr_debug("Attaching CRC32C HeaderDigest to" 2915 " NopIN 0x%08x\n", *header_digest); 2916 } 2917 2918 cmd->iov_misc[0].iov_base = cmd->pdu; 2919 cmd->iov_misc[0].iov_len = tx_size; 2920 cmd->iov_misc_count = 1; 2921 cmd->tx_size = tx_size; 2922 2923 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:" 2924 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid); 2925 2926 ret = iscsit_send_tx_data(cmd, conn, 1); 2927 if (ret < 0) { 2928 iscsit_tx_thread_wait_for_tcp(conn); 2929 return ret; 2930 } 2931 2932 spin_lock_bh(&cmd->istate_lock); 2933 cmd->i_state = want_response ? 2934 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS; 2935 spin_unlock_bh(&cmd->istate_lock); 2936 2937 return 0; 2938} 2939 2940static int 2941iscsit_send_nopin(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2942{ 2943 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2944 struct kvec *iov; 2945 u32 padding = 0; 2946 int niov = 0, tx_size; 2947 2948 iscsit_build_nopin_rsp(cmd, conn, hdr, true); 2949 2950 tx_size = ISCSI_HDR_LEN; 2951 iov = &cmd->iov_misc[0]; 2952 iov[niov].iov_base = cmd->pdu; 2953 iov[niov++].iov_len = ISCSI_HDR_LEN; 2954 2955 if (conn->conn_ops->HeaderDigest) { 2956 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2957 2958 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2959 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2960 2961 iov[0].iov_len += ISCSI_CRC_LEN; 2962 tx_size += ISCSI_CRC_LEN; 2963 pr_debug("Attaching CRC32C HeaderDigest" 2964 " to NopIn 0x%08x\n", *header_digest); 2965 } 2966 2967 /* 2968 * NOPOUT Ping Data is attached to struct iscsi_cmd->buf_ptr. 2969 * NOPOUT DataSegmentLength is at struct iscsi_cmd->buf_ptr_size. 2970 */ 2971 if (cmd->buf_ptr_size) { 2972 iov[niov].iov_base = cmd->buf_ptr; 2973 iov[niov++].iov_len = cmd->buf_ptr_size; 2974 tx_size += cmd->buf_ptr_size; 2975 2976 pr_debug("Echoing back %u bytes of ping" 2977 " data.\n", cmd->buf_ptr_size); 2978 2979 padding = ((-cmd->buf_ptr_size) & 3); 2980 if (padding != 0) { 2981 iov[niov].iov_base = &cmd->pad_bytes; 2982 iov[niov++].iov_len = padding; 2983 tx_size += padding; 2984 pr_debug("Attaching %u additional" 2985 " padding bytes.\n", padding); 2986 } 2987 if (conn->conn_ops->DataDigest) { 2988 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 2989 cmd->buf_ptr, cmd->buf_ptr_size, 2990 padding, (u8 *)&cmd->pad_bytes, 2991 (u8 *)&cmd->data_crc); 2992 2993 iov[niov].iov_base = &cmd->data_crc; 2994 iov[niov++].iov_len = ISCSI_CRC_LEN; 2995 tx_size += ISCSI_CRC_LEN; 2996 pr_debug("Attached DataDigest for %u" 2997 " bytes of ping data, CRC 0x%08x\n", 2998 cmd->buf_ptr_size, cmd->data_crc); 2999 } 3000 } 3001 3002 cmd->iov_misc_count = niov; 3003 cmd->tx_size = tx_size; 3004 3005 return 0; 3006} 3007 3008static int iscsit_send_r2t( 3009 struct iscsi_cmd *cmd, 3010 struct iscsi_conn *conn) 3011{ 3012 int tx_size = 0; 3013 struct iscsi_r2t *r2t; 3014 struct iscsi_r2t_rsp *hdr; 3015 int ret; 3016 3017 r2t = iscsit_get_r2t_from_list(cmd); 3018 if (!r2t) 3019 return -1; 3020 3021 hdr = (struct iscsi_r2t_rsp *) cmd->pdu; 3022 memset(hdr, 0, ISCSI_HDR_LEN); 3023 hdr->opcode = ISCSI_OP_R2T; 3024 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3025 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 3026 (struct scsi_lun *)&hdr->lun); 3027 hdr->itt = cmd->init_task_tag; 3028 spin_lock_bh(&conn->sess->ttt_lock); 3029 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++; 3030 if (r2t->targ_xfer_tag == 0xFFFFFFFF) 3031 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++; 3032 spin_unlock_bh(&conn->sess->ttt_lock); 3033 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag); 3034 hdr->statsn = cpu_to_be32(conn->stat_sn); 3035 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3036 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3037 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn); 3038 hdr->data_offset = cpu_to_be32(r2t->offset); 3039 hdr->data_length = cpu_to_be32(r2t->xfer_len); 3040 3041 cmd->iov_misc[0].iov_base = cmd->pdu; 3042 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3043 tx_size += ISCSI_HDR_LEN; 3044 3045 if (conn->conn_ops->HeaderDigest) { 3046 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3047 3048 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3049 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3050 3051 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3052 tx_size += ISCSI_CRC_LEN; 3053 pr_debug("Attaching CRC32 HeaderDigest for R2T" 3054 " PDU 0x%08x\n", *header_digest); 3055 } 3056 3057 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:" 3058 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n", 3059 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag, 3060 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn, 3061 r2t->offset, r2t->xfer_len, conn->cid); 3062 3063 cmd->iov_misc_count = 1; 3064 cmd->tx_size = tx_size; 3065 3066 spin_lock_bh(&cmd->r2t_lock); 3067 r2t->sent_r2t = 1; 3068 spin_unlock_bh(&cmd->r2t_lock); 3069 3070 ret = iscsit_send_tx_data(cmd, conn, 1); 3071 if (ret < 0) { 3072 iscsit_tx_thread_wait_for_tcp(conn); 3073 return ret; 3074 } 3075 3076 spin_lock_bh(&cmd->dataout_timeout_lock); 3077 iscsit_start_dataout_timer(cmd, conn); 3078 spin_unlock_bh(&cmd->dataout_timeout_lock); 3079 3080 return 0; 3081} 3082 3083/* 3084 * @recovery: If called from iscsi_task_reassign_complete_write() for 3085 * connection recovery. 3086 */ 3087int iscsit_build_r2ts_for_cmd( 3088 struct iscsi_conn *conn, 3089 struct iscsi_cmd *cmd, 3090 bool recovery) 3091{ 3092 int first_r2t = 1; 3093 u32 offset = 0, xfer_len = 0; 3094 3095 spin_lock_bh(&cmd->r2t_lock); 3096 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) { 3097 spin_unlock_bh(&cmd->r2t_lock); 3098 return 0; 3099 } 3100 3101 if (conn->sess->sess_ops->DataSequenceInOrder && 3102 !recovery) 3103 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done); 3104 3105 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) { 3106 if (conn->sess->sess_ops->DataSequenceInOrder) { 3107 offset = cmd->r2t_offset; 3108 3109 if (first_r2t && recovery) { 3110 int new_data_end = offset + 3111 conn->sess->sess_ops->MaxBurstLength - 3112 cmd->next_burst_len; 3113 3114 if (new_data_end > cmd->se_cmd.data_length) 3115 xfer_len = cmd->se_cmd.data_length - offset; 3116 else 3117 xfer_len = 3118 conn->sess->sess_ops->MaxBurstLength - 3119 cmd->next_burst_len; 3120 } else { 3121 int new_data_end = offset + 3122 conn->sess->sess_ops->MaxBurstLength; 3123 3124 if (new_data_end > cmd->se_cmd.data_length) 3125 xfer_len = cmd->se_cmd.data_length - offset; 3126 else 3127 xfer_len = conn->sess->sess_ops->MaxBurstLength; 3128 } 3129 cmd->r2t_offset += xfer_len; 3130 3131 if (cmd->r2t_offset == cmd->se_cmd.data_length) 3132 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3133 } else { 3134 struct iscsi_seq *seq; 3135 3136 seq = iscsit_get_seq_holder_for_r2t(cmd); 3137 if (!seq) { 3138 spin_unlock_bh(&cmd->r2t_lock); 3139 return -1; 3140 } 3141 3142 offset = seq->offset; 3143 xfer_len = seq->xfer_len; 3144 3145 if (cmd->seq_send_order == cmd->seq_count) 3146 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3147 } 3148 cmd->outstanding_r2ts++; 3149 first_r2t = 0; 3150 3151 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) { 3152 spin_unlock_bh(&cmd->r2t_lock); 3153 return -1; 3154 } 3155 3156 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) 3157 break; 3158 } 3159 spin_unlock_bh(&cmd->r2t_lock); 3160 3161 return 0; 3162} 3163 3164void iscsit_build_rsp_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3165 bool inc_stat_sn, struct iscsi_scsi_rsp *hdr) 3166{ 3167 if (inc_stat_sn) 3168 cmd->stat_sn = conn->stat_sn++; 3169 3170 spin_lock_bh(&conn->sess->session_stats_lock); 3171 conn->sess->rsp_pdus++; 3172 spin_unlock_bh(&conn->sess->session_stats_lock); 3173 3174 memset(hdr, 0, ISCSI_HDR_LEN); 3175 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP; 3176 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3177 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 3178 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW; 3179 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3180 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 3181 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW; 3182 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3183 } 3184 hdr->response = cmd->iscsi_response; 3185 hdr->cmd_status = cmd->se_cmd.scsi_status; 3186 hdr->itt = cmd->init_task_tag; 3187 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3188 3189 iscsit_increment_maxcmdsn(cmd, conn->sess); 3190 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3191 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3192 3193 pr_debug("Built SCSI Response, ITT: 0x%08x, StatSN: 0x%08x," 3194 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n", 3195 cmd->init_task_tag, cmd->stat_sn, cmd->se_cmd.scsi_status, 3196 cmd->se_cmd.scsi_status, conn->cid); 3197} 3198EXPORT_SYMBOL(iscsit_build_rsp_pdu); 3199 3200static int iscsit_send_response(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3201{ 3202 struct iscsi_scsi_rsp *hdr = (struct iscsi_scsi_rsp *)&cmd->pdu[0]; 3203 struct kvec *iov; 3204 u32 padding = 0, tx_size = 0; 3205 int iov_count = 0; 3206 bool inc_stat_sn = (cmd->i_state == ISTATE_SEND_STATUS); 3207 3208 iscsit_build_rsp_pdu(cmd, conn, inc_stat_sn, hdr); 3209 3210 iov = &cmd->iov_misc[0]; 3211 iov[iov_count].iov_base = cmd->pdu; 3212 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3213 tx_size += ISCSI_HDR_LEN; 3214 3215 /* 3216 * Attach SENSE DATA payload to iSCSI Response PDU 3217 */ 3218 if (cmd->se_cmd.sense_buffer && 3219 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) || 3220 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) { 3221 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer); 3222 cmd->se_cmd.scsi_sense_length += sizeof (__be16); 3223 3224 padding = -(cmd->se_cmd.scsi_sense_length) & 3; 3225 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length); 3226 iov[iov_count].iov_base = cmd->sense_buffer; 3227 iov[iov_count++].iov_len = 3228 (cmd->se_cmd.scsi_sense_length + padding); 3229 tx_size += cmd->se_cmd.scsi_sense_length; 3230 3231 if (padding) { 3232 memset(cmd->sense_buffer + 3233 cmd->se_cmd.scsi_sense_length, 0, padding); 3234 tx_size += padding; 3235 pr_debug("Adding %u bytes of padding to" 3236 " SENSE.\n", padding); 3237 } 3238 3239 if (conn->conn_ops->DataDigest) { 3240 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 3241 cmd->sense_buffer, 3242 (cmd->se_cmd.scsi_sense_length + padding), 3243 0, NULL, (u8 *)&cmd->data_crc); 3244 3245 iov[iov_count].iov_base = &cmd->data_crc; 3246 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3247 tx_size += ISCSI_CRC_LEN; 3248 3249 pr_debug("Attaching CRC32 DataDigest for" 3250 " SENSE, %u bytes CRC 0x%08x\n", 3251 (cmd->se_cmd.scsi_sense_length + padding), 3252 cmd->data_crc); 3253 } 3254 3255 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI" 3256 " Response PDU\n", 3257 cmd->se_cmd.scsi_sense_length); 3258 } 3259 3260 if (conn->conn_ops->HeaderDigest) { 3261 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3262 3263 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu, 3264 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3265 3266 iov[0].iov_len += ISCSI_CRC_LEN; 3267 tx_size += ISCSI_CRC_LEN; 3268 pr_debug("Attaching CRC32 HeaderDigest for Response" 3269 " PDU 0x%08x\n", *header_digest); 3270 } 3271 3272 cmd->iov_misc_count = iov_count; 3273 cmd->tx_size = tx_size; 3274 3275 return 0; 3276} 3277 3278static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr) 3279{ 3280 switch (se_tmr->response) { 3281 case TMR_FUNCTION_COMPLETE: 3282 return ISCSI_TMF_RSP_COMPLETE; 3283 case TMR_TASK_DOES_NOT_EXIST: 3284 return ISCSI_TMF_RSP_NO_TASK; 3285 case TMR_LUN_DOES_NOT_EXIST: 3286 return ISCSI_TMF_RSP_NO_LUN; 3287 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED: 3288 return ISCSI_TMF_RSP_NOT_SUPPORTED; 3289 case TMR_FUNCTION_AUTHORIZATION_FAILED: 3290 return ISCSI_TMF_RSP_AUTH_FAILED; 3291 case TMR_FUNCTION_REJECTED: 3292 default: 3293 return ISCSI_TMF_RSP_REJECTED; 3294 } 3295} 3296 3297void 3298iscsit_build_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3299 struct iscsi_tm_rsp *hdr) 3300{ 3301 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req; 3302 3303 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP; 3304 hdr->flags = ISCSI_FLAG_CMD_FINAL; 3305 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr); 3306 hdr->itt = cmd->init_task_tag; 3307 cmd->stat_sn = conn->stat_sn++; 3308 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3309 3310 iscsit_increment_maxcmdsn(cmd, conn->sess); 3311 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3312 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3313 3314 pr_debug("Built Task Management Response ITT: 0x%08x," 3315 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n", 3316 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid); 3317} 3318EXPORT_SYMBOL(iscsit_build_task_mgt_rsp); 3319 3320static int 3321iscsit_send_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3322{ 3323 struct iscsi_tm_rsp *hdr = (struct iscsi_tm_rsp *)&cmd->pdu[0]; 3324 u32 tx_size = 0; 3325 3326 iscsit_build_task_mgt_rsp(cmd, conn, hdr); 3327 3328 cmd->iov_misc[0].iov_base = cmd->pdu; 3329 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3330 tx_size += ISCSI_HDR_LEN; 3331 3332 if (conn->conn_ops->HeaderDigest) { 3333 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3334 3335 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3336 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3337 3338 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3339 tx_size += ISCSI_CRC_LEN; 3340 pr_debug("Attaching CRC32 HeaderDigest for Task" 3341 " Mgmt Response PDU 0x%08x\n", *header_digest); 3342 } 3343 3344 cmd->iov_misc_count = 1; 3345 cmd->tx_size = tx_size; 3346 3347 return 0; 3348} 3349 3350static bool iscsit_check_inaddr_any(struct iscsi_np *np) 3351{ 3352 bool ret = false; 3353 3354 if (np->np_sockaddr.ss_family == AF_INET6) { 3355 const struct sockaddr_in6 sin6 = { 3356 .sin6_addr = IN6ADDR_ANY_INIT }; 3357 struct sockaddr_in6 *sock_in6 = 3358 (struct sockaddr_in6 *)&np->np_sockaddr; 3359 3360 if (!memcmp(sock_in6->sin6_addr.s6_addr, 3361 sin6.sin6_addr.s6_addr, 16)) 3362 ret = true; 3363 } else { 3364 struct sockaddr_in * sock_in = 3365 (struct sockaddr_in *)&np->np_sockaddr; 3366 3367 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY)) 3368 ret = true; 3369 } 3370 3371 return ret; 3372} 3373 3374#define SENDTARGETS_BUF_LIMIT 32768U 3375 3376static int iscsit_build_sendtargets_response(struct iscsi_cmd *cmd) 3377{ 3378 char *payload = NULL; 3379 struct iscsi_conn *conn = cmd->conn; 3380 struct iscsi_portal_group *tpg; 3381 struct iscsi_tiqn *tiqn; 3382 struct iscsi_tpg_np *tpg_np; 3383 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0; 3384 unsigned char buf[ISCSI_IQN_LEN+12]; /* iqn + "TargetName=" + \0 */ 3385 unsigned char *text_in = cmd->text_in_ptr, *text_ptr = NULL; 3386 3387 buffer_len = max(conn->conn_ops->MaxRecvDataSegmentLength, 3388 SENDTARGETS_BUF_LIMIT); 3389 3390 payload = kzalloc(buffer_len, GFP_KERNEL); 3391 if (!payload) { 3392 pr_err("Unable to allocate memory for sendtargets" 3393 " response.\n"); 3394 return -ENOMEM; 3395 } 3396 /* 3397 * Locate pointer to iqn./eui. string for IFC_SENDTARGETS_SINGLE 3398 * explicit case.. 3399 */ 3400 if (cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) { 3401 text_ptr = strchr(text_in, '='); 3402 if (!text_ptr) { 3403 pr_err("Unable to locate '=' string in text_in:" 3404 " %s\n", text_in); 3405 kfree(payload); 3406 return -EINVAL; 3407 } 3408 /* 3409 * Skip over '=' character.. 3410 */ 3411 text_ptr += 1; 3412 } 3413 3414 spin_lock(&tiqn_lock); 3415 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 3416 if ((cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) && 3417 strcmp(tiqn->tiqn, text_ptr)) { 3418 continue; 3419 } 3420 3421 len = sprintf(buf, "TargetName=%s", tiqn->tiqn); 3422 len += 1; 3423 3424 if ((len + payload_len) > buffer_len) { 3425 end_of_buf = 1; 3426 goto eob; 3427 } 3428 memcpy(payload + payload_len, buf, len); 3429 payload_len += len; 3430 3431 spin_lock(&tiqn->tiqn_tpg_lock); 3432 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) { 3433 3434 spin_lock(&tpg->tpg_state_lock); 3435 if ((tpg->tpg_state == TPG_STATE_FREE) || 3436 (tpg->tpg_state == TPG_STATE_INACTIVE)) { 3437 spin_unlock(&tpg->tpg_state_lock); 3438 continue; 3439 } 3440 spin_unlock(&tpg->tpg_state_lock); 3441 3442 spin_lock(&tpg->tpg_np_lock); 3443 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list, 3444 tpg_np_list) { 3445 struct iscsi_np *np = tpg_np->tpg_np; 3446 bool inaddr_any = iscsit_check_inaddr_any(np); 3447 3448 len = sprintf(buf, "TargetAddress=" 3449 "%s%s%s:%hu,%hu", 3450 (np->np_sockaddr.ss_family == AF_INET6) ? 3451 "[" : "", (inaddr_any == false) ? 3452 np->np_ip : conn->local_ip, 3453 (np->np_sockaddr.ss_family == AF_INET6) ? 3454 "]" : "", (inaddr_any == false) ? 3455 np->np_port : conn->local_port, 3456 tpg->tpgt); 3457 len += 1; 3458 3459 if ((len + payload_len) > buffer_len) { 3460 spin_unlock(&tpg->tpg_np_lock); 3461 spin_unlock(&tiqn->tiqn_tpg_lock); 3462 end_of_buf = 1; 3463 goto eob; 3464 } 3465 memcpy(payload + payload_len, buf, len); 3466 payload_len += len; 3467 } 3468 spin_unlock(&tpg->tpg_np_lock); 3469 } 3470 spin_unlock(&tiqn->tiqn_tpg_lock); 3471eob: 3472 if (end_of_buf) 3473 break; 3474 3475 if (cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) 3476 break; 3477 } 3478 spin_unlock(&tiqn_lock); 3479 3480 cmd->buf_ptr = payload; 3481 3482 return payload_len; 3483} 3484 3485int 3486iscsit_build_text_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3487 struct iscsi_text_rsp *hdr) 3488{ 3489 int text_length, padding; 3490 3491 text_length = iscsit_build_sendtargets_response(cmd); 3492 if (text_length < 0) 3493 return text_length; 3494 3495 hdr->opcode = ISCSI_OP_TEXT_RSP; 3496 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3497 padding = ((-text_length) & 3); 3498 hton24(hdr->dlength, text_length); 3499 hdr->itt = cmd->init_task_tag; 3500 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 3501 cmd->stat_sn = conn->stat_sn++; 3502 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3503 3504 iscsit_increment_maxcmdsn(cmd, conn->sess); 3505 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3506 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3507 3508 pr_debug("Built Text Response: ITT: 0x%08x, StatSN: 0x%08x," 3509 " Length: %u, CID: %hu\n", cmd->init_task_tag, cmd->stat_sn, 3510 text_length, conn->cid); 3511 3512 return text_length + padding; 3513} 3514EXPORT_SYMBOL(iscsit_build_text_rsp); 3515 3516/* 3517 * FIXME: Add support for F_BIT and C_BIT when the length is longer than 3518 * MaxRecvDataSegmentLength. 3519 */ 3520static int iscsit_send_text_rsp( 3521 struct iscsi_cmd *cmd, 3522 struct iscsi_conn *conn) 3523{ 3524 struct iscsi_text_rsp *hdr = (struct iscsi_text_rsp *)cmd->pdu; 3525 struct kvec *iov; 3526 u32 tx_size = 0; 3527 int text_length, iov_count = 0, rc; 3528 3529 rc = iscsit_build_text_rsp(cmd, conn, hdr); 3530 if (rc < 0) 3531 return rc; 3532 3533 text_length = rc; 3534 iov = &cmd->iov_misc[0]; 3535 iov[iov_count].iov_base = cmd->pdu; 3536 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3537 iov[iov_count].iov_base = cmd->buf_ptr; 3538 iov[iov_count++].iov_len = text_length; 3539 3540 tx_size += (ISCSI_HDR_LEN + text_length); 3541 3542 if (conn->conn_ops->HeaderDigest) { 3543 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3544 3545 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3546 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3547 3548 iov[0].iov_len += ISCSI_CRC_LEN; 3549 tx_size += ISCSI_CRC_LEN; 3550 pr_debug("Attaching CRC32 HeaderDigest for" 3551 " Text Response PDU 0x%08x\n", *header_digest); 3552 } 3553 3554 if (conn->conn_ops->DataDigest) { 3555 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 3556 cmd->buf_ptr, text_length, 3557 0, NULL, (u8 *)&cmd->data_crc); 3558 3559 iov[iov_count].iov_base = &cmd->data_crc; 3560 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3561 tx_size += ISCSI_CRC_LEN; 3562 3563 pr_debug("Attaching DataDigest for %u bytes of text" 3564 " data, CRC 0x%08x\n", text_length, 3565 cmd->data_crc); 3566 } 3567 3568 cmd->iov_misc_count = iov_count; 3569 cmd->tx_size = tx_size; 3570 3571 return 0; 3572} 3573 3574void 3575iscsit_build_reject(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3576 struct iscsi_reject *hdr) 3577{ 3578 hdr->opcode = ISCSI_OP_REJECT; 3579 hdr->reason = cmd->reject_reason; 3580 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3581 hton24(hdr->dlength, ISCSI_HDR_LEN); 3582 hdr->ffffffff = cpu_to_be32(0xffffffff); 3583 cmd->stat_sn = conn->stat_sn++; 3584 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3585 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3586 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3587 3588} 3589EXPORT_SYMBOL(iscsit_build_reject); 3590 3591static int iscsit_send_reject( 3592 struct iscsi_cmd *cmd, 3593 struct iscsi_conn *conn) 3594{ 3595 struct iscsi_reject *hdr = (struct iscsi_reject *)&cmd->pdu[0]; 3596 struct kvec *iov; 3597 u32 iov_count = 0, tx_size; 3598 3599 iscsit_build_reject(cmd, conn, hdr); 3600 3601 iov = &cmd->iov_misc[0]; 3602 iov[iov_count].iov_base = cmd->pdu; 3603 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3604 iov[iov_count].iov_base = cmd->buf_ptr; 3605 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3606 3607 tx_size = (ISCSI_HDR_LEN + ISCSI_HDR_LEN); 3608 3609 if (conn->conn_ops->HeaderDigest) { 3610 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3611 3612 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3613 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3614 3615 iov[0].iov_len += ISCSI_CRC_LEN; 3616 tx_size += ISCSI_CRC_LEN; 3617 pr_debug("Attaching CRC32 HeaderDigest for" 3618 " REJECT PDU 0x%08x\n", *header_digest); 3619 } 3620 3621 if (conn->conn_ops->DataDigest) { 3622 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->buf_ptr, 3623 ISCSI_HDR_LEN, 0, NULL, (u8 *)&cmd->data_crc); 3624 3625 iov[iov_count].iov_base = &cmd->data_crc; 3626 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3627 tx_size += ISCSI_CRC_LEN; 3628 pr_debug("Attaching CRC32 DataDigest for REJECT" 3629 " PDU 0x%08x\n", cmd->data_crc); 3630 } 3631 3632 cmd->iov_misc_count = iov_count; 3633 cmd->tx_size = tx_size; 3634 3635 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x," 3636 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid); 3637 3638 return 0; 3639} 3640 3641void iscsit_thread_get_cpumask(struct iscsi_conn *conn) 3642{ 3643 struct iscsi_thread_set *ts = conn->thread_set; 3644 int ord, cpu; 3645 /* 3646 * thread_id is assigned from iscsit_global->ts_bitmap from 3647 * within iscsi_thread_set.c:iscsi_allocate_thread_sets() 3648 * 3649 * Here we use thread_id to determine which CPU that this 3650 * iSCSI connection's iscsi_thread_set will be scheduled to 3651 * execute upon. 3652 */ 3653 ord = ts->thread_id % cpumask_weight(cpu_online_mask); 3654 for_each_online_cpu(cpu) { 3655 if (ord-- == 0) { 3656 cpumask_set_cpu(cpu, conn->conn_cpumask); 3657 return; 3658 } 3659 } 3660 /* 3661 * This should never be reached.. 3662 */ 3663 dump_stack(); 3664 cpumask_setall(conn->conn_cpumask); 3665} 3666 3667static inline void iscsit_thread_check_cpumask( 3668 struct iscsi_conn *conn, 3669 struct task_struct *p, 3670 int mode) 3671{ 3672 char buf[128]; 3673 /* 3674 * mode == 1 signals iscsi_target_tx_thread() usage. 3675 * mode == 0 signals iscsi_target_rx_thread() usage. 3676 */ 3677 if (mode == 1) { 3678 if (!conn->conn_tx_reset_cpumask) 3679 return; 3680 conn->conn_tx_reset_cpumask = 0; 3681 } else { 3682 if (!conn->conn_rx_reset_cpumask) 3683 return; 3684 conn->conn_rx_reset_cpumask = 0; 3685 } 3686 /* 3687 * Update the CPU mask for this single kthread so that 3688 * both TX and RX kthreads are scheduled to run on the 3689 * same CPU. 3690 */ 3691 memset(buf, 0, 128); 3692 cpumask_scnprintf(buf, 128, conn->conn_cpumask); 3693 set_cpus_allowed_ptr(p, conn->conn_cpumask); 3694} 3695 3696static int 3697iscsit_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3698{ 3699 int ret; 3700 3701 switch (state) { 3702 case ISTATE_SEND_R2T: 3703 ret = iscsit_send_r2t(cmd, conn); 3704 if (ret < 0) 3705 goto err; 3706 break; 3707 case ISTATE_REMOVE: 3708 spin_lock_bh(&conn->cmd_lock); 3709 list_del(&cmd->i_conn_node); 3710 spin_unlock_bh(&conn->cmd_lock); 3711 3712 iscsit_free_cmd(cmd, false); 3713 break; 3714 case ISTATE_SEND_NOPIN_WANT_RESPONSE: 3715 iscsit_mod_nopin_response_timer(conn); 3716 ret = iscsit_send_unsolicited_nopin(cmd, conn, 1); 3717 if (ret < 0) 3718 goto err; 3719 break; 3720 case ISTATE_SEND_NOPIN_NO_RESPONSE: 3721 ret = iscsit_send_unsolicited_nopin(cmd, conn, 0); 3722 if (ret < 0) 3723 goto err; 3724 break; 3725 default: 3726 pr_err("Unknown Opcode: 0x%02x ITT:" 3727 " 0x%08x, i_state: %d on CID: %hu\n", 3728 cmd->iscsi_opcode, cmd->init_task_tag, state, 3729 conn->cid); 3730 goto err; 3731 } 3732 3733 return 0; 3734 3735err: 3736 return -1; 3737} 3738 3739static int 3740iscsit_handle_immediate_queue(struct iscsi_conn *conn) 3741{ 3742 struct iscsit_transport *t = conn->conn_transport; 3743 struct iscsi_queue_req *qr; 3744 struct iscsi_cmd *cmd; 3745 u8 state; 3746 int ret; 3747 3748 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) { 3749 atomic_set(&conn->check_immediate_queue, 0); 3750 cmd = qr->cmd; 3751 state = qr->state; 3752 kmem_cache_free(lio_qr_cache, qr); 3753 3754 ret = t->iscsit_immediate_queue(conn, cmd, state); 3755 if (ret < 0) 3756 return ret; 3757 } 3758 3759 return 0; 3760} 3761 3762static int 3763iscsit_response_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3764{ 3765 int ret; 3766 3767check_rsp_state: 3768 switch (state) { 3769 case ISTATE_SEND_DATAIN: 3770 ret = iscsit_send_datain(cmd, conn); 3771 if (ret < 0) 3772 goto err; 3773 else if (!ret) 3774 /* more drs */ 3775 goto check_rsp_state; 3776 else if (ret == 1) { 3777 /* all done */ 3778 spin_lock_bh(&cmd->istate_lock); 3779 cmd->i_state = ISTATE_SENT_STATUS; 3780 spin_unlock_bh(&cmd->istate_lock); 3781 3782 if (atomic_read(&conn->check_immediate_queue)) 3783 return 1; 3784 3785 return 0; 3786 } else if (ret == 2) { 3787 /* Still must send status, 3788 SCF_TRANSPORT_TASK_SENSE was set */ 3789 spin_lock_bh(&cmd->istate_lock); 3790 cmd->i_state = ISTATE_SEND_STATUS; 3791 spin_unlock_bh(&cmd->istate_lock); 3792 state = ISTATE_SEND_STATUS; 3793 goto check_rsp_state; 3794 } 3795 3796 break; 3797 case ISTATE_SEND_STATUS: 3798 case ISTATE_SEND_STATUS_RECOVERY: 3799 ret = iscsit_send_response(cmd, conn); 3800 break; 3801 case ISTATE_SEND_LOGOUTRSP: 3802 ret = iscsit_send_logout(cmd, conn); 3803 break; 3804 case ISTATE_SEND_ASYNCMSG: 3805 ret = iscsit_send_conn_drop_async_message( 3806 cmd, conn); 3807 break; 3808 case ISTATE_SEND_NOPIN: 3809 ret = iscsit_send_nopin(cmd, conn); 3810 break; 3811 case ISTATE_SEND_REJECT: 3812 ret = iscsit_send_reject(cmd, conn); 3813 break; 3814 case ISTATE_SEND_TASKMGTRSP: 3815 ret = iscsit_send_task_mgt_rsp(cmd, conn); 3816 if (ret != 0) 3817 break; 3818 ret = iscsit_tmr_post_handler(cmd, conn); 3819 if (ret != 0) 3820 iscsit_fall_back_to_erl0(conn->sess); 3821 break; 3822 case ISTATE_SEND_TEXTRSP: 3823 ret = iscsit_send_text_rsp(cmd, conn); 3824 break; 3825 default: 3826 pr_err("Unknown Opcode: 0x%02x ITT:" 3827 " 0x%08x, i_state: %d on CID: %hu\n", 3828 cmd->iscsi_opcode, cmd->init_task_tag, 3829 state, conn->cid); 3830 goto err; 3831 } 3832 if (ret < 0) 3833 goto err; 3834 3835 if (iscsit_send_tx_data(cmd, conn, 1) < 0) { 3836 iscsit_tx_thread_wait_for_tcp(conn); 3837 iscsit_unmap_iovec(cmd); 3838 goto err; 3839 } 3840 iscsit_unmap_iovec(cmd); 3841 3842 switch (state) { 3843 case ISTATE_SEND_LOGOUTRSP: 3844 if (!iscsit_logout_post_handler(cmd, conn)) 3845 goto restart; 3846 /* fall through */ 3847 case ISTATE_SEND_STATUS: 3848 case ISTATE_SEND_ASYNCMSG: 3849 case ISTATE_SEND_NOPIN: 3850 case ISTATE_SEND_STATUS_RECOVERY: 3851 case ISTATE_SEND_TEXTRSP: 3852 case ISTATE_SEND_TASKMGTRSP: 3853 case ISTATE_SEND_REJECT: 3854 spin_lock_bh(&cmd->istate_lock); 3855 cmd->i_state = ISTATE_SENT_STATUS; 3856 spin_unlock_bh(&cmd->istate_lock); 3857 break; 3858 default: 3859 pr_err("Unknown Opcode: 0x%02x ITT:" 3860 " 0x%08x, i_state: %d on CID: %hu\n", 3861 cmd->iscsi_opcode, cmd->init_task_tag, 3862 cmd->i_state, conn->cid); 3863 goto err; 3864 } 3865 3866 if (atomic_read(&conn->check_immediate_queue)) 3867 return 1; 3868 3869 return 0; 3870 3871err: 3872 return -1; 3873restart: 3874 return -EAGAIN; 3875} 3876 3877static int iscsit_handle_response_queue(struct iscsi_conn *conn) 3878{ 3879 struct iscsit_transport *t = conn->conn_transport; 3880 struct iscsi_queue_req *qr; 3881 struct iscsi_cmd *cmd; 3882 u8 state; 3883 int ret; 3884 3885 while ((qr = iscsit_get_cmd_from_response_queue(conn))) { 3886 cmd = qr->cmd; 3887 state = qr->state; 3888 kmem_cache_free(lio_qr_cache, qr); 3889 3890 ret = t->iscsit_response_queue(conn, cmd, state); 3891 if (ret == 1 || ret < 0) 3892 return ret; 3893 } 3894 3895 return 0; 3896} 3897 3898int iscsi_target_tx_thread(void *arg) 3899{ 3900 int ret = 0; 3901 struct iscsi_conn *conn; 3902 struct iscsi_thread_set *ts = arg; 3903 /* 3904 * Allow ourselves to be interrupted by SIGINT so that a 3905 * connection recovery / failure event can be triggered externally. 3906 */ 3907 allow_signal(SIGINT); 3908 3909restart: 3910 conn = iscsi_tx_thread_pre_handler(ts); 3911 if (!conn) 3912 goto out; 3913 3914 ret = 0; 3915 3916 while (!kthread_should_stop()) { 3917 /* 3918 * Ensure that both TX and RX per connection kthreads 3919 * are scheduled to run on the same CPU. 3920 */ 3921 iscsit_thread_check_cpumask(conn, current, 1); 3922 3923 wait_event_interruptible(conn->queues_wq, 3924 !iscsit_conn_all_queues_empty(conn) || 3925 ts->status == ISCSI_THREAD_SET_RESET); 3926 3927 if ((ts->status == ISCSI_THREAD_SET_RESET) || 3928 signal_pending(current)) 3929 goto transport_err; 3930 3931get_immediate: 3932 ret = iscsit_handle_immediate_queue(conn); 3933 if (ret < 0) 3934 goto transport_err; 3935 3936 ret = iscsit_handle_response_queue(conn); 3937 if (ret == 1) 3938 goto get_immediate; 3939 else if (ret == -EAGAIN) 3940 goto restart; 3941 else if (ret < 0) 3942 goto transport_err; 3943 } 3944 3945transport_err: 3946 iscsit_take_action_for_connection_exit(conn); 3947 goto restart; 3948out: 3949 return 0; 3950} 3951 3952static int iscsi_target_rx_opcode(struct iscsi_conn *conn, unsigned char *buf) 3953{ 3954 struct iscsi_hdr *hdr = (struct iscsi_hdr *)buf; 3955 struct iscsi_cmd *cmd; 3956 int ret = 0; 3957 3958 switch (hdr->opcode & ISCSI_OPCODE_MASK) { 3959 case ISCSI_OP_SCSI_CMD: 3960 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3961 if (!cmd) 3962 goto reject; 3963 3964 ret = iscsit_handle_scsi_cmd(conn, cmd, buf); 3965 break; 3966 case ISCSI_OP_SCSI_DATA_OUT: 3967 ret = iscsit_handle_data_out(conn, buf); 3968 break; 3969 case ISCSI_OP_NOOP_OUT: 3970 cmd = NULL; 3971 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 3972 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3973 if (!cmd) 3974 goto reject; 3975 } 3976 ret = iscsit_handle_nop_out(conn, cmd, buf); 3977 break; 3978 case ISCSI_OP_SCSI_TMFUNC: 3979 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3980 if (!cmd) 3981 goto reject; 3982 3983 ret = iscsit_handle_task_mgt_cmd(conn, cmd, buf); 3984 break; 3985 case ISCSI_OP_TEXT: 3986 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3987 if (!cmd) 3988 goto reject; 3989 3990 ret = iscsit_handle_text_cmd(conn, cmd, buf); 3991 break; 3992 case ISCSI_OP_LOGOUT: 3993 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3994 if (!cmd) 3995 goto reject; 3996 3997 ret = iscsit_handle_logout_cmd(conn, cmd, buf); 3998 if (ret > 0) 3999 wait_for_completion_timeout(&conn->conn_logout_comp, 4000 SECONDS_FOR_LOGOUT_COMP * HZ); 4001 break; 4002 case ISCSI_OP_SNACK: 4003 ret = iscsit_handle_snack(conn, buf); 4004 break; 4005 default: 4006 pr_err("Got unknown iSCSI OpCode: 0x%02x\n", hdr->opcode); 4007 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 4008 pr_err("Cannot recover from unknown" 4009 " opcode while ERL=0, closing iSCSI connection.\n"); 4010 return -1; 4011 } 4012 if (!conn->conn_ops->OFMarker) { 4013 pr_err("Unable to recover from unknown" 4014 " opcode while OFMarker=No, closing iSCSI" 4015 " connection.\n"); 4016 return -1; 4017 } 4018 if (iscsit_recover_from_unknown_opcode(conn) < 0) { 4019 pr_err("Unable to recover from unknown" 4020 " opcode, closing iSCSI connection.\n"); 4021 return -1; 4022 } 4023 break; 4024 } 4025 4026 return ret; 4027reject: 4028 return iscsit_add_reject(conn, ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 4029} 4030 4031int iscsi_target_rx_thread(void *arg) 4032{ 4033 int ret; 4034 u8 buffer[ISCSI_HDR_LEN], opcode; 4035 u32 checksum = 0, digest = 0; 4036 struct iscsi_conn *conn = NULL; 4037 struct iscsi_thread_set *ts = arg; 4038 struct kvec iov; 4039 /* 4040 * Allow ourselves to be interrupted by SIGINT so that a 4041 * connection recovery / failure event can be triggered externally. 4042 */ 4043 allow_signal(SIGINT); 4044 4045restart: 4046 conn = iscsi_rx_thread_pre_handler(ts); 4047 if (!conn) 4048 goto out; 4049 4050 if (conn->conn_transport->transport_type == ISCSI_INFINIBAND) { 4051 struct completion comp; 4052 int rc; 4053 4054 init_completion(&comp); 4055 rc = wait_for_completion_interruptible(&comp); 4056 if (rc < 0) 4057 goto transport_err; 4058 4059 goto out; 4060 } 4061 4062 while (!kthread_should_stop()) { 4063 /* 4064 * Ensure that both TX and RX per connection kthreads 4065 * are scheduled to run on the same CPU. 4066 */ 4067 iscsit_thread_check_cpumask(conn, current, 0); 4068 4069 memset(buffer, 0, ISCSI_HDR_LEN); 4070 memset(&iov, 0, sizeof(struct kvec)); 4071 4072 iov.iov_base = buffer; 4073 iov.iov_len = ISCSI_HDR_LEN; 4074 4075 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN); 4076 if (ret != ISCSI_HDR_LEN) { 4077 iscsit_rx_thread_wait_for_tcp(conn); 4078 goto transport_err; 4079 } 4080 4081 if (conn->conn_ops->HeaderDigest) { 4082 iov.iov_base = &digest; 4083 iov.iov_len = ISCSI_CRC_LEN; 4084 4085 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN); 4086 if (ret != ISCSI_CRC_LEN) { 4087 iscsit_rx_thread_wait_for_tcp(conn); 4088 goto transport_err; 4089 } 4090 4091 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 4092 buffer, ISCSI_HDR_LEN, 4093 0, NULL, (u8 *)&checksum); 4094 4095 if (digest != checksum) { 4096 pr_err("HeaderDigest CRC32C failed," 4097 " received 0x%08x, computed 0x%08x\n", 4098 digest, checksum); 4099 /* 4100 * Set the PDU to 0xff so it will intentionally 4101 * hit default in the switch below. 4102 */ 4103 memset(buffer, 0xff, ISCSI_HDR_LEN); 4104 spin_lock_bh(&conn->sess->session_stats_lock); 4105 conn->sess->conn_digest_errors++; 4106 spin_unlock_bh(&conn->sess->session_stats_lock); 4107 } else { 4108 pr_debug("Got HeaderDigest CRC32C" 4109 " 0x%08x\n", checksum); 4110 } 4111 } 4112 4113 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT) 4114 goto transport_err; 4115 4116 opcode = buffer[0] & ISCSI_OPCODE_MASK; 4117 4118 if (conn->sess->sess_ops->SessionType && 4119 ((!(opcode & ISCSI_OP_TEXT)) || 4120 (!(opcode & ISCSI_OP_LOGOUT)))) { 4121 pr_err("Received illegal iSCSI Opcode: 0x%02x" 4122 " while in Discovery Session, rejecting.\n", opcode); 4123 iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 4124 buffer); 4125 goto transport_err; 4126 } 4127 4128 ret = iscsi_target_rx_opcode(conn, buffer); 4129 if (ret < 0) 4130 goto transport_err; 4131 } 4132 4133transport_err: 4134 if (!signal_pending(current)) 4135 atomic_set(&conn->transport_failed, 1); 4136 iscsit_take_action_for_connection_exit(conn); 4137 goto restart; 4138out: 4139 return 0; 4140} 4141 4142static void iscsit_release_commands_from_conn(struct iscsi_conn *conn) 4143{ 4144 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL; 4145 struct iscsi_session *sess = conn->sess; 4146 /* 4147 * We expect this function to only ever be called from either RX or TX 4148 * thread context via iscsit_close_connection() once the other context 4149 * has been reset -> returned sleeping pre-handler state. 4150 */ 4151 spin_lock_bh(&conn->cmd_lock); 4152 list_for_each_entry_safe(cmd, cmd_tmp, &conn->conn_cmd_list, i_conn_node) { 4153 4154 list_del(&cmd->i_conn_node); 4155 spin_unlock_bh(&conn->cmd_lock); 4156 4157 iscsit_increment_maxcmdsn(cmd, sess); 4158 4159 iscsit_free_cmd(cmd, true); 4160 4161 spin_lock_bh(&conn->cmd_lock); 4162 } 4163 spin_unlock_bh(&conn->cmd_lock); 4164} 4165 4166static void iscsit_stop_timers_for_cmds( 4167 struct iscsi_conn *conn) 4168{ 4169 struct iscsi_cmd *cmd; 4170 4171 spin_lock_bh(&conn->cmd_lock); 4172 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) { 4173 if (cmd->data_direction == DMA_TO_DEVICE) 4174 iscsit_stop_dataout_timer(cmd); 4175 } 4176 spin_unlock_bh(&conn->cmd_lock); 4177} 4178 4179int iscsit_close_connection( 4180 struct iscsi_conn *conn) 4181{ 4182 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT); 4183 struct iscsi_session *sess = conn->sess; 4184 4185 pr_debug("Closing iSCSI connection CID %hu on SID:" 4186 " %u\n", conn->cid, sess->sid); 4187 /* 4188 * Always up conn_logout_comp just in case the RX Thread is sleeping 4189 * and the logout response never got sent because the connection 4190 * failed. 4191 */ 4192 complete(&conn->conn_logout_comp); 4193 4194 iscsi_release_thread_set(conn); 4195 4196 iscsit_stop_timers_for_cmds(conn); 4197 iscsit_stop_nopin_response_timer(conn); 4198 iscsit_stop_nopin_timer(conn); 4199 iscsit_free_queue_reqs_for_conn(conn); 4200 4201 /* 4202 * During Connection recovery drop unacknowledged out of order 4203 * commands for this connection, and prepare the other commands 4204 * for realligence. 4205 * 4206 * During normal operation clear the out of order commands (but 4207 * do not free the struct iscsi_ooo_cmdsn's) and release all 4208 * struct iscsi_cmds. 4209 */ 4210 if (atomic_read(&conn->connection_recovery)) { 4211 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn); 4212 iscsit_prepare_cmds_for_realligance(conn); 4213 } else { 4214 iscsit_clear_ooo_cmdsns_for_conn(conn); 4215 iscsit_release_commands_from_conn(conn); 4216 } 4217 4218 /* 4219 * Handle decrementing session or connection usage count if 4220 * a logout response was not able to be sent because the 4221 * connection failed. Fall back to Session Recovery here. 4222 */ 4223 if (atomic_read(&conn->conn_logout_remove)) { 4224 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) { 4225 iscsit_dec_conn_usage_count(conn); 4226 iscsit_dec_session_usage_count(sess); 4227 } 4228 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) 4229 iscsit_dec_conn_usage_count(conn); 4230 4231 atomic_set(&conn->conn_logout_remove, 0); 4232 atomic_set(&sess->session_reinstatement, 0); 4233 atomic_set(&sess->session_fall_back_to_erl0, 1); 4234 } 4235 4236 spin_lock_bh(&sess->conn_lock); 4237 list_del(&conn->conn_list); 4238 4239 /* 4240 * Attempt to let the Initiator know this connection failed by 4241 * sending an Connection Dropped Async Message on another 4242 * active connection. 4243 */ 4244 if (atomic_read(&conn->connection_recovery)) 4245 iscsit_build_conn_drop_async_message(conn); 4246 4247 spin_unlock_bh(&sess->conn_lock); 4248 4249 /* 4250 * If connection reinstatement is being performed on this connection, 4251 * up the connection reinstatement semaphore that is being blocked on 4252 * in iscsit_cause_connection_reinstatement(). 4253 */ 4254 spin_lock_bh(&conn->state_lock); 4255 if (atomic_read(&conn->sleep_on_conn_wait_comp)) { 4256 spin_unlock_bh(&conn->state_lock); 4257 complete(&conn->conn_wait_comp); 4258 wait_for_completion(&conn->conn_post_wait_comp); 4259 spin_lock_bh(&conn->state_lock); 4260 } 4261 4262 /* 4263 * If connection reinstatement is being performed on this connection 4264 * by receiving a REMOVECONNFORRECOVERY logout request, up the 4265 * connection wait rcfr semaphore that is being blocked on 4266 * an iscsit_connection_reinstatement_rcfr(). 4267 */ 4268 if (atomic_read(&conn->connection_wait_rcfr)) { 4269 spin_unlock_bh(&conn->state_lock); 4270 complete(&conn->conn_wait_rcfr_comp); 4271 wait_for_completion(&conn->conn_post_wait_comp); 4272 spin_lock_bh(&conn->state_lock); 4273 } 4274 atomic_set(&conn->connection_reinstatement, 1); 4275 spin_unlock_bh(&conn->state_lock); 4276 4277 /* 4278 * If any other processes are accessing this connection pointer we 4279 * must wait until they have completed. 4280 */ 4281 iscsit_check_conn_usage_count(conn); 4282 4283 if (conn->conn_rx_hash.tfm) 4284 crypto_free_hash(conn->conn_rx_hash.tfm); 4285 if (conn->conn_tx_hash.tfm) 4286 crypto_free_hash(conn->conn_tx_hash.tfm); 4287 4288 if (conn->conn_cpumask) 4289 free_cpumask_var(conn->conn_cpumask); 4290 4291 kfree(conn->conn_ops); 4292 conn->conn_ops = NULL; 4293 4294 if (conn->sock) 4295 sock_release(conn->sock); 4296 4297 if (conn->conn_transport->iscsit_free_conn) 4298 conn->conn_transport->iscsit_free_conn(conn); 4299 4300 iscsit_put_transport(conn->conn_transport); 4301 4302 conn->thread_set = NULL; 4303 4304 pr_debug("Moving to TARG_CONN_STATE_FREE.\n"); 4305 conn->conn_state = TARG_CONN_STATE_FREE; 4306 kfree(conn); 4307 4308 spin_lock_bh(&sess->conn_lock); 4309 atomic_dec(&sess->nconn); 4310 pr_debug("Decremented iSCSI connection count to %hu from node:" 4311 " %s\n", atomic_read(&sess->nconn), 4312 sess->sess_ops->InitiatorName); 4313 /* 4314 * Make sure that if one connection fails in an non ERL=2 iSCSI 4315 * Session that they all fail. 4316 */ 4317 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout && 4318 !atomic_read(&sess->session_logout)) 4319 atomic_set(&sess->session_fall_back_to_erl0, 1); 4320 4321 /* 4322 * If this was not the last connection in the session, and we are 4323 * performing session reinstatement or falling back to ERL=0, call 4324 * iscsit_stop_session() without sleeping to shutdown the other 4325 * active connections. 4326 */ 4327 if (atomic_read(&sess->nconn)) { 4328 if (!atomic_read(&sess->session_reinstatement) && 4329 !atomic_read(&sess->session_fall_back_to_erl0)) { 4330 spin_unlock_bh(&sess->conn_lock); 4331 return 0; 4332 } 4333 if (!atomic_read(&sess->session_stop_active)) { 4334 atomic_set(&sess->session_stop_active, 1); 4335 spin_unlock_bh(&sess->conn_lock); 4336 iscsit_stop_session(sess, 0, 0); 4337 return 0; 4338 } 4339 spin_unlock_bh(&sess->conn_lock); 4340 return 0; 4341 } 4342 4343 /* 4344 * If this was the last connection in the session and one of the 4345 * following is occurring: 4346 * 4347 * Session Reinstatement is not being performed, and are falling back 4348 * to ERL=0 call iscsit_close_session(). 4349 * 4350 * Session Logout was requested. iscsit_close_session() will be called 4351 * elsewhere. 4352 * 4353 * Session Continuation is not being performed, start the Time2Retain 4354 * handler and check if sleep_on_sess_wait_sem is active. 4355 */ 4356 if (!atomic_read(&sess->session_reinstatement) && 4357 atomic_read(&sess->session_fall_back_to_erl0)) { 4358 spin_unlock_bh(&sess->conn_lock); 4359 target_put_session(sess->se_sess); 4360 4361 return 0; 4362 } else if (atomic_read(&sess->session_logout)) { 4363 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4364 sess->session_state = TARG_SESS_STATE_FREE; 4365 spin_unlock_bh(&sess->conn_lock); 4366 4367 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4368 complete(&sess->session_wait_comp); 4369 4370 return 0; 4371 } else { 4372 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4373 sess->session_state = TARG_SESS_STATE_FAILED; 4374 4375 if (!atomic_read(&sess->session_continuation)) { 4376 spin_unlock_bh(&sess->conn_lock); 4377 iscsit_start_time2retain_handler(sess); 4378 } else 4379 spin_unlock_bh(&sess->conn_lock); 4380 4381 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4382 complete(&sess->session_wait_comp); 4383 4384 return 0; 4385 } 4386 spin_unlock_bh(&sess->conn_lock); 4387 4388 return 0; 4389} 4390 4391int iscsit_close_session(struct iscsi_session *sess) 4392{ 4393 struct iscsi_portal_group *tpg = ISCSI_TPG_S(sess); 4394 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4395 4396 if (atomic_read(&sess->nconn)) { 4397 pr_err("%d connection(s) still exist for iSCSI session" 4398 " to %s\n", atomic_read(&sess->nconn), 4399 sess->sess_ops->InitiatorName); 4400 BUG(); 4401 } 4402 4403 spin_lock_bh(&se_tpg->session_lock); 4404 atomic_set(&sess->session_logout, 1); 4405 atomic_set(&sess->session_reinstatement, 1); 4406 iscsit_stop_time2retain_timer(sess); 4407 spin_unlock_bh(&se_tpg->session_lock); 4408 4409 /* 4410 * transport_deregister_session_configfs() will clear the 4411 * struct se_node_acl->nacl_sess pointer now as a iscsi_np process context 4412 * can be setting it again with __transport_register_session() in 4413 * iscsi_post_login_handler() again after the iscsit_stop_session() 4414 * completes in iscsi_np context. 4415 */ 4416 transport_deregister_session_configfs(sess->se_sess); 4417 4418 /* 4419 * If any other processes are accessing this session pointer we must 4420 * wait until they have completed. If we are in an interrupt (the 4421 * time2retain handler) and contain and active session usage count we 4422 * restart the timer and exit. 4423 */ 4424 if (!in_interrupt()) { 4425 if (iscsit_check_session_usage_count(sess) == 1) 4426 iscsit_stop_session(sess, 1, 1); 4427 } else { 4428 if (iscsit_check_session_usage_count(sess) == 2) { 4429 atomic_set(&sess->session_logout, 0); 4430 iscsit_start_time2retain_handler(sess); 4431 return 0; 4432 } 4433 } 4434 4435 transport_deregister_session(sess->se_sess); 4436 4437 if (sess->sess_ops->ErrorRecoveryLevel == 2) 4438 iscsit_free_connection_recovery_entires(sess); 4439 4440 iscsit_free_all_ooo_cmdsns(sess); 4441 4442 spin_lock_bh(&se_tpg->session_lock); 4443 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4444 sess->session_state = TARG_SESS_STATE_FREE; 4445 pr_debug("Released iSCSI session from node: %s\n", 4446 sess->sess_ops->InitiatorName); 4447 tpg->nsessions--; 4448 if (tpg->tpg_tiqn) 4449 tpg->tpg_tiqn->tiqn_nsessions--; 4450 4451 pr_debug("Decremented number of active iSCSI Sessions on" 4452 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions); 4453 4454 spin_lock(&sess_idr_lock); 4455 idr_remove(&sess_idr, sess->session_index); 4456 spin_unlock(&sess_idr_lock); 4457 4458 kfree(sess->sess_ops); 4459 sess->sess_ops = NULL; 4460 spin_unlock_bh(&se_tpg->session_lock); 4461 4462 kfree(sess); 4463 return 0; 4464} 4465 4466static void iscsit_logout_post_handler_closesession( 4467 struct iscsi_conn *conn) 4468{ 4469 struct iscsi_session *sess = conn->sess; 4470 4471 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD); 4472 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD); 4473 4474 atomic_set(&conn->conn_logout_remove, 0); 4475 complete(&conn->conn_logout_comp); 4476 4477 iscsit_dec_conn_usage_count(conn); 4478 iscsit_stop_session(sess, 1, 1); 4479 iscsit_dec_session_usage_count(sess); 4480 target_put_session(sess->se_sess); 4481} 4482 4483static void iscsit_logout_post_handler_samecid( 4484 struct iscsi_conn *conn) 4485{ 4486 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD); 4487 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD); 4488 4489 atomic_set(&conn->conn_logout_remove, 0); 4490 complete(&conn->conn_logout_comp); 4491 4492 iscsit_cause_connection_reinstatement(conn, 1); 4493 iscsit_dec_conn_usage_count(conn); 4494} 4495 4496static void iscsit_logout_post_handler_diffcid( 4497 struct iscsi_conn *conn, 4498 u16 cid) 4499{ 4500 struct iscsi_conn *l_conn; 4501 struct iscsi_session *sess = conn->sess; 4502 4503 if (!sess) 4504 return; 4505 4506 spin_lock_bh(&sess->conn_lock); 4507 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) { 4508 if (l_conn->cid == cid) { 4509 iscsit_inc_conn_usage_count(l_conn); 4510 break; 4511 } 4512 } 4513 spin_unlock_bh(&sess->conn_lock); 4514 4515 if (!l_conn) 4516 return; 4517 4518 if (l_conn->sock) 4519 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN); 4520 4521 spin_lock_bh(&l_conn->state_lock); 4522 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 4523 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 4524 spin_unlock_bh(&l_conn->state_lock); 4525 4526 iscsit_cause_connection_reinstatement(l_conn, 1); 4527 iscsit_dec_conn_usage_count(l_conn); 4528} 4529 4530/* 4531 * Return of 0 causes the TX thread to restart. 4532 */ 4533int iscsit_logout_post_handler( 4534 struct iscsi_cmd *cmd, 4535 struct iscsi_conn *conn) 4536{ 4537 int ret = 0; 4538 4539 switch (cmd->logout_reason) { 4540 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 4541 switch (cmd->logout_response) { 4542 case ISCSI_LOGOUT_SUCCESS: 4543 case ISCSI_LOGOUT_CLEANUP_FAILED: 4544 default: 4545 iscsit_logout_post_handler_closesession(conn); 4546 break; 4547 } 4548 ret = 0; 4549 break; 4550 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 4551 if (conn->cid == cmd->logout_cid) { 4552 switch (cmd->logout_response) { 4553 case ISCSI_LOGOUT_SUCCESS: 4554 case ISCSI_LOGOUT_CLEANUP_FAILED: 4555 default: 4556 iscsit_logout_post_handler_samecid(conn); 4557 break; 4558 } 4559 ret = 0; 4560 } else { 4561 switch (cmd->logout_response) { 4562 case ISCSI_LOGOUT_SUCCESS: 4563 iscsit_logout_post_handler_diffcid(conn, 4564 cmd->logout_cid); 4565 break; 4566 case ISCSI_LOGOUT_CID_NOT_FOUND: 4567 case ISCSI_LOGOUT_CLEANUP_FAILED: 4568 default: 4569 break; 4570 } 4571 ret = 1; 4572 } 4573 break; 4574 case ISCSI_LOGOUT_REASON_RECOVERY: 4575 switch (cmd->logout_response) { 4576 case ISCSI_LOGOUT_SUCCESS: 4577 case ISCSI_LOGOUT_CID_NOT_FOUND: 4578 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED: 4579 case ISCSI_LOGOUT_CLEANUP_FAILED: 4580 default: 4581 break; 4582 } 4583 ret = 1; 4584 break; 4585 default: 4586 break; 4587 4588 } 4589 return ret; 4590} 4591EXPORT_SYMBOL(iscsit_logout_post_handler); 4592 4593void iscsit_fail_session(struct iscsi_session *sess) 4594{ 4595 struct iscsi_conn *conn; 4596 4597 spin_lock_bh(&sess->conn_lock); 4598 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) { 4599 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n"); 4600 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT; 4601 } 4602 spin_unlock_bh(&sess->conn_lock); 4603 4604 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4605 sess->session_state = TARG_SESS_STATE_FAILED; 4606} 4607 4608int iscsit_free_session(struct iscsi_session *sess) 4609{ 4610 u16 conn_count = atomic_read(&sess->nconn); 4611 struct iscsi_conn *conn, *conn_tmp = NULL; 4612 int is_last; 4613 4614 spin_lock_bh(&sess->conn_lock); 4615 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4616 4617 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4618 conn_list) { 4619 if (conn_count == 0) 4620 break; 4621 4622 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4623 is_last = 1; 4624 } else { 4625 iscsit_inc_conn_usage_count(conn_tmp); 4626 is_last = 0; 4627 } 4628 iscsit_inc_conn_usage_count(conn); 4629 4630 spin_unlock_bh(&sess->conn_lock); 4631 iscsit_cause_connection_reinstatement(conn, 1); 4632 spin_lock_bh(&sess->conn_lock); 4633 4634 iscsit_dec_conn_usage_count(conn); 4635 if (is_last == 0) 4636 iscsit_dec_conn_usage_count(conn_tmp); 4637 4638 conn_count--; 4639 } 4640 4641 if (atomic_read(&sess->nconn)) { 4642 spin_unlock_bh(&sess->conn_lock); 4643 wait_for_completion(&sess->session_wait_comp); 4644 } else 4645 spin_unlock_bh(&sess->conn_lock); 4646 4647 target_put_session(sess->se_sess); 4648 return 0; 4649} 4650 4651void iscsit_stop_session( 4652 struct iscsi_session *sess, 4653 int session_sleep, 4654 int connection_sleep) 4655{ 4656 u16 conn_count = atomic_read(&sess->nconn); 4657 struct iscsi_conn *conn, *conn_tmp = NULL; 4658 int is_last; 4659 4660 spin_lock_bh(&sess->conn_lock); 4661 if (session_sleep) 4662 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4663 4664 if (connection_sleep) { 4665 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4666 conn_list) { 4667 if (conn_count == 0) 4668 break; 4669 4670 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4671 is_last = 1; 4672 } else { 4673 iscsit_inc_conn_usage_count(conn_tmp); 4674 is_last = 0; 4675 } 4676 iscsit_inc_conn_usage_count(conn); 4677 4678 spin_unlock_bh(&sess->conn_lock); 4679 iscsit_cause_connection_reinstatement(conn, 1); 4680 spin_lock_bh(&sess->conn_lock); 4681 4682 iscsit_dec_conn_usage_count(conn); 4683 if (is_last == 0) 4684 iscsit_dec_conn_usage_count(conn_tmp); 4685 conn_count--; 4686 } 4687 } else { 4688 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) 4689 iscsit_cause_connection_reinstatement(conn, 0); 4690 } 4691 4692 if (session_sleep && atomic_read(&sess->nconn)) { 4693 spin_unlock_bh(&sess->conn_lock); 4694 wait_for_completion(&sess->session_wait_comp); 4695 } else 4696 spin_unlock_bh(&sess->conn_lock); 4697} 4698 4699int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force) 4700{ 4701 struct iscsi_session *sess; 4702 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4703 struct se_session *se_sess, *se_sess_tmp; 4704 int session_count = 0; 4705 4706 spin_lock_bh(&se_tpg->session_lock); 4707 if (tpg->nsessions && !force) { 4708 spin_unlock_bh(&se_tpg->session_lock); 4709 return -1; 4710 } 4711 4712 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list, 4713 sess_list) { 4714 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4715 4716 spin_lock(&sess->conn_lock); 4717 if (atomic_read(&sess->session_fall_back_to_erl0) || 4718 atomic_read(&sess->session_logout) || 4719 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) { 4720 spin_unlock(&sess->conn_lock); 4721 continue; 4722 } 4723 atomic_set(&sess->session_reinstatement, 1); 4724 spin_unlock(&sess->conn_lock); 4725 spin_unlock_bh(&se_tpg->session_lock); 4726 4727 iscsit_free_session(sess); 4728 spin_lock_bh(&se_tpg->session_lock); 4729 4730 session_count++; 4731 } 4732 spin_unlock_bh(&se_tpg->session_lock); 4733 4734 pr_debug("Released %d iSCSI Session(s) from Target Portal" 4735 " Group: %hu\n", session_count, tpg->tpgt); 4736 return 0; 4737} 4738 4739MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure"); 4740MODULE_VERSION("4.1.x"); 4741MODULE_AUTHOR("nab@Linux-iSCSI.org"); 4742MODULE_LICENSE("GPL"); 4743 4744module_init(iscsi_target_init_module); 4745module_exit(iscsi_target_cleanup_module); 4746