1 /******************************************************************************* 2 * This file contains main functions related to the iSCSI Target Core Driver. 3 * 4 * (c) Copyright 2007-2013 Datera, Inc. 5 * 6 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 ******************************************************************************/ 18 19 #include <linux/string.h> 20 #include <linux/kthread.h> 21 #include <linux/crypto.h> 22 #include <linux/completion.h> 23 #include <linux/module.h> 24 #include <linux/idr.h> 25 #include <asm/unaligned.h> 26 #include <scsi/scsi_device.h> 27 #include <scsi/iscsi_proto.h> 28 #include <scsi/scsi_tcq.h> 29 #include <target/target_core_base.h> 30 #include <target/target_core_fabric.h> 31 #include <target/target_core_configfs.h> 32 33 #include "iscsi_target_core.h" 34 #include "iscsi_target_parameters.h" 35 #include "iscsi_target_seq_pdu_list.h" 36 #include "iscsi_target_tq.h" 37 #include "iscsi_target_configfs.h" 38 #include "iscsi_target_datain_values.h" 39 #include "iscsi_target_erl0.h" 40 #include "iscsi_target_erl1.h" 41 #include "iscsi_target_erl2.h" 42 #include "iscsi_target_login.h" 43 #include "iscsi_target_tmr.h" 44 #include "iscsi_target_tpg.h" 45 #include "iscsi_target_util.h" 46 #include "iscsi_target.h" 47 #include "iscsi_target_device.h" 48 #include "iscsi_target_stat.h" 49 50 #include <target/iscsi/iscsi_transport.h> 51 52 static LIST_HEAD(g_tiqn_list); 53 static LIST_HEAD(g_np_list); 54 static DEFINE_SPINLOCK(tiqn_lock); 55 static DEFINE_SPINLOCK(np_lock); 56 57 static struct idr tiqn_idr; 58 struct idr sess_idr; 59 struct mutex auth_id_lock; 60 spinlock_t sess_idr_lock; 61 62 struct iscsit_global *iscsit_global; 63 64 struct kmem_cache *lio_qr_cache; 65 struct kmem_cache *lio_dr_cache; 66 struct kmem_cache *lio_ooo_cache; 67 struct kmem_cache *lio_r2t_cache; 68 69 static int iscsit_handle_immediate_data(struct iscsi_cmd *, 70 struct iscsi_scsi_req *, u32); 71 72 struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf) 73 { 74 struct iscsi_tiqn *tiqn = NULL; 75 76 spin_lock(&tiqn_lock); 77 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 78 if (!strcmp(tiqn->tiqn, buf)) { 79 80 spin_lock(&tiqn->tiqn_state_lock); 81 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 82 tiqn->tiqn_access_count++; 83 spin_unlock(&tiqn->tiqn_state_lock); 84 spin_unlock(&tiqn_lock); 85 return tiqn; 86 } 87 spin_unlock(&tiqn->tiqn_state_lock); 88 } 89 } 90 spin_unlock(&tiqn_lock); 91 92 return NULL; 93 } 94 95 static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn) 96 { 97 spin_lock(&tiqn->tiqn_state_lock); 98 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 99 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN; 100 spin_unlock(&tiqn->tiqn_state_lock); 101 return 0; 102 } 103 spin_unlock(&tiqn->tiqn_state_lock); 104 105 return -1; 106 } 107 108 void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn) 109 { 110 spin_lock(&tiqn->tiqn_state_lock); 111 tiqn->tiqn_access_count--; 112 spin_unlock(&tiqn->tiqn_state_lock); 113 } 114 115 /* 116 * Note that IQN formatting is expected to be done in userspace, and 117 * no explict IQN format checks are done here. 118 */ 119 struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf) 120 { 121 struct iscsi_tiqn *tiqn = NULL; 122 int ret; 123 124 if (strlen(buf) >= ISCSI_IQN_LEN) { 125 pr_err("Target IQN exceeds %d bytes\n", 126 ISCSI_IQN_LEN); 127 return ERR_PTR(-EINVAL); 128 } 129 130 tiqn = kzalloc(sizeof(struct iscsi_tiqn), GFP_KERNEL); 131 if (!tiqn) { 132 pr_err("Unable to allocate struct iscsi_tiqn\n"); 133 return ERR_PTR(-ENOMEM); 134 } 135 136 sprintf(tiqn->tiqn, "%s", buf); 137 INIT_LIST_HEAD(&tiqn->tiqn_list); 138 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list); 139 spin_lock_init(&tiqn->tiqn_state_lock); 140 spin_lock_init(&tiqn->tiqn_tpg_lock); 141 spin_lock_init(&tiqn->sess_err_stats.lock); 142 spin_lock_init(&tiqn->login_stats.lock); 143 spin_lock_init(&tiqn->logout_stats.lock); 144 145 tiqn->tiqn_state = TIQN_STATE_ACTIVE; 146 147 idr_preload(GFP_KERNEL); 148 spin_lock(&tiqn_lock); 149 150 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT); 151 if (ret < 0) { 152 pr_err("idr_alloc() failed for tiqn->tiqn_index\n"); 153 spin_unlock(&tiqn_lock); 154 idr_preload_end(); 155 kfree(tiqn); 156 return ERR_PTR(ret); 157 } 158 tiqn->tiqn_index = ret; 159 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list); 160 161 spin_unlock(&tiqn_lock); 162 idr_preload_end(); 163 164 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn); 165 166 return tiqn; 167 168 } 169 170 static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn) 171 { 172 /* 173 * Wait for accesses to said struct iscsi_tiqn to end. 174 */ 175 spin_lock(&tiqn->tiqn_state_lock); 176 while (tiqn->tiqn_access_count != 0) { 177 spin_unlock(&tiqn->tiqn_state_lock); 178 msleep(10); 179 spin_lock(&tiqn->tiqn_state_lock); 180 } 181 spin_unlock(&tiqn->tiqn_state_lock); 182 } 183 184 void iscsit_del_tiqn(struct iscsi_tiqn *tiqn) 185 { 186 /* 187 * iscsit_set_tiqn_shutdown sets tiqn->tiqn_state = TIQN_STATE_SHUTDOWN 188 * while holding tiqn->tiqn_state_lock. This means that all subsequent 189 * attempts to access this struct iscsi_tiqn will fail from both transport 190 * fabric and control code paths. 191 */ 192 if (iscsit_set_tiqn_shutdown(tiqn) < 0) { 193 pr_err("iscsit_set_tiqn_shutdown() failed\n"); 194 return; 195 } 196 197 iscsit_wait_for_tiqn(tiqn); 198 199 spin_lock(&tiqn_lock); 200 list_del(&tiqn->tiqn_list); 201 idr_remove(&tiqn_idr, tiqn->tiqn_index); 202 spin_unlock(&tiqn_lock); 203 204 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n", 205 tiqn->tiqn); 206 kfree(tiqn); 207 } 208 209 int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg) 210 { 211 int ret; 212 /* 213 * Determine if the network portal is accepting storage traffic. 214 */ 215 spin_lock_bh(&np->np_thread_lock); 216 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 217 spin_unlock_bh(&np->np_thread_lock); 218 return -1; 219 } 220 spin_unlock_bh(&np->np_thread_lock); 221 /* 222 * Determine if the portal group is accepting storage traffic. 223 */ 224 spin_lock_bh(&tpg->tpg_state_lock); 225 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 226 spin_unlock_bh(&tpg->tpg_state_lock); 227 return -1; 228 } 229 spin_unlock_bh(&tpg->tpg_state_lock); 230 231 /* 232 * Here we serialize access across the TIQN+TPG Tuple. 233 */ 234 ret = down_interruptible(&tpg->np_login_sem); 235 if ((ret != 0) || signal_pending(current)) 236 return -1; 237 238 spin_lock_bh(&tpg->tpg_state_lock); 239 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 240 spin_unlock_bh(&tpg->tpg_state_lock); 241 up(&tpg->np_login_sem); 242 return -1; 243 } 244 spin_unlock_bh(&tpg->tpg_state_lock); 245 246 return 0; 247 } 248 249 void iscsit_login_kref_put(struct kref *kref) 250 { 251 struct iscsi_tpg_np *tpg_np = container_of(kref, 252 struct iscsi_tpg_np, tpg_np_kref); 253 254 complete(&tpg_np->tpg_np_comp); 255 } 256 257 int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg, 258 struct iscsi_tpg_np *tpg_np) 259 { 260 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn; 261 262 up(&tpg->np_login_sem); 263 264 if (tpg_np) 265 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 266 267 if (tiqn) 268 iscsit_put_tiqn_for_login(tiqn); 269 270 return 0; 271 } 272 273 bool iscsit_check_np_match( 274 struct __kernel_sockaddr_storage *sockaddr, 275 struct iscsi_np *np, 276 int network_transport) 277 { 278 struct sockaddr_in *sock_in, *sock_in_e; 279 struct sockaddr_in6 *sock_in6, *sock_in6_e; 280 bool ip_match = false; 281 u16 port; 282 283 if (sockaddr->ss_family == AF_INET6) { 284 sock_in6 = (struct sockaddr_in6 *)sockaddr; 285 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr; 286 287 if (!memcmp(&sock_in6->sin6_addr.in6_u, 288 &sock_in6_e->sin6_addr.in6_u, 289 sizeof(struct in6_addr))) 290 ip_match = true; 291 292 port = ntohs(sock_in6->sin6_port); 293 } else { 294 sock_in = (struct sockaddr_in *)sockaddr; 295 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr; 296 297 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr) 298 ip_match = true; 299 300 port = ntohs(sock_in->sin_port); 301 } 302 303 if ((ip_match == true) && (np->np_port == port) && 304 (np->np_network_transport == network_transport)) 305 return true; 306 307 return false; 308 } 309 310 static struct iscsi_np *iscsit_get_np( 311 struct __kernel_sockaddr_storage *sockaddr, 312 int network_transport) 313 { 314 struct iscsi_np *np; 315 bool match; 316 317 spin_lock_bh(&np_lock); 318 list_for_each_entry(np, &g_np_list, np_list) { 319 spin_lock(&np->np_thread_lock); 320 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 321 spin_unlock(&np->np_thread_lock); 322 continue; 323 } 324 325 match = iscsit_check_np_match(sockaddr, np, network_transport); 326 if (match == true) { 327 /* 328 * Increment the np_exports reference count now to 329 * prevent iscsit_del_np() below from being called 330 * while iscsi_tpg_add_network_portal() is called. 331 */ 332 np->np_exports++; 333 spin_unlock(&np->np_thread_lock); 334 spin_unlock_bh(&np_lock); 335 return np; 336 } 337 spin_unlock(&np->np_thread_lock); 338 } 339 spin_unlock_bh(&np_lock); 340 341 return NULL; 342 } 343 344 struct iscsi_np *iscsit_add_np( 345 struct __kernel_sockaddr_storage *sockaddr, 346 char *ip_str, 347 int network_transport) 348 { 349 struct sockaddr_in *sock_in; 350 struct sockaddr_in6 *sock_in6; 351 struct iscsi_np *np; 352 int ret; 353 /* 354 * Locate the existing struct iscsi_np if already active.. 355 */ 356 np = iscsit_get_np(sockaddr, network_transport); 357 if (np) 358 return np; 359 360 np = kzalloc(sizeof(struct iscsi_np), GFP_KERNEL); 361 if (!np) { 362 pr_err("Unable to allocate memory for struct iscsi_np\n"); 363 return ERR_PTR(-ENOMEM); 364 } 365 366 np->np_flags |= NPF_IP_NETWORK; 367 if (sockaddr->ss_family == AF_INET6) { 368 sock_in6 = (struct sockaddr_in6 *)sockaddr; 369 snprintf(np->np_ip, IPV6_ADDRESS_SPACE, "%s", ip_str); 370 np->np_port = ntohs(sock_in6->sin6_port); 371 } else { 372 sock_in = (struct sockaddr_in *)sockaddr; 373 sprintf(np->np_ip, "%s", ip_str); 374 np->np_port = ntohs(sock_in->sin_port); 375 } 376 377 np->np_network_transport = network_transport; 378 spin_lock_init(&np->np_thread_lock); 379 init_completion(&np->np_restart_comp); 380 INIT_LIST_HEAD(&np->np_list); 381 382 ret = iscsi_target_setup_login_socket(np, sockaddr); 383 if (ret != 0) { 384 kfree(np); 385 return ERR_PTR(ret); 386 } 387 388 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np"); 389 if (IS_ERR(np->np_thread)) { 390 pr_err("Unable to create kthread: iscsi_np\n"); 391 ret = PTR_ERR(np->np_thread); 392 kfree(np); 393 return ERR_PTR(ret); 394 } 395 /* 396 * Increment the np_exports reference count now to prevent 397 * iscsit_del_np() below from being run while a new call to 398 * iscsi_tpg_add_network_portal() for a matching iscsi_np is 399 * active. We don't need to hold np->np_thread_lock at this 400 * point because iscsi_np has not been added to g_np_list yet. 401 */ 402 np->np_exports = 1; 403 404 spin_lock_bh(&np_lock); 405 list_add_tail(&np->np_list, &g_np_list); 406 spin_unlock_bh(&np_lock); 407 408 pr_debug("CORE[0] - Added Network Portal: %s:%hu on %s\n", 409 np->np_ip, np->np_port, np->np_transport->name); 410 411 return np; 412 } 413 414 int iscsit_reset_np_thread( 415 struct iscsi_np *np, 416 struct iscsi_tpg_np *tpg_np, 417 struct iscsi_portal_group *tpg, 418 bool shutdown) 419 { 420 spin_lock_bh(&np->np_thread_lock); 421 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) { 422 spin_unlock_bh(&np->np_thread_lock); 423 return 0; 424 } 425 np->np_thread_state = ISCSI_NP_THREAD_RESET; 426 427 if (np->np_thread) { 428 spin_unlock_bh(&np->np_thread_lock); 429 send_sig(SIGINT, np->np_thread, 1); 430 wait_for_completion(&np->np_restart_comp); 431 spin_lock_bh(&np->np_thread_lock); 432 } 433 spin_unlock_bh(&np->np_thread_lock); 434 435 if (tpg_np && shutdown) { 436 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 437 438 wait_for_completion(&tpg_np->tpg_np_comp); 439 } 440 441 return 0; 442 } 443 444 static void iscsit_free_np(struct iscsi_np *np) 445 { 446 if (np->np_socket) 447 sock_release(np->np_socket); 448 } 449 450 int iscsit_del_np(struct iscsi_np *np) 451 { 452 spin_lock_bh(&np->np_thread_lock); 453 np->np_exports--; 454 if (np->np_exports) { 455 spin_unlock_bh(&np->np_thread_lock); 456 return 0; 457 } 458 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN; 459 spin_unlock_bh(&np->np_thread_lock); 460 461 if (np->np_thread) { 462 /* 463 * We need to send the signal to wakeup Linux/Net 464 * which may be sleeping in sock_accept().. 465 */ 466 send_sig(SIGINT, np->np_thread, 1); 467 kthread_stop(np->np_thread); 468 np->np_thread = NULL; 469 } 470 471 np->np_transport->iscsit_free_np(np); 472 473 spin_lock_bh(&np_lock); 474 list_del(&np->np_list); 475 spin_unlock_bh(&np_lock); 476 477 pr_debug("CORE[0] - Removed Network Portal: %s:%hu on %s\n", 478 np->np_ip, np->np_port, np->np_transport->name); 479 480 iscsit_put_transport(np->np_transport); 481 kfree(np); 482 return 0; 483 } 484 485 static int iscsit_immediate_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 486 static int iscsit_response_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 487 488 static int iscsit_queue_rsp(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 489 { 490 iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state); 491 return 0; 492 } 493 494 static struct iscsit_transport iscsi_target_transport = { 495 .name = "iSCSI/TCP", 496 .transport_type = ISCSI_TCP, 497 .owner = NULL, 498 .iscsit_setup_np = iscsit_setup_np, 499 .iscsit_accept_np = iscsit_accept_np, 500 .iscsit_free_np = iscsit_free_np, 501 .iscsit_get_login_rx = iscsit_get_login_rx, 502 .iscsit_put_login_tx = iscsit_put_login_tx, 503 .iscsit_get_dataout = iscsit_build_r2ts_for_cmd, 504 .iscsit_immediate_queue = iscsit_immediate_queue, 505 .iscsit_response_queue = iscsit_response_queue, 506 .iscsit_queue_data_in = iscsit_queue_rsp, 507 .iscsit_queue_status = iscsit_queue_rsp, 508 }; 509 510 static int __init iscsi_target_init_module(void) 511 { 512 int ret = 0; 513 514 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n"); 515 516 iscsit_global = kzalloc(sizeof(struct iscsit_global), GFP_KERNEL); 517 if (!iscsit_global) { 518 pr_err("Unable to allocate memory for iscsit_global\n"); 519 return -1; 520 } 521 mutex_init(&auth_id_lock); 522 spin_lock_init(&sess_idr_lock); 523 idr_init(&tiqn_idr); 524 idr_init(&sess_idr); 525 526 ret = iscsi_target_register_configfs(); 527 if (ret < 0) 528 goto out; 529 530 ret = iscsi_thread_set_init(); 531 if (ret < 0) 532 goto configfs_out; 533 534 if (iscsi_allocate_thread_sets(TARGET_THREAD_SET_COUNT) != 535 TARGET_THREAD_SET_COUNT) { 536 pr_err("iscsi_allocate_thread_sets() returned" 537 " unexpected value!\n"); 538 goto ts_out1; 539 } 540 541 lio_qr_cache = kmem_cache_create("lio_qr_cache", 542 sizeof(struct iscsi_queue_req), 543 __alignof__(struct iscsi_queue_req), 0, NULL); 544 if (!lio_qr_cache) { 545 pr_err("nable to kmem_cache_create() for" 546 " lio_qr_cache\n"); 547 goto ts_out2; 548 } 549 550 lio_dr_cache = kmem_cache_create("lio_dr_cache", 551 sizeof(struct iscsi_datain_req), 552 __alignof__(struct iscsi_datain_req), 0, NULL); 553 if (!lio_dr_cache) { 554 pr_err("Unable to kmem_cache_create() for" 555 " lio_dr_cache\n"); 556 goto qr_out; 557 } 558 559 lio_ooo_cache = kmem_cache_create("lio_ooo_cache", 560 sizeof(struct iscsi_ooo_cmdsn), 561 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL); 562 if (!lio_ooo_cache) { 563 pr_err("Unable to kmem_cache_create() for" 564 " lio_ooo_cache\n"); 565 goto dr_out; 566 } 567 568 lio_r2t_cache = kmem_cache_create("lio_r2t_cache", 569 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t), 570 0, NULL); 571 if (!lio_r2t_cache) { 572 pr_err("Unable to kmem_cache_create() for" 573 " lio_r2t_cache\n"); 574 goto ooo_out; 575 } 576 577 iscsit_register_transport(&iscsi_target_transport); 578 579 if (iscsit_load_discovery_tpg() < 0) 580 goto r2t_out; 581 582 return ret; 583 r2t_out: 584 kmem_cache_destroy(lio_r2t_cache); 585 ooo_out: 586 kmem_cache_destroy(lio_ooo_cache); 587 dr_out: 588 kmem_cache_destroy(lio_dr_cache); 589 qr_out: 590 kmem_cache_destroy(lio_qr_cache); 591 ts_out2: 592 iscsi_deallocate_thread_sets(); 593 ts_out1: 594 iscsi_thread_set_free(); 595 configfs_out: 596 iscsi_target_deregister_configfs(); 597 out: 598 kfree(iscsit_global); 599 return -ENOMEM; 600 } 601 602 static void __exit iscsi_target_cleanup_module(void) 603 { 604 iscsi_deallocate_thread_sets(); 605 iscsi_thread_set_free(); 606 iscsit_release_discovery_tpg(); 607 iscsit_unregister_transport(&iscsi_target_transport); 608 kmem_cache_destroy(lio_qr_cache); 609 kmem_cache_destroy(lio_dr_cache); 610 kmem_cache_destroy(lio_ooo_cache); 611 kmem_cache_destroy(lio_r2t_cache); 612 613 iscsi_target_deregister_configfs(); 614 615 kfree(iscsit_global); 616 } 617 618 static int iscsit_add_reject( 619 struct iscsi_conn *conn, 620 u8 reason, 621 unsigned char *buf) 622 { 623 struct iscsi_cmd *cmd; 624 625 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 626 if (!cmd) 627 return -1; 628 629 cmd->iscsi_opcode = ISCSI_OP_REJECT; 630 cmd->reject_reason = reason; 631 632 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 633 if (!cmd->buf_ptr) { 634 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 635 iscsit_free_cmd(cmd, false); 636 return -1; 637 } 638 639 spin_lock_bh(&conn->cmd_lock); 640 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 641 spin_unlock_bh(&conn->cmd_lock); 642 643 cmd->i_state = ISTATE_SEND_REJECT; 644 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 645 646 return -1; 647 } 648 649 static int iscsit_add_reject_from_cmd( 650 struct iscsi_cmd *cmd, 651 u8 reason, 652 bool add_to_conn, 653 unsigned char *buf) 654 { 655 struct iscsi_conn *conn; 656 657 if (!cmd->conn) { 658 pr_err("cmd->conn is NULL for ITT: 0x%08x\n", 659 cmd->init_task_tag); 660 return -1; 661 } 662 conn = cmd->conn; 663 664 cmd->iscsi_opcode = ISCSI_OP_REJECT; 665 cmd->reject_reason = reason; 666 667 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 668 if (!cmd->buf_ptr) { 669 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 670 iscsit_free_cmd(cmd, false); 671 return -1; 672 } 673 674 if (add_to_conn) { 675 spin_lock_bh(&conn->cmd_lock); 676 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 677 spin_unlock_bh(&conn->cmd_lock); 678 } 679 680 cmd->i_state = ISTATE_SEND_REJECT; 681 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 682 /* 683 * Perform the kref_put now if se_cmd has already been setup by 684 * scsit_setup_scsi_cmd() 685 */ 686 if (cmd->se_cmd.se_tfo != NULL) { 687 pr_debug("iscsi reject: calling target_put_sess_cmd >>>>>>\n"); 688 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 689 } 690 return -1; 691 } 692 693 static int iscsit_add_reject_cmd(struct iscsi_cmd *cmd, u8 reason, 694 unsigned char *buf) 695 { 696 return iscsit_add_reject_from_cmd(cmd, reason, true, buf); 697 } 698 699 int iscsit_reject_cmd(struct iscsi_cmd *cmd, u8 reason, unsigned char *buf) 700 { 701 return iscsit_add_reject_from_cmd(cmd, reason, false, buf); 702 } 703 704 /* 705 * Map some portion of the allocated scatterlist to an iovec, suitable for 706 * kernel sockets to copy data in/out. 707 */ 708 static int iscsit_map_iovec( 709 struct iscsi_cmd *cmd, 710 struct kvec *iov, 711 u32 data_offset, 712 u32 data_length) 713 { 714 u32 i = 0; 715 struct scatterlist *sg; 716 unsigned int page_off; 717 718 /* 719 * We know each entry in t_data_sg contains a page. 720 */ 721 sg = &cmd->se_cmd.t_data_sg[data_offset / PAGE_SIZE]; 722 page_off = (data_offset % PAGE_SIZE); 723 724 cmd->first_data_sg = sg; 725 cmd->first_data_sg_off = page_off; 726 727 while (data_length) { 728 u32 cur_len = min_t(u32, data_length, sg->length - page_off); 729 730 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off; 731 iov[i].iov_len = cur_len; 732 733 data_length -= cur_len; 734 page_off = 0; 735 sg = sg_next(sg); 736 i++; 737 } 738 739 cmd->kmapped_nents = i; 740 741 return i; 742 } 743 744 static void iscsit_unmap_iovec(struct iscsi_cmd *cmd) 745 { 746 u32 i; 747 struct scatterlist *sg; 748 749 sg = cmd->first_data_sg; 750 751 for (i = 0; i < cmd->kmapped_nents; i++) 752 kunmap(sg_page(&sg[i])); 753 } 754 755 static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn) 756 { 757 LIST_HEAD(ack_list); 758 struct iscsi_cmd *cmd, *cmd_p; 759 760 conn->exp_statsn = exp_statsn; 761 762 if (conn->sess->sess_ops->RDMAExtensions) 763 return; 764 765 spin_lock_bh(&conn->cmd_lock); 766 list_for_each_entry_safe(cmd, cmd_p, &conn->conn_cmd_list, i_conn_node) { 767 spin_lock(&cmd->istate_lock); 768 if ((cmd->i_state == ISTATE_SENT_STATUS) && 769 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) { 770 cmd->i_state = ISTATE_REMOVE; 771 spin_unlock(&cmd->istate_lock); 772 list_move_tail(&cmd->i_conn_node, &ack_list); 773 continue; 774 } 775 spin_unlock(&cmd->istate_lock); 776 } 777 spin_unlock_bh(&conn->cmd_lock); 778 779 list_for_each_entry_safe(cmd, cmd_p, &ack_list, i_conn_node) { 780 list_del(&cmd->i_conn_node); 781 iscsit_free_cmd(cmd, false); 782 } 783 } 784 785 static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd) 786 { 787 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE)); 788 789 iov_count += ISCSI_IOV_DATA_BUFFER; 790 791 cmd->iov_data = kzalloc(iov_count * sizeof(struct kvec), GFP_KERNEL); 792 if (!cmd->iov_data) { 793 pr_err("Unable to allocate cmd->iov_data\n"); 794 return -ENOMEM; 795 } 796 797 cmd->orig_iov_data_count = iov_count; 798 return 0; 799 } 800 801 int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 802 unsigned char *buf) 803 { 804 int data_direction, payload_length; 805 struct iscsi_scsi_req *hdr; 806 int iscsi_task_attr; 807 int sam_task_attr; 808 809 atomic_long_inc(&conn->sess->cmd_pdus); 810 811 hdr = (struct iscsi_scsi_req *) buf; 812 payload_length = ntoh24(hdr->dlength); 813 814 /* FIXME; Add checks for AdditionalHeaderSegment */ 815 816 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) && 817 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 818 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL" 819 " not set. Bad iSCSI Initiator.\n"); 820 return iscsit_add_reject_cmd(cmd, 821 ISCSI_REASON_BOOKMARK_INVALID, buf); 822 } 823 824 if (((hdr->flags & ISCSI_FLAG_CMD_READ) || 825 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { 826 /* 827 * From RFC-3720 Section 10.3.1: 828 * 829 * "Either or both of R and W MAY be 1 when either the 830 * Expected Data Transfer Length and/or Bidirectional Read 831 * Expected Data Transfer Length are 0" 832 * 833 * For this case, go ahead and clear the unnecssary bits 834 * to avoid any confusion with ->data_direction. 835 */ 836 hdr->flags &= ~ISCSI_FLAG_CMD_READ; 837 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; 838 839 pr_warn("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" 840 " set when Expected Data Transfer Length is 0 for" 841 " CDB: 0x%02x, Fixing up flags\n", hdr->cdb[0]); 842 } 843 844 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && 845 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { 846 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE" 847 " MUST be set if Expected Data Transfer Length is not 0." 848 " Bad iSCSI Initiator\n"); 849 return iscsit_add_reject_cmd(cmd, 850 ISCSI_REASON_BOOKMARK_INVALID, buf); 851 } 852 853 if ((hdr->flags & ISCSI_FLAG_CMD_READ) && 854 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) { 855 pr_err("Bidirectional operations not supported!\n"); 856 return iscsit_add_reject_cmd(cmd, 857 ISCSI_REASON_BOOKMARK_INVALID, buf); 858 } 859 860 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 861 pr_err("Illegally set Immediate Bit in iSCSI Initiator" 862 " Scsi Command PDU.\n"); 863 return iscsit_add_reject_cmd(cmd, 864 ISCSI_REASON_BOOKMARK_INVALID, buf); 865 } 866 867 if (payload_length && !conn->sess->sess_ops->ImmediateData) { 868 pr_err("ImmediateData=No but DataSegmentLength=%u," 869 " protocol error.\n", payload_length); 870 return iscsit_add_reject_cmd(cmd, 871 ISCSI_REASON_PROTOCOL_ERROR, buf); 872 } 873 874 if ((be32_to_cpu(hdr->data_length) == payload_length) && 875 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) { 876 pr_err("Expected Data Transfer Length and Length of" 877 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL" 878 " bit is not set protocol error\n"); 879 return iscsit_add_reject_cmd(cmd, 880 ISCSI_REASON_PROTOCOL_ERROR, buf); 881 } 882 883 if (payload_length > be32_to_cpu(hdr->data_length)) { 884 pr_err("DataSegmentLength: %u is greater than" 885 " EDTL: %u, protocol error.\n", payload_length, 886 hdr->data_length); 887 return iscsit_add_reject_cmd(cmd, 888 ISCSI_REASON_PROTOCOL_ERROR, buf); 889 } 890 891 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 892 pr_err("DataSegmentLength: %u is greater than" 893 " MaxXmitDataSegmentLength: %u, protocol error.\n", 894 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 895 return iscsit_add_reject_cmd(cmd, 896 ISCSI_REASON_PROTOCOL_ERROR, buf); 897 } 898 899 if (payload_length > conn->sess->sess_ops->FirstBurstLength) { 900 pr_err("DataSegmentLength: %u is greater than" 901 " FirstBurstLength: %u, protocol error.\n", 902 payload_length, conn->sess->sess_ops->FirstBurstLength); 903 return iscsit_add_reject_cmd(cmd, 904 ISCSI_REASON_BOOKMARK_INVALID, buf); 905 } 906 907 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE : 908 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE : 909 DMA_NONE; 910 911 cmd->data_direction = data_direction; 912 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK; 913 /* 914 * Figure out the SAM Task Attribute for the incoming SCSI CDB 915 */ 916 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) || 917 (iscsi_task_attr == ISCSI_ATTR_SIMPLE)) 918 sam_task_attr = MSG_SIMPLE_TAG; 919 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED) 920 sam_task_attr = MSG_ORDERED_TAG; 921 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE) 922 sam_task_attr = MSG_HEAD_TAG; 923 else if (iscsi_task_attr == ISCSI_ATTR_ACA) 924 sam_task_attr = MSG_ACA_TAG; 925 else { 926 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using" 927 " MSG_SIMPLE_TAG\n", iscsi_task_attr); 928 sam_task_attr = MSG_SIMPLE_TAG; 929 } 930 931 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD; 932 cmd->i_state = ISTATE_NEW_CMD; 933 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 934 cmd->immediate_data = (payload_length) ? 1 : 0; 935 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) && 936 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0); 937 if (cmd->unsolicited_data) 938 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA; 939 940 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 941 if (hdr->flags & ISCSI_FLAG_CMD_READ) { 942 spin_lock_bh(&conn->sess->ttt_lock); 943 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++; 944 if (cmd->targ_xfer_tag == 0xFFFFFFFF) 945 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++; 946 spin_unlock_bh(&conn->sess->ttt_lock); 947 } else if (hdr->flags & ISCSI_FLAG_CMD_WRITE) 948 cmd->targ_xfer_tag = 0xFFFFFFFF; 949 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 950 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 951 cmd->first_burst_len = payload_length; 952 953 if (!conn->sess->sess_ops->RDMAExtensions && 954 cmd->data_direction == DMA_FROM_DEVICE) { 955 struct iscsi_datain_req *dr; 956 957 dr = iscsit_allocate_datain_req(); 958 if (!dr) 959 return iscsit_add_reject_cmd(cmd, 960 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 961 962 iscsit_attach_datain_req(cmd, dr); 963 } 964 965 /* 966 * Initialize struct se_cmd descriptor from target_core_mod infrastructure 967 */ 968 transport_init_se_cmd(&cmd->se_cmd, &lio_target_fabric_configfs->tf_ops, 969 conn->sess->se_sess, be32_to_cpu(hdr->data_length), 970 cmd->data_direction, sam_task_attr, 971 cmd->sense_buffer + 2); 972 973 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x," 974 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt, 975 hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length, 976 conn->cid); 977 978 target_get_sess_cmd(conn->sess->se_sess, &cmd->se_cmd, true); 979 980 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd, 981 scsilun_to_int(&hdr->lun)); 982 if (cmd->sense_reason) 983 goto attach_cmd; 984 985 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb); 986 if (cmd->sense_reason) { 987 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) { 988 return iscsit_add_reject_cmd(cmd, 989 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 990 } 991 992 goto attach_cmd; 993 } 994 995 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) { 996 return iscsit_add_reject_cmd(cmd, 997 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 998 } 999 1000 attach_cmd: 1001 spin_lock_bh(&conn->cmd_lock); 1002 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1003 spin_unlock_bh(&conn->cmd_lock); 1004 /* 1005 * Check if we need to delay processing because of ALUA 1006 * Active/NonOptimized primary access state.. 1007 */ 1008 core_alua_check_nonop_delay(&cmd->se_cmd); 1009 1010 return 0; 1011 } 1012 EXPORT_SYMBOL(iscsit_setup_scsi_cmd); 1013 1014 void iscsit_set_unsoliticed_dataout(struct iscsi_cmd *cmd) 1015 { 1016 iscsit_set_dataout_sequence_values(cmd); 1017 1018 spin_lock_bh(&cmd->dataout_timeout_lock); 1019 iscsit_start_dataout_timer(cmd, cmd->conn); 1020 spin_unlock_bh(&cmd->dataout_timeout_lock); 1021 } 1022 EXPORT_SYMBOL(iscsit_set_unsoliticed_dataout); 1023 1024 int iscsit_process_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1025 struct iscsi_scsi_req *hdr) 1026 { 1027 int cmdsn_ret = 0; 1028 /* 1029 * Check the CmdSN against ExpCmdSN/MaxCmdSN here if 1030 * the Immediate Bit is not set, and no Immediate 1031 * Data is attached. 1032 * 1033 * A PDU/CmdSN carrying Immediate Data can only 1034 * be processed after the DataCRC has passed. 1035 * If the DataCRC fails, the CmdSN MUST NOT 1036 * be acknowledged. (See below) 1037 */ 1038 if (!cmd->immediate_data) { 1039 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1040 (unsigned char *)hdr, hdr->cmdsn); 1041 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1042 return -1; 1043 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1044 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1045 return 0; 1046 } 1047 } 1048 1049 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1050 1051 /* 1052 * If no Immediate Data is attached, it's OK to return now. 1053 */ 1054 if (!cmd->immediate_data) { 1055 if (!cmd->sense_reason && cmd->unsolicited_data) 1056 iscsit_set_unsoliticed_dataout(cmd); 1057 if (!cmd->sense_reason) 1058 return 0; 1059 1060 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1061 return 0; 1062 } 1063 1064 /* 1065 * Early CHECK_CONDITIONs with ImmediateData never make it to command 1066 * execution. These exceptions are processed in CmdSN order using 1067 * iscsit_check_received_cmdsn() in iscsit_get_immediate_data() below. 1068 */ 1069 if (cmd->sense_reason) { 1070 if (cmd->reject_reason) 1071 return 0; 1072 1073 return 1; 1074 } 1075 /* 1076 * Call directly into transport_generic_new_cmd() to perform 1077 * the backend memory allocation. 1078 */ 1079 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd); 1080 if (cmd->sense_reason) 1081 return 1; 1082 1083 return 0; 1084 } 1085 EXPORT_SYMBOL(iscsit_process_scsi_cmd); 1086 1087 static int 1088 iscsit_get_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr, 1089 bool dump_payload) 1090 { 1091 struct iscsi_conn *conn = cmd->conn; 1092 int cmdsn_ret = 0, immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION; 1093 /* 1094 * Special case for Unsupported SAM WRITE Opcodes and ImmediateData=Yes. 1095 */ 1096 if (dump_payload == true) 1097 goto after_immediate_data; 1098 1099 immed_ret = iscsit_handle_immediate_data(cmd, hdr, 1100 cmd->first_burst_len); 1101 after_immediate_data: 1102 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) { 1103 /* 1104 * A PDU/CmdSN carrying Immediate Data passed 1105 * DataCRC, check against ExpCmdSN/MaxCmdSN if 1106 * Immediate Bit is not set. 1107 */ 1108 cmdsn_ret = iscsit_sequence_cmd(cmd->conn, cmd, 1109 (unsigned char *)hdr, hdr->cmdsn); 1110 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1111 return -1; 1112 1113 if (cmd->sense_reason || cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1114 int rc; 1115 1116 rc = iscsit_dump_data_payload(cmd->conn, 1117 cmd->first_burst_len, 1); 1118 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1119 return rc; 1120 } else if (cmd->unsolicited_data) 1121 iscsit_set_unsoliticed_dataout(cmd); 1122 1123 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) { 1124 /* 1125 * Immediate Data failed DataCRC and ERL>=1, 1126 * silently drop this PDU and let the initiator 1127 * plug the CmdSN gap. 1128 * 1129 * FIXME: Send Unsolicited NOPIN with reserved 1130 * TTT here to help the initiator figure out 1131 * the missing CmdSN, although they should be 1132 * intelligent enough to determine the missing 1133 * CmdSN and issue a retry to plug the sequence. 1134 */ 1135 cmd->i_state = ISTATE_REMOVE; 1136 iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, cmd->i_state); 1137 } else /* immed_ret == IMMEDIATE_DATA_CANNOT_RECOVER */ 1138 return -1; 1139 1140 return 0; 1141 } 1142 1143 static int 1144 iscsit_handle_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1145 unsigned char *buf) 1146 { 1147 struct iscsi_scsi_req *hdr = (struct iscsi_scsi_req *)buf; 1148 int rc, immed_data; 1149 bool dump_payload = false; 1150 1151 rc = iscsit_setup_scsi_cmd(conn, cmd, buf); 1152 if (rc < 0) 1153 return 0; 1154 /* 1155 * Allocation iovecs needed for struct socket operations for 1156 * traditional iSCSI block I/O. 1157 */ 1158 if (iscsit_allocate_iovecs(cmd) < 0) { 1159 return iscsit_add_reject_cmd(cmd, 1160 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1161 } 1162 immed_data = cmd->immediate_data; 1163 1164 rc = iscsit_process_scsi_cmd(conn, cmd, hdr); 1165 if (rc < 0) 1166 return rc; 1167 else if (rc > 0) 1168 dump_payload = true; 1169 1170 if (!immed_data) 1171 return 0; 1172 1173 return iscsit_get_immediate_data(cmd, hdr, dump_payload); 1174 } 1175 1176 static u32 iscsit_do_crypto_hash_sg( 1177 struct hash_desc *hash, 1178 struct iscsi_cmd *cmd, 1179 u32 data_offset, 1180 u32 data_length, 1181 u32 padding, 1182 u8 *pad_bytes) 1183 { 1184 u32 data_crc; 1185 u32 i; 1186 struct scatterlist *sg; 1187 unsigned int page_off; 1188 1189 crypto_hash_init(hash); 1190 1191 sg = cmd->first_data_sg; 1192 page_off = cmd->first_data_sg_off; 1193 1194 i = 0; 1195 while (data_length) { 1196 u32 cur_len = min_t(u32, data_length, (sg[i].length - page_off)); 1197 1198 crypto_hash_update(hash, &sg[i], cur_len); 1199 1200 data_length -= cur_len; 1201 page_off = 0; 1202 i++; 1203 } 1204 1205 if (padding) { 1206 struct scatterlist pad_sg; 1207 1208 sg_init_one(&pad_sg, pad_bytes, padding); 1209 crypto_hash_update(hash, &pad_sg, padding); 1210 } 1211 crypto_hash_final(hash, (u8 *) &data_crc); 1212 1213 return data_crc; 1214 } 1215 1216 static void iscsit_do_crypto_hash_buf( 1217 struct hash_desc *hash, 1218 const void *buf, 1219 u32 payload_length, 1220 u32 padding, 1221 u8 *pad_bytes, 1222 u8 *data_crc) 1223 { 1224 struct scatterlist sg; 1225 1226 crypto_hash_init(hash); 1227 1228 sg_init_one(&sg, buf, payload_length); 1229 crypto_hash_update(hash, &sg, payload_length); 1230 1231 if (padding) { 1232 sg_init_one(&sg, pad_bytes, padding); 1233 crypto_hash_update(hash, &sg, padding); 1234 } 1235 crypto_hash_final(hash, data_crc); 1236 } 1237 1238 int 1239 iscsit_check_dataout_hdr(struct iscsi_conn *conn, unsigned char *buf, 1240 struct iscsi_cmd **out_cmd) 1241 { 1242 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1243 struct iscsi_cmd *cmd = NULL; 1244 struct se_cmd *se_cmd; 1245 u32 payload_length = ntoh24(hdr->dlength); 1246 int rc; 1247 1248 if (!payload_length) { 1249 pr_warn("DataOUT payload is ZERO, ignoring.\n"); 1250 return 0; 1251 } 1252 1253 /* iSCSI write */ 1254 atomic_long_add(payload_length, &conn->sess->rx_data_octets); 1255 1256 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1257 pr_err("DataSegmentLength: %u is greater than" 1258 " MaxXmitDataSegmentLength: %u\n", payload_length, 1259 conn->conn_ops->MaxXmitDataSegmentLength); 1260 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1261 buf); 1262 } 1263 1264 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt, 1265 payload_length); 1266 if (!cmd) 1267 return 0; 1268 1269 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x," 1270 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 1271 hdr->itt, hdr->ttt, hdr->datasn, ntohl(hdr->offset), 1272 payload_length, conn->cid); 1273 1274 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) { 1275 pr_err("Command ITT: 0x%08x received DataOUT after" 1276 " last DataOUT received, dumping payload\n", 1277 cmd->init_task_tag); 1278 return iscsit_dump_data_payload(conn, payload_length, 1); 1279 } 1280 1281 if (cmd->data_direction != DMA_TO_DEVICE) { 1282 pr_err("Command ITT: 0x%08x received DataOUT for a" 1283 " NON-WRITE command.\n", cmd->init_task_tag); 1284 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 1285 } 1286 se_cmd = &cmd->se_cmd; 1287 iscsit_mod_dataout_timer(cmd); 1288 1289 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) { 1290 pr_err("DataOut Offset: %u, Length %u greater than" 1291 " iSCSI Command EDTL %u, protocol error.\n", 1292 hdr->offset, payload_length, cmd->se_cmd.data_length); 1293 return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID, buf); 1294 } 1295 1296 if (cmd->unsolicited_data) { 1297 int dump_unsolicited_data = 0; 1298 1299 if (conn->sess->sess_ops->InitialR2T) { 1300 pr_err("Received unexpected unsolicited data" 1301 " while InitialR2T=Yes, protocol error.\n"); 1302 transport_send_check_condition_and_sense(&cmd->se_cmd, 1303 TCM_UNEXPECTED_UNSOLICITED_DATA, 0); 1304 return -1; 1305 } 1306 /* 1307 * Special case for dealing with Unsolicited DataOUT 1308 * and Unsupported SAM WRITE Opcodes and SE resource allocation 1309 * failures; 1310 */ 1311 1312 /* Something's amiss if we're not in WRITE_PENDING state... */ 1313 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING); 1314 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE)) 1315 dump_unsolicited_data = 1; 1316 1317 if (dump_unsolicited_data) { 1318 /* 1319 * Check if a delayed TASK_ABORTED status needs to 1320 * be sent now if the ISCSI_FLAG_CMD_FINAL has been 1321 * received with the unsolicitied data out. 1322 */ 1323 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1324 iscsit_stop_dataout_timer(cmd); 1325 1326 transport_check_aborted_status(se_cmd, 1327 (hdr->flags & ISCSI_FLAG_CMD_FINAL)); 1328 return iscsit_dump_data_payload(conn, payload_length, 1); 1329 } 1330 } else { 1331 /* 1332 * For the normal solicited data path: 1333 * 1334 * Check for a delayed TASK_ABORTED status and dump any 1335 * incoming data out payload if one exists. Also, when the 1336 * ISCSI_FLAG_CMD_FINAL is set to denote the end of the current 1337 * data out sequence, we decrement outstanding_r2ts. Once 1338 * outstanding_r2ts reaches zero, go ahead and send the delayed 1339 * TASK_ABORTED status. 1340 */ 1341 if (se_cmd->transport_state & CMD_T_ABORTED) { 1342 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1343 if (--cmd->outstanding_r2ts < 1) { 1344 iscsit_stop_dataout_timer(cmd); 1345 transport_check_aborted_status( 1346 se_cmd, 1); 1347 } 1348 1349 return iscsit_dump_data_payload(conn, payload_length, 1); 1350 } 1351 } 1352 /* 1353 * Preform DataSN, DataSequenceInOrder, DataPDUInOrder, and 1354 * within-command recovery checks before receiving the payload. 1355 */ 1356 rc = iscsit_check_pre_dataout(cmd, buf); 1357 if (rc == DATAOUT_WITHIN_COMMAND_RECOVERY) 1358 return 0; 1359 else if (rc == DATAOUT_CANNOT_RECOVER) 1360 return -1; 1361 1362 *out_cmd = cmd; 1363 return 0; 1364 } 1365 EXPORT_SYMBOL(iscsit_check_dataout_hdr); 1366 1367 static int 1368 iscsit_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1369 struct iscsi_data *hdr) 1370 { 1371 struct kvec *iov; 1372 u32 checksum, iov_count = 0, padding = 0, rx_got = 0, rx_size = 0; 1373 u32 payload_length = ntoh24(hdr->dlength); 1374 int iov_ret, data_crc_failed = 0; 1375 1376 rx_size += payload_length; 1377 iov = &cmd->iov_data[0]; 1378 1379 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset), 1380 payload_length); 1381 if (iov_ret < 0) 1382 return -1; 1383 1384 iov_count += iov_ret; 1385 1386 padding = ((-payload_length) & 3); 1387 if (padding != 0) { 1388 iov[iov_count].iov_base = cmd->pad_bytes; 1389 iov[iov_count++].iov_len = padding; 1390 rx_size += padding; 1391 pr_debug("Receiving %u padding bytes.\n", padding); 1392 } 1393 1394 if (conn->conn_ops->DataDigest) { 1395 iov[iov_count].iov_base = &checksum; 1396 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 1397 rx_size += ISCSI_CRC_LEN; 1398 } 1399 1400 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 1401 1402 iscsit_unmap_iovec(cmd); 1403 1404 if (rx_got != rx_size) 1405 return -1; 1406 1407 if (conn->conn_ops->DataDigest) { 1408 u32 data_crc; 1409 1410 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd, 1411 be32_to_cpu(hdr->offset), 1412 payload_length, padding, 1413 cmd->pad_bytes); 1414 1415 if (checksum != data_crc) { 1416 pr_err("ITT: 0x%08x, Offset: %u, Length: %u," 1417 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x" 1418 " does not match computed 0x%08x\n", 1419 hdr->itt, hdr->offset, payload_length, 1420 hdr->datasn, checksum, data_crc); 1421 data_crc_failed = 1; 1422 } else { 1423 pr_debug("Got CRC32C DataDigest 0x%08x for" 1424 " %u bytes of Data Out\n", checksum, 1425 payload_length); 1426 } 1427 } 1428 1429 return data_crc_failed; 1430 } 1431 1432 int 1433 iscsit_check_dataout_payload(struct iscsi_cmd *cmd, struct iscsi_data *hdr, 1434 bool data_crc_failed) 1435 { 1436 struct iscsi_conn *conn = cmd->conn; 1437 int rc, ooo_cmdsn; 1438 /* 1439 * Increment post receive data and CRC values or perform 1440 * within-command recovery. 1441 */ 1442 rc = iscsit_check_post_dataout(cmd, (unsigned char *)hdr, data_crc_failed); 1443 if ((rc == DATAOUT_NORMAL) || (rc == DATAOUT_WITHIN_COMMAND_RECOVERY)) 1444 return 0; 1445 else if (rc == DATAOUT_SEND_R2T) { 1446 iscsit_set_dataout_sequence_values(cmd); 1447 conn->conn_transport->iscsit_get_dataout(conn, cmd, false); 1448 } else if (rc == DATAOUT_SEND_TO_TRANSPORT) { 1449 /* 1450 * Handle extra special case for out of order 1451 * Unsolicited Data Out. 1452 */ 1453 spin_lock_bh(&cmd->istate_lock); 1454 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN); 1455 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 1456 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 1457 spin_unlock_bh(&cmd->istate_lock); 1458 1459 iscsit_stop_dataout_timer(cmd); 1460 if (ooo_cmdsn) 1461 return 0; 1462 target_execute_cmd(&cmd->se_cmd); 1463 return 0; 1464 } else /* DATAOUT_CANNOT_RECOVER */ 1465 return -1; 1466 1467 return 0; 1468 } 1469 EXPORT_SYMBOL(iscsit_check_dataout_payload); 1470 1471 static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) 1472 { 1473 struct iscsi_cmd *cmd = NULL; 1474 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1475 int rc; 1476 bool data_crc_failed = false; 1477 1478 rc = iscsit_check_dataout_hdr(conn, buf, &cmd); 1479 if (rc < 0) 1480 return 0; 1481 else if (!cmd) 1482 return 0; 1483 1484 rc = iscsit_get_dataout(conn, cmd, hdr); 1485 if (rc < 0) 1486 return rc; 1487 else if (rc > 0) 1488 data_crc_failed = true; 1489 1490 return iscsit_check_dataout_payload(cmd, hdr, data_crc_failed); 1491 } 1492 1493 int iscsit_setup_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1494 struct iscsi_nopout *hdr) 1495 { 1496 u32 payload_length = ntoh24(hdr->dlength); 1497 1498 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1499 pr_err("NOPOUT ITT is reserved, but Immediate Bit is" 1500 " not set, protocol error.\n"); 1501 if (!cmd) 1502 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1503 (unsigned char *)hdr); 1504 1505 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1506 (unsigned char *)hdr); 1507 } 1508 1509 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1510 pr_err("NOPOUT Ping Data DataSegmentLength: %u is" 1511 " greater than MaxXmitDataSegmentLength: %u, protocol" 1512 " error.\n", payload_length, 1513 conn->conn_ops->MaxXmitDataSegmentLength); 1514 if (!cmd) 1515 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1516 (unsigned char *)hdr); 1517 1518 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1519 (unsigned char *)hdr); 1520 } 1521 1522 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%08x," 1523 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n", 1524 hdr->itt == RESERVED_ITT ? "Response" : "Request", 1525 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn, 1526 payload_length); 1527 /* 1528 * This is not a response to a Unsolicited NopIN, which means 1529 * it can either be a NOPOUT ping request (with a valid ITT), 1530 * or a NOPOUT not requesting a NOPIN (with a reserved ITT). 1531 * Either way, make sure we allocate an struct iscsi_cmd, as both 1532 * can contain ping data. 1533 */ 1534 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1535 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT; 1536 cmd->i_state = ISTATE_SEND_NOPIN; 1537 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1538 1 : 0); 1539 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1540 cmd->targ_xfer_tag = 0xFFFFFFFF; 1541 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1542 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1543 cmd->data_direction = DMA_NONE; 1544 } 1545 1546 return 0; 1547 } 1548 EXPORT_SYMBOL(iscsit_setup_nop_out); 1549 1550 int iscsit_process_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1551 struct iscsi_nopout *hdr) 1552 { 1553 struct iscsi_cmd *cmd_p = NULL; 1554 int cmdsn_ret = 0; 1555 /* 1556 * Initiator is expecting a NopIN ping reply.. 1557 */ 1558 if (hdr->itt != RESERVED_ITT) { 1559 BUG_ON(!cmd); 1560 1561 spin_lock_bh(&conn->cmd_lock); 1562 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1563 spin_unlock_bh(&conn->cmd_lock); 1564 1565 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1566 1567 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 1568 iscsit_add_cmd_to_response_queue(cmd, conn, 1569 cmd->i_state); 1570 return 0; 1571 } 1572 1573 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1574 (unsigned char *)hdr, hdr->cmdsn); 1575 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1576 return 0; 1577 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1578 return -1; 1579 1580 return 0; 1581 } 1582 /* 1583 * This was a response to a unsolicited NOPIN ping. 1584 */ 1585 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 1586 cmd_p = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt)); 1587 if (!cmd_p) 1588 return -EINVAL; 1589 1590 iscsit_stop_nopin_response_timer(conn); 1591 1592 cmd_p->i_state = ISTATE_REMOVE; 1593 iscsit_add_cmd_to_immediate_queue(cmd_p, conn, cmd_p->i_state); 1594 1595 iscsit_start_nopin_timer(conn); 1596 return 0; 1597 } 1598 /* 1599 * Otherwise, initiator is not expecting a NOPIN is response. 1600 * Just ignore for now. 1601 */ 1602 return 0; 1603 } 1604 EXPORT_SYMBOL(iscsit_process_nop_out); 1605 1606 static int iscsit_handle_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1607 unsigned char *buf) 1608 { 1609 unsigned char *ping_data = NULL; 1610 struct iscsi_nopout *hdr = (struct iscsi_nopout *)buf; 1611 struct kvec *iov = NULL; 1612 u32 payload_length = ntoh24(hdr->dlength); 1613 int ret; 1614 1615 ret = iscsit_setup_nop_out(conn, cmd, hdr); 1616 if (ret < 0) 1617 return 0; 1618 /* 1619 * Handle NOP-OUT payload for traditional iSCSI sockets 1620 */ 1621 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1622 u32 checksum, data_crc, padding = 0; 1623 int niov = 0, rx_got, rx_size = payload_length; 1624 1625 ping_data = kzalloc(payload_length + 1, GFP_KERNEL); 1626 if (!ping_data) { 1627 pr_err("Unable to allocate memory for" 1628 " NOPOUT ping data.\n"); 1629 ret = -1; 1630 goto out; 1631 } 1632 1633 iov = &cmd->iov_misc[0]; 1634 iov[niov].iov_base = ping_data; 1635 iov[niov++].iov_len = payload_length; 1636 1637 padding = ((-payload_length) & 3); 1638 if (padding != 0) { 1639 pr_debug("Receiving %u additional bytes" 1640 " for padding.\n", padding); 1641 iov[niov].iov_base = &cmd->pad_bytes; 1642 iov[niov++].iov_len = padding; 1643 rx_size += padding; 1644 } 1645 if (conn->conn_ops->DataDigest) { 1646 iov[niov].iov_base = &checksum; 1647 iov[niov++].iov_len = ISCSI_CRC_LEN; 1648 rx_size += ISCSI_CRC_LEN; 1649 } 1650 1651 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size); 1652 if (rx_got != rx_size) { 1653 ret = -1; 1654 goto out; 1655 } 1656 1657 if (conn->conn_ops->DataDigest) { 1658 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 1659 ping_data, payload_length, 1660 padding, cmd->pad_bytes, 1661 (u8 *)&data_crc); 1662 1663 if (checksum != data_crc) { 1664 pr_err("Ping data CRC32C DataDigest" 1665 " 0x%08x does not match computed 0x%08x\n", 1666 checksum, data_crc); 1667 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 1668 pr_err("Unable to recover from" 1669 " NOPOUT Ping DataCRC failure while in" 1670 " ERL=0.\n"); 1671 ret = -1; 1672 goto out; 1673 } else { 1674 /* 1675 * Silently drop this PDU and let the 1676 * initiator plug the CmdSN gap. 1677 */ 1678 pr_debug("Dropping NOPOUT" 1679 " Command CmdSN: 0x%08x due to" 1680 " DataCRC error.\n", hdr->cmdsn); 1681 ret = 0; 1682 goto out; 1683 } 1684 } else { 1685 pr_debug("Got CRC32C DataDigest" 1686 " 0x%08x for %u bytes of ping data.\n", 1687 checksum, payload_length); 1688 } 1689 } 1690 1691 ping_data[payload_length] = '\0'; 1692 /* 1693 * Attach ping data to struct iscsi_cmd->buf_ptr. 1694 */ 1695 cmd->buf_ptr = ping_data; 1696 cmd->buf_ptr_size = payload_length; 1697 1698 pr_debug("Got %u bytes of NOPOUT ping" 1699 " data.\n", payload_length); 1700 pr_debug("Ping Data: \"%s\"\n", ping_data); 1701 } 1702 1703 return iscsit_process_nop_out(conn, cmd, hdr); 1704 out: 1705 if (cmd) 1706 iscsit_free_cmd(cmd, false); 1707 1708 kfree(ping_data); 1709 return ret; 1710 } 1711 1712 int 1713 iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1714 unsigned char *buf) 1715 { 1716 struct se_tmr_req *se_tmr; 1717 struct iscsi_tmr_req *tmr_req; 1718 struct iscsi_tm *hdr; 1719 int out_of_order_cmdsn = 0, ret; 1720 bool sess_ref = false; 1721 u8 function; 1722 1723 hdr = (struct iscsi_tm *) buf; 1724 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 1725 function = hdr->flags; 1726 1727 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:" 1728 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:" 1729 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function, 1730 hdr->rtt, hdr->refcmdsn, conn->cid); 1731 1732 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1733 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1734 hdr->rtt != RESERVED_ITT)) { 1735 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n"); 1736 hdr->rtt = RESERVED_ITT; 1737 } 1738 1739 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) && 1740 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1741 pr_err("Task Management Request TASK_REASSIGN not" 1742 " issued as immediate command, bad iSCSI Initiator" 1743 "implementation\n"); 1744 return iscsit_add_reject_cmd(cmd, 1745 ISCSI_REASON_PROTOCOL_ERROR, buf); 1746 } 1747 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1748 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG) 1749 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG); 1750 1751 cmd->data_direction = DMA_NONE; 1752 1753 cmd->tmr_req = kzalloc(sizeof(struct iscsi_tmr_req), GFP_KERNEL); 1754 if (!cmd->tmr_req) { 1755 pr_err("Unable to allocate memory for" 1756 " Task Management command!\n"); 1757 return iscsit_add_reject_cmd(cmd, 1758 ISCSI_REASON_BOOKMARK_NO_RESOURCES, 1759 buf); 1760 } 1761 1762 /* 1763 * TASK_REASSIGN for ERL=2 / connection stays inside of 1764 * LIO-Target $FABRIC_MOD 1765 */ 1766 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1767 1768 u8 tcm_function; 1769 int ret; 1770 1771 transport_init_se_cmd(&cmd->se_cmd, 1772 &lio_target_fabric_configfs->tf_ops, 1773 conn->sess->se_sess, 0, DMA_NONE, 1774 MSG_SIMPLE_TAG, cmd->sense_buffer + 2); 1775 1776 target_get_sess_cmd(conn->sess->se_sess, &cmd->se_cmd, true); 1777 sess_ref = true; 1778 1779 switch (function) { 1780 case ISCSI_TM_FUNC_ABORT_TASK: 1781 tcm_function = TMR_ABORT_TASK; 1782 break; 1783 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1784 tcm_function = TMR_ABORT_TASK_SET; 1785 break; 1786 case ISCSI_TM_FUNC_CLEAR_ACA: 1787 tcm_function = TMR_CLEAR_ACA; 1788 break; 1789 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1790 tcm_function = TMR_CLEAR_TASK_SET; 1791 break; 1792 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1793 tcm_function = TMR_LUN_RESET; 1794 break; 1795 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1796 tcm_function = TMR_TARGET_WARM_RESET; 1797 break; 1798 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1799 tcm_function = TMR_TARGET_COLD_RESET; 1800 break; 1801 default: 1802 pr_err("Unknown iSCSI TMR Function:" 1803 " 0x%02x\n", function); 1804 return iscsit_add_reject_cmd(cmd, 1805 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1806 } 1807 1808 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req, 1809 tcm_function, GFP_KERNEL); 1810 if (ret < 0) 1811 return iscsit_add_reject_cmd(cmd, 1812 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1813 1814 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req; 1815 } 1816 1817 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC; 1818 cmd->i_state = ISTATE_SEND_TASKMGTRSP; 1819 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1820 cmd->init_task_tag = hdr->itt; 1821 cmd->targ_xfer_tag = 0xFFFFFFFF; 1822 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1823 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1824 se_tmr = cmd->se_cmd.se_tmr_req; 1825 tmr_req = cmd->tmr_req; 1826 /* 1827 * Locate the struct se_lun for all TMRs not related to ERL=2 TASK_REASSIGN 1828 */ 1829 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1830 ret = transport_lookup_tmr_lun(&cmd->se_cmd, 1831 scsilun_to_int(&hdr->lun)); 1832 if (ret < 0) { 1833 se_tmr->response = ISCSI_TMF_RSP_NO_LUN; 1834 goto attach; 1835 } 1836 } 1837 1838 switch (function) { 1839 case ISCSI_TM_FUNC_ABORT_TASK: 1840 se_tmr->response = iscsit_tmr_abort_task(cmd, buf); 1841 if (se_tmr->response) 1842 goto attach; 1843 break; 1844 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1845 case ISCSI_TM_FUNC_CLEAR_ACA: 1846 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1847 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1848 break; 1849 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1850 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) { 1851 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1852 goto attach; 1853 } 1854 break; 1855 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1856 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) { 1857 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1858 goto attach; 1859 } 1860 break; 1861 case ISCSI_TM_FUNC_TASK_REASSIGN: 1862 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf); 1863 /* 1864 * Perform sanity checks on the ExpDataSN only if the 1865 * TASK_REASSIGN was successful. 1866 */ 1867 if (se_tmr->response) 1868 break; 1869 1870 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0) 1871 return iscsit_add_reject_cmd(cmd, 1872 ISCSI_REASON_BOOKMARK_INVALID, buf); 1873 break; 1874 default: 1875 pr_err("Unknown TMR function: 0x%02x, protocol" 1876 " error.\n", function); 1877 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED; 1878 goto attach; 1879 } 1880 1881 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1882 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE)) 1883 se_tmr->call_transport = 1; 1884 attach: 1885 spin_lock_bh(&conn->cmd_lock); 1886 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1887 spin_unlock_bh(&conn->cmd_lock); 1888 1889 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1890 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 1891 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP) 1892 out_of_order_cmdsn = 1; 1893 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1894 return 0; 1895 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1896 return -1; 1897 } 1898 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1899 1900 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE)) 1901 return 0; 1902 /* 1903 * Found the referenced task, send to transport for processing. 1904 */ 1905 if (se_tmr->call_transport) 1906 return transport_generic_handle_tmr(&cmd->se_cmd); 1907 1908 /* 1909 * Could not find the referenced LUN, task, or Task Management 1910 * command not authorized or supported. Change state and 1911 * let the tx_thread send the response. 1912 * 1913 * For connection recovery, this is also the default action for 1914 * TMR TASK_REASSIGN. 1915 */ 1916 if (sess_ref) { 1917 pr_debug("Handle TMR, using sess_ref=true check\n"); 1918 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1919 } 1920 1921 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 1922 return 0; 1923 } 1924 EXPORT_SYMBOL(iscsit_handle_task_mgt_cmd); 1925 1926 /* #warning FIXME: Support Text Command parameters besides SendTargets */ 1927 int 1928 iscsit_setup_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1929 struct iscsi_text *hdr) 1930 { 1931 u32 payload_length = ntoh24(hdr->dlength); 1932 1933 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1934 pr_err("Unable to accept text parameter length: %u" 1935 "greater than MaxXmitDataSegmentLength %u.\n", 1936 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 1937 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1938 (unsigned char *)hdr); 1939 } 1940 1941 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL) || 1942 (hdr->flags & ISCSI_FLAG_TEXT_CONTINUE)) { 1943 pr_err("Multi sequence text commands currently not supported\n"); 1944 return iscsit_reject_cmd(cmd, ISCSI_REASON_CMD_NOT_SUPPORTED, 1945 (unsigned char *)hdr); 1946 } 1947 1948 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x," 1949 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn, 1950 hdr->exp_statsn, payload_length); 1951 1952 cmd->iscsi_opcode = ISCSI_OP_TEXT; 1953 cmd->i_state = ISTATE_SEND_TEXTRSP; 1954 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1955 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1956 cmd->targ_xfer_tag = 0xFFFFFFFF; 1957 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1958 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1959 cmd->data_direction = DMA_NONE; 1960 1961 return 0; 1962 } 1963 EXPORT_SYMBOL(iscsit_setup_text_cmd); 1964 1965 int 1966 iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1967 struct iscsi_text *hdr) 1968 { 1969 unsigned char *text_in = cmd->text_in_ptr, *text_ptr; 1970 int cmdsn_ret; 1971 1972 if (!text_in) { 1973 pr_err("Unable to locate text_in buffer for sendtargets" 1974 " discovery\n"); 1975 goto reject; 1976 } 1977 if (strncmp("SendTargets", text_in, 11) != 0) { 1978 pr_err("Received Text Data that is not" 1979 " SendTargets, cannot continue.\n"); 1980 goto reject; 1981 } 1982 text_ptr = strchr(text_in, '='); 1983 if (!text_ptr) { 1984 pr_err("No \"=\" separator found in Text Data," 1985 " cannot continue.\n"); 1986 goto reject; 1987 } 1988 if (!strncmp("=All", text_ptr, 4)) { 1989 cmd->cmd_flags |= IFC_SENDTARGETS_ALL; 1990 } else if (!strncmp("=iqn.", text_ptr, 5) || 1991 !strncmp("=eui.", text_ptr, 5)) { 1992 cmd->cmd_flags |= IFC_SENDTARGETS_SINGLE; 1993 } else { 1994 pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr); 1995 goto reject; 1996 } 1997 1998 spin_lock_bh(&conn->cmd_lock); 1999 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2000 spin_unlock_bh(&conn->cmd_lock); 2001 2002 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2003 2004 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 2005 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 2006 (unsigned char *)hdr, hdr->cmdsn); 2007 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2008 return -1; 2009 2010 return 0; 2011 } 2012 2013 return iscsit_execute_cmd(cmd, 0); 2014 2015 reject: 2016 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 2017 (unsigned char *)hdr); 2018 } 2019 EXPORT_SYMBOL(iscsit_process_text_cmd); 2020 2021 static int 2022 iscsit_handle_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2023 unsigned char *buf) 2024 { 2025 struct iscsi_text *hdr = (struct iscsi_text *)buf; 2026 char *text_in = NULL; 2027 u32 payload_length = ntoh24(hdr->dlength); 2028 int rx_size, rc; 2029 2030 rc = iscsit_setup_text_cmd(conn, cmd, hdr); 2031 if (rc < 0) 2032 return 0; 2033 2034 rx_size = payload_length; 2035 if (payload_length) { 2036 u32 checksum = 0, data_crc = 0; 2037 u32 padding = 0, pad_bytes = 0; 2038 int niov = 0, rx_got; 2039 struct kvec iov[3]; 2040 2041 text_in = kzalloc(payload_length, GFP_KERNEL); 2042 if (!text_in) { 2043 pr_err("Unable to allocate memory for" 2044 " incoming text parameters\n"); 2045 goto reject; 2046 } 2047 cmd->text_in_ptr = text_in; 2048 2049 memset(iov, 0, 3 * sizeof(struct kvec)); 2050 iov[niov].iov_base = text_in; 2051 iov[niov++].iov_len = payload_length; 2052 2053 padding = ((-payload_length) & 3); 2054 if (padding != 0) { 2055 iov[niov].iov_base = &pad_bytes; 2056 iov[niov++].iov_len = padding; 2057 rx_size += padding; 2058 pr_debug("Receiving %u additional bytes" 2059 " for padding.\n", padding); 2060 } 2061 if (conn->conn_ops->DataDigest) { 2062 iov[niov].iov_base = &checksum; 2063 iov[niov++].iov_len = ISCSI_CRC_LEN; 2064 rx_size += ISCSI_CRC_LEN; 2065 } 2066 2067 rx_got = rx_data(conn, &iov[0], niov, rx_size); 2068 if (rx_got != rx_size) 2069 goto reject; 2070 2071 if (conn->conn_ops->DataDigest) { 2072 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 2073 text_in, payload_length, 2074 padding, (u8 *)&pad_bytes, 2075 (u8 *)&data_crc); 2076 2077 if (checksum != data_crc) { 2078 pr_err("Text data CRC32C DataDigest" 2079 " 0x%08x does not match computed" 2080 " 0x%08x\n", checksum, data_crc); 2081 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2082 pr_err("Unable to recover from" 2083 " Text Data digest failure while in" 2084 " ERL=0.\n"); 2085 goto reject; 2086 } else { 2087 /* 2088 * Silently drop this PDU and let the 2089 * initiator plug the CmdSN gap. 2090 */ 2091 pr_debug("Dropping Text" 2092 " Command CmdSN: 0x%08x due to" 2093 " DataCRC error.\n", hdr->cmdsn); 2094 kfree(text_in); 2095 return 0; 2096 } 2097 } else { 2098 pr_debug("Got CRC32C DataDigest" 2099 " 0x%08x for %u bytes of text data.\n", 2100 checksum, payload_length); 2101 } 2102 } 2103 text_in[payload_length - 1] = '\0'; 2104 pr_debug("Successfully read %d bytes of text" 2105 " data.\n", payload_length); 2106 } 2107 2108 return iscsit_process_text_cmd(conn, cmd, hdr); 2109 2110 reject: 2111 kfree(cmd->text_in_ptr); 2112 cmd->text_in_ptr = NULL; 2113 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 2114 } 2115 EXPORT_SYMBOL(iscsit_handle_text_cmd); 2116 2117 int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2118 { 2119 struct iscsi_conn *conn_p; 2120 struct iscsi_session *sess = conn->sess; 2121 2122 pr_debug("Received logout request CLOSESESSION on CID: %hu" 2123 " for SID: %u.\n", conn->cid, conn->sess->sid); 2124 2125 atomic_set(&sess->session_logout, 1); 2126 atomic_set(&conn->conn_logout_remove, 1); 2127 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION; 2128 2129 iscsit_inc_conn_usage_count(conn); 2130 iscsit_inc_session_usage_count(sess); 2131 2132 spin_lock_bh(&sess->conn_lock); 2133 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) { 2134 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN) 2135 continue; 2136 2137 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2138 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2139 } 2140 spin_unlock_bh(&sess->conn_lock); 2141 2142 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2143 2144 return 0; 2145 } 2146 2147 int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2148 { 2149 struct iscsi_conn *l_conn; 2150 struct iscsi_session *sess = conn->sess; 2151 2152 pr_debug("Received logout request CLOSECONNECTION for CID:" 2153 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2154 2155 /* 2156 * A Logout Request with a CLOSECONNECTION reason code for a CID 2157 * can arrive on a connection with a differing CID. 2158 */ 2159 if (conn->cid == cmd->logout_cid) { 2160 spin_lock_bh(&conn->state_lock); 2161 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2162 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2163 2164 atomic_set(&conn->conn_logout_remove, 1); 2165 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION; 2166 iscsit_inc_conn_usage_count(conn); 2167 2168 spin_unlock_bh(&conn->state_lock); 2169 } else { 2170 /* 2171 * Handle all different cid CLOSECONNECTION requests in 2172 * iscsit_logout_post_handler_diffcid() as to give enough 2173 * time for any non immediate command's CmdSN to be 2174 * acknowledged on the connection in question. 2175 * 2176 * Here we simply make sure the CID is still around. 2177 */ 2178 l_conn = iscsit_get_conn_from_cid(sess, 2179 cmd->logout_cid); 2180 if (!l_conn) { 2181 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2182 iscsit_add_cmd_to_response_queue(cmd, conn, 2183 cmd->i_state); 2184 return 0; 2185 } 2186 2187 iscsit_dec_conn_usage_count(l_conn); 2188 } 2189 2190 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2191 2192 return 0; 2193 } 2194 2195 int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2196 { 2197 struct iscsi_session *sess = conn->sess; 2198 2199 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for" 2200 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2201 2202 if (sess->sess_ops->ErrorRecoveryLevel != 2) { 2203 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2204 " while ERL!=2.\n"); 2205 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED; 2206 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2207 return 0; 2208 } 2209 2210 if (conn->cid == cmd->logout_cid) { 2211 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2212 " with CID: %hu on CID: %hu, implementation error.\n", 2213 cmd->logout_cid, conn->cid); 2214 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED; 2215 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2216 return 0; 2217 } 2218 2219 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2220 2221 return 0; 2222 } 2223 2224 int 2225 iscsit_handle_logout_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2226 unsigned char *buf) 2227 { 2228 int cmdsn_ret, logout_remove = 0; 2229 u8 reason_code = 0; 2230 struct iscsi_logout *hdr; 2231 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn); 2232 2233 hdr = (struct iscsi_logout *) buf; 2234 reason_code = (hdr->flags & 0x7f); 2235 2236 if (tiqn) { 2237 spin_lock(&tiqn->logout_stats.lock); 2238 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) 2239 tiqn->logout_stats.normal_logouts++; 2240 else 2241 tiqn->logout_stats.abnormal_logouts++; 2242 spin_unlock(&tiqn->logout_stats.lock); 2243 } 2244 2245 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x" 2246 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n", 2247 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code, 2248 hdr->cid, conn->cid); 2249 2250 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) { 2251 pr_err("Received logout request on connection that" 2252 " is not in logged in state, ignoring request.\n"); 2253 iscsit_free_cmd(cmd, false); 2254 return 0; 2255 } 2256 2257 cmd->iscsi_opcode = ISCSI_OP_LOGOUT; 2258 cmd->i_state = ISTATE_SEND_LOGOUTRSP; 2259 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2260 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 2261 cmd->targ_xfer_tag = 0xFFFFFFFF; 2262 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2263 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2264 cmd->logout_cid = be16_to_cpu(hdr->cid); 2265 cmd->logout_reason = reason_code; 2266 cmd->data_direction = DMA_NONE; 2267 2268 /* 2269 * We need to sleep in these cases (by returning 1) until the Logout 2270 * Response gets sent in the tx thread. 2271 */ 2272 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) || 2273 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) && 2274 be16_to_cpu(hdr->cid) == conn->cid)) 2275 logout_remove = 1; 2276 2277 spin_lock_bh(&conn->cmd_lock); 2278 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2279 spin_unlock_bh(&conn->cmd_lock); 2280 2281 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY) 2282 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2283 2284 /* 2285 * Immediate commands are executed, well, immediately. 2286 * Non-Immediate Logout Commands are executed in CmdSN order. 2287 */ 2288 if (cmd->immediate_cmd) { 2289 int ret = iscsit_execute_cmd(cmd, 0); 2290 2291 if (ret < 0) 2292 return ret; 2293 } else { 2294 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 2295 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 2296 logout_remove = 0; 2297 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2298 return -1; 2299 } 2300 2301 return logout_remove; 2302 } 2303 EXPORT_SYMBOL(iscsit_handle_logout_cmd); 2304 2305 static int iscsit_handle_snack( 2306 struct iscsi_conn *conn, 2307 unsigned char *buf) 2308 { 2309 struct iscsi_snack *hdr; 2310 2311 hdr = (struct iscsi_snack *) buf; 2312 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 2313 2314 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:" 2315 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x," 2316 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags, 2317 hdr->begrun, hdr->runlength, conn->cid); 2318 2319 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2320 pr_err("Initiator sent SNACK request while in" 2321 " ErrorRecoveryLevel=0.\n"); 2322 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2323 buf); 2324 } 2325 /* 2326 * SNACK_DATA and SNACK_R2T are both 0, so check which function to 2327 * call from inside iscsi_send_recovery_datain_or_r2t(). 2328 */ 2329 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) { 2330 case 0: 2331 return iscsit_handle_recovery_datain_or_r2t(conn, buf, 2332 hdr->itt, 2333 be32_to_cpu(hdr->ttt), 2334 be32_to_cpu(hdr->begrun), 2335 be32_to_cpu(hdr->runlength)); 2336 case ISCSI_FLAG_SNACK_TYPE_STATUS: 2337 return iscsit_handle_status_snack(conn, hdr->itt, 2338 be32_to_cpu(hdr->ttt), 2339 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength)); 2340 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK: 2341 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt), 2342 be32_to_cpu(hdr->begrun), 2343 be32_to_cpu(hdr->runlength)); 2344 case ISCSI_FLAG_SNACK_TYPE_RDATA: 2345 /* FIXME: Support R-Data SNACK */ 2346 pr_err("R-Data SNACK Not Supported.\n"); 2347 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2348 buf); 2349 default: 2350 pr_err("Unknown SNACK type 0x%02x, protocol" 2351 " error.\n", hdr->flags & 0x0f); 2352 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2353 buf); 2354 } 2355 2356 return 0; 2357 } 2358 2359 static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn) 2360 { 2361 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2362 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2363 wait_for_completion_interruptible_timeout( 2364 &conn->rx_half_close_comp, 2365 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ); 2366 } 2367 } 2368 2369 static int iscsit_handle_immediate_data( 2370 struct iscsi_cmd *cmd, 2371 struct iscsi_scsi_req *hdr, 2372 u32 length) 2373 { 2374 int iov_ret, rx_got = 0, rx_size = 0; 2375 u32 checksum, iov_count = 0, padding = 0; 2376 struct iscsi_conn *conn = cmd->conn; 2377 struct kvec *iov; 2378 2379 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length); 2380 if (iov_ret < 0) 2381 return IMMEDIATE_DATA_CANNOT_RECOVER; 2382 2383 rx_size = length; 2384 iov_count = iov_ret; 2385 iov = &cmd->iov_data[0]; 2386 2387 padding = ((-length) & 3); 2388 if (padding != 0) { 2389 iov[iov_count].iov_base = cmd->pad_bytes; 2390 iov[iov_count++].iov_len = padding; 2391 rx_size += padding; 2392 } 2393 2394 if (conn->conn_ops->DataDigest) { 2395 iov[iov_count].iov_base = &checksum; 2396 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2397 rx_size += ISCSI_CRC_LEN; 2398 } 2399 2400 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 2401 2402 iscsit_unmap_iovec(cmd); 2403 2404 if (rx_got != rx_size) { 2405 iscsit_rx_thread_wait_for_tcp(conn); 2406 return IMMEDIATE_DATA_CANNOT_RECOVER; 2407 } 2408 2409 if (conn->conn_ops->DataDigest) { 2410 u32 data_crc; 2411 2412 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd, 2413 cmd->write_data_done, length, padding, 2414 cmd->pad_bytes); 2415 2416 if (checksum != data_crc) { 2417 pr_err("ImmediateData CRC32C DataDigest 0x%08x" 2418 " does not match computed 0x%08x\n", checksum, 2419 data_crc); 2420 2421 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2422 pr_err("Unable to recover from" 2423 " Immediate Data digest failure while" 2424 " in ERL=0.\n"); 2425 iscsit_reject_cmd(cmd, 2426 ISCSI_REASON_DATA_DIGEST_ERROR, 2427 (unsigned char *)hdr); 2428 return IMMEDIATE_DATA_CANNOT_RECOVER; 2429 } else { 2430 iscsit_reject_cmd(cmd, 2431 ISCSI_REASON_DATA_DIGEST_ERROR, 2432 (unsigned char *)hdr); 2433 return IMMEDIATE_DATA_ERL1_CRC_FAILURE; 2434 } 2435 } else { 2436 pr_debug("Got CRC32C DataDigest 0x%08x for" 2437 " %u bytes of Immediate Data\n", checksum, 2438 length); 2439 } 2440 } 2441 2442 cmd->write_data_done += length; 2443 2444 if (cmd->write_data_done == cmd->se_cmd.data_length) { 2445 spin_lock_bh(&cmd->istate_lock); 2446 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 2447 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 2448 spin_unlock_bh(&cmd->istate_lock); 2449 } 2450 2451 return IMMEDIATE_DATA_NORMAL_OPERATION; 2452 } 2453 2454 /* 2455 * Called with sess->conn_lock held. 2456 */ 2457 /* #warning iscsi_build_conn_drop_async_message() only sends out on connections 2458 with active network interface */ 2459 static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn) 2460 { 2461 struct iscsi_cmd *cmd; 2462 struct iscsi_conn *conn_p; 2463 2464 /* 2465 * Only send a Asynchronous Message on connections whos network 2466 * interface is still functional. 2467 */ 2468 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) { 2469 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) { 2470 iscsit_inc_conn_usage_count(conn_p); 2471 break; 2472 } 2473 } 2474 2475 if (!conn_p) 2476 return; 2477 2478 cmd = iscsit_allocate_cmd(conn_p, GFP_ATOMIC); 2479 if (!cmd) { 2480 iscsit_dec_conn_usage_count(conn_p); 2481 return; 2482 } 2483 2484 cmd->logout_cid = conn->cid; 2485 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2486 cmd->i_state = ISTATE_SEND_ASYNCMSG; 2487 2488 spin_lock_bh(&conn_p->cmd_lock); 2489 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list); 2490 spin_unlock_bh(&conn_p->cmd_lock); 2491 2492 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state); 2493 iscsit_dec_conn_usage_count(conn_p); 2494 } 2495 2496 static int iscsit_send_conn_drop_async_message( 2497 struct iscsi_cmd *cmd, 2498 struct iscsi_conn *conn) 2499 { 2500 struct iscsi_async *hdr; 2501 2502 cmd->tx_size = ISCSI_HDR_LEN; 2503 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2504 2505 hdr = (struct iscsi_async *) cmd->pdu; 2506 hdr->opcode = ISCSI_OP_ASYNC_EVENT; 2507 hdr->flags = ISCSI_FLAG_CMD_FINAL; 2508 cmd->init_task_tag = RESERVED_ITT; 2509 cmd->targ_xfer_tag = 0xFFFFFFFF; 2510 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]); 2511 cmd->stat_sn = conn->stat_sn++; 2512 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2513 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2514 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2515 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION; 2516 hdr->param1 = cpu_to_be16(cmd->logout_cid); 2517 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait); 2518 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain); 2519 2520 if (conn->conn_ops->HeaderDigest) { 2521 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2522 2523 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2524 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2525 2526 cmd->tx_size += ISCSI_CRC_LEN; 2527 pr_debug("Attaching CRC32C HeaderDigest to" 2528 " Async Message 0x%08x\n", *header_digest); 2529 } 2530 2531 cmd->iov_misc[0].iov_base = cmd->pdu; 2532 cmd->iov_misc[0].iov_len = cmd->tx_size; 2533 cmd->iov_misc_count = 1; 2534 2535 pr_debug("Sending Connection Dropped Async Message StatSN:" 2536 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn, 2537 cmd->logout_cid, conn->cid); 2538 return 0; 2539 } 2540 2541 static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn) 2542 { 2543 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2544 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2545 wait_for_completion_interruptible_timeout( 2546 &conn->tx_half_close_comp, 2547 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ); 2548 } 2549 } 2550 2551 static void 2552 iscsit_build_datain_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2553 struct iscsi_datain *datain, struct iscsi_data_rsp *hdr, 2554 bool set_statsn) 2555 { 2556 hdr->opcode = ISCSI_OP_SCSI_DATA_IN; 2557 hdr->flags = datain->flags; 2558 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) { 2559 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 2560 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW; 2561 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2562 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 2563 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW; 2564 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2565 } 2566 } 2567 hton24(hdr->dlength, datain->length); 2568 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2569 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 2570 (struct scsi_lun *)&hdr->lun); 2571 else 2572 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2573 2574 hdr->itt = cmd->init_task_tag; 2575 2576 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2577 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2578 else 2579 hdr->ttt = cpu_to_be32(0xFFFFFFFF); 2580 if (set_statsn) 2581 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2582 else 2583 hdr->statsn = cpu_to_be32(0xFFFFFFFF); 2584 2585 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2586 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2587 hdr->datasn = cpu_to_be32(datain->data_sn); 2588 hdr->offset = cpu_to_be32(datain->offset); 2589 2590 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x," 2591 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 2592 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn), 2593 ntohl(hdr->offset), datain->length, conn->cid); 2594 } 2595 2596 static int iscsit_send_datain(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2597 { 2598 struct iscsi_data_rsp *hdr = (struct iscsi_data_rsp *)&cmd->pdu[0]; 2599 struct iscsi_datain datain; 2600 struct iscsi_datain_req *dr; 2601 struct kvec *iov; 2602 u32 iov_count = 0, tx_size = 0; 2603 int eodr = 0, ret, iov_ret; 2604 bool set_statsn = false; 2605 2606 memset(&datain, 0, sizeof(struct iscsi_datain)); 2607 dr = iscsit_get_datain_values(cmd, &datain); 2608 if (!dr) { 2609 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n", 2610 cmd->init_task_tag); 2611 return -1; 2612 } 2613 /* 2614 * Be paranoid and double check the logic for now. 2615 */ 2616 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) { 2617 pr_err("Command ITT: 0x%08x, datain.offset: %u and" 2618 " datain.length: %u exceeds cmd->data_length: %u\n", 2619 cmd->init_task_tag, datain.offset, datain.length, 2620 cmd->se_cmd.data_length); 2621 return -1; 2622 } 2623 2624 atomic_long_add(datain.length, &conn->sess->tx_data_octets); 2625 /* 2626 * Special case for successfully execution w/ both DATAIN 2627 * and Sense Data. 2628 */ 2629 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) && 2630 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE)) 2631 datain.flags &= ~ISCSI_FLAG_DATA_STATUS; 2632 else { 2633 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) || 2634 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) { 2635 iscsit_increment_maxcmdsn(cmd, conn->sess); 2636 cmd->stat_sn = conn->stat_sn++; 2637 set_statsn = true; 2638 } else if (dr->dr_complete == 2639 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY) 2640 set_statsn = true; 2641 } 2642 2643 iscsit_build_datain_pdu(cmd, conn, &datain, hdr, set_statsn); 2644 2645 iov = &cmd->iov_data[0]; 2646 iov[iov_count].iov_base = cmd->pdu; 2647 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 2648 tx_size += ISCSI_HDR_LEN; 2649 2650 if (conn->conn_ops->HeaderDigest) { 2651 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2652 2653 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu, 2654 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2655 2656 iov[0].iov_len += ISCSI_CRC_LEN; 2657 tx_size += ISCSI_CRC_LEN; 2658 2659 pr_debug("Attaching CRC32 HeaderDigest" 2660 " for DataIN PDU 0x%08x\n", *header_digest); 2661 } 2662 2663 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1], 2664 datain.offset, datain.length); 2665 if (iov_ret < 0) 2666 return -1; 2667 2668 iov_count += iov_ret; 2669 tx_size += datain.length; 2670 2671 cmd->padding = ((-datain.length) & 3); 2672 if (cmd->padding) { 2673 iov[iov_count].iov_base = cmd->pad_bytes; 2674 iov[iov_count++].iov_len = cmd->padding; 2675 tx_size += cmd->padding; 2676 2677 pr_debug("Attaching %u padding bytes\n", 2678 cmd->padding); 2679 } 2680 if (conn->conn_ops->DataDigest) { 2681 cmd->data_crc = iscsit_do_crypto_hash_sg(&conn->conn_tx_hash, cmd, 2682 datain.offset, datain.length, cmd->padding, cmd->pad_bytes); 2683 2684 iov[iov_count].iov_base = &cmd->data_crc; 2685 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2686 tx_size += ISCSI_CRC_LEN; 2687 2688 pr_debug("Attached CRC32C DataDigest %d bytes, crc" 2689 " 0x%08x\n", datain.length+cmd->padding, cmd->data_crc); 2690 } 2691 2692 cmd->iov_data_count = iov_count; 2693 cmd->tx_size = tx_size; 2694 2695 /* sendpage is preferred but can't insert markers */ 2696 if (!conn->conn_ops->IFMarker) 2697 ret = iscsit_fe_sendpage_sg(cmd, conn); 2698 else 2699 ret = iscsit_send_tx_data(cmd, conn, 0); 2700 2701 iscsit_unmap_iovec(cmd); 2702 2703 if (ret < 0) { 2704 iscsit_tx_thread_wait_for_tcp(conn); 2705 return ret; 2706 } 2707 2708 if (dr->dr_complete) { 2709 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ? 2710 2 : 1; 2711 iscsit_free_datain_req(cmd, dr); 2712 } 2713 2714 return eodr; 2715 } 2716 2717 int 2718 iscsit_build_logout_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2719 struct iscsi_logout_rsp *hdr) 2720 { 2721 struct iscsi_conn *logout_conn = NULL; 2722 struct iscsi_conn_recovery *cr = NULL; 2723 struct iscsi_session *sess = conn->sess; 2724 /* 2725 * The actual shutting down of Sessions and/or Connections 2726 * for CLOSESESSION and CLOSECONNECTION Logout Requests 2727 * is done in scsi_logout_post_handler(). 2728 */ 2729 switch (cmd->logout_reason) { 2730 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 2731 pr_debug("iSCSI session logout successful, setting" 2732 " logout response to ISCSI_LOGOUT_SUCCESS.\n"); 2733 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2734 break; 2735 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 2736 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND) 2737 break; 2738 /* 2739 * For CLOSECONNECTION logout requests carrying 2740 * a matching logout CID -> local CID, the reference 2741 * for the local CID will have been incremented in 2742 * iscsi_logout_closeconnection(). 2743 * 2744 * For CLOSECONNECTION logout requests carrying 2745 * a different CID than the connection it arrived 2746 * on, the connection responding to cmd->logout_cid 2747 * is stopped in iscsit_logout_post_handler_diffcid(). 2748 */ 2749 2750 pr_debug("iSCSI CID: %hu logout on CID: %hu" 2751 " successful.\n", cmd->logout_cid, conn->cid); 2752 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2753 break; 2754 case ISCSI_LOGOUT_REASON_RECOVERY: 2755 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) || 2756 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED)) 2757 break; 2758 /* 2759 * If the connection is still active from our point of view 2760 * force connection recovery to occur. 2761 */ 2762 logout_conn = iscsit_get_conn_from_cid_rcfr(sess, 2763 cmd->logout_cid); 2764 if (logout_conn) { 2765 iscsit_connection_reinstatement_rcfr(logout_conn); 2766 iscsit_dec_conn_usage_count(logout_conn); 2767 } 2768 2769 cr = iscsit_get_inactive_connection_recovery_entry( 2770 conn->sess, cmd->logout_cid); 2771 if (!cr) { 2772 pr_err("Unable to locate CID: %hu for" 2773 " REMOVECONNFORRECOVERY Logout Request.\n", 2774 cmd->logout_cid); 2775 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2776 break; 2777 } 2778 2779 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn); 2780 2781 pr_debug("iSCSI REMOVECONNFORRECOVERY logout" 2782 " for recovery for CID: %hu on CID: %hu successful.\n", 2783 cmd->logout_cid, conn->cid); 2784 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2785 break; 2786 default: 2787 pr_err("Unknown cmd->logout_reason: 0x%02x\n", 2788 cmd->logout_reason); 2789 return -1; 2790 } 2791 2792 hdr->opcode = ISCSI_OP_LOGOUT_RSP; 2793 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2794 hdr->response = cmd->logout_response; 2795 hdr->itt = cmd->init_task_tag; 2796 cmd->stat_sn = conn->stat_sn++; 2797 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2798 2799 iscsit_increment_maxcmdsn(cmd, conn->sess); 2800 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2801 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2802 2803 pr_debug("Built Logout Response ITT: 0x%08x StatSN:" 2804 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n", 2805 cmd->init_task_tag, cmd->stat_sn, hdr->response, 2806 cmd->logout_cid, conn->cid); 2807 2808 return 0; 2809 } 2810 EXPORT_SYMBOL(iscsit_build_logout_rsp); 2811 2812 static int 2813 iscsit_send_logout(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2814 { 2815 struct kvec *iov; 2816 int niov = 0, tx_size, rc; 2817 2818 rc = iscsit_build_logout_rsp(cmd, conn, 2819 (struct iscsi_logout_rsp *)&cmd->pdu[0]); 2820 if (rc < 0) 2821 return rc; 2822 2823 tx_size = ISCSI_HDR_LEN; 2824 iov = &cmd->iov_misc[0]; 2825 iov[niov].iov_base = cmd->pdu; 2826 iov[niov++].iov_len = ISCSI_HDR_LEN; 2827 2828 if (conn->conn_ops->HeaderDigest) { 2829 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2830 2831 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, &cmd->pdu[0], 2832 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2833 2834 iov[0].iov_len += ISCSI_CRC_LEN; 2835 tx_size += ISCSI_CRC_LEN; 2836 pr_debug("Attaching CRC32C HeaderDigest to" 2837 " Logout Response 0x%08x\n", *header_digest); 2838 } 2839 cmd->iov_misc_count = niov; 2840 cmd->tx_size = tx_size; 2841 2842 return 0; 2843 } 2844 2845 void 2846 iscsit_build_nopin_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2847 struct iscsi_nopin *hdr, bool nopout_response) 2848 { 2849 hdr->opcode = ISCSI_OP_NOOP_IN; 2850 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2851 hton24(hdr->dlength, cmd->buf_ptr_size); 2852 if (nopout_response) 2853 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2854 hdr->itt = cmd->init_task_tag; 2855 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2856 cmd->stat_sn = (nopout_response) ? conn->stat_sn++ : 2857 conn->stat_sn; 2858 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2859 2860 if (nopout_response) 2861 iscsit_increment_maxcmdsn(cmd, conn->sess); 2862 2863 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2864 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2865 2866 pr_debug("Built NOPIN %s Response ITT: 0x%08x, TTT: 0x%08x," 2867 " StatSN: 0x%08x, Length %u\n", (nopout_response) ? 2868 "Solicitied" : "Unsolicitied", cmd->init_task_tag, 2869 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size); 2870 } 2871 EXPORT_SYMBOL(iscsit_build_nopin_rsp); 2872 2873 /* 2874 * Unsolicited NOPIN, either requesting a response or not. 2875 */ 2876 static int iscsit_send_unsolicited_nopin( 2877 struct iscsi_cmd *cmd, 2878 struct iscsi_conn *conn, 2879 int want_response) 2880 { 2881 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2882 int tx_size = ISCSI_HDR_LEN, ret; 2883 2884 iscsit_build_nopin_rsp(cmd, conn, hdr, false); 2885 2886 if (conn->conn_ops->HeaderDigest) { 2887 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2888 2889 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2890 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2891 2892 tx_size += ISCSI_CRC_LEN; 2893 pr_debug("Attaching CRC32C HeaderDigest to" 2894 " NopIN 0x%08x\n", *header_digest); 2895 } 2896 2897 cmd->iov_misc[0].iov_base = cmd->pdu; 2898 cmd->iov_misc[0].iov_len = tx_size; 2899 cmd->iov_misc_count = 1; 2900 cmd->tx_size = tx_size; 2901 2902 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:" 2903 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid); 2904 2905 ret = iscsit_send_tx_data(cmd, conn, 1); 2906 if (ret < 0) { 2907 iscsit_tx_thread_wait_for_tcp(conn); 2908 return ret; 2909 } 2910 2911 spin_lock_bh(&cmd->istate_lock); 2912 cmd->i_state = want_response ? 2913 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS; 2914 spin_unlock_bh(&cmd->istate_lock); 2915 2916 return 0; 2917 } 2918 2919 static int 2920 iscsit_send_nopin(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2921 { 2922 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2923 struct kvec *iov; 2924 u32 padding = 0; 2925 int niov = 0, tx_size; 2926 2927 iscsit_build_nopin_rsp(cmd, conn, hdr, true); 2928 2929 tx_size = ISCSI_HDR_LEN; 2930 iov = &cmd->iov_misc[0]; 2931 iov[niov].iov_base = cmd->pdu; 2932 iov[niov++].iov_len = ISCSI_HDR_LEN; 2933 2934 if (conn->conn_ops->HeaderDigest) { 2935 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2936 2937 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2938 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2939 2940 iov[0].iov_len += ISCSI_CRC_LEN; 2941 tx_size += ISCSI_CRC_LEN; 2942 pr_debug("Attaching CRC32C HeaderDigest" 2943 " to NopIn 0x%08x\n", *header_digest); 2944 } 2945 2946 /* 2947 * NOPOUT Ping Data is attached to struct iscsi_cmd->buf_ptr. 2948 * NOPOUT DataSegmentLength is at struct iscsi_cmd->buf_ptr_size. 2949 */ 2950 if (cmd->buf_ptr_size) { 2951 iov[niov].iov_base = cmd->buf_ptr; 2952 iov[niov++].iov_len = cmd->buf_ptr_size; 2953 tx_size += cmd->buf_ptr_size; 2954 2955 pr_debug("Echoing back %u bytes of ping" 2956 " data.\n", cmd->buf_ptr_size); 2957 2958 padding = ((-cmd->buf_ptr_size) & 3); 2959 if (padding != 0) { 2960 iov[niov].iov_base = &cmd->pad_bytes; 2961 iov[niov++].iov_len = padding; 2962 tx_size += padding; 2963 pr_debug("Attaching %u additional" 2964 " padding bytes.\n", padding); 2965 } 2966 if (conn->conn_ops->DataDigest) { 2967 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 2968 cmd->buf_ptr, cmd->buf_ptr_size, 2969 padding, (u8 *)&cmd->pad_bytes, 2970 (u8 *)&cmd->data_crc); 2971 2972 iov[niov].iov_base = &cmd->data_crc; 2973 iov[niov++].iov_len = ISCSI_CRC_LEN; 2974 tx_size += ISCSI_CRC_LEN; 2975 pr_debug("Attached DataDigest for %u" 2976 " bytes of ping data, CRC 0x%08x\n", 2977 cmd->buf_ptr_size, cmd->data_crc); 2978 } 2979 } 2980 2981 cmd->iov_misc_count = niov; 2982 cmd->tx_size = tx_size; 2983 2984 return 0; 2985 } 2986 2987 static int iscsit_send_r2t( 2988 struct iscsi_cmd *cmd, 2989 struct iscsi_conn *conn) 2990 { 2991 int tx_size = 0; 2992 struct iscsi_r2t *r2t; 2993 struct iscsi_r2t_rsp *hdr; 2994 int ret; 2995 2996 r2t = iscsit_get_r2t_from_list(cmd); 2997 if (!r2t) 2998 return -1; 2999 3000 hdr = (struct iscsi_r2t_rsp *) cmd->pdu; 3001 memset(hdr, 0, ISCSI_HDR_LEN); 3002 hdr->opcode = ISCSI_OP_R2T; 3003 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3004 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 3005 (struct scsi_lun *)&hdr->lun); 3006 hdr->itt = cmd->init_task_tag; 3007 spin_lock_bh(&conn->sess->ttt_lock); 3008 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++; 3009 if (r2t->targ_xfer_tag == 0xFFFFFFFF) 3010 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++; 3011 spin_unlock_bh(&conn->sess->ttt_lock); 3012 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag); 3013 hdr->statsn = cpu_to_be32(conn->stat_sn); 3014 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3015 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3016 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn); 3017 hdr->data_offset = cpu_to_be32(r2t->offset); 3018 hdr->data_length = cpu_to_be32(r2t->xfer_len); 3019 3020 cmd->iov_misc[0].iov_base = cmd->pdu; 3021 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3022 tx_size += ISCSI_HDR_LEN; 3023 3024 if (conn->conn_ops->HeaderDigest) { 3025 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3026 3027 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3028 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3029 3030 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3031 tx_size += ISCSI_CRC_LEN; 3032 pr_debug("Attaching CRC32 HeaderDigest for R2T" 3033 " PDU 0x%08x\n", *header_digest); 3034 } 3035 3036 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:" 3037 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n", 3038 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag, 3039 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn, 3040 r2t->offset, r2t->xfer_len, conn->cid); 3041 3042 cmd->iov_misc_count = 1; 3043 cmd->tx_size = tx_size; 3044 3045 spin_lock_bh(&cmd->r2t_lock); 3046 r2t->sent_r2t = 1; 3047 spin_unlock_bh(&cmd->r2t_lock); 3048 3049 ret = iscsit_send_tx_data(cmd, conn, 1); 3050 if (ret < 0) { 3051 iscsit_tx_thread_wait_for_tcp(conn); 3052 return ret; 3053 } 3054 3055 spin_lock_bh(&cmd->dataout_timeout_lock); 3056 iscsit_start_dataout_timer(cmd, conn); 3057 spin_unlock_bh(&cmd->dataout_timeout_lock); 3058 3059 return 0; 3060 } 3061 3062 /* 3063 * @recovery: If called from iscsi_task_reassign_complete_write() for 3064 * connection recovery. 3065 */ 3066 int iscsit_build_r2ts_for_cmd( 3067 struct iscsi_conn *conn, 3068 struct iscsi_cmd *cmd, 3069 bool recovery) 3070 { 3071 int first_r2t = 1; 3072 u32 offset = 0, xfer_len = 0; 3073 3074 spin_lock_bh(&cmd->r2t_lock); 3075 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) { 3076 spin_unlock_bh(&cmd->r2t_lock); 3077 return 0; 3078 } 3079 3080 if (conn->sess->sess_ops->DataSequenceInOrder && 3081 !recovery) 3082 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done); 3083 3084 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) { 3085 if (conn->sess->sess_ops->DataSequenceInOrder) { 3086 offset = cmd->r2t_offset; 3087 3088 if (first_r2t && recovery) { 3089 int new_data_end = offset + 3090 conn->sess->sess_ops->MaxBurstLength - 3091 cmd->next_burst_len; 3092 3093 if (new_data_end > cmd->se_cmd.data_length) 3094 xfer_len = cmd->se_cmd.data_length - offset; 3095 else 3096 xfer_len = 3097 conn->sess->sess_ops->MaxBurstLength - 3098 cmd->next_burst_len; 3099 } else { 3100 int new_data_end = offset + 3101 conn->sess->sess_ops->MaxBurstLength; 3102 3103 if (new_data_end > cmd->se_cmd.data_length) 3104 xfer_len = cmd->se_cmd.data_length - offset; 3105 else 3106 xfer_len = conn->sess->sess_ops->MaxBurstLength; 3107 } 3108 cmd->r2t_offset += xfer_len; 3109 3110 if (cmd->r2t_offset == cmd->se_cmd.data_length) 3111 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3112 } else { 3113 struct iscsi_seq *seq; 3114 3115 seq = iscsit_get_seq_holder_for_r2t(cmd); 3116 if (!seq) { 3117 spin_unlock_bh(&cmd->r2t_lock); 3118 return -1; 3119 } 3120 3121 offset = seq->offset; 3122 xfer_len = seq->xfer_len; 3123 3124 if (cmd->seq_send_order == cmd->seq_count) 3125 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3126 } 3127 cmd->outstanding_r2ts++; 3128 first_r2t = 0; 3129 3130 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) { 3131 spin_unlock_bh(&cmd->r2t_lock); 3132 return -1; 3133 } 3134 3135 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) 3136 break; 3137 } 3138 spin_unlock_bh(&cmd->r2t_lock); 3139 3140 return 0; 3141 } 3142 3143 void iscsit_build_rsp_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3144 bool inc_stat_sn, struct iscsi_scsi_rsp *hdr) 3145 { 3146 if (inc_stat_sn) 3147 cmd->stat_sn = conn->stat_sn++; 3148 3149 atomic_long_inc(&conn->sess->rsp_pdus); 3150 3151 memset(hdr, 0, ISCSI_HDR_LEN); 3152 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP; 3153 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3154 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 3155 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW; 3156 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3157 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 3158 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW; 3159 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3160 } 3161 hdr->response = cmd->iscsi_response; 3162 hdr->cmd_status = cmd->se_cmd.scsi_status; 3163 hdr->itt = cmd->init_task_tag; 3164 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3165 3166 iscsit_increment_maxcmdsn(cmd, conn->sess); 3167 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3168 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3169 3170 pr_debug("Built SCSI Response, ITT: 0x%08x, StatSN: 0x%08x," 3171 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n", 3172 cmd->init_task_tag, cmd->stat_sn, cmd->se_cmd.scsi_status, 3173 cmd->se_cmd.scsi_status, conn->cid); 3174 } 3175 EXPORT_SYMBOL(iscsit_build_rsp_pdu); 3176 3177 static int iscsit_send_response(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3178 { 3179 struct iscsi_scsi_rsp *hdr = (struct iscsi_scsi_rsp *)&cmd->pdu[0]; 3180 struct kvec *iov; 3181 u32 padding = 0, tx_size = 0; 3182 int iov_count = 0; 3183 bool inc_stat_sn = (cmd->i_state == ISTATE_SEND_STATUS); 3184 3185 iscsit_build_rsp_pdu(cmd, conn, inc_stat_sn, hdr); 3186 3187 iov = &cmd->iov_misc[0]; 3188 iov[iov_count].iov_base = cmd->pdu; 3189 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3190 tx_size += ISCSI_HDR_LEN; 3191 3192 /* 3193 * Attach SENSE DATA payload to iSCSI Response PDU 3194 */ 3195 if (cmd->se_cmd.sense_buffer && 3196 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) || 3197 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) { 3198 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer); 3199 cmd->se_cmd.scsi_sense_length += sizeof (__be16); 3200 3201 padding = -(cmd->se_cmd.scsi_sense_length) & 3; 3202 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length); 3203 iov[iov_count].iov_base = cmd->sense_buffer; 3204 iov[iov_count++].iov_len = 3205 (cmd->se_cmd.scsi_sense_length + padding); 3206 tx_size += cmd->se_cmd.scsi_sense_length; 3207 3208 if (padding) { 3209 memset(cmd->sense_buffer + 3210 cmd->se_cmd.scsi_sense_length, 0, padding); 3211 tx_size += padding; 3212 pr_debug("Adding %u bytes of padding to" 3213 " SENSE.\n", padding); 3214 } 3215 3216 if (conn->conn_ops->DataDigest) { 3217 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 3218 cmd->sense_buffer, 3219 (cmd->se_cmd.scsi_sense_length + padding), 3220 0, NULL, (u8 *)&cmd->data_crc); 3221 3222 iov[iov_count].iov_base = &cmd->data_crc; 3223 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3224 tx_size += ISCSI_CRC_LEN; 3225 3226 pr_debug("Attaching CRC32 DataDigest for" 3227 " SENSE, %u bytes CRC 0x%08x\n", 3228 (cmd->se_cmd.scsi_sense_length + padding), 3229 cmd->data_crc); 3230 } 3231 3232 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI" 3233 " Response PDU\n", 3234 cmd->se_cmd.scsi_sense_length); 3235 } 3236 3237 if (conn->conn_ops->HeaderDigest) { 3238 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3239 3240 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu, 3241 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3242 3243 iov[0].iov_len += ISCSI_CRC_LEN; 3244 tx_size += ISCSI_CRC_LEN; 3245 pr_debug("Attaching CRC32 HeaderDigest for Response" 3246 " PDU 0x%08x\n", *header_digest); 3247 } 3248 3249 cmd->iov_misc_count = iov_count; 3250 cmd->tx_size = tx_size; 3251 3252 return 0; 3253 } 3254 3255 static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr) 3256 { 3257 switch (se_tmr->response) { 3258 case TMR_FUNCTION_COMPLETE: 3259 return ISCSI_TMF_RSP_COMPLETE; 3260 case TMR_TASK_DOES_NOT_EXIST: 3261 return ISCSI_TMF_RSP_NO_TASK; 3262 case TMR_LUN_DOES_NOT_EXIST: 3263 return ISCSI_TMF_RSP_NO_LUN; 3264 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED: 3265 return ISCSI_TMF_RSP_NOT_SUPPORTED; 3266 case TMR_FUNCTION_REJECTED: 3267 default: 3268 return ISCSI_TMF_RSP_REJECTED; 3269 } 3270 } 3271 3272 void 3273 iscsit_build_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3274 struct iscsi_tm_rsp *hdr) 3275 { 3276 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req; 3277 3278 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP; 3279 hdr->flags = ISCSI_FLAG_CMD_FINAL; 3280 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr); 3281 hdr->itt = cmd->init_task_tag; 3282 cmd->stat_sn = conn->stat_sn++; 3283 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3284 3285 iscsit_increment_maxcmdsn(cmd, conn->sess); 3286 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3287 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3288 3289 pr_debug("Built Task Management Response ITT: 0x%08x," 3290 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n", 3291 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid); 3292 } 3293 EXPORT_SYMBOL(iscsit_build_task_mgt_rsp); 3294 3295 static int 3296 iscsit_send_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3297 { 3298 struct iscsi_tm_rsp *hdr = (struct iscsi_tm_rsp *)&cmd->pdu[0]; 3299 u32 tx_size = 0; 3300 3301 iscsit_build_task_mgt_rsp(cmd, conn, hdr); 3302 3303 cmd->iov_misc[0].iov_base = cmd->pdu; 3304 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3305 tx_size += ISCSI_HDR_LEN; 3306 3307 if (conn->conn_ops->HeaderDigest) { 3308 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3309 3310 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3311 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3312 3313 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3314 tx_size += ISCSI_CRC_LEN; 3315 pr_debug("Attaching CRC32 HeaderDigest for Task" 3316 " Mgmt Response PDU 0x%08x\n", *header_digest); 3317 } 3318 3319 cmd->iov_misc_count = 1; 3320 cmd->tx_size = tx_size; 3321 3322 return 0; 3323 } 3324 3325 static bool iscsit_check_inaddr_any(struct iscsi_np *np) 3326 { 3327 bool ret = false; 3328 3329 if (np->np_sockaddr.ss_family == AF_INET6) { 3330 const struct sockaddr_in6 sin6 = { 3331 .sin6_addr = IN6ADDR_ANY_INIT }; 3332 struct sockaddr_in6 *sock_in6 = 3333 (struct sockaddr_in6 *)&np->np_sockaddr; 3334 3335 if (!memcmp(sock_in6->sin6_addr.s6_addr, 3336 sin6.sin6_addr.s6_addr, 16)) 3337 ret = true; 3338 } else { 3339 struct sockaddr_in * sock_in = 3340 (struct sockaddr_in *)&np->np_sockaddr; 3341 3342 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY)) 3343 ret = true; 3344 } 3345 3346 return ret; 3347 } 3348 3349 #define SENDTARGETS_BUF_LIMIT 32768U 3350 3351 static int iscsit_build_sendtargets_response(struct iscsi_cmd *cmd) 3352 { 3353 char *payload = NULL; 3354 struct iscsi_conn *conn = cmd->conn; 3355 struct iscsi_portal_group *tpg; 3356 struct iscsi_tiqn *tiqn; 3357 struct iscsi_tpg_np *tpg_np; 3358 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0; 3359 int target_name_printed; 3360 unsigned char buf[ISCSI_IQN_LEN+12]; /* iqn + "TargetName=" + \0 */ 3361 unsigned char *text_in = cmd->text_in_ptr, *text_ptr = NULL; 3362 3363 buffer_len = max(conn->conn_ops->MaxRecvDataSegmentLength, 3364 SENDTARGETS_BUF_LIMIT); 3365 3366 payload = kzalloc(buffer_len, GFP_KERNEL); 3367 if (!payload) { 3368 pr_err("Unable to allocate memory for sendtargets" 3369 " response.\n"); 3370 return -ENOMEM; 3371 } 3372 /* 3373 * Locate pointer to iqn./eui. string for IFC_SENDTARGETS_SINGLE 3374 * explicit case.. 3375 */ 3376 if (cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) { 3377 text_ptr = strchr(text_in, '='); 3378 if (!text_ptr) { 3379 pr_err("Unable to locate '=' string in text_in:" 3380 " %s\n", text_in); 3381 kfree(payload); 3382 return -EINVAL; 3383 } 3384 /* 3385 * Skip over '=' character.. 3386 */ 3387 text_ptr += 1; 3388 } 3389 3390 spin_lock(&tiqn_lock); 3391 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 3392 if ((cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) && 3393 strcmp(tiqn->tiqn, text_ptr)) { 3394 continue; 3395 } 3396 3397 target_name_printed = 0; 3398 3399 spin_lock(&tiqn->tiqn_tpg_lock); 3400 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) { 3401 3402 /* If demo_mode_discovery=0 and generate_node_acls=0 3403 * (demo mode dislabed) do not return 3404 * TargetName+TargetAddress unless a NodeACL exists. 3405 */ 3406 3407 if ((tpg->tpg_attrib.generate_node_acls == 0) && 3408 (tpg->tpg_attrib.demo_mode_discovery == 0) && 3409 (!core_tpg_get_initiator_node_acl(&tpg->tpg_se_tpg, 3410 cmd->conn->sess->sess_ops->InitiatorName))) { 3411 continue; 3412 } 3413 3414 spin_lock(&tpg->tpg_state_lock); 3415 if ((tpg->tpg_state == TPG_STATE_FREE) || 3416 (tpg->tpg_state == TPG_STATE_INACTIVE)) { 3417 spin_unlock(&tpg->tpg_state_lock); 3418 continue; 3419 } 3420 spin_unlock(&tpg->tpg_state_lock); 3421 3422 spin_lock(&tpg->tpg_np_lock); 3423 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list, 3424 tpg_np_list) { 3425 struct iscsi_np *np = tpg_np->tpg_np; 3426 bool inaddr_any = iscsit_check_inaddr_any(np); 3427 3428 if (!target_name_printed) { 3429 len = sprintf(buf, "TargetName=%s", 3430 tiqn->tiqn); 3431 len += 1; 3432 3433 if ((len + payload_len) > buffer_len) { 3434 spin_unlock(&tpg->tpg_np_lock); 3435 spin_unlock(&tiqn->tiqn_tpg_lock); 3436 end_of_buf = 1; 3437 goto eob; 3438 } 3439 memcpy(payload + payload_len, buf, len); 3440 payload_len += len; 3441 target_name_printed = 1; 3442 } 3443 3444 len = sprintf(buf, "TargetAddress=" 3445 "%s:%hu,%hu", 3446 (inaddr_any == false) ? 3447 np->np_ip : conn->local_ip, 3448 (inaddr_any == false) ? 3449 np->np_port : conn->local_port, 3450 tpg->tpgt); 3451 len += 1; 3452 3453 if ((len + payload_len) > buffer_len) { 3454 spin_unlock(&tpg->tpg_np_lock); 3455 spin_unlock(&tiqn->tiqn_tpg_lock); 3456 end_of_buf = 1; 3457 goto eob; 3458 } 3459 memcpy(payload + payload_len, buf, len); 3460 payload_len += len; 3461 } 3462 spin_unlock(&tpg->tpg_np_lock); 3463 } 3464 spin_unlock(&tiqn->tiqn_tpg_lock); 3465 eob: 3466 if (end_of_buf) 3467 break; 3468 3469 if (cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) 3470 break; 3471 } 3472 spin_unlock(&tiqn_lock); 3473 3474 cmd->buf_ptr = payload; 3475 3476 return payload_len; 3477 } 3478 3479 int 3480 iscsit_build_text_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3481 struct iscsi_text_rsp *hdr) 3482 { 3483 int text_length, padding; 3484 3485 text_length = iscsit_build_sendtargets_response(cmd); 3486 if (text_length < 0) 3487 return text_length; 3488 3489 hdr->opcode = ISCSI_OP_TEXT_RSP; 3490 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3491 padding = ((-text_length) & 3); 3492 hton24(hdr->dlength, text_length); 3493 hdr->itt = cmd->init_task_tag; 3494 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 3495 cmd->stat_sn = conn->stat_sn++; 3496 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3497 3498 iscsit_increment_maxcmdsn(cmd, conn->sess); 3499 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3500 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3501 3502 pr_debug("Built Text Response: ITT: 0x%08x, StatSN: 0x%08x," 3503 " Length: %u, CID: %hu\n", cmd->init_task_tag, cmd->stat_sn, 3504 text_length, conn->cid); 3505 3506 return text_length + padding; 3507 } 3508 EXPORT_SYMBOL(iscsit_build_text_rsp); 3509 3510 /* 3511 * FIXME: Add support for F_BIT and C_BIT when the length is longer than 3512 * MaxRecvDataSegmentLength. 3513 */ 3514 static int iscsit_send_text_rsp( 3515 struct iscsi_cmd *cmd, 3516 struct iscsi_conn *conn) 3517 { 3518 struct iscsi_text_rsp *hdr = (struct iscsi_text_rsp *)cmd->pdu; 3519 struct kvec *iov; 3520 u32 tx_size = 0; 3521 int text_length, iov_count = 0, rc; 3522 3523 rc = iscsit_build_text_rsp(cmd, conn, hdr); 3524 if (rc < 0) 3525 return rc; 3526 3527 text_length = rc; 3528 iov = &cmd->iov_misc[0]; 3529 iov[iov_count].iov_base = cmd->pdu; 3530 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3531 iov[iov_count].iov_base = cmd->buf_ptr; 3532 iov[iov_count++].iov_len = text_length; 3533 3534 tx_size += (ISCSI_HDR_LEN + text_length); 3535 3536 if (conn->conn_ops->HeaderDigest) { 3537 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3538 3539 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3540 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3541 3542 iov[0].iov_len += ISCSI_CRC_LEN; 3543 tx_size += ISCSI_CRC_LEN; 3544 pr_debug("Attaching CRC32 HeaderDigest for" 3545 " Text Response PDU 0x%08x\n", *header_digest); 3546 } 3547 3548 if (conn->conn_ops->DataDigest) { 3549 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 3550 cmd->buf_ptr, text_length, 3551 0, NULL, (u8 *)&cmd->data_crc); 3552 3553 iov[iov_count].iov_base = &cmd->data_crc; 3554 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3555 tx_size += ISCSI_CRC_LEN; 3556 3557 pr_debug("Attaching DataDigest for %u bytes of text" 3558 " data, CRC 0x%08x\n", text_length, 3559 cmd->data_crc); 3560 } 3561 3562 cmd->iov_misc_count = iov_count; 3563 cmd->tx_size = tx_size; 3564 3565 return 0; 3566 } 3567 3568 void 3569 iscsit_build_reject(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3570 struct iscsi_reject *hdr) 3571 { 3572 hdr->opcode = ISCSI_OP_REJECT; 3573 hdr->reason = cmd->reject_reason; 3574 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3575 hton24(hdr->dlength, ISCSI_HDR_LEN); 3576 hdr->ffffffff = cpu_to_be32(0xffffffff); 3577 cmd->stat_sn = conn->stat_sn++; 3578 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3579 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3580 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3581 3582 } 3583 EXPORT_SYMBOL(iscsit_build_reject); 3584 3585 static int iscsit_send_reject( 3586 struct iscsi_cmd *cmd, 3587 struct iscsi_conn *conn) 3588 { 3589 struct iscsi_reject *hdr = (struct iscsi_reject *)&cmd->pdu[0]; 3590 struct kvec *iov; 3591 u32 iov_count = 0, tx_size; 3592 3593 iscsit_build_reject(cmd, conn, hdr); 3594 3595 iov = &cmd->iov_misc[0]; 3596 iov[iov_count].iov_base = cmd->pdu; 3597 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3598 iov[iov_count].iov_base = cmd->buf_ptr; 3599 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3600 3601 tx_size = (ISCSI_HDR_LEN + ISCSI_HDR_LEN); 3602 3603 if (conn->conn_ops->HeaderDigest) { 3604 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3605 3606 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3607 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3608 3609 iov[0].iov_len += ISCSI_CRC_LEN; 3610 tx_size += ISCSI_CRC_LEN; 3611 pr_debug("Attaching CRC32 HeaderDigest for" 3612 " REJECT PDU 0x%08x\n", *header_digest); 3613 } 3614 3615 if (conn->conn_ops->DataDigest) { 3616 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->buf_ptr, 3617 ISCSI_HDR_LEN, 0, NULL, (u8 *)&cmd->data_crc); 3618 3619 iov[iov_count].iov_base = &cmd->data_crc; 3620 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3621 tx_size += ISCSI_CRC_LEN; 3622 pr_debug("Attaching CRC32 DataDigest for REJECT" 3623 " PDU 0x%08x\n", cmd->data_crc); 3624 } 3625 3626 cmd->iov_misc_count = iov_count; 3627 cmd->tx_size = tx_size; 3628 3629 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x," 3630 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid); 3631 3632 return 0; 3633 } 3634 3635 void iscsit_thread_get_cpumask(struct iscsi_conn *conn) 3636 { 3637 struct iscsi_thread_set *ts = conn->thread_set; 3638 int ord, cpu; 3639 /* 3640 * thread_id is assigned from iscsit_global->ts_bitmap from 3641 * within iscsi_thread_set.c:iscsi_allocate_thread_sets() 3642 * 3643 * Here we use thread_id to determine which CPU that this 3644 * iSCSI connection's iscsi_thread_set will be scheduled to 3645 * execute upon. 3646 */ 3647 ord = ts->thread_id % cpumask_weight(cpu_online_mask); 3648 for_each_online_cpu(cpu) { 3649 if (ord-- == 0) { 3650 cpumask_set_cpu(cpu, conn->conn_cpumask); 3651 return; 3652 } 3653 } 3654 /* 3655 * This should never be reached.. 3656 */ 3657 dump_stack(); 3658 cpumask_setall(conn->conn_cpumask); 3659 } 3660 3661 static inline void iscsit_thread_check_cpumask( 3662 struct iscsi_conn *conn, 3663 struct task_struct *p, 3664 int mode) 3665 { 3666 char buf[128]; 3667 /* 3668 * mode == 1 signals iscsi_target_tx_thread() usage. 3669 * mode == 0 signals iscsi_target_rx_thread() usage. 3670 */ 3671 if (mode == 1) { 3672 if (!conn->conn_tx_reset_cpumask) 3673 return; 3674 conn->conn_tx_reset_cpumask = 0; 3675 } else { 3676 if (!conn->conn_rx_reset_cpumask) 3677 return; 3678 conn->conn_rx_reset_cpumask = 0; 3679 } 3680 /* 3681 * Update the CPU mask for this single kthread so that 3682 * both TX and RX kthreads are scheduled to run on the 3683 * same CPU. 3684 */ 3685 memset(buf, 0, 128); 3686 cpumask_scnprintf(buf, 128, conn->conn_cpumask); 3687 set_cpus_allowed_ptr(p, conn->conn_cpumask); 3688 } 3689 3690 static int 3691 iscsit_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3692 { 3693 int ret; 3694 3695 switch (state) { 3696 case ISTATE_SEND_R2T: 3697 ret = iscsit_send_r2t(cmd, conn); 3698 if (ret < 0) 3699 goto err; 3700 break; 3701 case ISTATE_REMOVE: 3702 spin_lock_bh(&conn->cmd_lock); 3703 list_del(&cmd->i_conn_node); 3704 spin_unlock_bh(&conn->cmd_lock); 3705 3706 iscsit_free_cmd(cmd, false); 3707 break; 3708 case ISTATE_SEND_NOPIN_WANT_RESPONSE: 3709 iscsit_mod_nopin_response_timer(conn); 3710 ret = iscsit_send_unsolicited_nopin(cmd, conn, 1); 3711 if (ret < 0) 3712 goto err; 3713 break; 3714 case ISTATE_SEND_NOPIN_NO_RESPONSE: 3715 ret = iscsit_send_unsolicited_nopin(cmd, conn, 0); 3716 if (ret < 0) 3717 goto err; 3718 break; 3719 default: 3720 pr_err("Unknown Opcode: 0x%02x ITT:" 3721 " 0x%08x, i_state: %d on CID: %hu\n", 3722 cmd->iscsi_opcode, cmd->init_task_tag, state, 3723 conn->cid); 3724 goto err; 3725 } 3726 3727 return 0; 3728 3729 err: 3730 return -1; 3731 } 3732 3733 static int 3734 iscsit_handle_immediate_queue(struct iscsi_conn *conn) 3735 { 3736 struct iscsit_transport *t = conn->conn_transport; 3737 struct iscsi_queue_req *qr; 3738 struct iscsi_cmd *cmd; 3739 u8 state; 3740 int ret; 3741 3742 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) { 3743 atomic_set(&conn->check_immediate_queue, 0); 3744 cmd = qr->cmd; 3745 state = qr->state; 3746 kmem_cache_free(lio_qr_cache, qr); 3747 3748 ret = t->iscsit_immediate_queue(conn, cmd, state); 3749 if (ret < 0) 3750 return ret; 3751 } 3752 3753 return 0; 3754 } 3755 3756 static int 3757 iscsit_response_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3758 { 3759 int ret; 3760 3761 check_rsp_state: 3762 switch (state) { 3763 case ISTATE_SEND_DATAIN: 3764 ret = iscsit_send_datain(cmd, conn); 3765 if (ret < 0) 3766 goto err; 3767 else if (!ret) 3768 /* more drs */ 3769 goto check_rsp_state; 3770 else if (ret == 1) { 3771 /* all done */ 3772 spin_lock_bh(&cmd->istate_lock); 3773 cmd->i_state = ISTATE_SENT_STATUS; 3774 spin_unlock_bh(&cmd->istate_lock); 3775 3776 if (atomic_read(&conn->check_immediate_queue)) 3777 return 1; 3778 3779 return 0; 3780 } else if (ret == 2) { 3781 /* Still must send status, 3782 SCF_TRANSPORT_TASK_SENSE was set */ 3783 spin_lock_bh(&cmd->istate_lock); 3784 cmd->i_state = ISTATE_SEND_STATUS; 3785 spin_unlock_bh(&cmd->istate_lock); 3786 state = ISTATE_SEND_STATUS; 3787 goto check_rsp_state; 3788 } 3789 3790 break; 3791 case ISTATE_SEND_STATUS: 3792 case ISTATE_SEND_STATUS_RECOVERY: 3793 ret = iscsit_send_response(cmd, conn); 3794 break; 3795 case ISTATE_SEND_LOGOUTRSP: 3796 ret = iscsit_send_logout(cmd, conn); 3797 break; 3798 case ISTATE_SEND_ASYNCMSG: 3799 ret = iscsit_send_conn_drop_async_message( 3800 cmd, conn); 3801 break; 3802 case ISTATE_SEND_NOPIN: 3803 ret = iscsit_send_nopin(cmd, conn); 3804 break; 3805 case ISTATE_SEND_REJECT: 3806 ret = iscsit_send_reject(cmd, conn); 3807 break; 3808 case ISTATE_SEND_TASKMGTRSP: 3809 ret = iscsit_send_task_mgt_rsp(cmd, conn); 3810 if (ret != 0) 3811 break; 3812 ret = iscsit_tmr_post_handler(cmd, conn); 3813 if (ret != 0) 3814 iscsit_fall_back_to_erl0(conn->sess); 3815 break; 3816 case ISTATE_SEND_TEXTRSP: 3817 ret = iscsit_send_text_rsp(cmd, conn); 3818 break; 3819 default: 3820 pr_err("Unknown Opcode: 0x%02x ITT:" 3821 " 0x%08x, i_state: %d on CID: %hu\n", 3822 cmd->iscsi_opcode, cmd->init_task_tag, 3823 state, conn->cid); 3824 goto err; 3825 } 3826 if (ret < 0) 3827 goto err; 3828 3829 if (iscsit_send_tx_data(cmd, conn, 1) < 0) { 3830 iscsit_tx_thread_wait_for_tcp(conn); 3831 iscsit_unmap_iovec(cmd); 3832 goto err; 3833 } 3834 iscsit_unmap_iovec(cmd); 3835 3836 switch (state) { 3837 case ISTATE_SEND_LOGOUTRSP: 3838 if (!iscsit_logout_post_handler(cmd, conn)) 3839 goto restart; 3840 /* fall through */ 3841 case ISTATE_SEND_STATUS: 3842 case ISTATE_SEND_ASYNCMSG: 3843 case ISTATE_SEND_NOPIN: 3844 case ISTATE_SEND_STATUS_RECOVERY: 3845 case ISTATE_SEND_TEXTRSP: 3846 case ISTATE_SEND_TASKMGTRSP: 3847 case ISTATE_SEND_REJECT: 3848 spin_lock_bh(&cmd->istate_lock); 3849 cmd->i_state = ISTATE_SENT_STATUS; 3850 spin_unlock_bh(&cmd->istate_lock); 3851 break; 3852 default: 3853 pr_err("Unknown Opcode: 0x%02x ITT:" 3854 " 0x%08x, i_state: %d on CID: %hu\n", 3855 cmd->iscsi_opcode, cmd->init_task_tag, 3856 cmd->i_state, conn->cid); 3857 goto err; 3858 } 3859 3860 if (atomic_read(&conn->check_immediate_queue)) 3861 return 1; 3862 3863 return 0; 3864 3865 err: 3866 return -1; 3867 restart: 3868 return -EAGAIN; 3869 } 3870 3871 static int iscsit_handle_response_queue(struct iscsi_conn *conn) 3872 { 3873 struct iscsit_transport *t = conn->conn_transport; 3874 struct iscsi_queue_req *qr; 3875 struct iscsi_cmd *cmd; 3876 u8 state; 3877 int ret; 3878 3879 while ((qr = iscsit_get_cmd_from_response_queue(conn))) { 3880 cmd = qr->cmd; 3881 state = qr->state; 3882 kmem_cache_free(lio_qr_cache, qr); 3883 3884 ret = t->iscsit_response_queue(conn, cmd, state); 3885 if (ret == 1 || ret < 0) 3886 return ret; 3887 } 3888 3889 return 0; 3890 } 3891 3892 int iscsi_target_tx_thread(void *arg) 3893 { 3894 int ret = 0; 3895 struct iscsi_conn *conn; 3896 struct iscsi_thread_set *ts = arg; 3897 /* 3898 * Allow ourselves to be interrupted by SIGINT so that a 3899 * connection recovery / failure event can be triggered externally. 3900 */ 3901 allow_signal(SIGINT); 3902 3903 restart: 3904 conn = iscsi_tx_thread_pre_handler(ts); 3905 if (!conn) 3906 goto out; 3907 3908 ret = 0; 3909 3910 while (!kthread_should_stop()) { 3911 /* 3912 * Ensure that both TX and RX per connection kthreads 3913 * are scheduled to run on the same CPU. 3914 */ 3915 iscsit_thread_check_cpumask(conn, current, 1); 3916 3917 wait_event_interruptible(conn->queues_wq, 3918 !iscsit_conn_all_queues_empty(conn) || 3919 ts->status == ISCSI_THREAD_SET_RESET); 3920 3921 if ((ts->status == ISCSI_THREAD_SET_RESET) || 3922 signal_pending(current)) 3923 goto transport_err; 3924 3925 get_immediate: 3926 ret = iscsit_handle_immediate_queue(conn); 3927 if (ret < 0) 3928 goto transport_err; 3929 3930 ret = iscsit_handle_response_queue(conn); 3931 if (ret == 1) 3932 goto get_immediate; 3933 else if (ret == -EAGAIN) 3934 goto restart; 3935 else if (ret < 0) 3936 goto transport_err; 3937 } 3938 3939 transport_err: 3940 iscsit_take_action_for_connection_exit(conn); 3941 goto restart; 3942 out: 3943 return 0; 3944 } 3945 3946 static int iscsi_target_rx_opcode(struct iscsi_conn *conn, unsigned char *buf) 3947 { 3948 struct iscsi_hdr *hdr = (struct iscsi_hdr *)buf; 3949 struct iscsi_cmd *cmd; 3950 int ret = 0; 3951 3952 switch (hdr->opcode & ISCSI_OPCODE_MASK) { 3953 case ISCSI_OP_SCSI_CMD: 3954 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3955 if (!cmd) 3956 goto reject; 3957 3958 ret = iscsit_handle_scsi_cmd(conn, cmd, buf); 3959 break; 3960 case ISCSI_OP_SCSI_DATA_OUT: 3961 ret = iscsit_handle_data_out(conn, buf); 3962 break; 3963 case ISCSI_OP_NOOP_OUT: 3964 cmd = NULL; 3965 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 3966 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3967 if (!cmd) 3968 goto reject; 3969 } 3970 ret = iscsit_handle_nop_out(conn, cmd, buf); 3971 break; 3972 case ISCSI_OP_SCSI_TMFUNC: 3973 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3974 if (!cmd) 3975 goto reject; 3976 3977 ret = iscsit_handle_task_mgt_cmd(conn, cmd, buf); 3978 break; 3979 case ISCSI_OP_TEXT: 3980 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3981 if (!cmd) 3982 goto reject; 3983 3984 ret = iscsit_handle_text_cmd(conn, cmd, buf); 3985 break; 3986 case ISCSI_OP_LOGOUT: 3987 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3988 if (!cmd) 3989 goto reject; 3990 3991 ret = iscsit_handle_logout_cmd(conn, cmd, buf); 3992 if (ret > 0) 3993 wait_for_completion_timeout(&conn->conn_logout_comp, 3994 SECONDS_FOR_LOGOUT_COMP * HZ); 3995 break; 3996 case ISCSI_OP_SNACK: 3997 ret = iscsit_handle_snack(conn, buf); 3998 break; 3999 default: 4000 pr_err("Got unknown iSCSI OpCode: 0x%02x\n", hdr->opcode); 4001 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 4002 pr_err("Cannot recover from unknown" 4003 " opcode while ERL=0, closing iSCSI connection.\n"); 4004 return -1; 4005 } 4006 if (!conn->conn_ops->OFMarker) { 4007 pr_err("Unable to recover from unknown" 4008 " opcode while OFMarker=No, closing iSCSI" 4009 " connection.\n"); 4010 return -1; 4011 } 4012 if (iscsit_recover_from_unknown_opcode(conn) < 0) { 4013 pr_err("Unable to recover from unknown" 4014 " opcode, closing iSCSI connection.\n"); 4015 return -1; 4016 } 4017 break; 4018 } 4019 4020 return ret; 4021 reject: 4022 return iscsit_add_reject(conn, ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 4023 } 4024 4025 int iscsi_target_rx_thread(void *arg) 4026 { 4027 int ret; 4028 u8 buffer[ISCSI_HDR_LEN], opcode; 4029 u32 checksum = 0, digest = 0; 4030 struct iscsi_conn *conn = NULL; 4031 struct iscsi_thread_set *ts = arg; 4032 struct kvec iov; 4033 /* 4034 * Allow ourselves to be interrupted by SIGINT so that a 4035 * connection recovery / failure event can be triggered externally. 4036 */ 4037 allow_signal(SIGINT); 4038 4039 restart: 4040 conn = iscsi_rx_thread_pre_handler(ts); 4041 if (!conn) 4042 goto out; 4043 4044 if (conn->conn_transport->transport_type == ISCSI_INFINIBAND) { 4045 struct completion comp; 4046 int rc; 4047 4048 init_completion(&comp); 4049 rc = wait_for_completion_interruptible(&comp); 4050 if (rc < 0) 4051 goto transport_err; 4052 4053 goto out; 4054 } 4055 4056 while (!kthread_should_stop()) { 4057 /* 4058 * Ensure that both TX and RX per connection kthreads 4059 * are scheduled to run on the same CPU. 4060 */ 4061 iscsit_thread_check_cpumask(conn, current, 0); 4062 4063 memset(buffer, 0, ISCSI_HDR_LEN); 4064 memset(&iov, 0, sizeof(struct kvec)); 4065 4066 iov.iov_base = buffer; 4067 iov.iov_len = ISCSI_HDR_LEN; 4068 4069 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN); 4070 if (ret != ISCSI_HDR_LEN) { 4071 iscsit_rx_thread_wait_for_tcp(conn); 4072 goto transport_err; 4073 } 4074 4075 if (conn->conn_ops->HeaderDigest) { 4076 iov.iov_base = &digest; 4077 iov.iov_len = ISCSI_CRC_LEN; 4078 4079 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN); 4080 if (ret != ISCSI_CRC_LEN) { 4081 iscsit_rx_thread_wait_for_tcp(conn); 4082 goto transport_err; 4083 } 4084 4085 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 4086 buffer, ISCSI_HDR_LEN, 4087 0, NULL, (u8 *)&checksum); 4088 4089 if (digest != checksum) { 4090 pr_err("HeaderDigest CRC32C failed," 4091 " received 0x%08x, computed 0x%08x\n", 4092 digest, checksum); 4093 /* 4094 * Set the PDU to 0xff so it will intentionally 4095 * hit default in the switch below. 4096 */ 4097 memset(buffer, 0xff, ISCSI_HDR_LEN); 4098 atomic_long_inc(&conn->sess->conn_digest_errors); 4099 } else { 4100 pr_debug("Got HeaderDigest CRC32C" 4101 " 0x%08x\n", checksum); 4102 } 4103 } 4104 4105 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT) 4106 goto transport_err; 4107 4108 opcode = buffer[0] & ISCSI_OPCODE_MASK; 4109 4110 if (conn->sess->sess_ops->SessionType && 4111 ((!(opcode & ISCSI_OP_TEXT)) || 4112 (!(opcode & ISCSI_OP_LOGOUT)))) { 4113 pr_err("Received illegal iSCSI Opcode: 0x%02x" 4114 " while in Discovery Session, rejecting.\n", opcode); 4115 iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 4116 buffer); 4117 goto transport_err; 4118 } 4119 4120 ret = iscsi_target_rx_opcode(conn, buffer); 4121 if (ret < 0) 4122 goto transport_err; 4123 } 4124 4125 transport_err: 4126 if (!signal_pending(current)) 4127 atomic_set(&conn->transport_failed, 1); 4128 iscsit_take_action_for_connection_exit(conn); 4129 goto restart; 4130 out: 4131 return 0; 4132 } 4133 4134 static void iscsit_release_commands_from_conn(struct iscsi_conn *conn) 4135 { 4136 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL; 4137 struct iscsi_session *sess = conn->sess; 4138 /* 4139 * We expect this function to only ever be called from either RX or TX 4140 * thread context via iscsit_close_connection() once the other context 4141 * has been reset -> returned sleeping pre-handler state. 4142 */ 4143 spin_lock_bh(&conn->cmd_lock); 4144 list_for_each_entry_safe(cmd, cmd_tmp, &conn->conn_cmd_list, i_conn_node) { 4145 4146 list_del(&cmd->i_conn_node); 4147 spin_unlock_bh(&conn->cmd_lock); 4148 4149 iscsit_increment_maxcmdsn(cmd, sess); 4150 4151 iscsit_free_cmd(cmd, true); 4152 4153 spin_lock_bh(&conn->cmd_lock); 4154 } 4155 spin_unlock_bh(&conn->cmd_lock); 4156 } 4157 4158 static void iscsit_stop_timers_for_cmds( 4159 struct iscsi_conn *conn) 4160 { 4161 struct iscsi_cmd *cmd; 4162 4163 spin_lock_bh(&conn->cmd_lock); 4164 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) { 4165 if (cmd->data_direction == DMA_TO_DEVICE) 4166 iscsit_stop_dataout_timer(cmd); 4167 } 4168 spin_unlock_bh(&conn->cmd_lock); 4169 } 4170 4171 int iscsit_close_connection( 4172 struct iscsi_conn *conn) 4173 { 4174 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT); 4175 struct iscsi_session *sess = conn->sess; 4176 4177 pr_debug("Closing iSCSI connection CID %hu on SID:" 4178 " %u\n", conn->cid, sess->sid); 4179 /* 4180 * Always up conn_logout_comp just in case the RX Thread is sleeping 4181 * and the logout response never got sent because the connection 4182 * failed. 4183 */ 4184 complete(&conn->conn_logout_comp); 4185 4186 iscsi_release_thread_set(conn); 4187 4188 iscsit_stop_timers_for_cmds(conn); 4189 iscsit_stop_nopin_response_timer(conn); 4190 iscsit_stop_nopin_timer(conn); 4191 iscsit_free_queue_reqs_for_conn(conn); 4192 4193 /* 4194 * During Connection recovery drop unacknowledged out of order 4195 * commands for this connection, and prepare the other commands 4196 * for realligence. 4197 * 4198 * During normal operation clear the out of order commands (but 4199 * do not free the struct iscsi_ooo_cmdsn's) and release all 4200 * struct iscsi_cmds. 4201 */ 4202 if (atomic_read(&conn->connection_recovery)) { 4203 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn); 4204 iscsit_prepare_cmds_for_realligance(conn); 4205 } else { 4206 iscsit_clear_ooo_cmdsns_for_conn(conn); 4207 iscsit_release_commands_from_conn(conn); 4208 } 4209 4210 /* 4211 * Handle decrementing session or connection usage count if 4212 * a logout response was not able to be sent because the 4213 * connection failed. Fall back to Session Recovery here. 4214 */ 4215 if (atomic_read(&conn->conn_logout_remove)) { 4216 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) { 4217 iscsit_dec_conn_usage_count(conn); 4218 iscsit_dec_session_usage_count(sess); 4219 } 4220 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) 4221 iscsit_dec_conn_usage_count(conn); 4222 4223 atomic_set(&conn->conn_logout_remove, 0); 4224 atomic_set(&sess->session_reinstatement, 0); 4225 atomic_set(&sess->session_fall_back_to_erl0, 1); 4226 } 4227 4228 spin_lock_bh(&sess->conn_lock); 4229 list_del(&conn->conn_list); 4230 4231 /* 4232 * Attempt to let the Initiator know this connection failed by 4233 * sending an Connection Dropped Async Message on another 4234 * active connection. 4235 */ 4236 if (atomic_read(&conn->connection_recovery)) 4237 iscsit_build_conn_drop_async_message(conn); 4238 4239 spin_unlock_bh(&sess->conn_lock); 4240 4241 /* 4242 * If connection reinstatement is being performed on this connection, 4243 * up the connection reinstatement semaphore that is being blocked on 4244 * in iscsit_cause_connection_reinstatement(). 4245 */ 4246 spin_lock_bh(&conn->state_lock); 4247 if (atomic_read(&conn->sleep_on_conn_wait_comp)) { 4248 spin_unlock_bh(&conn->state_lock); 4249 complete(&conn->conn_wait_comp); 4250 wait_for_completion(&conn->conn_post_wait_comp); 4251 spin_lock_bh(&conn->state_lock); 4252 } 4253 4254 /* 4255 * If connection reinstatement is being performed on this connection 4256 * by receiving a REMOVECONNFORRECOVERY logout request, up the 4257 * connection wait rcfr semaphore that is being blocked on 4258 * an iscsit_connection_reinstatement_rcfr(). 4259 */ 4260 if (atomic_read(&conn->connection_wait_rcfr)) { 4261 spin_unlock_bh(&conn->state_lock); 4262 complete(&conn->conn_wait_rcfr_comp); 4263 wait_for_completion(&conn->conn_post_wait_comp); 4264 spin_lock_bh(&conn->state_lock); 4265 } 4266 atomic_set(&conn->connection_reinstatement, 1); 4267 spin_unlock_bh(&conn->state_lock); 4268 4269 /* 4270 * If any other processes are accessing this connection pointer we 4271 * must wait until they have completed. 4272 */ 4273 iscsit_check_conn_usage_count(conn); 4274 4275 if (conn->conn_rx_hash.tfm) 4276 crypto_free_hash(conn->conn_rx_hash.tfm); 4277 if (conn->conn_tx_hash.tfm) 4278 crypto_free_hash(conn->conn_tx_hash.tfm); 4279 4280 if (conn->conn_cpumask) 4281 free_cpumask_var(conn->conn_cpumask); 4282 4283 kfree(conn->conn_ops); 4284 conn->conn_ops = NULL; 4285 4286 if (conn->sock) 4287 sock_release(conn->sock); 4288 4289 if (conn->conn_transport->iscsit_free_conn) 4290 conn->conn_transport->iscsit_free_conn(conn); 4291 4292 iscsit_put_transport(conn->conn_transport); 4293 4294 conn->thread_set = NULL; 4295 4296 pr_debug("Moving to TARG_CONN_STATE_FREE.\n"); 4297 conn->conn_state = TARG_CONN_STATE_FREE; 4298 kfree(conn); 4299 4300 spin_lock_bh(&sess->conn_lock); 4301 atomic_dec(&sess->nconn); 4302 pr_debug("Decremented iSCSI connection count to %hu from node:" 4303 " %s\n", atomic_read(&sess->nconn), 4304 sess->sess_ops->InitiatorName); 4305 /* 4306 * Make sure that if one connection fails in an non ERL=2 iSCSI 4307 * Session that they all fail. 4308 */ 4309 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout && 4310 !atomic_read(&sess->session_logout)) 4311 atomic_set(&sess->session_fall_back_to_erl0, 1); 4312 4313 /* 4314 * If this was not the last connection in the session, and we are 4315 * performing session reinstatement or falling back to ERL=0, call 4316 * iscsit_stop_session() without sleeping to shutdown the other 4317 * active connections. 4318 */ 4319 if (atomic_read(&sess->nconn)) { 4320 if (!atomic_read(&sess->session_reinstatement) && 4321 !atomic_read(&sess->session_fall_back_to_erl0)) { 4322 spin_unlock_bh(&sess->conn_lock); 4323 return 0; 4324 } 4325 if (!atomic_read(&sess->session_stop_active)) { 4326 atomic_set(&sess->session_stop_active, 1); 4327 spin_unlock_bh(&sess->conn_lock); 4328 iscsit_stop_session(sess, 0, 0); 4329 return 0; 4330 } 4331 spin_unlock_bh(&sess->conn_lock); 4332 return 0; 4333 } 4334 4335 /* 4336 * If this was the last connection in the session and one of the 4337 * following is occurring: 4338 * 4339 * Session Reinstatement is not being performed, and are falling back 4340 * to ERL=0 call iscsit_close_session(). 4341 * 4342 * Session Logout was requested. iscsit_close_session() will be called 4343 * elsewhere. 4344 * 4345 * Session Continuation is not being performed, start the Time2Retain 4346 * handler and check if sleep_on_sess_wait_sem is active. 4347 */ 4348 if (!atomic_read(&sess->session_reinstatement) && 4349 atomic_read(&sess->session_fall_back_to_erl0)) { 4350 spin_unlock_bh(&sess->conn_lock); 4351 target_put_session(sess->se_sess); 4352 4353 return 0; 4354 } else if (atomic_read(&sess->session_logout)) { 4355 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4356 sess->session_state = TARG_SESS_STATE_FREE; 4357 spin_unlock_bh(&sess->conn_lock); 4358 4359 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4360 complete(&sess->session_wait_comp); 4361 4362 return 0; 4363 } else { 4364 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4365 sess->session_state = TARG_SESS_STATE_FAILED; 4366 4367 if (!atomic_read(&sess->session_continuation)) { 4368 spin_unlock_bh(&sess->conn_lock); 4369 iscsit_start_time2retain_handler(sess); 4370 } else 4371 spin_unlock_bh(&sess->conn_lock); 4372 4373 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4374 complete(&sess->session_wait_comp); 4375 4376 return 0; 4377 } 4378 spin_unlock_bh(&sess->conn_lock); 4379 4380 return 0; 4381 } 4382 4383 int iscsit_close_session(struct iscsi_session *sess) 4384 { 4385 struct iscsi_portal_group *tpg = sess->tpg; 4386 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4387 4388 if (atomic_read(&sess->nconn)) { 4389 pr_err("%d connection(s) still exist for iSCSI session" 4390 " to %s\n", atomic_read(&sess->nconn), 4391 sess->sess_ops->InitiatorName); 4392 BUG(); 4393 } 4394 4395 spin_lock_bh(&se_tpg->session_lock); 4396 atomic_set(&sess->session_logout, 1); 4397 atomic_set(&sess->session_reinstatement, 1); 4398 iscsit_stop_time2retain_timer(sess); 4399 spin_unlock_bh(&se_tpg->session_lock); 4400 4401 /* 4402 * transport_deregister_session_configfs() will clear the 4403 * struct se_node_acl->nacl_sess pointer now as a iscsi_np process context 4404 * can be setting it again with __transport_register_session() in 4405 * iscsi_post_login_handler() again after the iscsit_stop_session() 4406 * completes in iscsi_np context. 4407 */ 4408 transport_deregister_session_configfs(sess->se_sess); 4409 4410 /* 4411 * If any other processes are accessing this session pointer we must 4412 * wait until they have completed. If we are in an interrupt (the 4413 * time2retain handler) and contain and active session usage count we 4414 * restart the timer and exit. 4415 */ 4416 if (!in_interrupt()) { 4417 if (iscsit_check_session_usage_count(sess) == 1) 4418 iscsit_stop_session(sess, 1, 1); 4419 } else { 4420 if (iscsit_check_session_usage_count(sess) == 2) { 4421 atomic_set(&sess->session_logout, 0); 4422 iscsit_start_time2retain_handler(sess); 4423 return 0; 4424 } 4425 } 4426 4427 transport_deregister_session(sess->se_sess); 4428 4429 if (sess->sess_ops->ErrorRecoveryLevel == 2) 4430 iscsit_free_connection_recovery_entires(sess); 4431 4432 iscsit_free_all_ooo_cmdsns(sess); 4433 4434 spin_lock_bh(&se_tpg->session_lock); 4435 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4436 sess->session_state = TARG_SESS_STATE_FREE; 4437 pr_debug("Released iSCSI session from node: %s\n", 4438 sess->sess_ops->InitiatorName); 4439 tpg->nsessions--; 4440 if (tpg->tpg_tiqn) 4441 tpg->tpg_tiqn->tiqn_nsessions--; 4442 4443 pr_debug("Decremented number of active iSCSI Sessions on" 4444 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions); 4445 4446 spin_lock(&sess_idr_lock); 4447 idr_remove(&sess_idr, sess->session_index); 4448 spin_unlock(&sess_idr_lock); 4449 4450 kfree(sess->sess_ops); 4451 sess->sess_ops = NULL; 4452 spin_unlock_bh(&se_tpg->session_lock); 4453 4454 kfree(sess); 4455 return 0; 4456 } 4457 4458 static void iscsit_logout_post_handler_closesession( 4459 struct iscsi_conn *conn) 4460 { 4461 struct iscsi_session *sess = conn->sess; 4462 4463 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD); 4464 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD); 4465 4466 atomic_set(&conn->conn_logout_remove, 0); 4467 complete(&conn->conn_logout_comp); 4468 4469 iscsit_dec_conn_usage_count(conn); 4470 iscsit_stop_session(sess, 1, 1); 4471 iscsit_dec_session_usage_count(sess); 4472 target_put_session(sess->se_sess); 4473 } 4474 4475 static void iscsit_logout_post_handler_samecid( 4476 struct iscsi_conn *conn) 4477 { 4478 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD); 4479 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD); 4480 4481 atomic_set(&conn->conn_logout_remove, 0); 4482 complete(&conn->conn_logout_comp); 4483 4484 iscsit_cause_connection_reinstatement(conn, 1); 4485 iscsit_dec_conn_usage_count(conn); 4486 } 4487 4488 static void iscsit_logout_post_handler_diffcid( 4489 struct iscsi_conn *conn, 4490 u16 cid) 4491 { 4492 struct iscsi_conn *l_conn; 4493 struct iscsi_session *sess = conn->sess; 4494 4495 if (!sess) 4496 return; 4497 4498 spin_lock_bh(&sess->conn_lock); 4499 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) { 4500 if (l_conn->cid == cid) { 4501 iscsit_inc_conn_usage_count(l_conn); 4502 break; 4503 } 4504 } 4505 spin_unlock_bh(&sess->conn_lock); 4506 4507 if (!l_conn) 4508 return; 4509 4510 if (l_conn->sock) 4511 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN); 4512 4513 spin_lock_bh(&l_conn->state_lock); 4514 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 4515 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 4516 spin_unlock_bh(&l_conn->state_lock); 4517 4518 iscsit_cause_connection_reinstatement(l_conn, 1); 4519 iscsit_dec_conn_usage_count(l_conn); 4520 } 4521 4522 /* 4523 * Return of 0 causes the TX thread to restart. 4524 */ 4525 int iscsit_logout_post_handler( 4526 struct iscsi_cmd *cmd, 4527 struct iscsi_conn *conn) 4528 { 4529 int ret = 0; 4530 4531 switch (cmd->logout_reason) { 4532 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 4533 switch (cmd->logout_response) { 4534 case ISCSI_LOGOUT_SUCCESS: 4535 case ISCSI_LOGOUT_CLEANUP_FAILED: 4536 default: 4537 iscsit_logout_post_handler_closesession(conn); 4538 break; 4539 } 4540 ret = 0; 4541 break; 4542 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 4543 if (conn->cid == cmd->logout_cid) { 4544 switch (cmd->logout_response) { 4545 case ISCSI_LOGOUT_SUCCESS: 4546 case ISCSI_LOGOUT_CLEANUP_FAILED: 4547 default: 4548 iscsit_logout_post_handler_samecid(conn); 4549 break; 4550 } 4551 ret = 0; 4552 } else { 4553 switch (cmd->logout_response) { 4554 case ISCSI_LOGOUT_SUCCESS: 4555 iscsit_logout_post_handler_diffcid(conn, 4556 cmd->logout_cid); 4557 break; 4558 case ISCSI_LOGOUT_CID_NOT_FOUND: 4559 case ISCSI_LOGOUT_CLEANUP_FAILED: 4560 default: 4561 break; 4562 } 4563 ret = 1; 4564 } 4565 break; 4566 case ISCSI_LOGOUT_REASON_RECOVERY: 4567 switch (cmd->logout_response) { 4568 case ISCSI_LOGOUT_SUCCESS: 4569 case ISCSI_LOGOUT_CID_NOT_FOUND: 4570 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED: 4571 case ISCSI_LOGOUT_CLEANUP_FAILED: 4572 default: 4573 break; 4574 } 4575 ret = 1; 4576 break; 4577 default: 4578 break; 4579 4580 } 4581 return ret; 4582 } 4583 EXPORT_SYMBOL(iscsit_logout_post_handler); 4584 4585 void iscsit_fail_session(struct iscsi_session *sess) 4586 { 4587 struct iscsi_conn *conn; 4588 4589 spin_lock_bh(&sess->conn_lock); 4590 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) { 4591 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n"); 4592 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT; 4593 } 4594 spin_unlock_bh(&sess->conn_lock); 4595 4596 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4597 sess->session_state = TARG_SESS_STATE_FAILED; 4598 } 4599 4600 int iscsit_free_session(struct iscsi_session *sess) 4601 { 4602 u16 conn_count = atomic_read(&sess->nconn); 4603 struct iscsi_conn *conn, *conn_tmp = NULL; 4604 int is_last; 4605 4606 spin_lock_bh(&sess->conn_lock); 4607 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4608 4609 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4610 conn_list) { 4611 if (conn_count == 0) 4612 break; 4613 4614 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4615 is_last = 1; 4616 } else { 4617 iscsit_inc_conn_usage_count(conn_tmp); 4618 is_last = 0; 4619 } 4620 iscsit_inc_conn_usage_count(conn); 4621 4622 spin_unlock_bh(&sess->conn_lock); 4623 iscsit_cause_connection_reinstatement(conn, 1); 4624 spin_lock_bh(&sess->conn_lock); 4625 4626 iscsit_dec_conn_usage_count(conn); 4627 if (is_last == 0) 4628 iscsit_dec_conn_usage_count(conn_tmp); 4629 4630 conn_count--; 4631 } 4632 4633 if (atomic_read(&sess->nconn)) { 4634 spin_unlock_bh(&sess->conn_lock); 4635 wait_for_completion(&sess->session_wait_comp); 4636 } else 4637 spin_unlock_bh(&sess->conn_lock); 4638 4639 target_put_session(sess->se_sess); 4640 return 0; 4641 } 4642 4643 void iscsit_stop_session( 4644 struct iscsi_session *sess, 4645 int session_sleep, 4646 int connection_sleep) 4647 { 4648 u16 conn_count = atomic_read(&sess->nconn); 4649 struct iscsi_conn *conn, *conn_tmp = NULL; 4650 int is_last; 4651 4652 spin_lock_bh(&sess->conn_lock); 4653 if (session_sleep) 4654 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4655 4656 if (connection_sleep) { 4657 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4658 conn_list) { 4659 if (conn_count == 0) 4660 break; 4661 4662 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4663 is_last = 1; 4664 } else { 4665 iscsit_inc_conn_usage_count(conn_tmp); 4666 is_last = 0; 4667 } 4668 iscsit_inc_conn_usage_count(conn); 4669 4670 spin_unlock_bh(&sess->conn_lock); 4671 iscsit_cause_connection_reinstatement(conn, 1); 4672 spin_lock_bh(&sess->conn_lock); 4673 4674 iscsit_dec_conn_usage_count(conn); 4675 if (is_last == 0) 4676 iscsit_dec_conn_usage_count(conn_tmp); 4677 conn_count--; 4678 } 4679 } else { 4680 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) 4681 iscsit_cause_connection_reinstatement(conn, 0); 4682 } 4683 4684 if (session_sleep && atomic_read(&sess->nconn)) { 4685 spin_unlock_bh(&sess->conn_lock); 4686 wait_for_completion(&sess->session_wait_comp); 4687 } else 4688 spin_unlock_bh(&sess->conn_lock); 4689 } 4690 4691 int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force) 4692 { 4693 struct iscsi_session *sess; 4694 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4695 struct se_session *se_sess, *se_sess_tmp; 4696 int session_count = 0; 4697 4698 spin_lock_bh(&se_tpg->session_lock); 4699 if (tpg->nsessions && !force) { 4700 spin_unlock_bh(&se_tpg->session_lock); 4701 return -1; 4702 } 4703 4704 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list, 4705 sess_list) { 4706 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4707 4708 spin_lock(&sess->conn_lock); 4709 if (atomic_read(&sess->session_fall_back_to_erl0) || 4710 atomic_read(&sess->session_logout) || 4711 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) { 4712 spin_unlock(&sess->conn_lock); 4713 continue; 4714 } 4715 atomic_set(&sess->session_reinstatement, 1); 4716 spin_unlock(&sess->conn_lock); 4717 spin_unlock_bh(&se_tpg->session_lock); 4718 4719 iscsit_free_session(sess); 4720 spin_lock_bh(&se_tpg->session_lock); 4721 4722 session_count++; 4723 } 4724 spin_unlock_bh(&se_tpg->session_lock); 4725 4726 pr_debug("Released %d iSCSI Session(s) from Target Portal" 4727 " Group: %hu\n", session_count, tpg->tpgt); 4728 return 0; 4729 } 4730 4731 MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure"); 4732 MODULE_VERSION("4.1.x"); 4733 MODULE_AUTHOR("nab@Linux-iSCSI.org"); 4734 MODULE_LICENSE("GPL"); 4735 4736 module_init(iscsi_target_init_module); 4737 module_exit(iscsi_target_cleanup_module); 4738