1 /******************************************************************************* 2 * This file contains main functions related to the iSCSI Target Core Driver. 3 * 4 * (c) Copyright 2007-2013 Datera, Inc. 5 * 6 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 ******************************************************************************/ 18 19 #include <linux/string.h> 20 #include <linux/kthread.h> 21 #include <linux/crypto.h> 22 #include <linux/completion.h> 23 #include <linux/module.h> 24 #include <linux/idr.h> 25 #include <asm/unaligned.h> 26 #include <scsi/scsi_device.h> 27 #include <scsi/iscsi_proto.h> 28 #include <scsi/scsi_tcq.h> 29 #include <target/target_core_base.h> 30 #include <target/target_core_fabric.h> 31 #include <target/target_core_configfs.h> 32 33 #include "iscsi_target_core.h" 34 #include "iscsi_target_parameters.h" 35 #include "iscsi_target_seq_pdu_list.h" 36 #include "iscsi_target_tq.h" 37 #include "iscsi_target_configfs.h" 38 #include "iscsi_target_datain_values.h" 39 #include "iscsi_target_erl0.h" 40 #include "iscsi_target_erl1.h" 41 #include "iscsi_target_erl2.h" 42 #include "iscsi_target_login.h" 43 #include "iscsi_target_tmr.h" 44 #include "iscsi_target_tpg.h" 45 #include "iscsi_target_util.h" 46 #include "iscsi_target.h" 47 #include "iscsi_target_device.h" 48 #include "iscsi_target_stat.h" 49 50 #include <target/iscsi/iscsi_transport.h> 51 52 static LIST_HEAD(g_tiqn_list); 53 static LIST_HEAD(g_np_list); 54 static DEFINE_SPINLOCK(tiqn_lock); 55 static DEFINE_SPINLOCK(np_lock); 56 57 static struct idr tiqn_idr; 58 struct idr sess_idr; 59 struct mutex auth_id_lock; 60 spinlock_t sess_idr_lock; 61 62 struct iscsit_global *iscsit_global; 63 64 struct kmem_cache *lio_qr_cache; 65 struct kmem_cache *lio_dr_cache; 66 struct kmem_cache *lio_ooo_cache; 67 struct kmem_cache *lio_r2t_cache; 68 69 static int iscsit_handle_immediate_data(struct iscsi_cmd *, 70 struct iscsi_scsi_req *, u32); 71 72 struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf) 73 { 74 struct iscsi_tiqn *tiqn = NULL; 75 76 spin_lock(&tiqn_lock); 77 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 78 if (!strcmp(tiqn->tiqn, buf)) { 79 80 spin_lock(&tiqn->tiqn_state_lock); 81 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 82 tiqn->tiqn_access_count++; 83 spin_unlock(&tiqn->tiqn_state_lock); 84 spin_unlock(&tiqn_lock); 85 return tiqn; 86 } 87 spin_unlock(&tiqn->tiqn_state_lock); 88 } 89 } 90 spin_unlock(&tiqn_lock); 91 92 return NULL; 93 } 94 95 static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn) 96 { 97 spin_lock(&tiqn->tiqn_state_lock); 98 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) { 99 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN; 100 spin_unlock(&tiqn->tiqn_state_lock); 101 return 0; 102 } 103 spin_unlock(&tiqn->tiqn_state_lock); 104 105 return -1; 106 } 107 108 void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn) 109 { 110 spin_lock(&tiqn->tiqn_state_lock); 111 tiqn->tiqn_access_count--; 112 spin_unlock(&tiqn->tiqn_state_lock); 113 } 114 115 /* 116 * Note that IQN formatting is expected to be done in userspace, and 117 * no explict IQN format checks are done here. 118 */ 119 struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf) 120 { 121 struct iscsi_tiqn *tiqn = NULL; 122 int ret; 123 124 if (strlen(buf) >= ISCSI_IQN_LEN) { 125 pr_err("Target IQN exceeds %d bytes\n", 126 ISCSI_IQN_LEN); 127 return ERR_PTR(-EINVAL); 128 } 129 130 tiqn = kzalloc(sizeof(struct iscsi_tiqn), GFP_KERNEL); 131 if (!tiqn) { 132 pr_err("Unable to allocate struct iscsi_tiqn\n"); 133 return ERR_PTR(-ENOMEM); 134 } 135 136 sprintf(tiqn->tiqn, "%s", buf); 137 INIT_LIST_HEAD(&tiqn->tiqn_list); 138 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list); 139 spin_lock_init(&tiqn->tiqn_state_lock); 140 spin_lock_init(&tiqn->tiqn_tpg_lock); 141 spin_lock_init(&tiqn->sess_err_stats.lock); 142 spin_lock_init(&tiqn->login_stats.lock); 143 spin_lock_init(&tiqn->logout_stats.lock); 144 145 tiqn->tiqn_state = TIQN_STATE_ACTIVE; 146 147 idr_preload(GFP_KERNEL); 148 spin_lock(&tiqn_lock); 149 150 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT); 151 if (ret < 0) { 152 pr_err("idr_alloc() failed for tiqn->tiqn_index\n"); 153 spin_unlock(&tiqn_lock); 154 idr_preload_end(); 155 kfree(tiqn); 156 return ERR_PTR(ret); 157 } 158 tiqn->tiqn_index = ret; 159 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list); 160 161 spin_unlock(&tiqn_lock); 162 idr_preload_end(); 163 164 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn); 165 166 return tiqn; 167 168 } 169 170 static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn) 171 { 172 /* 173 * Wait for accesses to said struct iscsi_tiqn to end. 174 */ 175 spin_lock(&tiqn->tiqn_state_lock); 176 while (tiqn->tiqn_access_count != 0) { 177 spin_unlock(&tiqn->tiqn_state_lock); 178 msleep(10); 179 spin_lock(&tiqn->tiqn_state_lock); 180 } 181 spin_unlock(&tiqn->tiqn_state_lock); 182 } 183 184 void iscsit_del_tiqn(struct iscsi_tiqn *tiqn) 185 { 186 /* 187 * iscsit_set_tiqn_shutdown sets tiqn->tiqn_state = TIQN_STATE_SHUTDOWN 188 * while holding tiqn->tiqn_state_lock. This means that all subsequent 189 * attempts to access this struct iscsi_tiqn will fail from both transport 190 * fabric and control code paths. 191 */ 192 if (iscsit_set_tiqn_shutdown(tiqn) < 0) { 193 pr_err("iscsit_set_tiqn_shutdown() failed\n"); 194 return; 195 } 196 197 iscsit_wait_for_tiqn(tiqn); 198 199 spin_lock(&tiqn_lock); 200 list_del(&tiqn->tiqn_list); 201 idr_remove(&tiqn_idr, tiqn->tiqn_index); 202 spin_unlock(&tiqn_lock); 203 204 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n", 205 tiqn->tiqn); 206 kfree(tiqn); 207 } 208 209 int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg) 210 { 211 int ret; 212 /* 213 * Determine if the network portal is accepting storage traffic. 214 */ 215 spin_lock_bh(&np->np_thread_lock); 216 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 217 spin_unlock_bh(&np->np_thread_lock); 218 return -1; 219 } 220 spin_unlock_bh(&np->np_thread_lock); 221 /* 222 * Determine if the portal group is accepting storage traffic. 223 */ 224 spin_lock_bh(&tpg->tpg_state_lock); 225 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 226 spin_unlock_bh(&tpg->tpg_state_lock); 227 return -1; 228 } 229 spin_unlock_bh(&tpg->tpg_state_lock); 230 231 /* 232 * Here we serialize access across the TIQN+TPG Tuple. 233 */ 234 ret = down_interruptible(&tpg->np_login_sem); 235 if ((ret != 0) || signal_pending(current)) 236 return -1; 237 238 spin_lock_bh(&tpg->tpg_state_lock); 239 if (tpg->tpg_state != TPG_STATE_ACTIVE) { 240 spin_unlock_bh(&tpg->tpg_state_lock); 241 up(&tpg->np_login_sem); 242 return -1; 243 } 244 spin_unlock_bh(&tpg->tpg_state_lock); 245 246 return 0; 247 } 248 249 void iscsit_login_kref_put(struct kref *kref) 250 { 251 struct iscsi_tpg_np *tpg_np = container_of(kref, 252 struct iscsi_tpg_np, tpg_np_kref); 253 254 complete(&tpg_np->tpg_np_comp); 255 } 256 257 int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg, 258 struct iscsi_tpg_np *tpg_np) 259 { 260 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn; 261 262 up(&tpg->np_login_sem); 263 264 if (tpg_np) 265 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 266 267 if (tiqn) 268 iscsit_put_tiqn_for_login(tiqn); 269 270 return 0; 271 } 272 273 bool iscsit_check_np_match( 274 struct __kernel_sockaddr_storage *sockaddr, 275 struct iscsi_np *np, 276 int network_transport) 277 { 278 struct sockaddr_in *sock_in, *sock_in_e; 279 struct sockaddr_in6 *sock_in6, *sock_in6_e; 280 bool ip_match = false; 281 u16 port; 282 283 if (sockaddr->ss_family == AF_INET6) { 284 sock_in6 = (struct sockaddr_in6 *)sockaddr; 285 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr; 286 287 if (!memcmp(&sock_in6->sin6_addr.in6_u, 288 &sock_in6_e->sin6_addr.in6_u, 289 sizeof(struct in6_addr))) 290 ip_match = true; 291 292 port = ntohs(sock_in6->sin6_port); 293 } else { 294 sock_in = (struct sockaddr_in *)sockaddr; 295 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr; 296 297 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr) 298 ip_match = true; 299 300 port = ntohs(sock_in->sin_port); 301 } 302 303 if ((ip_match == true) && (np->np_port == port) && 304 (np->np_network_transport == network_transport)) 305 return true; 306 307 return false; 308 } 309 310 static struct iscsi_np *iscsit_get_np( 311 struct __kernel_sockaddr_storage *sockaddr, 312 int network_transport) 313 { 314 struct iscsi_np *np; 315 bool match; 316 317 spin_lock_bh(&np_lock); 318 list_for_each_entry(np, &g_np_list, np_list) { 319 spin_lock(&np->np_thread_lock); 320 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { 321 spin_unlock(&np->np_thread_lock); 322 continue; 323 } 324 325 match = iscsit_check_np_match(sockaddr, np, network_transport); 326 if (match == true) { 327 /* 328 * Increment the np_exports reference count now to 329 * prevent iscsit_del_np() below from being called 330 * while iscsi_tpg_add_network_portal() is called. 331 */ 332 np->np_exports++; 333 spin_unlock(&np->np_thread_lock); 334 spin_unlock_bh(&np_lock); 335 return np; 336 } 337 spin_unlock(&np->np_thread_lock); 338 } 339 spin_unlock_bh(&np_lock); 340 341 return NULL; 342 } 343 344 struct iscsi_np *iscsit_add_np( 345 struct __kernel_sockaddr_storage *sockaddr, 346 char *ip_str, 347 int network_transport) 348 { 349 struct sockaddr_in *sock_in; 350 struct sockaddr_in6 *sock_in6; 351 struct iscsi_np *np; 352 int ret; 353 /* 354 * Locate the existing struct iscsi_np if already active.. 355 */ 356 np = iscsit_get_np(sockaddr, network_transport); 357 if (np) 358 return np; 359 360 np = kzalloc(sizeof(struct iscsi_np), GFP_KERNEL); 361 if (!np) { 362 pr_err("Unable to allocate memory for struct iscsi_np\n"); 363 return ERR_PTR(-ENOMEM); 364 } 365 366 np->np_flags |= NPF_IP_NETWORK; 367 if (sockaddr->ss_family == AF_INET6) { 368 sock_in6 = (struct sockaddr_in6 *)sockaddr; 369 snprintf(np->np_ip, IPV6_ADDRESS_SPACE, "%s", ip_str); 370 np->np_port = ntohs(sock_in6->sin6_port); 371 } else { 372 sock_in = (struct sockaddr_in *)sockaddr; 373 sprintf(np->np_ip, "%s", ip_str); 374 np->np_port = ntohs(sock_in->sin_port); 375 } 376 377 np->np_network_transport = network_transport; 378 spin_lock_init(&np->np_thread_lock); 379 init_completion(&np->np_restart_comp); 380 INIT_LIST_HEAD(&np->np_list); 381 382 ret = iscsi_target_setup_login_socket(np, sockaddr); 383 if (ret != 0) { 384 kfree(np); 385 return ERR_PTR(ret); 386 } 387 388 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np"); 389 if (IS_ERR(np->np_thread)) { 390 pr_err("Unable to create kthread: iscsi_np\n"); 391 ret = PTR_ERR(np->np_thread); 392 kfree(np); 393 return ERR_PTR(ret); 394 } 395 /* 396 * Increment the np_exports reference count now to prevent 397 * iscsit_del_np() below from being run while a new call to 398 * iscsi_tpg_add_network_portal() for a matching iscsi_np is 399 * active. We don't need to hold np->np_thread_lock at this 400 * point because iscsi_np has not been added to g_np_list yet. 401 */ 402 np->np_exports = 1; 403 404 spin_lock_bh(&np_lock); 405 list_add_tail(&np->np_list, &g_np_list); 406 spin_unlock_bh(&np_lock); 407 408 pr_debug("CORE[0] - Added Network Portal: %s:%hu on %s\n", 409 np->np_ip, np->np_port, np->np_transport->name); 410 411 return np; 412 } 413 414 int iscsit_reset_np_thread( 415 struct iscsi_np *np, 416 struct iscsi_tpg_np *tpg_np, 417 struct iscsi_portal_group *tpg, 418 bool shutdown) 419 { 420 spin_lock_bh(&np->np_thread_lock); 421 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) { 422 spin_unlock_bh(&np->np_thread_lock); 423 return 0; 424 } 425 np->np_thread_state = ISCSI_NP_THREAD_RESET; 426 427 if (np->np_thread) { 428 spin_unlock_bh(&np->np_thread_lock); 429 send_sig(SIGINT, np->np_thread, 1); 430 wait_for_completion(&np->np_restart_comp); 431 spin_lock_bh(&np->np_thread_lock); 432 } 433 spin_unlock_bh(&np->np_thread_lock); 434 435 if (tpg_np && shutdown) { 436 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 437 438 wait_for_completion(&tpg_np->tpg_np_comp); 439 } 440 441 return 0; 442 } 443 444 static void iscsit_free_np(struct iscsi_np *np) 445 { 446 if (np->np_socket) 447 sock_release(np->np_socket); 448 } 449 450 int iscsit_del_np(struct iscsi_np *np) 451 { 452 spin_lock_bh(&np->np_thread_lock); 453 np->np_exports--; 454 if (np->np_exports) { 455 spin_unlock_bh(&np->np_thread_lock); 456 return 0; 457 } 458 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN; 459 spin_unlock_bh(&np->np_thread_lock); 460 461 if (np->np_thread) { 462 /* 463 * We need to send the signal to wakeup Linux/Net 464 * which may be sleeping in sock_accept().. 465 */ 466 send_sig(SIGINT, np->np_thread, 1); 467 kthread_stop(np->np_thread); 468 } 469 470 np->np_transport->iscsit_free_np(np); 471 472 spin_lock_bh(&np_lock); 473 list_del(&np->np_list); 474 spin_unlock_bh(&np_lock); 475 476 pr_debug("CORE[0] - Removed Network Portal: %s:%hu on %s\n", 477 np->np_ip, np->np_port, np->np_transport->name); 478 479 iscsit_put_transport(np->np_transport); 480 kfree(np); 481 return 0; 482 } 483 484 static int iscsit_immediate_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 485 static int iscsit_response_queue(struct iscsi_conn *, struct iscsi_cmd *, int); 486 487 static int iscsit_queue_rsp(struct iscsi_conn *conn, struct iscsi_cmd *cmd) 488 { 489 iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state); 490 return 0; 491 } 492 493 static struct iscsit_transport iscsi_target_transport = { 494 .name = "iSCSI/TCP", 495 .transport_type = ISCSI_TCP, 496 .owner = NULL, 497 .iscsit_setup_np = iscsit_setup_np, 498 .iscsit_accept_np = iscsit_accept_np, 499 .iscsit_free_np = iscsit_free_np, 500 .iscsit_get_login_rx = iscsit_get_login_rx, 501 .iscsit_put_login_tx = iscsit_put_login_tx, 502 .iscsit_get_dataout = iscsit_build_r2ts_for_cmd, 503 .iscsit_immediate_queue = iscsit_immediate_queue, 504 .iscsit_response_queue = iscsit_response_queue, 505 .iscsit_queue_data_in = iscsit_queue_rsp, 506 .iscsit_queue_status = iscsit_queue_rsp, 507 }; 508 509 static int __init iscsi_target_init_module(void) 510 { 511 int ret = 0; 512 513 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n"); 514 515 iscsit_global = kzalloc(sizeof(struct iscsit_global), GFP_KERNEL); 516 if (!iscsit_global) { 517 pr_err("Unable to allocate memory for iscsit_global\n"); 518 return -1; 519 } 520 mutex_init(&auth_id_lock); 521 spin_lock_init(&sess_idr_lock); 522 idr_init(&tiqn_idr); 523 idr_init(&sess_idr); 524 525 ret = iscsi_target_register_configfs(); 526 if (ret < 0) 527 goto out; 528 529 ret = iscsi_thread_set_init(); 530 if (ret < 0) 531 goto configfs_out; 532 533 if (iscsi_allocate_thread_sets(TARGET_THREAD_SET_COUNT) != 534 TARGET_THREAD_SET_COUNT) { 535 pr_err("iscsi_allocate_thread_sets() returned" 536 " unexpected value!\n"); 537 goto ts_out1; 538 } 539 540 lio_qr_cache = kmem_cache_create("lio_qr_cache", 541 sizeof(struct iscsi_queue_req), 542 __alignof__(struct iscsi_queue_req), 0, NULL); 543 if (!lio_qr_cache) { 544 pr_err("nable to kmem_cache_create() for" 545 " lio_qr_cache\n"); 546 goto ts_out2; 547 } 548 549 lio_dr_cache = kmem_cache_create("lio_dr_cache", 550 sizeof(struct iscsi_datain_req), 551 __alignof__(struct iscsi_datain_req), 0, NULL); 552 if (!lio_dr_cache) { 553 pr_err("Unable to kmem_cache_create() for" 554 " lio_dr_cache\n"); 555 goto qr_out; 556 } 557 558 lio_ooo_cache = kmem_cache_create("lio_ooo_cache", 559 sizeof(struct iscsi_ooo_cmdsn), 560 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL); 561 if (!lio_ooo_cache) { 562 pr_err("Unable to kmem_cache_create() for" 563 " lio_ooo_cache\n"); 564 goto dr_out; 565 } 566 567 lio_r2t_cache = kmem_cache_create("lio_r2t_cache", 568 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t), 569 0, NULL); 570 if (!lio_r2t_cache) { 571 pr_err("Unable to kmem_cache_create() for" 572 " lio_r2t_cache\n"); 573 goto ooo_out; 574 } 575 576 iscsit_register_transport(&iscsi_target_transport); 577 578 if (iscsit_load_discovery_tpg() < 0) 579 goto r2t_out; 580 581 return ret; 582 r2t_out: 583 kmem_cache_destroy(lio_r2t_cache); 584 ooo_out: 585 kmem_cache_destroy(lio_ooo_cache); 586 dr_out: 587 kmem_cache_destroy(lio_dr_cache); 588 qr_out: 589 kmem_cache_destroy(lio_qr_cache); 590 ts_out2: 591 iscsi_deallocate_thread_sets(); 592 ts_out1: 593 iscsi_thread_set_free(); 594 configfs_out: 595 iscsi_target_deregister_configfs(); 596 out: 597 kfree(iscsit_global); 598 return -ENOMEM; 599 } 600 601 static void __exit iscsi_target_cleanup_module(void) 602 { 603 iscsi_deallocate_thread_sets(); 604 iscsi_thread_set_free(); 605 iscsit_release_discovery_tpg(); 606 iscsit_unregister_transport(&iscsi_target_transport); 607 kmem_cache_destroy(lio_qr_cache); 608 kmem_cache_destroy(lio_dr_cache); 609 kmem_cache_destroy(lio_ooo_cache); 610 kmem_cache_destroy(lio_r2t_cache); 611 612 iscsi_target_deregister_configfs(); 613 614 kfree(iscsit_global); 615 } 616 617 static int iscsit_add_reject( 618 struct iscsi_conn *conn, 619 u8 reason, 620 unsigned char *buf) 621 { 622 struct iscsi_cmd *cmd; 623 624 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 625 if (!cmd) 626 return -1; 627 628 cmd->iscsi_opcode = ISCSI_OP_REJECT; 629 cmd->reject_reason = reason; 630 631 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 632 if (!cmd->buf_ptr) { 633 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 634 iscsit_free_cmd(cmd, false); 635 return -1; 636 } 637 638 spin_lock_bh(&conn->cmd_lock); 639 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 640 spin_unlock_bh(&conn->cmd_lock); 641 642 cmd->i_state = ISTATE_SEND_REJECT; 643 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 644 645 return -1; 646 } 647 648 static int iscsit_add_reject_from_cmd( 649 struct iscsi_cmd *cmd, 650 u8 reason, 651 bool add_to_conn, 652 unsigned char *buf) 653 { 654 struct iscsi_conn *conn; 655 656 if (!cmd->conn) { 657 pr_err("cmd->conn is NULL for ITT: 0x%08x\n", 658 cmd->init_task_tag); 659 return -1; 660 } 661 conn = cmd->conn; 662 663 cmd->iscsi_opcode = ISCSI_OP_REJECT; 664 cmd->reject_reason = reason; 665 666 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL); 667 if (!cmd->buf_ptr) { 668 pr_err("Unable to allocate memory for cmd->buf_ptr\n"); 669 iscsit_free_cmd(cmd, false); 670 return -1; 671 } 672 673 if (add_to_conn) { 674 spin_lock_bh(&conn->cmd_lock); 675 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 676 spin_unlock_bh(&conn->cmd_lock); 677 } 678 679 cmd->i_state = ISTATE_SEND_REJECT; 680 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 681 /* 682 * Perform the kref_put now if se_cmd has already been setup by 683 * scsit_setup_scsi_cmd() 684 */ 685 if (cmd->se_cmd.se_tfo != NULL) { 686 pr_debug("iscsi reject: calling target_put_sess_cmd >>>>>>\n"); 687 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 688 } 689 return -1; 690 } 691 692 static int iscsit_add_reject_cmd(struct iscsi_cmd *cmd, u8 reason, 693 unsigned char *buf) 694 { 695 return iscsit_add_reject_from_cmd(cmd, reason, true, buf); 696 } 697 698 int iscsit_reject_cmd(struct iscsi_cmd *cmd, u8 reason, unsigned char *buf) 699 { 700 return iscsit_add_reject_from_cmd(cmd, reason, false, buf); 701 } 702 703 /* 704 * Map some portion of the allocated scatterlist to an iovec, suitable for 705 * kernel sockets to copy data in/out. 706 */ 707 static int iscsit_map_iovec( 708 struct iscsi_cmd *cmd, 709 struct kvec *iov, 710 u32 data_offset, 711 u32 data_length) 712 { 713 u32 i = 0; 714 struct scatterlist *sg; 715 unsigned int page_off; 716 717 /* 718 * We know each entry in t_data_sg contains a page. 719 */ 720 sg = &cmd->se_cmd.t_data_sg[data_offset / PAGE_SIZE]; 721 page_off = (data_offset % PAGE_SIZE); 722 723 cmd->first_data_sg = sg; 724 cmd->first_data_sg_off = page_off; 725 726 while (data_length) { 727 u32 cur_len = min_t(u32, data_length, sg->length - page_off); 728 729 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off; 730 iov[i].iov_len = cur_len; 731 732 data_length -= cur_len; 733 page_off = 0; 734 sg = sg_next(sg); 735 i++; 736 } 737 738 cmd->kmapped_nents = i; 739 740 return i; 741 } 742 743 static void iscsit_unmap_iovec(struct iscsi_cmd *cmd) 744 { 745 u32 i; 746 struct scatterlist *sg; 747 748 sg = cmd->first_data_sg; 749 750 for (i = 0; i < cmd->kmapped_nents; i++) 751 kunmap(sg_page(&sg[i])); 752 } 753 754 static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn) 755 { 756 LIST_HEAD(ack_list); 757 struct iscsi_cmd *cmd, *cmd_p; 758 759 conn->exp_statsn = exp_statsn; 760 761 if (conn->sess->sess_ops->RDMAExtensions) 762 return; 763 764 spin_lock_bh(&conn->cmd_lock); 765 list_for_each_entry_safe(cmd, cmd_p, &conn->conn_cmd_list, i_conn_node) { 766 spin_lock(&cmd->istate_lock); 767 if ((cmd->i_state == ISTATE_SENT_STATUS) && 768 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) { 769 cmd->i_state = ISTATE_REMOVE; 770 spin_unlock(&cmd->istate_lock); 771 list_move_tail(&cmd->i_conn_node, &ack_list); 772 continue; 773 } 774 spin_unlock(&cmd->istate_lock); 775 } 776 spin_unlock_bh(&conn->cmd_lock); 777 778 list_for_each_entry_safe(cmd, cmd_p, &ack_list, i_conn_node) { 779 list_del(&cmd->i_conn_node); 780 iscsit_free_cmd(cmd, false); 781 } 782 } 783 784 static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd) 785 { 786 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE)); 787 788 iov_count += ISCSI_IOV_DATA_BUFFER; 789 790 cmd->iov_data = kzalloc(iov_count * sizeof(struct kvec), GFP_KERNEL); 791 if (!cmd->iov_data) { 792 pr_err("Unable to allocate cmd->iov_data\n"); 793 return -ENOMEM; 794 } 795 796 cmd->orig_iov_data_count = iov_count; 797 return 0; 798 } 799 800 int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 801 unsigned char *buf) 802 { 803 int data_direction, payload_length; 804 struct iscsi_scsi_req *hdr; 805 int iscsi_task_attr; 806 int sam_task_attr; 807 808 spin_lock_bh(&conn->sess->session_stats_lock); 809 conn->sess->cmd_pdus++; 810 if (conn->sess->se_sess->se_node_acl) { 811 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock); 812 conn->sess->se_sess->se_node_acl->num_cmds++; 813 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock); 814 } 815 spin_unlock_bh(&conn->sess->session_stats_lock); 816 817 hdr = (struct iscsi_scsi_req *) buf; 818 payload_length = ntoh24(hdr->dlength); 819 820 /* FIXME; Add checks for AdditionalHeaderSegment */ 821 822 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) && 823 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) { 824 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL" 825 " not set. Bad iSCSI Initiator.\n"); 826 return iscsit_add_reject_cmd(cmd, 827 ISCSI_REASON_BOOKMARK_INVALID, buf); 828 } 829 830 if (((hdr->flags & ISCSI_FLAG_CMD_READ) || 831 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { 832 /* 833 * Vmware ESX v3.0 uses a modified Cisco Initiator (v3.4.2) 834 * that adds support for RESERVE/RELEASE. There is a bug 835 * add with this new functionality that sets R/W bits when 836 * neither CDB carries any READ or WRITE datapayloads. 837 */ 838 if ((hdr->cdb[0] == 0x16) || (hdr->cdb[0] == 0x17)) { 839 hdr->flags &= ~ISCSI_FLAG_CMD_READ; 840 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; 841 goto done; 842 } 843 844 pr_err("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" 845 " set when Expected Data Transfer Length is 0 for" 846 " CDB: 0x%02x. Bad iSCSI Initiator.\n", hdr->cdb[0]); 847 return iscsit_add_reject_cmd(cmd, 848 ISCSI_REASON_BOOKMARK_INVALID, buf); 849 } 850 done: 851 852 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && 853 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { 854 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE" 855 " MUST be set if Expected Data Transfer Length is not 0." 856 " Bad iSCSI Initiator\n"); 857 return iscsit_add_reject_cmd(cmd, 858 ISCSI_REASON_BOOKMARK_INVALID, buf); 859 } 860 861 if ((hdr->flags & ISCSI_FLAG_CMD_READ) && 862 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) { 863 pr_err("Bidirectional operations not supported!\n"); 864 return iscsit_add_reject_cmd(cmd, 865 ISCSI_REASON_BOOKMARK_INVALID, buf); 866 } 867 868 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 869 pr_err("Illegally set Immediate Bit in iSCSI Initiator" 870 " Scsi Command PDU.\n"); 871 return iscsit_add_reject_cmd(cmd, 872 ISCSI_REASON_BOOKMARK_INVALID, buf); 873 } 874 875 if (payload_length && !conn->sess->sess_ops->ImmediateData) { 876 pr_err("ImmediateData=No but DataSegmentLength=%u," 877 " protocol error.\n", payload_length); 878 return iscsit_add_reject_cmd(cmd, 879 ISCSI_REASON_PROTOCOL_ERROR, buf); 880 } 881 882 if ((be32_to_cpu(hdr->data_length) == payload_length) && 883 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) { 884 pr_err("Expected Data Transfer Length and Length of" 885 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL" 886 " bit is not set protocol error\n"); 887 return iscsit_add_reject_cmd(cmd, 888 ISCSI_REASON_PROTOCOL_ERROR, buf); 889 } 890 891 if (payload_length > be32_to_cpu(hdr->data_length)) { 892 pr_err("DataSegmentLength: %u is greater than" 893 " EDTL: %u, protocol error.\n", payload_length, 894 hdr->data_length); 895 return iscsit_add_reject_cmd(cmd, 896 ISCSI_REASON_PROTOCOL_ERROR, buf); 897 } 898 899 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 900 pr_err("DataSegmentLength: %u is greater than" 901 " MaxXmitDataSegmentLength: %u, protocol error.\n", 902 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 903 return iscsit_add_reject_cmd(cmd, 904 ISCSI_REASON_PROTOCOL_ERROR, buf); 905 } 906 907 if (payload_length > conn->sess->sess_ops->FirstBurstLength) { 908 pr_err("DataSegmentLength: %u is greater than" 909 " FirstBurstLength: %u, protocol error.\n", 910 payload_length, conn->sess->sess_ops->FirstBurstLength); 911 return iscsit_add_reject_cmd(cmd, 912 ISCSI_REASON_BOOKMARK_INVALID, buf); 913 } 914 915 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE : 916 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE : 917 DMA_NONE; 918 919 cmd->data_direction = data_direction; 920 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK; 921 /* 922 * Figure out the SAM Task Attribute for the incoming SCSI CDB 923 */ 924 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) || 925 (iscsi_task_attr == ISCSI_ATTR_SIMPLE)) 926 sam_task_attr = MSG_SIMPLE_TAG; 927 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED) 928 sam_task_attr = MSG_ORDERED_TAG; 929 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE) 930 sam_task_attr = MSG_HEAD_TAG; 931 else if (iscsi_task_attr == ISCSI_ATTR_ACA) 932 sam_task_attr = MSG_ACA_TAG; 933 else { 934 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using" 935 " MSG_SIMPLE_TAG\n", iscsi_task_attr); 936 sam_task_attr = MSG_SIMPLE_TAG; 937 } 938 939 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD; 940 cmd->i_state = ISTATE_NEW_CMD; 941 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 942 cmd->immediate_data = (payload_length) ? 1 : 0; 943 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) && 944 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0); 945 if (cmd->unsolicited_data) 946 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA; 947 948 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 949 if (hdr->flags & ISCSI_FLAG_CMD_READ) { 950 spin_lock_bh(&conn->sess->ttt_lock); 951 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++; 952 if (cmd->targ_xfer_tag == 0xFFFFFFFF) 953 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++; 954 spin_unlock_bh(&conn->sess->ttt_lock); 955 } else if (hdr->flags & ISCSI_FLAG_CMD_WRITE) 956 cmd->targ_xfer_tag = 0xFFFFFFFF; 957 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 958 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 959 cmd->first_burst_len = payload_length; 960 961 if (!conn->sess->sess_ops->RDMAExtensions && 962 cmd->data_direction == DMA_FROM_DEVICE) { 963 struct iscsi_datain_req *dr; 964 965 dr = iscsit_allocate_datain_req(); 966 if (!dr) 967 return iscsit_add_reject_cmd(cmd, 968 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 969 970 iscsit_attach_datain_req(cmd, dr); 971 } 972 973 /* 974 * Initialize struct se_cmd descriptor from target_core_mod infrastructure 975 */ 976 transport_init_se_cmd(&cmd->se_cmd, &lio_target_fabric_configfs->tf_ops, 977 conn->sess->se_sess, be32_to_cpu(hdr->data_length), 978 cmd->data_direction, sam_task_attr, 979 cmd->sense_buffer + 2); 980 981 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x," 982 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt, 983 hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length, 984 conn->cid); 985 986 target_get_sess_cmd(conn->sess->se_sess, &cmd->se_cmd, true); 987 988 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd, 989 scsilun_to_int(&hdr->lun)); 990 if (cmd->sense_reason) 991 goto attach_cmd; 992 993 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb); 994 if (cmd->sense_reason) { 995 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) { 996 return iscsit_add_reject_cmd(cmd, 997 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 998 } 999 1000 goto attach_cmd; 1001 } 1002 1003 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) { 1004 return iscsit_add_reject_cmd(cmd, 1005 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1006 } 1007 1008 attach_cmd: 1009 spin_lock_bh(&conn->cmd_lock); 1010 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1011 spin_unlock_bh(&conn->cmd_lock); 1012 /* 1013 * Check if we need to delay processing because of ALUA 1014 * Active/NonOptimized primary access state.. 1015 */ 1016 core_alua_check_nonop_delay(&cmd->se_cmd); 1017 1018 return 0; 1019 } 1020 EXPORT_SYMBOL(iscsit_setup_scsi_cmd); 1021 1022 void iscsit_set_unsoliticed_dataout(struct iscsi_cmd *cmd) 1023 { 1024 iscsit_set_dataout_sequence_values(cmd); 1025 1026 spin_lock_bh(&cmd->dataout_timeout_lock); 1027 iscsit_start_dataout_timer(cmd, cmd->conn); 1028 spin_unlock_bh(&cmd->dataout_timeout_lock); 1029 } 1030 EXPORT_SYMBOL(iscsit_set_unsoliticed_dataout); 1031 1032 int iscsit_process_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1033 struct iscsi_scsi_req *hdr) 1034 { 1035 int cmdsn_ret = 0; 1036 /* 1037 * Check the CmdSN against ExpCmdSN/MaxCmdSN here if 1038 * the Immediate Bit is not set, and no Immediate 1039 * Data is attached. 1040 * 1041 * A PDU/CmdSN carrying Immediate Data can only 1042 * be processed after the DataCRC has passed. 1043 * If the DataCRC fails, the CmdSN MUST NOT 1044 * be acknowledged. (See below) 1045 */ 1046 if (!cmd->immediate_data) { 1047 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1048 (unsigned char *)hdr, hdr->cmdsn); 1049 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1050 return -1; 1051 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1052 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1053 return 0; 1054 } 1055 } 1056 1057 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1058 1059 /* 1060 * If no Immediate Data is attached, it's OK to return now. 1061 */ 1062 if (!cmd->immediate_data) { 1063 if (!cmd->sense_reason && cmd->unsolicited_data) 1064 iscsit_set_unsoliticed_dataout(cmd); 1065 if (!cmd->sense_reason) 1066 return 0; 1067 1068 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1069 return 0; 1070 } 1071 1072 /* 1073 * Early CHECK_CONDITIONs with ImmediateData never make it to command 1074 * execution. These exceptions are processed in CmdSN order using 1075 * iscsit_check_received_cmdsn() in iscsit_get_immediate_data() below. 1076 */ 1077 if (cmd->sense_reason) { 1078 if (cmd->reject_reason) 1079 return 0; 1080 1081 return 1; 1082 } 1083 /* 1084 * Call directly into transport_generic_new_cmd() to perform 1085 * the backend memory allocation. 1086 */ 1087 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd); 1088 if (cmd->sense_reason) 1089 return 1; 1090 1091 return 0; 1092 } 1093 EXPORT_SYMBOL(iscsit_process_scsi_cmd); 1094 1095 static int 1096 iscsit_get_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr, 1097 bool dump_payload) 1098 { 1099 struct iscsi_conn *conn = cmd->conn; 1100 int cmdsn_ret = 0, immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION; 1101 /* 1102 * Special case for Unsupported SAM WRITE Opcodes and ImmediateData=Yes. 1103 */ 1104 if (dump_payload == true) 1105 goto after_immediate_data; 1106 1107 immed_ret = iscsit_handle_immediate_data(cmd, hdr, 1108 cmd->first_burst_len); 1109 after_immediate_data: 1110 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) { 1111 /* 1112 * A PDU/CmdSN carrying Immediate Data passed 1113 * DataCRC, check against ExpCmdSN/MaxCmdSN if 1114 * Immediate Bit is not set. 1115 */ 1116 cmdsn_ret = iscsit_sequence_cmd(cmd->conn, cmd, 1117 (unsigned char *)hdr, hdr->cmdsn); 1118 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1119 return -1; 1120 1121 if (cmd->sense_reason || cmdsn_ret == CMDSN_LOWER_THAN_EXP) { 1122 int rc; 1123 1124 rc = iscsit_dump_data_payload(cmd->conn, 1125 cmd->first_burst_len, 1); 1126 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1127 return rc; 1128 } else if (cmd->unsolicited_data) 1129 iscsit_set_unsoliticed_dataout(cmd); 1130 1131 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) { 1132 /* 1133 * Immediate Data failed DataCRC and ERL>=1, 1134 * silently drop this PDU and let the initiator 1135 * plug the CmdSN gap. 1136 * 1137 * FIXME: Send Unsolicited NOPIN with reserved 1138 * TTT here to help the initiator figure out 1139 * the missing CmdSN, although they should be 1140 * intelligent enough to determine the missing 1141 * CmdSN and issue a retry to plug the sequence. 1142 */ 1143 cmd->i_state = ISTATE_REMOVE; 1144 iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, cmd->i_state); 1145 } else /* immed_ret == IMMEDIATE_DATA_CANNOT_RECOVER */ 1146 return -1; 1147 1148 return 0; 1149 } 1150 1151 static int 1152 iscsit_handle_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1153 unsigned char *buf) 1154 { 1155 struct iscsi_scsi_req *hdr = (struct iscsi_scsi_req *)buf; 1156 int rc, immed_data; 1157 bool dump_payload = false; 1158 1159 rc = iscsit_setup_scsi_cmd(conn, cmd, buf); 1160 if (rc < 0) 1161 return 0; 1162 /* 1163 * Allocation iovecs needed for struct socket operations for 1164 * traditional iSCSI block I/O. 1165 */ 1166 if (iscsit_allocate_iovecs(cmd) < 0) { 1167 return iscsit_add_reject_cmd(cmd, 1168 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1169 } 1170 immed_data = cmd->immediate_data; 1171 1172 rc = iscsit_process_scsi_cmd(conn, cmd, hdr); 1173 if (rc < 0) 1174 return rc; 1175 else if (rc > 0) 1176 dump_payload = true; 1177 1178 if (!immed_data) 1179 return 0; 1180 1181 return iscsit_get_immediate_data(cmd, hdr, dump_payload); 1182 } 1183 1184 static u32 iscsit_do_crypto_hash_sg( 1185 struct hash_desc *hash, 1186 struct iscsi_cmd *cmd, 1187 u32 data_offset, 1188 u32 data_length, 1189 u32 padding, 1190 u8 *pad_bytes) 1191 { 1192 u32 data_crc; 1193 u32 i; 1194 struct scatterlist *sg; 1195 unsigned int page_off; 1196 1197 crypto_hash_init(hash); 1198 1199 sg = cmd->first_data_sg; 1200 page_off = cmd->first_data_sg_off; 1201 1202 i = 0; 1203 while (data_length) { 1204 u32 cur_len = min_t(u32, data_length, (sg[i].length - page_off)); 1205 1206 crypto_hash_update(hash, &sg[i], cur_len); 1207 1208 data_length -= cur_len; 1209 page_off = 0; 1210 i++; 1211 } 1212 1213 if (padding) { 1214 struct scatterlist pad_sg; 1215 1216 sg_init_one(&pad_sg, pad_bytes, padding); 1217 crypto_hash_update(hash, &pad_sg, padding); 1218 } 1219 crypto_hash_final(hash, (u8 *) &data_crc); 1220 1221 return data_crc; 1222 } 1223 1224 static void iscsit_do_crypto_hash_buf( 1225 struct hash_desc *hash, 1226 const void *buf, 1227 u32 payload_length, 1228 u32 padding, 1229 u8 *pad_bytes, 1230 u8 *data_crc) 1231 { 1232 struct scatterlist sg; 1233 1234 crypto_hash_init(hash); 1235 1236 sg_init_one(&sg, buf, payload_length); 1237 crypto_hash_update(hash, &sg, payload_length); 1238 1239 if (padding) { 1240 sg_init_one(&sg, pad_bytes, padding); 1241 crypto_hash_update(hash, &sg, padding); 1242 } 1243 crypto_hash_final(hash, data_crc); 1244 } 1245 1246 int 1247 iscsit_check_dataout_hdr(struct iscsi_conn *conn, unsigned char *buf, 1248 struct iscsi_cmd **out_cmd) 1249 { 1250 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1251 struct iscsi_cmd *cmd = NULL; 1252 struct se_cmd *se_cmd; 1253 u32 payload_length = ntoh24(hdr->dlength); 1254 int rc; 1255 1256 if (!payload_length) { 1257 pr_err("DataOUT payload is ZERO, protocol error.\n"); 1258 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1259 buf); 1260 } 1261 1262 /* iSCSI write */ 1263 spin_lock_bh(&conn->sess->session_stats_lock); 1264 conn->sess->rx_data_octets += payload_length; 1265 if (conn->sess->se_sess->se_node_acl) { 1266 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock); 1267 conn->sess->se_sess->se_node_acl->write_bytes += payload_length; 1268 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock); 1269 } 1270 spin_unlock_bh(&conn->sess->session_stats_lock); 1271 1272 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1273 pr_err("DataSegmentLength: %u is greater than" 1274 " MaxXmitDataSegmentLength: %u\n", payload_length, 1275 conn->conn_ops->MaxXmitDataSegmentLength); 1276 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1277 buf); 1278 } 1279 1280 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt, 1281 payload_length); 1282 if (!cmd) 1283 return 0; 1284 1285 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x," 1286 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 1287 hdr->itt, hdr->ttt, hdr->datasn, ntohl(hdr->offset), 1288 payload_length, conn->cid); 1289 1290 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) { 1291 pr_err("Command ITT: 0x%08x received DataOUT after" 1292 " last DataOUT received, dumping payload\n", 1293 cmd->init_task_tag); 1294 return iscsit_dump_data_payload(conn, payload_length, 1); 1295 } 1296 1297 if (cmd->data_direction != DMA_TO_DEVICE) { 1298 pr_err("Command ITT: 0x%08x received DataOUT for a" 1299 " NON-WRITE command.\n", cmd->init_task_tag); 1300 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 1301 } 1302 se_cmd = &cmd->se_cmd; 1303 iscsit_mod_dataout_timer(cmd); 1304 1305 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) { 1306 pr_err("DataOut Offset: %u, Length %u greater than" 1307 " iSCSI Command EDTL %u, protocol error.\n", 1308 hdr->offset, payload_length, cmd->se_cmd.data_length); 1309 return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID, buf); 1310 } 1311 1312 if (cmd->unsolicited_data) { 1313 int dump_unsolicited_data = 0; 1314 1315 if (conn->sess->sess_ops->InitialR2T) { 1316 pr_err("Received unexpected unsolicited data" 1317 " while InitialR2T=Yes, protocol error.\n"); 1318 transport_send_check_condition_and_sense(&cmd->se_cmd, 1319 TCM_UNEXPECTED_UNSOLICITED_DATA, 0); 1320 return -1; 1321 } 1322 /* 1323 * Special case for dealing with Unsolicited DataOUT 1324 * and Unsupported SAM WRITE Opcodes and SE resource allocation 1325 * failures; 1326 */ 1327 1328 /* Something's amiss if we're not in WRITE_PENDING state... */ 1329 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING); 1330 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE)) 1331 dump_unsolicited_data = 1; 1332 1333 if (dump_unsolicited_data) { 1334 /* 1335 * Check if a delayed TASK_ABORTED status needs to 1336 * be sent now if the ISCSI_FLAG_CMD_FINAL has been 1337 * received with the unsolicitied data out. 1338 */ 1339 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1340 iscsit_stop_dataout_timer(cmd); 1341 1342 transport_check_aborted_status(se_cmd, 1343 (hdr->flags & ISCSI_FLAG_CMD_FINAL)); 1344 return iscsit_dump_data_payload(conn, payload_length, 1); 1345 } 1346 } else { 1347 /* 1348 * For the normal solicited data path: 1349 * 1350 * Check for a delayed TASK_ABORTED status and dump any 1351 * incoming data out payload if one exists. Also, when the 1352 * ISCSI_FLAG_CMD_FINAL is set to denote the end of the current 1353 * data out sequence, we decrement outstanding_r2ts. Once 1354 * outstanding_r2ts reaches zero, go ahead and send the delayed 1355 * TASK_ABORTED status. 1356 */ 1357 if (se_cmd->transport_state & CMD_T_ABORTED) { 1358 if (hdr->flags & ISCSI_FLAG_CMD_FINAL) 1359 if (--cmd->outstanding_r2ts < 1) { 1360 iscsit_stop_dataout_timer(cmd); 1361 transport_check_aborted_status( 1362 se_cmd, 1); 1363 } 1364 1365 return iscsit_dump_data_payload(conn, payload_length, 1); 1366 } 1367 } 1368 /* 1369 * Preform DataSN, DataSequenceInOrder, DataPDUInOrder, and 1370 * within-command recovery checks before receiving the payload. 1371 */ 1372 rc = iscsit_check_pre_dataout(cmd, buf); 1373 if (rc == DATAOUT_WITHIN_COMMAND_RECOVERY) 1374 return 0; 1375 else if (rc == DATAOUT_CANNOT_RECOVER) 1376 return -1; 1377 1378 *out_cmd = cmd; 1379 return 0; 1380 } 1381 EXPORT_SYMBOL(iscsit_check_dataout_hdr); 1382 1383 static int 1384 iscsit_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1385 struct iscsi_data *hdr) 1386 { 1387 struct kvec *iov; 1388 u32 checksum, iov_count = 0, padding = 0, rx_got = 0, rx_size = 0; 1389 u32 payload_length = ntoh24(hdr->dlength); 1390 int iov_ret, data_crc_failed = 0; 1391 1392 rx_size += payload_length; 1393 iov = &cmd->iov_data[0]; 1394 1395 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset), 1396 payload_length); 1397 if (iov_ret < 0) 1398 return -1; 1399 1400 iov_count += iov_ret; 1401 1402 padding = ((-payload_length) & 3); 1403 if (padding != 0) { 1404 iov[iov_count].iov_base = cmd->pad_bytes; 1405 iov[iov_count++].iov_len = padding; 1406 rx_size += padding; 1407 pr_debug("Receiving %u padding bytes.\n", padding); 1408 } 1409 1410 if (conn->conn_ops->DataDigest) { 1411 iov[iov_count].iov_base = &checksum; 1412 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 1413 rx_size += ISCSI_CRC_LEN; 1414 } 1415 1416 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 1417 1418 iscsit_unmap_iovec(cmd); 1419 1420 if (rx_got != rx_size) 1421 return -1; 1422 1423 if (conn->conn_ops->DataDigest) { 1424 u32 data_crc; 1425 1426 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd, 1427 be32_to_cpu(hdr->offset), 1428 payload_length, padding, 1429 cmd->pad_bytes); 1430 1431 if (checksum != data_crc) { 1432 pr_err("ITT: 0x%08x, Offset: %u, Length: %u," 1433 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x" 1434 " does not match computed 0x%08x\n", 1435 hdr->itt, hdr->offset, payload_length, 1436 hdr->datasn, checksum, data_crc); 1437 data_crc_failed = 1; 1438 } else { 1439 pr_debug("Got CRC32C DataDigest 0x%08x for" 1440 " %u bytes of Data Out\n", checksum, 1441 payload_length); 1442 } 1443 } 1444 1445 return data_crc_failed; 1446 } 1447 1448 int 1449 iscsit_check_dataout_payload(struct iscsi_cmd *cmd, struct iscsi_data *hdr, 1450 bool data_crc_failed) 1451 { 1452 struct iscsi_conn *conn = cmd->conn; 1453 int rc, ooo_cmdsn; 1454 /* 1455 * Increment post receive data and CRC values or perform 1456 * within-command recovery. 1457 */ 1458 rc = iscsit_check_post_dataout(cmd, (unsigned char *)hdr, data_crc_failed); 1459 if ((rc == DATAOUT_NORMAL) || (rc == DATAOUT_WITHIN_COMMAND_RECOVERY)) 1460 return 0; 1461 else if (rc == DATAOUT_SEND_R2T) { 1462 iscsit_set_dataout_sequence_values(cmd); 1463 conn->conn_transport->iscsit_get_dataout(conn, cmd, false); 1464 } else if (rc == DATAOUT_SEND_TO_TRANSPORT) { 1465 /* 1466 * Handle extra special case for out of order 1467 * Unsolicited Data Out. 1468 */ 1469 spin_lock_bh(&cmd->istate_lock); 1470 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN); 1471 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 1472 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 1473 spin_unlock_bh(&cmd->istate_lock); 1474 1475 iscsit_stop_dataout_timer(cmd); 1476 if (ooo_cmdsn) 1477 return 0; 1478 target_execute_cmd(&cmd->se_cmd); 1479 return 0; 1480 } else /* DATAOUT_CANNOT_RECOVER */ 1481 return -1; 1482 1483 return 0; 1484 } 1485 EXPORT_SYMBOL(iscsit_check_dataout_payload); 1486 1487 static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) 1488 { 1489 struct iscsi_cmd *cmd; 1490 struct iscsi_data *hdr = (struct iscsi_data *)buf; 1491 int rc; 1492 bool data_crc_failed = false; 1493 1494 rc = iscsit_check_dataout_hdr(conn, buf, &cmd); 1495 if (rc < 0) 1496 return 0; 1497 else if (!cmd) 1498 return 0; 1499 1500 rc = iscsit_get_dataout(conn, cmd, hdr); 1501 if (rc < 0) 1502 return rc; 1503 else if (rc > 0) 1504 data_crc_failed = true; 1505 1506 return iscsit_check_dataout_payload(cmd, hdr, data_crc_failed); 1507 } 1508 1509 int iscsit_setup_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1510 struct iscsi_nopout *hdr) 1511 { 1512 u32 payload_length = ntoh24(hdr->dlength); 1513 1514 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1515 pr_err("NOPOUT ITT is reserved, but Immediate Bit is" 1516 " not set, protocol error.\n"); 1517 if (!cmd) 1518 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1519 (unsigned char *)hdr); 1520 1521 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1522 (unsigned char *)hdr); 1523 } 1524 1525 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1526 pr_err("NOPOUT Ping Data DataSegmentLength: %u is" 1527 " greater than MaxXmitDataSegmentLength: %u, protocol" 1528 " error.\n", payload_length, 1529 conn->conn_ops->MaxXmitDataSegmentLength); 1530 if (!cmd) 1531 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 1532 (unsigned char *)hdr); 1533 1534 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1535 (unsigned char *)hdr); 1536 } 1537 1538 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%08x," 1539 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n", 1540 hdr->itt == RESERVED_ITT ? "Response" : "Request", 1541 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn, 1542 payload_length); 1543 /* 1544 * This is not a response to a Unsolicited NopIN, which means 1545 * it can either be a NOPOUT ping request (with a valid ITT), 1546 * or a NOPOUT not requesting a NOPIN (with a reserved ITT). 1547 * Either way, make sure we allocate an struct iscsi_cmd, as both 1548 * can contain ping data. 1549 */ 1550 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1551 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT; 1552 cmd->i_state = ISTATE_SEND_NOPIN; 1553 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1554 1 : 0); 1555 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1556 cmd->targ_xfer_tag = 0xFFFFFFFF; 1557 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1558 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1559 cmd->data_direction = DMA_NONE; 1560 } 1561 1562 return 0; 1563 } 1564 EXPORT_SYMBOL(iscsit_setup_nop_out); 1565 1566 int iscsit_process_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1567 struct iscsi_nopout *hdr) 1568 { 1569 struct iscsi_cmd *cmd_p = NULL; 1570 int cmdsn_ret = 0; 1571 /* 1572 * Initiator is expecting a NopIN ping reply.. 1573 */ 1574 if (hdr->itt != RESERVED_ITT) { 1575 BUG_ON(!cmd); 1576 1577 spin_lock_bh(&conn->cmd_lock); 1578 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1579 spin_unlock_bh(&conn->cmd_lock); 1580 1581 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1582 1583 if (hdr->opcode & ISCSI_OP_IMMEDIATE) { 1584 iscsit_add_cmd_to_response_queue(cmd, conn, 1585 cmd->i_state); 1586 return 0; 1587 } 1588 1589 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 1590 (unsigned char *)hdr, hdr->cmdsn); 1591 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1592 return 0; 1593 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1594 return -1; 1595 1596 return 0; 1597 } 1598 /* 1599 * This was a response to a unsolicited NOPIN ping. 1600 */ 1601 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) { 1602 cmd_p = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt)); 1603 if (!cmd_p) 1604 return -EINVAL; 1605 1606 iscsit_stop_nopin_response_timer(conn); 1607 1608 cmd_p->i_state = ISTATE_REMOVE; 1609 iscsit_add_cmd_to_immediate_queue(cmd_p, conn, cmd_p->i_state); 1610 1611 iscsit_start_nopin_timer(conn); 1612 return 0; 1613 } 1614 /* 1615 * Otherwise, initiator is not expecting a NOPIN is response. 1616 * Just ignore for now. 1617 */ 1618 return 0; 1619 } 1620 EXPORT_SYMBOL(iscsit_process_nop_out); 1621 1622 static int iscsit_handle_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1623 unsigned char *buf) 1624 { 1625 unsigned char *ping_data = NULL; 1626 struct iscsi_nopout *hdr = (struct iscsi_nopout *)buf; 1627 struct kvec *iov = NULL; 1628 u32 payload_length = ntoh24(hdr->dlength); 1629 int ret; 1630 1631 ret = iscsit_setup_nop_out(conn, cmd, hdr); 1632 if (ret < 0) 1633 return 0; 1634 /* 1635 * Handle NOP-OUT payload for traditional iSCSI sockets 1636 */ 1637 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 1638 u32 checksum, data_crc, padding = 0; 1639 int niov = 0, rx_got, rx_size = payload_length; 1640 1641 ping_data = kzalloc(payload_length + 1, GFP_KERNEL); 1642 if (!ping_data) { 1643 pr_err("Unable to allocate memory for" 1644 " NOPOUT ping data.\n"); 1645 ret = -1; 1646 goto out; 1647 } 1648 1649 iov = &cmd->iov_misc[0]; 1650 iov[niov].iov_base = ping_data; 1651 iov[niov++].iov_len = payload_length; 1652 1653 padding = ((-payload_length) & 3); 1654 if (padding != 0) { 1655 pr_debug("Receiving %u additional bytes" 1656 " for padding.\n", padding); 1657 iov[niov].iov_base = &cmd->pad_bytes; 1658 iov[niov++].iov_len = padding; 1659 rx_size += padding; 1660 } 1661 if (conn->conn_ops->DataDigest) { 1662 iov[niov].iov_base = &checksum; 1663 iov[niov++].iov_len = ISCSI_CRC_LEN; 1664 rx_size += ISCSI_CRC_LEN; 1665 } 1666 1667 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size); 1668 if (rx_got != rx_size) { 1669 ret = -1; 1670 goto out; 1671 } 1672 1673 if (conn->conn_ops->DataDigest) { 1674 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 1675 ping_data, payload_length, 1676 padding, cmd->pad_bytes, 1677 (u8 *)&data_crc); 1678 1679 if (checksum != data_crc) { 1680 pr_err("Ping data CRC32C DataDigest" 1681 " 0x%08x does not match computed 0x%08x\n", 1682 checksum, data_crc); 1683 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 1684 pr_err("Unable to recover from" 1685 " NOPOUT Ping DataCRC failure while in" 1686 " ERL=0.\n"); 1687 ret = -1; 1688 goto out; 1689 } else { 1690 /* 1691 * Silently drop this PDU and let the 1692 * initiator plug the CmdSN gap. 1693 */ 1694 pr_debug("Dropping NOPOUT" 1695 " Command CmdSN: 0x%08x due to" 1696 " DataCRC error.\n", hdr->cmdsn); 1697 ret = 0; 1698 goto out; 1699 } 1700 } else { 1701 pr_debug("Got CRC32C DataDigest" 1702 " 0x%08x for %u bytes of ping data.\n", 1703 checksum, payload_length); 1704 } 1705 } 1706 1707 ping_data[payload_length] = '\0'; 1708 /* 1709 * Attach ping data to struct iscsi_cmd->buf_ptr. 1710 */ 1711 cmd->buf_ptr = ping_data; 1712 cmd->buf_ptr_size = payload_length; 1713 1714 pr_debug("Got %u bytes of NOPOUT ping" 1715 " data.\n", payload_length); 1716 pr_debug("Ping Data: \"%s\"\n", ping_data); 1717 } 1718 1719 return iscsit_process_nop_out(conn, cmd, hdr); 1720 out: 1721 if (cmd) 1722 iscsit_free_cmd(cmd, false); 1723 1724 kfree(ping_data); 1725 return ret; 1726 } 1727 1728 int 1729 iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1730 unsigned char *buf) 1731 { 1732 struct se_tmr_req *se_tmr; 1733 struct iscsi_tmr_req *tmr_req; 1734 struct iscsi_tm *hdr; 1735 int out_of_order_cmdsn = 0, ret; 1736 bool sess_ref = false; 1737 u8 function; 1738 1739 hdr = (struct iscsi_tm *) buf; 1740 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 1741 function = hdr->flags; 1742 1743 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:" 1744 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:" 1745 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function, 1746 hdr->rtt, hdr->refcmdsn, conn->cid); 1747 1748 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1749 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1750 hdr->rtt != RESERVED_ITT)) { 1751 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n"); 1752 hdr->rtt = RESERVED_ITT; 1753 } 1754 1755 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) && 1756 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1757 pr_err("Task Management Request TASK_REASSIGN not" 1758 " issued as immediate command, bad iSCSI Initiator" 1759 "implementation\n"); 1760 return iscsit_add_reject_cmd(cmd, 1761 ISCSI_REASON_PROTOCOL_ERROR, buf); 1762 } 1763 if ((function != ISCSI_TM_FUNC_ABORT_TASK) && 1764 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG) 1765 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG); 1766 1767 cmd->data_direction = DMA_NONE; 1768 1769 cmd->tmr_req = kzalloc(sizeof(struct iscsi_tmr_req), GFP_KERNEL); 1770 if (!cmd->tmr_req) { 1771 pr_err("Unable to allocate memory for" 1772 " Task Management command!\n"); 1773 return iscsit_add_reject_cmd(cmd, 1774 ISCSI_REASON_BOOKMARK_NO_RESOURCES, 1775 buf); 1776 } 1777 1778 /* 1779 * TASK_REASSIGN for ERL=2 / connection stays inside of 1780 * LIO-Target $FABRIC_MOD 1781 */ 1782 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1783 1784 u8 tcm_function; 1785 int ret; 1786 1787 transport_init_se_cmd(&cmd->se_cmd, 1788 &lio_target_fabric_configfs->tf_ops, 1789 conn->sess->se_sess, 0, DMA_NONE, 1790 MSG_SIMPLE_TAG, cmd->sense_buffer + 2); 1791 1792 target_get_sess_cmd(conn->sess->se_sess, &cmd->se_cmd, true); 1793 sess_ref = true; 1794 1795 switch (function) { 1796 case ISCSI_TM_FUNC_ABORT_TASK: 1797 tcm_function = TMR_ABORT_TASK; 1798 break; 1799 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1800 tcm_function = TMR_ABORT_TASK_SET; 1801 break; 1802 case ISCSI_TM_FUNC_CLEAR_ACA: 1803 tcm_function = TMR_CLEAR_ACA; 1804 break; 1805 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1806 tcm_function = TMR_CLEAR_TASK_SET; 1807 break; 1808 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1809 tcm_function = TMR_LUN_RESET; 1810 break; 1811 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1812 tcm_function = TMR_TARGET_WARM_RESET; 1813 break; 1814 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1815 tcm_function = TMR_TARGET_COLD_RESET; 1816 break; 1817 default: 1818 pr_err("Unknown iSCSI TMR Function:" 1819 " 0x%02x\n", function); 1820 return iscsit_add_reject_cmd(cmd, 1821 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1822 } 1823 1824 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req, 1825 tcm_function, GFP_KERNEL); 1826 if (ret < 0) 1827 return iscsit_add_reject_cmd(cmd, 1828 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 1829 1830 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req; 1831 } 1832 1833 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC; 1834 cmd->i_state = ISTATE_SEND_TASKMGTRSP; 1835 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1836 cmd->init_task_tag = hdr->itt; 1837 cmd->targ_xfer_tag = 0xFFFFFFFF; 1838 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1839 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1840 se_tmr = cmd->se_cmd.se_tmr_req; 1841 tmr_req = cmd->tmr_req; 1842 /* 1843 * Locate the struct se_lun for all TMRs not related to ERL=2 TASK_REASSIGN 1844 */ 1845 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) { 1846 ret = transport_lookup_tmr_lun(&cmd->se_cmd, 1847 scsilun_to_int(&hdr->lun)); 1848 if (ret < 0) { 1849 se_tmr->response = ISCSI_TMF_RSP_NO_LUN; 1850 goto attach; 1851 } 1852 } 1853 1854 switch (function) { 1855 case ISCSI_TM_FUNC_ABORT_TASK: 1856 se_tmr->response = iscsit_tmr_abort_task(cmd, buf); 1857 if (se_tmr->response) 1858 goto attach; 1859 break; 1860 case ISCSI_TM_FUNC_ABORT_TASK_SET: 1861 case ISCSI_TM_FUNC_CLEAR_ACA: 1862 case ISCSI_TM_FUNC_CLEAR_TASK_SET: 1863 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET: 1864 break; 1865 case ISCSI_TM_FUNC_TARGET_WARM_RESET: 1866 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) { 1867 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1868 goto attach; 1869 } 1870 break; 1871 case ISCSI_TM_FUNC_TARGET_COLD_RESET: 1872 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) { 1873 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED; 1874 goto attach; 1875 } 1876 break; 1877 case ISCSI_TM_FUNC_TASK_REASSIGN: 1878 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf); 1879 /* 1880 * Perform sanity checks on the ExpDataSN only if the 1881 * TASK_REASSIGN was successful. 1882 */ 1883 if (se_tmr->response) 1884 break; 1885 1886 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0) 1887 return iscsit_add_reject_cmd(cmd, 1888 ISCSI_REASON_BOOKMARK_INVALID, buf); 1889 break; 1890 default: 1891 pr_err("Unknown TMR function: 0x%02x, protocol" 1892 " error.\n", function); 1893 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED; 1894 goto attach; 1895 } 1896 1897 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) && 1898 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE)) 1899 se_tmr->call_transport = 1; 1900 attach: 1901 spin_lock_bh(&conn->cmd_lock); 1902 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 1903 spin_unlock_bh(&conn->cmd_lock); 1904 1905 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 1906 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 1907 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP) 1908 out_of_order_cmdsn = 1; 1909 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 1910 return 0; 1911 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 1912 return -1; 1913 } 1914 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 1915 1916 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE)) 1917 return 0; 1918 /* 1919 * Found the referenced task, send to transport for processing. 1920 */ 1921 if (se_tmr->call_transport) 1922 return transport_generic_handle_tmr(&cmd->se_cmd); 1923 1924 /* 1925 * Could not find the referenced LUN, task, or Task Management 1926 * command not authorized or supported. Change state and 1927 * let the tx_thread send the response. 1928 * 1929 * For connection recovery, this is also the default action for 1930 * TMR TASK_REASSIGN. 1931 */ 1932 if (sess_ref) { 1933 pr_debug("Handle TMR, using sess_ref=true check\n"); 1934 target_put_sess_cmd(conn->sess->se_sess, &cmd->se_cmd); 1935 } 1936 1937 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 1938 return 0; 1939 } 1940 EXPORT_SYMBOL(iscsit_handle_task_mgt_cmd); 1941 1942 /* #warning FIXME: Support Text Command parameters besides SendTargets */ 1943 int 1944 iscsit_setup_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1945 struct iscsi_text *hdr) 1946 { 1947 u32 payload_length = ntoh24(hdr->dlength); 1948 1949 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) { 1950 pr_err("Unable to accept text parameter length: %u" 1951 "greater than MaxXmitDataSegmentLength %u.\n", 1952 payload_length, conn->conn_ops->MaxXmitDataSegmentLength); 1953 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 1954 (unsigned char *)hdr); 1955 } 1956 1957 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x," 1958 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn, 1959 hdr->exp_statsn, payload_length); 1960 1961 cmd->iscsi_opcode = ISCSI_OP_TEXT; 1962 cmd->i_state = ISTATE_SEND_TEXTRSP; 1963 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 1964 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 1965 cmd->targ_xfer_tag = 0xFFFFFFFF; 1966 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 1967 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 1968 cmd->data_direction = DMA_NONE; 1969 1970 return 0; 1971 } 1972 EXPORT_SYMBOL(iscsit_setup_text_cmd); 1973 1974 int 1975 iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 1976 struct iscsi_text *hdr) 1977 { 1978 unsigned char *text_in = cmd->text_in_ptr, *text_ptr; 1979 int cmdsn_ret; 1980 1981 if (!text_in) { 1982 pr_err("Unable to locate text_in buffer for sendtargets" 1983 " discovery\n"); 1984 goto reject; 1985 } 1986 if (strncmp("SendTargets", text_in, 11) != 0) { 1987 pr_err("Received Text Data that is not" 1988 " SendTargets, cannot continue.\n"); 1989 goto reject; 1990 } 1991 text_ptr = strchr(text_in, '='); 1992 if (!text_ptr) { 1993 pr_err("No \"=\" separator found in Text Data," 1994 " cannot continue.\n"); 1995 goto reject; 1996 } 1997 if (!strncmp("=All", text_ptr, 4)) { 1998 cmd->cmd_flags |= IFC_SENDTARGETS_ALL; 1999 } else if (!strncmp("=iqn.", text_ptr, 5) || 2000 !strncmp("=eui.", text_ptr, 5)) { 2001 cmd->cmd_flags |= IFC_SENDTARGETS_SINGLE; 2002 } else { 2003 pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr); 2004 goto reject; 2005 } 2006 2007 spin_lock_bh(&conn->cmd_lock); 2008 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2009 spin_unlock_bh(&conn->cmd_lock); 2010 2011 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2012 2013 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) { 2014 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, 2015 (unsigned char *)hdr, hdr->cmdsn); 2016 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2017 return -1; 2018 2019 return 0; 2020 } 2021 2022 return iscsit_execute_cmd(cmd, 0); 2023 2024 reject: 2025 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, 2026 (unsigned char *)hdr); 2027 } 2028 EXPORT_SYMBOL(iscsit_process_text_cmd); 2029 2030 static int 2031 iscsit_handle_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2032 unsigned char *buf) 2033 { 2034 struct iscsi_text *hdr = (struct iscsi_text *)buf; 2035 char *text_in = NULL; 2036 u32 payload_length = ntoh24(hdr->dlength); 2037 int rx_size, rc; 2038 2039 rc = iscsit_setup_text_cmd(conn, cmd, hdr); 2040 if (rc < 0) 2041 return 0; 2042 2043 rx_size = payload_length; 2044 if (payload_length) { 2045 u32 checksum = 0, data_crc = 0; 2046 u32 padding = 0, pad_bytes = 0; 2047 int niov = 0, rx_got; 2048 struct kvec iov[3]; 2049 2050 text_in = kzalloc(payload_length, GFP_KERNEL); 2051 if (!text_in) { 2052 pr_err("Unable to allocate memory for" 2053 " incoming text parameters\n"); 2054 goto reject; 2055 } 2056 cmd->text_in_ptr = text_in; 2057 2058 memset(iov, 0, 3 * sizeof(struct kvec)); 2059 iov[niov].iov_base = text_in; 2060 iov[niov++].iov_len = payload_length; 2061 2062 padding = ((-payload_length) & 3); 2063 if (padding != 0) { 2064 iov[niov].iov_base = &pad_bytes; 2065 iov[niov++].iov_len = padding; 2066 rx_size += padding; 2067 pr_debug("Receiving %u additional bytes" 2068 " for padding.\n", padding); 2069 } 2070 if (conn->conn_ops->DataDigest) { 2071 iov[niov].iov_base = &checksum; 2072 iov[niov++].iov_len = ISCSI_CRC_LEN; 2073 rx_size += ISCSI_CRC_LEN; 2074 } 2075 2076 rx_got = rx_data(conn, &iov[0], niov, rx_size); 2077 if (rx_got != rx_size) 2078 goto reject; 2079 2080 if (conn->conn_ops->DataDigest) { 2081 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 2082 text_in, payload_length, 2083 padding, (u8 *)&pad_bytes, 2084 (u8 *)&data_crc); 2085 2086 if (checksum != data_crc) { 2087 pr_err("Text data CRC32C DataDigest" 2088 " 0x%08x does not match computed" 2089 " 0x%08x\n", checksum, data_crc); 2090 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2091 pr_err("Unable to recover from" 2092 " Text Data digest failure while in" 2093 " ERL=0.\n"); 2094 goto reject; 2095 } else { 2096 /* 2097 * Silently drop this PDU and let the 2098 * initiator plug the CmdSN gap. 2099 */ 2100 pr_debug("Dropping Text" 2101 " Command CmdSN: 0x%08x due to" 2102 " DataCRC error.\n", hdr->cmdsn); 2103 kfree(text_in); 2104 return 0; 2105 } 2106 } else { 2107 pr_debug("Got CRC32C DataDigest" 2108 " 0x%08x for %u bytes of text data.\n", 2109 checksum, payload_length); 2110 } 2111 } 2112 text_in[payload_length - 1] = '\0'; 2113 pr_debug("Successfully read %d bytes of text" 2114 " data.\n", payload_length); 2115 } 2116 2117 return iscsit_process_text_cmd(conn, cmd, hdr); 2118 2119 reject: 2120 kfree(cmd->text_in_ptr); 2121 cmd->text_in_ptr = NULL; 2122 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf); 2123 } 2124 EXPORT_SYMBOL(iscsit_handle_text_cmd); 2125 2126 int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2127 { 2128 struct iscsi_conn *conn_p; 2129 struct iscsi_session *sess = conn->sess; 2130 2131 pr_debug("Received logout request CLOSESESSION on CID: %hu" 2132 " for SID: %u.\n", conn->cid, conn->sess->sid); 2133 2134 atomic_set(&sess->session_logout, 1); 2135 atomic_set(&conn->conn_logout_remove, 1); 2136 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION; 2137 2138 iscsit_inc_conn_usage_count(conn); 2139 iscsit_inc_session_usage_count(sess); 2140 2141 spin_lock_bh(&sess->conn_lock); 2142 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) { 2143 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN) 2144 continue; 2145 2146 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2147 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2148 } 2149 spin_unlock_bh(&sess->conn_lock); 2150 2151 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2152 2153 return 0; 2154 } 2155 2156 int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2157 { 2158 struct iscsi_conn *l_conn; 2159 struct iscsi_session *sess = conn->sess; 2160 2161 pr_debug("Received logout request CLOSECONNECTION for CID:" 2162 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2163 2164 /* 2165 * A Logout Request with a CLOSECONNECTION reason code for a CID 2166 * can arrive on a connection with a differing CID. 2167 */ 2168 if (conn->cid == cmd->logout_cid) { 2169 spin_lock_bh(&conn->state_lock); 2170 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 2171 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 2172 2173 atomic_set(&conn->conn_logout_remove, 1); 2174 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION; 2175 iscsit_inc_conn_usage_count(conn); 2176 2177 spin_unlock_bh(&conn->state_lock); 2178 } else { 2179 /* 2180 * Handle all different cid CLOSECONNECTION requests in 2181 * iscsit_logout_post_handler_diffcid() as to give enough 2182 * time for any non immediate command's CmdSN to be 2183 * acknowledged on the connection in question. 2184 * 2185 * Here we simply make sure the CID is still around. 2186 */ 2187 l_conn = iscsit_get_conn_from_cid(sess, 2188 cmd->logout_cid); 2189 if (!l_conn) { 2190 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2191 iscsit_add_cmd_to_response_queue(cmd, conn, 2192 cmd->i_state); 2193 return 0; 2194 } 2195 2196 iscsit_dec_conn_usage_count(l_conn); 2197 } 2198 2199 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2200 2201 return 0; 2202 } 2203 2204 int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2205 { 2206 struct iscsi_session *sess = conn->sess; 2207 2208 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for" 2209 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid); 2210 2211 if (sess->sess_ops->ErrorRecoveryLevel != 2) { 2212 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2213 " while ERL!=2.\n"); 2214 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED; 2215 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2216 return 0; 2217 } 2218 2219 if (conn->cid == cmd->logout_cid) { 2220 pr_err("Received Logout Request REMOVECONNFORRECOVERY" 2221 " with CID: %hu on CID: %hu, implementation error.\n", 2222 cmd->logout_cid, conn->cid); 2223 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED; 2224 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2225 return 0; 2226 } 2227 2228 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state); 2229 2230 return 0; 2231 } 2232 2233 int 2234 iscsit_handle_logout_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, 2235 unsigned char *buf) 2236 { 2237 int cmdsn_ret, logout_remove = 0; 2238 u8 reason_code = 0; 2239 struct iscsi_logout *hdr; 2240 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn); 2241 2242 hdr = (struct iscsi_logout *) buf; 2243 reason_code = (hdr->flags & 0x7f); 2244 2245 if (tiqn) { 2246 spin_lock(&tiqn->logout_stats.lock); 2247 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) 2248 tiqn->logout_stats.normal_logouts++; 2249 else 2250 tiqn->logout_stats.abnormal_logouts++; 2251 spin_unlock(&tiqn->logout_stats.lock); 2252 } 2253 2254 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x" 2255 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n", 2256 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code, 2257 hdr->cid, conn->cid); 2258 2259 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) { 2260 pr_err("Received logout request on connection that" 2261 " is not in logged in state, ignoring request.\n"); 2262 iscsit_free_cmd(cmd, false); 2263 return 0; 2264 } 2265 2266 cmd->iscsi_opcode = ISCSI_OP_LOGOUT; 2267 cmd->i_state = ISTATE_SEND_LOGOUTRSP; 2268 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0); 2269 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt; 2270 cmd->targ_xfer_tag = 0xFFFFFFFF; 2271 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn); 2272 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn); 2273 cmd->logout_cid = be16_to_cpu(hdr->cid); 2274 cmd->logout_reason = reason_code; 2275 cmd->data_direction = DMA_NONE; 2276 2277 /* 2278 * We need to sleep in these cases (by returning 1) until the Logout 2279 * Response gets sent in the tx thread. 2280 */ 2281 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) || 2282 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) && 2283 be16_to_cpu(hdr->cid) == conn->cid)) 2284 logout_remove = 1; 2285 2286 spin_lock_bh(&conn->cmd_lock); 2287 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list); 2288 spin_unlock_bh(&conn->cmd_lock); 2289 2290 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY) 2291 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn)); 2292 2293 /* 2294 * Immediate commands are executed, well, immediately. 2295 * Non-Immediate Logout Commands are executed in CmdSN order. 2296 */ 2297 if (cmd->immediate_cmd) { 2298 int ret = iscsit_execute_cmd(cmd, 0); 2299 2300 if (ret < 0) 2301 return ret; 2302 } else { 2303 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn); 2304 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) 2305 logout_remove = 0; 2306 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) 2307 return -1; 2308 } 2309 2310 return logout_remove; 2311 } 2312 EXPORT_SYMBOL(iscsit_handle_logout_cmd); 2313 2314 static int iscsit_handle_snack( 2315 struct iscsi_conn *conn, 2316 unsigned char *buf) 2317 { 2318 struct iscsi_snack *hdr; 2319 2320 hdr = (struct iscsi_snack *) buf; 2321 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL; 2322 2323 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:" 2324 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x," 2325 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags, 2326 hdr->begrun, hdr->runlength, conn->cid); 2327 2328 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2329 pr_err("Initiator sent SNACK request while in" 2330 " ErrorRecoveryLevel=0.\n"); 2331 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2332 buf); 2333 } 2334 /* 2335 * SNACK_DATA and SNACK_R2T are both 0, so check which function to 2336 * call from inside iscsi_send_recovery_datain_or_r2t(). 2337 */ 2338 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) { 2339 case 0: 2340 return iscsit_handle_recovery_datain_or_r2t(conn, buf, 2341 hdr->itt, 2342 be32_to_cpu(hdr->ttt), 2343 be32_to_cpu(hdr->begrun), 2344 be32_to_cpu(hdr->runlength)); 2345 case ISCSI_FLAG_SNACK_TYPE_STATUS: 2346 return iscsit_handle_status_snack(conn, hdr->itt, 2347 be32_to_cpu(hdr->ttt), 2348 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength)); 2349 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK: 2350 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt), 2351 be32_to_cpu(hdr->begrun), 2352 be32_to_cpu(hdr->runlength)); 2353 case ISCSI_FLAG_SNACK_TYPE_RDATA: 2354 /* FIXME: Support R-Data SNACK */ 2355 pr_err("R-Data SNACK Not Supported.\n"); 2356 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2357 buf); 2358 default: 2359 pr_err("Unknown SNACK type 0x%02x, protocol" 2360 " error.\n", hdr->flags & 0x0f); 2361 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 2362 buf); 2363 } 2364 2365 return 0; 2366 } 2367 2368 static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn) 2369 { 2370 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2371 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2372 wait_for_completion_interruptible_timeout( 2373 &conn->rx_half_close_comp, 2374 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ); 2375 } 2376 } 2377 2378 static int iscsit_handle_immediate_data( 2379 struct iscsi_cmd *cmd, 2380 struct iscsi_scsi_req *hdr, 2381 u32 length) 2382 { 2383 int iov_ret, rx_got = 0, rx_size = 0; 2384 u32 checksum, iov_count = 0, padding = 0; 2385 struct iscsi_conn *conn = cmd->conn; 2386 struct kvec *iov; 2387 2388 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length); 2389 if (iov_ret < 0) 2390 return IMMEDIATE_DATA_CANNOT_RECOVER; 2391 2392 rx_size = length; 2393 iov_count = iov_ret; 2394 iov = &cmd->iov_data[0]; 2395 2396 padding = ((-length) & 3); 2397 if (padding != 0) { 2398 iov[iov_count].iov_base = cmd->pad_bytes; 2399 iov[iov_count++].iov_len = padding; 2400 rx_size += padding; 2401 } 2402 2403 if (conn->conn_ops->DataDigest) { 2404 iov[iov_count].iov_base = &checksum; 2405 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2406 rx_size += ISCSI_CRC_LEN; 2407 } 2408 2409 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size); 2410 2411 iscsit_unmap_iovec(cmd); 2412 2413 if (rx_got != rx_size) { 2414 iscsit_rx_thread_wait_for_tcp(conn); 2415 return IMMEDIATE_DATA_CANNOT_RECOVER; 2416 } 2417 2418 if (conn->conn_ops->DataDigest) { 2419 u32 data_crc; 2420 2421 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd, 2422 cmd->write_data_done, length, padding, 2423 cmd->pad_bytes); 2424 2425 if (checksum != data_crc) { 2426 pr_err("ImmediateData CRC32C DataDigest 0x%08x" 2427 " does not match computed 0x%08x\n", checksum, 2428 data_crc); 2429 2430 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 2431 pr_err("Unable to recover from" 2432 " Immediate Data digest failure while" 2433 " in ERL=0.\n"); 2434 iscsit_reject_cmd(cmd, 2435 ISCSI_REASON_DATA_DIGEST_ERROR, 2436 (unsigned char *)hdr); 2437 return IMMEDIATE_DATA_CANNOT_RECOVER; 2438 } else { 2439 iscsit_reject_cmd(cmd, 2440 ISCSI_REASON_DATA_DIGEST_ERROR, 2441 (unsigned char *)hdr); 2442 return IMMEDIATE_DATA_ERL1_CRC_FAILURE; 2443 } 2444 } else { 2445 pr_debug("Got CRC32C DataDigest 0x%08x for" 2446 " %u bytes of Immediate Data\n", checksum, 2447 length); 2448 } 2449 } 2450 2451 cmd->write_data_done += length; 2452 2453 if (cmd->write_data_done == cmd->se_cmd.data_length) { 2454 spin_lock_bh(&cmd->istate_lock); 2455 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT; 2456 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT; 2457 spin_unlock_bh(&cmd->istate_lock); 2458 } 2459 2460 return IMMEDIATE_DATA_NORMAL_OPERATION; 2461 } 2462 2463 /* 2464 * Called with sess->conn_lock held. 2465 */ 2466 /* #warning iscsi_build_conn_drop_async_message() only sends out on connections 2467 with active network interface */ 2468 static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn) 2469 { 2470 struct iscsi_cmd *cmd; 2471 struct iscsi_conn *conn_p; 2472 2473 /* 2474 * Only send a Asynchronous Message on connections whos network 2475 * interface is still functional. 2476 */ 2477 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) { 2478 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) { 2479 iscsit_inc_conn_usage_count(conn_p); 2480 break; 2481 } 2482 } 2483 2484 if (!conn_p) 2485 return; 2486 2487 cmd = iscsit_allocate_cmd(conn_p, GFP_ATOMIC); 2488 if (!cmd) { 2489 iscsit_dec_conn_usage_count(conn_p); 2490 return; 2491 } 2492 2493 cmd->logout_cid = conn->cid; 2494 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2495 cmd->i_state = ISTATE_SEND_ASYNCMSG; 2496 2497 spin_lock_bh(&conn_p->cmd_lock); 2498 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list); 2499 spin_unlock_bh(&conn_p->cmd_lock); 2500 2501 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state); 2502 iscsit_dec_conn_usage_count(conn_p); 2503 } 2504 2505 static int iscsit_send_conn_drop_async_message( 2506 struct iscsi_cmd *cmd, 2507 struct iscsi_conn *conn) 2508 { 2509 struct iscsi_async *hdr; 2510 2511 cmd->tx_size = ISCSI_HDR_LEN; 2512 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT; 2513 2514 hdr = (struct iscsi_async *) cmd->pdu; 2515 hdr->opcode = ISCSI_OP_ASYNC_EVENT; 2516 hdr->flags = ISCSI_FLAG_CMD_FINAL; 2517 cmd->init_task_tag = RESERVED_ITT; 2518 cmd->targ_xfer_tag = 0xFFFFFFFF; 2519 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]); 2520 cmd->stat_sn = conn->stat_sn++; 2521 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2522 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2523 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2524 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION; 2525 hdr->param1 = cpu_to_be16(cmd->logout_cid); 2526 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait); 2527 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain); 2528 2529 if (conn->conn_ops->HeaderDigest) { 2530 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2531 2532 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2533 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2534 2535 cmd->tx_size += ISCSI_CRC_LEN; 2536 pr_debug("Attaching CRC32C HeaderDigest to" 2537 " Async Message 0x%08x\n", *header_digest); 2538 } 2539 2540 cmd->iov_misc[0].iov_base = cmd->pdu; 2541 cmd->iov_misc[0].iov_len = cmd->tx_size; 2542 cmd->iov_misc_count = 1; 2543 2544 pr_debug("Sending Connection Dropped Async Message StatSN:" 2545 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn, 2546 cmd->logout_cid, conn->cid); 2547 return 0; 2548 } 2549 2550 static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn) 2551 { 2552 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) || 2553 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) { 2554 wait_for_completion_interruptible_timeout( 2555 &conn->tx_half_close_comp, 2556 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ); 2557 } 2558 } 2559 2560 static void 2561 iscsit_build_datain_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2562 struct iscsi_datain *datain, struct iscsi_data_rsp *hdr, 2563 bool set_statsn) 2564 { 2565 hdr->opcode = ISCSI_OP_SCSI_DATA_IN; 2566 hdr->flags = datain->flags; 2567 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) { 2568 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 2569 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW; 2570 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2571 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 2572 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW; 2573 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 2574 } 2575 } 2576 hton24(hdr->dlength, datain->length); 2577 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2578 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 2579 (struct scsi_lun *)&hdr->lun); 2580 else 2581 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2582 2583 hdr->itt = cmd->init_task_tag; 2584 2585 if (hdr->flags & ISCSI_FLAG_DATA_ACK) 2586 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2587 else 2588 hdr->ttt = cpu_to_be32(0xFFFFFFFF); 2589 if (set_statsn) 2590 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2591 else 2592 hdr->statsn = cpu_to_be32(0xFFFFFFFF); 2593 2594 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2595 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2596 hdr->datasn = cpu_to_be32(datain->data_sn); 2597 hdr->offset = cpu_to_be32(datain->offset); 2598 2599 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x," 2600 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n", 2601 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn), 2602 ntohl(hdr->offset), datain->length, conn->cid); 2603 } 2604 2605 static int iscsit_send_datain(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2606 { 2607 struct iscsi_data_rsp *hdr = (struct iscsi_data_rsp *)&cmd->pdu[0]; 2608 struct iscsi_datain datain; 2609 struct iscsi_datain_req *dr; 2610 struct kvec *iov; 2611 u32 iov_count = 0, tx_size = 0; 2612 int eodr = 0, ret, iov_ret; 2613 bool set_statsn = false; 2614 2615 memset(&datain, 0, sizeof(struct iscsi_datain)); 2616 dr = iscsit_get_datain_values(cmd, &datain); 2617 if (!dr) { 2618 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n", 2619 cmd->init_task_tag); 2620 return -1; 2621 } 2622 /* 2623 * Be paranoid and double check the logic for now. 2624 */ 2625 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) { 2626 pr_err("Command ITT: 0x%08x, datain.offset: %u and" 2627 " datain.length: %u exceeds cmd->data_length: %u\n", 2628 cmd->init_task_tag, datain.offset, datain.length, 2629 cmd->se_cmd.data_length); 2630 return -1; 2631 } 2632 2633 spin_lock_bh(&conn->sess->session_stats_lock); 2634 conn->sess->tx_data_octets += datain.length; 2635 if (conn->sess->se_sess->se_node_acl) { 2636 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock); 2637 conn->sess->se_sess->se_node_acl->read_bytes += datain.length; 2638 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock); 2639 } 2640 spin_unlock_bh(&conn->sess->session_stats_lock); 2641 /* 2642 * Special case for successfully execution w/ both DATAIN 2643 * and Sense Data. 2644 */ 2645 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) && 2646 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE)) 2647 datain.flags &= ~ISCSI_FLAG_DATA_STATUS; 2648 else { 2649 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) || 2650 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) { 2651 iscsit_increment_maxcmdsn(cmd, conn->sess); 2652 cmd->stat_sn = conn->stat_sn++; 2653 set_statsn = true; 2654 } else if (dr->dr_complete == 2655 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY) 2656 set_statsn = true; 2657 } 2658 2659 iscsit_build_datain_pdu(cmd, conn, &datain, hdr, set_statsn); 2660 2661 iov = &cmd->iov_data[0]; 2662 iov[iov_count].iov_base = cmd->pdu; 2663 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 2664 tx_size += ISCSI_HDR_LEN; 2665 2666 if (conn->conn_ops->HeaderDigest) { 2667 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2668 2669 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu, 2670 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2671 2672 iov[0].iov_len += ISCSI_CRC_LEN; 2673 tx_size += ISCSI_CRC_LEN; 2674 2675 pr_debug("Attaching CRC32 HeaderDigest" 2676 " for DataIN PDU 0x%08x\n", *header_digest); 2677 } 2678 2679 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1], 2680 datain.offset, datain.length); 2681 if (iov_ret < 0) 2682 return -1; 2683 2684 iov_count += iov_ret; 2685 tx_size += datain.length; 2686 2687 cmd->padding = ((-datain.length) & 3); 2688 if (cmd->padding) { 2689 iov[iov_count].iov_base = cmd->pad_bytes; 2690 iov[iov_count++].iov_len = cmd->padding; 2691 tx_size += cmd->padding; 2692 2693 pr_debug("Attaching %u padding bytes\n", 2694 cmd->padding); 2695 } 2696 if (conn->conn_ops->DataDigest) { 2697 cmd->data_crc = iscsit_do_crypto_hash_sg(&conn->conn_tx_hash, cmd, 2698 datain.offset, datain.length, cmd->padding, cmd->pad_bytes); 2699 2700 iov[iov_count].iov_base = &cmd->data_crc; 2701 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 2702 tx_size += ISCSI_CRC_LEN; 2703 2704 pr_debug("Attached CRC32C DataDigest %d bytes, crc" 2705 " 0x%08x\n", datain.length+cmd->padding, cmd->data_crc); 2706 } 2707 2708 cmd->iov_data_count = iov_count; 2709 cmd->tx_size = tx_size; 2710 2711 /* sendpage is preferred but can't insert markers */ 2712 if (!conn->conn_ops->IFMarker) 2713 ret = iscsit_fe_sendpage_sg(cmd, conn); 2714 else 2715 ret = iscsit_send_tx_data(cmd, conn, 0); 2716 2717 iscsit_unmap_iovec(cmd); 2718 2719 if (ret < 0) { 2720 iscsit_tx_thread_wait_for_tcp(conn); 2721 return ret; 2722 } 2723 2724 if (dr->dr_complete) { 2725 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ? 2726 2 : 1; 2727 iscsit_free_datain_req(cmd, dr); 2728 } 2729 2730 return eodr; 2731 } 2732 2733 int 2734 iscsit_build_logout_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2735 struct iscsi_logout_rsp *hdr) 2736 { 2737 struct iscsi_conn *logout_conn = NULL; 2738 struct iscsi_conn_recovery *cr = NULL; 2739 struct iscsi_session *sess = conn->sess; 2740 /* 2741 * The actual shutting down of Sessions and/or Connections 2742 * for CLOSESESSION and CLOSECONNECTION Logout Requests 2743 * is done in scsi_logout_post_handler(). 2744 */ 2745 switch (cmd->logout_reason) { 2746 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 2747 pr_debug("iSCSI session logout successful, setting" 2748 " logout response to ISCSI_LOGOUT_SUCCESS.\n"); 2749 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2750 break; 2751 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 2752 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND) 2753 break; 2754 /* 2755 * For CLOSECONNECTION logout requests carrying 2756 * a matching logout CID -> local CID, the reference 2757 * for the local CID will have been incremented in 2758 * iscsi_logout_closeconnection(). 2759 * 2760 * For CLOSECONNECTION logout requests carrying 2761 * a different CID than the connection it arrived 2762 * on, the connection responding to cmd->logout_cid 2763 * is stopped in iscsit_logout_post_handler_diffcid(). 2764 */ 2765 2766 pr_debug("iSCSI CID: %hu logout on CID: %hu" 2767 " successful.\n", cmd->logout_cid, conn->cid); 2768 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2769 break; 2770 case ISCSI_LOGOUT_REASON_RECOVERY: 2771 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) || 2772 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED)) 2773 break; 2774 /* 2775 * If the connection is still active from our point of view 2776 * force connection recovery to occur. 2777 */ 2778 logout_conn = iscsit_get_conn_from_cid_rcfr(sess, 2779 cmd->logout_cid); 2780 if (logout_conn) { 2781 iscsit_connection_reinstatement_rcfr(logout_conn); 2782 iscsit_dec_conn_usage_count(logout_conn); 2783 } 2784 2785 cr = iscsit_get_inactive_connection_recovery_entry( 2786 conn->sess, cmd->logout_cid); 2787 if (!cr) { 2788 pr_err("Unable to locate CID: %hu for" 2789 " REMOVECONNFORRECOVERY Logout Request.\n", 2790 cmd->logout_cid); 2791 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND; 2792 break; 2793 } 2794 2795 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn); 2796 2797 pr_debug("iSCSI REMOVECONNFORRECOVERY logout" 2798 " for recovery for CID: %hu on CID: %hu successful.\n", 2799 cmd->logout_cid, conn->cid); 2800 cmd->logout_response = ISCSI_LOGOUT_SUCCESS; 2801 break; 2802 default: 2803 pr_err("Unknown cmd->logout_reason: 0x%02x\n", 2804 cmd->logout_reason); 2805 return -1; 2806 } 2807 2808 hdr->opcode = ISCSI_OP_LOGOUT_RSP; 2809 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2810 hdr->response = cmd->logout_response; 2811 hdr->itt = cmd->init_task_tag; 2812 cmd->stat_sn = conn->stat_sn++; 2813 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2814 2815 iscsit_increment_maxcmdsn(cmd, conn->sess); 2816 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2817 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2818 2819 pr_debug("Built Logout Response ITT: 0x%08x StatSN:" 2820 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n", 2821 cmd->init_task_tag, cmd->stat_sn, hdr->response, 2822 cmd->logout_cid, conn->cid); 2823 2824 return 0; 2825 } 2826 EXPORT_SYMBOL(iscsit_build_logout_rsp); 2827 2828 static int 2829 iscsit_send_logout(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2830 { 2831 struct kvec *iov; 2832 int niov = 0, tx_size, rc; 2833 2834 rc = iscsit_build_logout_rsp(cmd, conn, 2835 (struct iscsi_logout_rsp *)&cmd->pdu[0]); 2836 if (rc < 0) 2837 return rc; 2838 2839 tx_size = ISCSI_HDR_LEN; 2840 iov = &cmd->iov_misc[0]; 2841 iov[niov].iov_base = cmd->pdu; 2842 iov[niov++].iov_len = ISCSI_HDR_LEN; 2843 2844 if (conn->conn_ops->HeaderDigest) { 2845 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2846 2847 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, &cmd->pdu[0], 2848 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2849 2850 iov[0].iov_len += ISCSI_CRC_LEN; 2851 tx_size += ISCSI_CRC_LEN; 2852 pr_debug("Attaching CRC32C HeaderDigest to" 2853 " Logout Response 0x%08x\n", *header_digest); 2854 } 2855 cmd->iov_misc_count = niov; 2856 cmd->tx_size = tx_size; 2857 2858 return 0; 2859 } 2860 2861 void 2862 iscsit_build_nopin_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 2863 struct iscsi_nopin *hdr, bool nopout_response) 2864 { 2865 hdr->opcode = ISCSI_OP_NOOP_IN; 2866 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 2867 hton24(hdr->dlength, cmd->buf_ptr_size); 2868 if (nopout_response) 2869 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun); 2870 hdr->itt = cmd->init_task_tag; 2871 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 2872 cmd->stat_sn = (nopout_response) ? conn->stat_sn++ : 2873 conn->stat_sn; 2874 hdr->statsn = cpu_to_be32(cmd->stat_sn); 2875 2876 if (nopout_response) 2877 iscsit_increment_maxcmdsn(cmd, conn->sess); 2878 2879 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 2880 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 2881 2882 pr_debug("Built NOPIN %s Response ITT: 0x%08x, TTT: 0x%08x," 2883 " StatSN: 0x%08x, Length %u\n", (nopout_response) ? 2884 "Solicitied" : "Unsolicitied", cmd->init_task_tag, 2885 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size); 2886 } 2887 EXPORT_SYMBOL(iscsit_build_nopin_rsp); 2888 2889 /* 2890 * Unsolicited NOPIN, either requesting a response or not. 2891 */ 2892 static int iscsit_send_unsolicited_nopin( 2893 struct iscsi_cmd *cmd, 2894 struct iscsi_conn *conn, 2895 int want_response) 2896 { 2897 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2898 int tx_size = ISCSI_HDR_LEN, ret; 2899 2900 iscsit_build_nopin_rsp(cmd, conn, hdr, false); 2901 2902 if (conn->conn_ops->HeaderDigest) { 2903 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2904 2905 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2906 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2907 2908 tx_size += ISCSI_CRC_LEN; 2909 pr_debug("Attaching CRC32C HeaderDigest to" 2910 " NopIN 0x%08x\n", *header_digest); 2911 } 2912 2913 cmd->iov_misc[0].iov_base = cmd->pdu; 2914 cmd->iov_misc[0].iov_len = tx_size; 2915 cmd->iov_misc_count = 1; 2916 cmd->tx_size = tx_size; 2917 2918 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:" 2919 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid); 2920 2921 ret = iscsit_send_tx_data(cmd, conn, 1); 2922 if (ret < 0) { 2923 iscsit_tx_thread_wait_for_tcp(conn); 2924 return ret; 2925 } 2926 2927 spin_lock_bh(&cmd->istate_lock); 2928 cmd->i_state = want_response ? 2929 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS; 2930 spin_unlock_bh(&cmd->istate_lock); 2931 2932 return 0; 2933 } 2934 2935 static int 2936 iscsit_send_nopin(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 2937 { 2938 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0]; 2939 struct kvec *iov; 2940 u32 padding = 0; 2941 int niov = 0, tx_size; 2942 2943 iscsit_build_nopin_rsp(cmd, conn, hdr, true); 2944 2945 tx_size = ISCSI_HDR_LEN; 2946 iov = &cmd->iov_misc[0]; 2947 iov[niov].iov_base = cmd->pdu; 2948 iov[niov++].iov_len = ISCSI_HDR_LEN; 2949 2950 if (conn->conn_ops->HeaderDigest) { 2951 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 2952 2953 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 2954 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 2955 2956 iov[0].iov_len += ISCSI_CRC_LEN; 2957 tx_size += ISCSI_CRC_LEN; 2958 pr_debug("Attaching CRC32C HeaderDigest" 2959 " to NopIn 0x%08x\n", *header_digest); 2960 } 2961 2962 /* 2963 * NOPOUT Ping Data is attached to struct iscsi_cmd->buf_ptr. 2964 * NOPOUT DataSegmentLength is at struct iscsi_cmd->buf_ptr_size. 2965 */ 2966 if (cmd->buf_ptr_size) { 2967 iov[niov].iov_base = cmd->buf_ptr; 2968 iov[niov++].iov_len = cmd->buf_ptr_size; 2969 tx_size += cmd->buf_ptr_size; 2970 2971 pr_debug("Echoing back %u bytes of ping" 2972 " data.\n", cmd->buf_ptr_size); 2973 2974 padding = ((-cmd->buf_ptr_size) & 3); 2975 if (padding != 0) { 2976 iov[niov].iov_base = &cmd->pad_bytes; 2977 iov[niov++].iov_len = padding; 2978 tx_size += padding; 2979 pr_debug("Attaching %u additional" 2980 " padding bytes.\n", padding); 2981 } 2982 if (conn->conn_ops->DataDigest) { 2983 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 2984 cmd->buf_ptr, cmd->buf_ptr_size, 2985 padding, (u8 *)&cmd->pad_bytes, 2986 (u8 *)&cmd->data_crc); 2987 2988 iov[niov].iov_base = &cmd->data_crc; 2989 iov[niov++].iov_len = ISCSI_CRC_LEN; 2990 tx_size += ISCSI_CRC_LEN; 2991 pr_debug("Attached DataDigest for %u" 2992 " bytes of ping data, CRC 0x%08x\n", 2993 cmd->buf_ptr_size, cmd->data_crc); 2994 } 2995 } 2996 2997 cmd->iov_misc_count = niov; 2998 cmd->tx_size = tx_size; 2999 3000 return 0; 3001 } 3002 3003 static int iscsit_send_r2t( 3004 struct iscsi_cmd *cmd, 3005 struct iscsi_conn *conn) 3006 { 3007 int tx_size = 0; 3008 struct iscsi_r2t *r2t; 3009 struct iscsi_r2t_rsp *hdr; 3010 int ret; 3011 3012 r2t = iscsit_get_r2t_from_list(cmd); 3013 if (!r2t) 3014 return -1; 3015 3016 hdr = (struct iscsi_r2t_rsp *) cmd->pdu; 3017 memset(hdr, 0, ISCSI_HDR_LEN); 3018 hdr->opcode = ISCSI_OP_R2T; 3019 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3020 int_to_scsilun(cmd->se_cmd.orig_fe_lun, 3021 (struct scsi_lun *)&hdr->lun); 3022 hdr->itt = cmd->init_task_tag; 3023 spin_lock_bh(&conn->sess->ttt_lock); 3024 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++; 3025 if (r2t->targ_xfer_tag == 0xFFFFFFFF) 3026 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++; 3027 spin_unlock_bh(&conn->sess->ttt_lock); 3028 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag); 3029 hdr->statsn = cpu_to_be32(conn->stat_sn); 3030 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3031 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3032 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn); 3033 hdr->data_offset = cpu_to_be32(r2t->offset); 3034 hdr->data_length = cpu_to_be32(r2t->xfer_len); 3035 3036 cmd->iov_misc[0].iov_base = cmd->pdu; 3037 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3038 tx_size += ISCSI_HDR_LEN; 3039 3040 if (conn->conn_ops->HeaderDigest) { 3041 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3042 3043 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3044 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3045 3046 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3047 tx_size += ISCSI_CRC_LEN; 3048 pr_debug("Attaching CRC32 HeaderDigest for R2T" 3049 " PDU 0x%08x\n", *header_digest); 3050 } 3051 3052 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:" 3053 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n", 3054 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag, 3055 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn, 3056 r2t->offset, r2t->xfer_len, conn->cid); 3057 3058 cmd->iov_misc_count = 1; 3059 cmd->tx_size = tx_size; 3060 3061 spin_lock_bh(&cmd->r2t_lock); 3062 r2t->sent_r2t = 1; 3063 spin_unlock_bh(&cmd->r2t_lock); 3064 3065 ret = iscsit_send_tx_data(cmd, conn, 1); 3066 if (ret < 0) { 3067 iscsit_tx_thread_wait_for_tcp(conn); 3068 return ret; 3069 } 3070 3071 spin_lock_bh(&cmd->dataout_timeout_lock); 3072 iscsit_start_dataout_timer(cmd, conn); 3073 spin_unlock_bh(&cmd->dataout_timeout_lock); 3074 3075 return 0; 3076 } 3077 3078 /* 3079 * @recovery: If called from iscsi_task_reassign_complete_write() for 3080 * connection recovery. 3081 */ 3082 int iscsit_build_r2ts_for_cmd( 3083 struct iscsi_conn *conn, 3084 struct iscsi_cmd *cmd, 3085 bool recovery) 3086 { 3087 int first_r2t = 1; 3088 u32 offset = 0, xfer_len = 0; 3089 3090 spin_lock_bh(&cmd->r2t_lock); 3091 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) { 3092 spin_unlock_bh(&cmd->r2t_lock); 3093 return 0; 3094 } 3095 3096 if (conn->sess->sess_ops->DataSequenceInOrder && 3097 !recovery) 3098 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done); 3099 3100 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) { 3101 if (conn->sess->sess_ops->DataSequenceInOrder) { 3102 offset = cmd->r2t_offset; 3103 3104 if (first_r2t && recovery) { 3105 int new_data_end = offset + 3106 conn->sess->sess_ops->MaxBurstLength - 3107 cmd->next_burst_len; 3108 3109 if (new_data_end > cmd->se_cmd.data_length) 3110 xfer_len = cmd->se_cmd.data_length - offset; 3111 else 3112 xfer_len = 3113 conn->sess->sess_ops->MaxBurstLength - 3114 cmd->next_burst_len; 3115 } else { 3116 int new_data_end = offset + 3117 conn->sess->sess_ops->MaxBurstLength; 3118 3119 if (new_data_end > cmd->se_cmd.data_length) 3120 xfer_len = cmd->se_cmd.data_length - offset; 3121 else 3122 xfer_len = conn->sess->sess_ops->MaxBurstLength; 3123 } 3124 cmd->r2t_offset += xfer_len; 3125 3126 if (cmd->r2t_offset == cmd->se_cmd.data_length) 3127 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3128 } else { 3129 struct iscsi_seq *seq; 3130 3131 seq = iscsit_get_seq_holder_for_r2t(cmd); 3132 if (!seq) { 3133 spin_unlock_bh(&cmd->r2t_lock); 3134 return -1; 3135 } 3136 3137 offset = seq->offset; 3138 xfer_len = seq->xfer_len; 3139 3140 if (cmd->seq_send_order == cmd->seq_count) 3141 cmd->cmd_flags |= ICF_SENT_LAST_R2T; 3142 } 3143 cmd->outstanding_r2ts++; 3144 first_r2t = 0; 3145 3146 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) { 3147 spin_unlock_bh(&cmd->r2t_lock); 3148 return -1; 3149 } 3150 3151 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) 3152 break; 3153 } 3154 spin_unlock_bh(&cmd->r2t_lock); 3155 3156 return 0; 3157 } 3158 3159 void iscsit_build_rsp_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3160 bool inc_stat_sn, struct iscsi_scsi_rsp *hdr) 3161 { 3162 if (inc_stat_sn) 3163 cmd->stat_sn = conn->stat_sn++; 3164 3165 spin_lock_bh(&conn->sess->session_stats_lock); 3166 conn->sess->rsp_pdus++; 3167 spin_unlock_bh(&conn->sess->session_stats_lock); 3168 3169 memset(hdr, 0, ISCSI_HDR_LEN); 3170 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP; 3171 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3172 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) { 3173 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW; 3174 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3175 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) { 3176 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW; 3177 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count); 3178 } 3179 hdr->response = cmd->iscsi_response; 3180 hdr->cmd_status = cmd->se_cmd.scsi_status; 3181 hdr->itt = cmd->init_task_tag; 3182 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3183 3184 iscsit_increment_maxcmdsn(cmd, conn->sess); 3185 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3186 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3187 3188 pr_debug("Built SCSI Response, ITT: 0x%08x, StatSN: 0x%08x," 3189 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n", 3190 cmd->init_task_tag, cmd->stat_sn, cmd->se_cmd.scsi_status, 3191 cmd->se_cmd.scsi_status, conn->cid); 3192 } 3193 EXPORT_SYMBOL(iscsit_build_rsp_pdu); 3194 3195 static int iscsit_send_response(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3196 { 3197 struct iscsi_scsi_rsp *hdr = (struct iscsi_scsi_rsp *)&cmd->pdu[0]; 3198 struct kvec *iov; 3199 u32 padding = 0, tx_size = 0; 3200 int iov_count = 0; 3201 bool inc_stat_sn = (cmd->i_state == ISTATE_SEND_STATUS); 3202 3203 iscsit_build_rsp_pdu(cmd, conn, inc_stat_sn, hdr); 3204 3205 iov = &cmd->iov_misc[0]; 3206 iov[iov_count].iov_base = cmd->pdu; 3207 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3208 tx_size += ISCSI_HDR_LEN; 3209 3210 /* 3211 * Attach SENSE DATA payload to iSCSI Response PDU 3212 */ 3213 if (cmd->se_cmd.sense_buffer && 3214 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) || 3215 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) { 3216 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer); 3217 cmd->se_cmd.scsi_sense_length += sizeof (__be16); 3218 3219 padding = -(cmd->se_cmd.scsi_sense_length) & 3; 3220 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length); 3221 iov[iov_count].iov_base = cmd->sense_buffer; 3222 iov[iov_count++].iov_len = 3223 (cmd->se_cmd.scsi_sense_length + padding); 3224 tx_size += cmd->se_cmd.scsi_sense_length; 3225 3226 if (padding) { 3227 memset(cmd->sense_buffer + 3228 cmd->se_cmd.scsi_sense_length, 0, padding); 3229 tx_size += padding; 3230 pr_debug("Adding %u bytes of padding to" 3231 " SENSE.\n", padding); 3232 } 3233 3234 if (conn->conn_ops->DataDigest) { 3235 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 3236 cmd->sense_buffer, 3237 (cmd->se_cmd.scsi_sense_length + padding), 3238 0, NULL, (u8 *)&cmd->data_crc); 3239 3240 iov[iov_count].iov_base = &cmd->data_crc; 3241 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3242 tx_size += ISCSI_CRC_LEN; 3243 3244 pr_debug("Attaching CRC32 DataDigest for" 3245 " SENSE, %u bytes CRC 0x%08x\n", 3246 (cmd->se_cmd.scsi_sense_length + padding), 3247 cmd->data_crc); 3248 } 3249 3250 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI" 3251 " Response PDU\n", 3252 cmd->se_cmd.scsi_sense_length); 3253 } 3254 3255 if (conn->conn_ops->HeaderDigest) { 3256 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3257 3258 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu, 3259 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3260 3261 iov[0].iov_len += ISCSI_CRC_LEN; 3262 tx_size += ISCSI_CRC_LEN; 3263 pr_debug("Attaching CRC32 HeaderDigest for Response" 3264 " PDU 0x%08x\n", *header_digest); 3265 } 3266 3267 cmd->iov_misc_count = iov_count; 3268 cmd->tx_size = tx_size; 3269 3270 return 0; 3271 } 3272 3273 static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr) 3274 { 3275 switch (se_tmr->response) { 3276 case TMR_FUNCTION_COMPLETE: 3277 return ISCSI_TMF_RSP_COMPLETE; 3278 case TMR_TASK_DOES_NOT_EXIST: 3279 return ISCSI_TMF_RSP_NO_TASK; 3280 case TMR_LUN_DOES_NOT_EXIST: 3281 return ISCSI_TMF_RSP_NO_LUN; 3282 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED: 3283 return ISCSI_TMF_RSP_NOT_SUPPORTED; 3284 case TMR_FUNCTION_REJECTED: 3285 default: 3286 return ISCSI_TMF_RSP_REJECTED; 3287 } 3288 } 3289 3290 void 3291 iscsit_build_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3292 struct iscsi_tm_rsp *hdr) 3293 { 3294 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req; 3295 3296 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP; 3297 hdr->flags = ISCSI_FLAG_CMD_FINAL; 3298 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr); 3299 hdr->itt = cmd->init_task_tag; 3300 cmd->stat_sn = conn->stat_sn++; 3301 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3302 3303 iscsit_increment_maxcmdsn(cmd, conn->sess); 3304 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3305 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3306 3307 pr_debug("Built Task Management Response ITT: 0x%08x," 3308 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n", 3309 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid); 3310 } 3311 EXPORT_SYMBOL(iscsit_build_task_mgt_rsp); 3312 3313 static int 3314 iscsit_send_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn) 3315 { 3316 struct iscsi_tm_rsp *hdr = (struct iscsi_tm_rsp *)&cmd->pdu[0]; 3317 u32 tx_size = 0; 3318 3319 iscsit_build_task_mgt_rsp(cmd, conn, hdr); 3320 3321 cmd->iov_misc[0].iov_base = cmd->pdu; 3322 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN; 3323 tx_size += ISCSI_HDR_LEN; 3324 3325 if (conn->conn_ops->HeaderDigest) { 3326 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3327 3328 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3329 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3330 3331 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN; 3332 tx_size += ISCSI_CRC_LEN; 3333 pr_debug("Attaching CRC32 HeaderDigest for Task" 3334 " Mgmt Response PDU 0x%08x\n", *header_digest); 3335 } 3336 3337 cmd->iov_misc_count = 1; 3338 cmd->tx_size = tx_size; 3339 3340 return 0; 3341 } 3342 3343 static bool iscsit_check_inaddr_any(struct iscsi_np *np) 3344 { 3345 bool ret = false; 3346 3347 if (np->np_sockaddr.ss_family == AF_INET6) { 3348 const struct sockaddr_in6 sin6 = { 3349 .sin6_addr = IN6ADDR_ANY_INIT }; 3350 struct sockaddr_in6 *sock_in6 = 3351 (struct sockaddr_in6 *)&np->np_sockaddr; 3352 3353 if (!memcmp(sock_in6->sin6_addr.s6_addr, 3354 sin6.sin6_addr.s6_addr, 16)) 3355 ret = true; 3356 } else { 3357 struct sockaddr_in * sock_in = 3358 (struct sockaddr_in *)&np->np_sockaddr; 3359 3360 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY)) 3361 ret = true; 3362 } 3363 3364 return ret; 3365 } 3366 3367 #define SENDTARGETS_BUF_LIMIT 32768U 3368 3369 static int iscsit_build_sendtargets_response(struct iscsi_cmd *cmd) 3370 { 3371 char *payload = NULL; 3372 struct iscsi_conn *conn = cmd->conn; 3373 struct iscsi_portal_group *tpg; 3374 struct iscsi_tiqn *tiqn; 3375 struct iscsi_tpg_np *tpg_np; 3376 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0; 3377 unsigned char buf[ISCSI_IQN_LEN+12]; /* iqn + "TargetName=" + \0 */ 3378 unsigned char *text_in = cmd->text_in_ptr, *text_ptr = NULL; 3379 3380 buffer_len = max(conn->conn_ops->MaxRecvDataSegmentLength, 3381 SENDTARGETS_BUF_LIMIT); 3382 3383 payload = kzalloc(buffer_len, GFP_KERNEL); 3384 if (!payload) { 3385 pr_err("Unable to allocate memory for sendtargets" 3386 " response.\n"); 3387 return -ENOMEM; 3388 } 3389 /* 3390 * Locate pointer to iqn./eui. string for IFC_SENDTARGETS_SINGLE 3391 * explicit case.. 3392 */ 3393 if (cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) { 3394 text_ptr = strchr(text_in, '='); 3395 if (!text_ptr) { 3396 pr_err("Unable to locate '=' string in text_in:" 3397 " %s\n", text_in); 3398 kfree(payload); 3399 return -EINVAL; 3400 } 3401 /* 3402 * Skip over '=' character.. 3403 */ 3404 text_ptr += 1; 3405 } 3406 3407 spin_lock(&tiqn_lock); 3408 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) { 3409 if ((cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) && 3410 strcmp(tiqn->tiqn, text_ptr)) { 3411 continue; 3412 } 3413 3414 len = sprintf(buf, "TargetName=%s", tiqn->tiqn); 3415 len += 1; 3416 3417 if ((len + payload_len) > buffer_len) { 3418 end_of_buf = 1; 3419 goto eob; 3420 } 3421 memcpy(payload + payload_len, buf, len); 3422 payload_len += len; 3423 3424 spin_lock(&tiqn->tiqn_tpg_lock); 3425 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) { 3426 3427 spin_lock(&tpg->tpg_state_lock); 3428 if ((tpg->tpg_state == TPG_STATE_FREE) || 3429 (tpg->tpg_state == TPG_STATE_INACTIVE)) { 3430 spin_unlock(&tpg->tpg_state_lock); 3431 continue; 3432 } 3433 spin_unlock(&tpg->tpg_state_lock); 3434 3435 spin_lock(&tpg->tpg_np_lock); 3436 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list, 3437 tpg_np_list) { 3438 struct iscsi_np *np = tpg_np->tpg_np; 3439 bool inaddr_any = iscsit_check_inaddr_any(np); 3440 3441 len = sprintf(buf, "TargetAddress=" 3442 "%s:%hu,%hu", 3443 (inaddr_any == false) ? 3444 np->np_ip : conn->local_ip, 3445 (inaddr_any == false) ? 3446 np->np_port : conn->local_port, 3447 tpg->tpgt); 3448 len += 1; 3449 3450 if ((len + payload_len) > buffer_len) { 3451 spin_unlock(&tpg->tpg_np_lock); 3452 spin_unlock(&tiqn->tiqn_tpg_lock); 3453 end_of_buf = 1; 3454 goto eob; 3455 } 3456 memcpy(payload + payload_len, buf, len); 3457 payload_len += len; 3458 } 3459 spin_unlock(&tpg->tpg_np_lock); 3460 } 3461 spin_unlock(&tiqn->tiqn_tpg_lock); 3462 eob: 3463 if (end_of_buf) 3464 break; 3465 3466 if (cmd->cmd_flags & IFC_SENDTARGETS_SINGLE) 3467 break; 3468 } 3469 spin_unlock(&tiqn_lock); 3470 3471 cmd->buf_ptr = payload; 3472 3473 return payload_len; 3474 } 3475 3476 int 3477 iscsit_build_text_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3478 struct iscsi_text_rsp *hdr) 3479 { 3480 int text_length, padding; 3481 3482 text_length = iscsit_build_sendtargets_response(cmd); 3483 if (text_length < 0) 3484 return text_length; 3485 3486 hdr->opcode = ISCSI_OP_TEXT_RSP; 3487 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3488 padding = ((-text_length) & 3); 3489 hton24(hdr->dlength, text_length); 3490 hdr->itt = cmd->init_task_tag; 3491 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag); 3492 cmd->stat_sn = conn->stat_sn++; 3493 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3494 3495 iscsit_increment_maxcmdsn(cmd, conn->sess); 3496 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3497 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3498 3499 pr_debug("Built Text Response: ITT: 0x%08x, StatSN: 0x%08x," 3500 " Length: %u, CID: %hu\n", cmd->init_task_tag, cmd->stat_sn, 3501 text_length, conn->cid); 3502 3503 return text_length + padding; 3504 } 3505 EXPORT_SYMBOL(iscsit_build_text_rsp); 3506 3507 /* 3508 * FIXME: Add support for F_BIT and C_BIT when the length is longer than 3509 * MaxRecvDataSegmentLength. 3510 */ 3511 static int iscsit_send_text_rsp( 3512 struct iscsi_cmd *cmd, 3513 struct iscsi_conn *conn) 3514 { 3515 struct iscsi_text_rsp *hdr = (struct iscsi_text_rsp *)cmd->pdu; 3516 struct kvec *iov; 3517 u32 tx_size = 0; 3518 int text_length, iov_count = 0, rc; 3519 3520 rc = iscsit_build_text_rsp(cmd, conn, hdr); 3521 if (rc < 0) 3522 return rc; 3523 3524 text_length = rc; 3525 iov = &cmd->iov_misc[0]; 3526 iov[iov_count].iov_base = cmd->pdu; 3527 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3528 iov[iov_count].iov_base = cmd->buf_ptr; 3529 iov[iov_count++].iov_len = text_length; 3530 3531 tx_size += (ISCSI_HDR_LEN + text_length); 3532 3533 if (conn->conn_ops->HeaderDigest) { 3534 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3535 3536 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3537 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3538 3539 iov[0].iov_len += ISCSI_CRC_LEN; 3540 tx_size += ISCSI_CRC_LEN; 3541 pr_debug("Attaching CRC32 HeaderDigest for" 3542 " Text Response PDU 0x%08x\n", *header_digest); 3543 } 3544 3545 if (conn->conn_ops->DataDigest) { 3546 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, 3547 cmd->buf_ptr, text_length, 3548 0, NULL, (u8 *)&cmd->data_crc); 3549 3550 iov[iov_count].iov_base = &cmd->data_crc; 3551 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3552 tx_size += ISCSI_CRC_LEN; 3553 3554 pr_debug("Attaching DataDigest for %u bytes of text" 3555 " data, CRC 0x%08x\n", text_length, 3556 cmd->data_crc); 3557 } 3558 3559 cmd->iov_misc_count = iov_count; 3560 cmd->tx_size = tx_size; 3561 3562 return 0; 3563 } 3564 3565 void 3566 iscsit_build_reject(struct iscsi_cmd *cmd, struct iscsi_conn *conn, 3567 struct iscsi_reject *hdr) 3568 { 3569 hdr->opcode = ISCSI_OP_REJECT; 3570 hdr->reason = cmd->reject_reason; 3571 hdr->flags |= ISCSI_FLAG_CMD_FINAL; 3572 hton24(hdr->dlength, ISCSI_HDR_LEN); 3573 hdr->ffffffff = cpu_to_be32(0xffffffff); 3574 cmd->stat_sn = conn->stat_sn++; 3575 hdr->statsn = cpu_to_be32(cmd->stat_sn); 3576 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 3577 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn); 3578 3579 } 3580 EXPORT_SYMBOL(iscsit_build_reject); 3581 3582 static int iscsit_send_reject( 3583 struct iscsi_cmd *cmd, 3584 struct iscsi_conn *conn) 3585 { 3586 struct iscsi_reject *hdr = (struct iscsi_reject *)&cmd->pdu[0]; 3587 struct kvec *iov; 3588 u32 iov_count = 0, tx_size; 3589 3590 iscsit_build_reject(cmd, conn, hdr); 3591 3592 iov = &cmd->iov_misc[0]; 3593 iov[iov_count].iov_base = cmd->pdu; 3594 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3595 iov[iov_count].iov_base = cmd->buf_ptr; 3596 iov[iov_count++].iov_len = ISCSI_HDR_LEN; 3597 3598 tx_size = (ISCSI_HDR_LEN + ISCSI_HDR_LEN); 3599 3600 if (conn->conn_ops->HeaderDigest) { 3601 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN]; 3602 3603 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr, 3604 ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest); 3605 3606 iov[0].iov_len += ISCSI_CRC_LEN; 3607 tx_size += ISCSI_CRC_LEN; 3608 pr_debug("Attaching CRC32 HeaderDigest for" 3609 " REJECT PDU 0x%08x\n", *header_digest); 3610 } 3611 3612 if (conn->conn_ops->DataDigest) { 3613 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->buf_ptr, 3614 ISCSI_HDR_LEN, 0, NULL, (u8 *)&cmd->data_crc); 3615 3616 iov[iov_count].iov_base = &cmd->data_crc; 3617 iov[iov_count++].iov_len = ISCSI_CRC_LEN; 3618 tx_size += ISCSI_CRC_LEN; 3619 pr_debug("Attaching CRC32 DataDigest for REJECT" 3620 " PDU 0x%08x\n", cmd->data_crc); 3621 } 3622 3623 cmd->iov_misc_count = iov_count; 3624 cmd->tx_size = tx_size; 3625 3626 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x," 3627 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid); 3628 3629 return 0; 3630 } 3631 3632 void iscsit_thread_get_cpumask(struct iscsi_conn *conn) 3633 { 3634 struct iscsi_thread_set *ts = conn->thread_set; 3635 int ord, cpu; 3636 /* 3637 * thread_id is assigned from iscsit_global->ts_bitmap from 3638 * within iscsi_thread_set.c:iscsi_allocate_thread_sets() 3639 * 3640 * Here we use thread_id to determine which CPU that this 3641 * iSCSI connection's iscsi_thread_set will be scheduled to 3642 * execute upon. 3643 */ 3644 ord = ts->thread_id % cpumask_weight(cpu_online_mask); 3645 for_each_online_cpu(cpu) { 3646 if (ord-- == 0) { 3647 cpumask_set_cpu(cpu, conn->conn_cpumask); 3648 return; 3649 } 3650 } 3651 /* 3652 * This should never be reached.. 3653 */ 3654 dump_stack(); 3655 cpumask_setall(conn->conn_cpumask); 3656 } 3657 3658 static inline void iscsit_thread_check_cpumask( 3659 struct iscsi_conn *conn, 3660 struct task_struct *p, 3661 int mode) 3662 { 3663 char buf[128]; 3664 /* 3665 * mode == 1 signals iscsi_target_tx_thread() usage. 3666 * mode == 0 signals iscsi_target_rx_thread() usage. 3667 */ 3668 if (mode == 1) { 3669 if (!conn->conn_tx_reset_cpumask) 3670 return; 3671 conn->conn_tx_reset_cpumask = 0; 3672 } else { 3673 if (!conn->conn_rx_reset_cpumask) 3674 return; 3675 conn->conn_rx_reset_cpumask = 0; 3676 } 3677 /* 3678 * Update the CPU mask for this single kthread so that 3679 * both TX and RX kthreads are scheduled to run on the 3680 * same CPU. 3681 */ 3682 memset(buf, 0, 128); 3683 cpumask_scnprintf(buf, 128, conn->conn_cpumask); 3684 set_cpus_allowed_ptr(p, conn->conn_cpumask); 3685 } 3686 3687 static int 3688 iscsit_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3689 { 3690 int ret; 3691 3692 switch (state) { 3693 case ISTATE_SEND_R2T: 3694 ret = iscsit_send_r2t(cmd, conn); 3695 if (ret < 0) 3696 goto err; 3697 break; 3698 case ISTATE_REMOVE: 3699 spin_lock_bh(&conn->cmd_lock); 3700 list_del(&cmd->i_conn_node); 3701 spin_unlock_bh(&conn->cmd_lock); 3702 3703 iscsit_free_cmd(cmd, false); 3704 break; 3705 case ISTATE_SEND_NOPIN_WANT_RESPONSE: 3706 iscsit_mod_nopin_response_timer(conn); 3707 ret = iscsit_send_unsolicited_nopin(cmd, conn, 1); 3708 if (ret < 0) 3709 goto err; 3710 break; 3711 case ISTATE_SEND_NOPIN_NO_RESPONSE: 3712 ret = iscsit_send_unsolicited_nopin(cmd, conn, 0); 3713 if (ret < 0) 3714 goto err; 3715 break; 3716 default: 3717 pr_err("Unknown Opcode: 0x%02x ITT:" 3718 " 0x%08x, i_state: %d on CID: %hu\n", 3719 cmd->iscsi_opcode, cmd->init_task_tag, state, 3720 conn->cid); 3721 goto err; 3722 } 3723 3724 return 0; 3725 3726 err: 3727 return -1; 3728 } 3729 3730 static int 3731 iscsit_handle_immediate_queue(struct iscsi_conn *conn) 3732 { 3733 struct iscsit_transport *t = conn->conn_transport; 3734 struct iscsi_queue_req *qr; 3735 struct iscsi_cmd *cmd; 3736 u8 state; 3737 int ret; 3738 3739 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) { 3740 atomic_set(&conn->check_immediate_queue, 0); 3741 cmd = qr->cmd; 3742 state = qr->state; 3743 kmem_cache_free(lio_qr_cache, qr); 3744 3745 ret = t->iscsit_immediate_queue(conn, cmd, state); 3746 if (ret < 0) 3747 return ret; 3748 } 3749 3750 return 0; 3751 } 3752 3753 static int 3754 iscsit_response_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) 3755 { 3756 int ret; 3757 3758 check_rsp_state: 3759 switch (state) { 3760 case ISTATE_SEND_DATAIN: 3761 ret = iscsit_send_datain(cmd, conn); 3762 if (ret < 0) 3763 goto err; 3764 else if (!ret) 3765 /* more drs */ 3766 goto check_rsp_state; 3767 else if (ret == 1) { 3768 /* all done */ 3769 spin_lock_bh(&cmd->istate_lock); 3770 cmd->i_state = ISTATE_SENT_STATUS; 3771 spin_unlock_bh(&cmd->istate_lock); 3772 3773 if (atomic_read(&conn->check_immediate_queue)) 3774 return 1; 3775 3776 return 0; 3777 } else if (ret == 2) { 3778 /* Still must send status, 3779 SCF_TRANSPORT_TASK_SENSE was set */ 3780 spin_lock_bh(&cmd->istate_lock); 3781 cmd->i_state = ISTATE_SEND_STATUS; 3782 spin_unlock_bh(&cmd->istate_lock); 3783 state = ISTATE_SEND_STATUS; 3784 goto check_rsp_state; 3785 } 3786 3787 break; 3788 case ISTATE_SEND_STATUS: 3789 case ISTATE_SEND_STATUS_RECOVERY: 3790 ret = iscsit_send_response(cmd, conn); 3791 break; 3792 case ISTATE_SEND_LOGOUTRSP: 3793 ret = iscsit_send_logout(cmd, conn); 3794 break; 3795 case ISTATE_SEND_ASYNCMSG: 3796 ret = iscsit_send_conn_drop_async_message( 3797 cmd, conn); 3798 break; 3799 case ISTATE_SEND_NOPIN: 3800 ret = iscsit_send_nopin(cmd, conn); 3801 break; 3802 case ISTATE_SEND_REJECT: 3803 ret = iscsit_send_reject(cmd, conn); 3804 break; 3805 case ISTATE_SEND_TASKMGTRSP: 3806 ret = iscsit_send_task_mgt_rsp(cmd, conn); 3807 if (ret != 0) 3808 break; 3809 ret = iscsit_tmr_post_handler(cmd, conn); 3810 if (ret != 0) 3811 iscsit_fall_back_to_erl0(conn->sess); 3812 break; 3813 case ISTATE_SEND_TEXTRSP: 3814 ret = iscsit_send_text_rsp(cmd, conn); 3815 break; 3816 default: 3817 pr_err("Unknown Opcode: 0x%02x ITT:" 3818 " 0x%08x, i_state: %d on CID: %hu\n", 3819 cmd->iscsi_opcode, cmd->init_task_tag, 3820 state, conn->cid); 3821 goto err; 3822 } 3823 if (ret < 0) 3824 goto err; 3825 3826 if (iscsit_send_tx_data(cmd, conn, 1) < 0) { 3827 iscsit_tx_thread_wait_for_tcp(conn); 3828 iscsit_unmap_iovec(cmd); 3829 goto err; 3830 } 3831 iscsit_unmap_iovec(cmd); 3832 3833 switch (state) { 3834 case ISTATE_SEND_LOGOUTRSP: 3835 if (!iscsit_logout_post_handler(cmd, conn)) 3836 goto restart; 3837 /* fall through */ 3838 case ISTATE_SEND_STATUS: 3839 case ISTATE_SEND_ASYNCMSG: 3840 case ISTATE_SEND_NOPIN: 3841 case ISTATE_SEND_STATUS_RECOVERY: 3842 case ISTATE_SEND_TEXTRSP: 3843 case ISTATE_SEND_TASKMGTRSP: 3844 case ISTATE_SEND_REJECT: 3845 spin_lock_bh(&cmd->istate_lock); 3846 cmd->i_state = ISTATE_SENT_STATUS; 3847 spin_unlock_bh(&cmd->istate_lock); 3848 break; 3849 default: 3850 pr_err("Unknown Opcode: 0x%02x ITT:" 3851 " 0x%08x, i_state: %d on CID: %hu\n", 3852 cmd->iscsi_opcode, cmd->init_task_tag, 3853 cmd->i_state, conn->cid); 3854 goto err; 3855 } 3856 3857 if (atomic_read(&conn->check_immediate_queue)) 3858 return 1; 3859 3860 return 0; 3861 3862 err: 3863 return -1; 3864 restart: 3865 return -EAGAIN; 3866 } 3867 3868 static int iscsit_handle_response_queue(struct iscsi_conn *conn) 3869 { 3870 struct iscsit_transport *t = conn->conn_transport; 3871 struct iscsi_queue_req *qr; 3872 struct iscsi_cmd *cmd; 3873 u8 state; 3874 int ret; 3875 3876 while ((qr = iscsit_get_cmd_from_response_queue(conn))) { 3877 cmd = qr->cmd; 3878 state = qr->state; 3879 kmem_cache_free(lio_qr_cache, qr); 3880 3881 ret = t->iscsit_response_queue(conn, cmd, state); 3882 if (ret == 1 || ret < 0) 3883 return ret; 3884 } 3885 3886 return 0; 3887 } 3888 3889 int iscsi_target_tx_thread(void *arg) 3890 { 3891 int ret = 0; 3892 struct iscsi_conn *conn; 3893 struct iscsi_thread_set *ts = arg; 3894 /* 3895 * Allow ourselves to be interrupted by SIGINT so that a 3896 * connection recovery / failure event can be triggered externally. 3897 */ 3898 allow_signal(SIGINT); 3899 3900 restart: 3901 conn = iscsi_tx_thread_pre_handler(ts); 3902 if (!conn) 3903 goto out; 3904 3905 ret = 0; 3906 3907 while (!kthread_should_stop()) { 3908 /* 3909 * Ensure that both TX and RX per connection kthreads 3910 * are scheduled to run on the same CPU. 3911 */ 3912 iscsit_thread_check_cpumask(conn, current, 1); 3913 3914 wait_event_interruptible(conn->queues_wq, 3915 !iscsit_conn_all_queues_empty(conn) || 3916 ts->status == ISCSI_THREAD_SET_RESET); 3917 3918 if ((ts->status == ISCSI_THREAD_SET_RESET) || 3919 signal_pending(current)) 3920 goto transport_err; 3921 3922 get_immediate: 3923 ret = iscsit_handle_immediate_queue(conn); 3924 if (ret < 0) 3925 goto transport_err; 3926 3927 ret = iscsit_handle_response_queue(conn); 3928 if (ret == 1) 3929 goto get_immediate; 3930 else if (ret == -EAGAIN) 3931 goto restart; 3932 else if (ret < 0) 3933 goto transport_err; 3934 } 3935 3936 transport_err: 3937 iscsit_take_action_for_connection_exit(conn); 3938 goto restart; 3939 out: 3940 return 0; 3941 } 3942 3943 static int iscsi_target_rx_opcode(struct iscsi_conn *conn, unsigned char *buf) 3944 { 3945 struct iscsi_hdr *hdr = (struct iscsi_hdr *)buf; 3946 struct iscsi_cmd *cmd; 3947 int ret = 0; 3948 3949 switch (hdr->opcode & ISCSI_OPCODE_MASK) { 3950 case ISCSI_OP_SCSI_CMD: 3951 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3952 if (!cmd) 3953 goto reject; 3954 3955 ret = iscsit_handle_scsi_cmd(conn, cmd, buf); 3956 break; 3957 case ISCSI_OP_SCSI_DATA_OUT: 3958 ret = iscsit_handle_data_out(conn, buf); 3959 break; 3960 case ISCSI_OP_NOOP_OUT: 3961 cmd = NULL; 3962 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) { 3963 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3964 if (!cmd) 3965 goto reject; 3966 } 3967 ret = iscsit_handle_nop_out(conn, cmd, buf); 3968 break; 3969 case ISCSI_OP_SCSI_TMFUNC: 3970 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3971 if (!cmd) 3972 goto reject; 3973 3974 ret = iscsit_handle_task_mgt_cmd(conn, cmd, buf); 3975 break; 3976 case ISCSI_OP_TEXT: 3977 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3978 if (!cmd) 3979 goto reject; 3980 3981 ret = iscsit_handle_text_cmd(conn, cmd, buf); 3982 break; 3983 case ISCSI_OP_LOGOUT: 3984 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL); 3985 if (!cmd) 3986 goto reject; 3987 3988 ret = iscsit_handle_logout_cmd(conn, cmd, buf); 3989 if (ret > 0) 3990 wait_for_completion_timeout(&conn->conn_logout_comp, 3991 SECONDS_FOR_LOGOUT_COMP * HZ); 3992 break; 3993 case ISCSI_OP_SNACK: 3994 ret = iscsit_handle_snack(conn, buf); 3995 break; 3996 default: 3997 pr_err("Got unknown iSCSI OpCode: 0x%02x\n", hdr->opcode); 3998 if (!conn->sess->sess_ops->ErrorRecoveryLevel) { 3999 pr_err("Cannot recover from unknown" 4000 " opcode while ERL=0, closing iSCSI connection.\n"); 4001 return -1; 4002 } 4003 if (!conn->conn_ops->OFMarker) { 4004 pr_err("Unable to recover from unknown" 4005 " opcode while OFMarker=No, closing iSCSI" 4006 " connection.\n"); 4007 return -1; 4008 } 4009 if (iscsit_recover_from_unknown_opcode(conn) < 0) { 4010 pr_err("Unable to recover from unknown" 4011 " opcode, closing iSCSI connection.\n"); 4012 return -1; 4013 } 4014 break; 4015 } 4016 4017 return ret; 4018 reject: 4019 return iscsit_add_reject(conn, ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf); 4020 } 4021 4022 int iscsi_target_rx_thread(void *arg) 4023 { 4024 int ret; 4025 u8 buffer[ISCSI_HDR_LEN], opcode; 4026 u32 checksum = 0, digest = 0; 4027 struct iscsi_conn *conn = NULL; 4028 struct iscsi_thread_set *ts = arg; 4029 struct kvec iov; 4030 /* 4031 * Allow ourselves to be interrupted by SIGINT so that a 4032 * connection recovery / failure event can be triggered externally. 4033 */ 4034 allow_signal(SIGINT); 4035 4036 restart: 4037 conn = iscsi_rx_thread_pre_handler(ts); 4038 if (!conn) 4039 goto out; 4040 4041 if (conn->conn_transport->transport_type == ISCSI_INFINIBAND) { 4042 struct completion comp; 4043 int rc; 4044 4045 init_completion(&comp); 4046 rc = wait_for_completion_interruptible(&comp); 4047 if (rc < 0) 4048 goto transport_err; 4049 4050 goto out; 4051 } 4052 4053 while (!kthread_should_stop()) { 4054 /* 4055 * Ensure that both TX and RX per connection kthreads 4056 * are scheduled to run on the same CPU. 4057 */ 4058 iscsit_thread_check_cpumask(conn, current, 0); 4059 4060 memset(buffer, 0, ISCSI_HDR_LEN); 4061 memset(&iov, 0, sizeof(struct kvec)); 4062 4063 iov.iov_base = buffer; 4064 iov.iov_len = ISCSI_HDR_LEN; 4065 4066 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN); 4067 if (ret != ISCSI_HDR_LEN) { 4068 iscsit_rx_thread_wait_for_tcp(conn); 4069 goto transport_err; 4070 } 4071 4072 if (conn->conn_ops->HeaderDigest) { 4073 iov.iov_base = &digest; 4074 iov.iov_len = ISCSI_CRC_LEN; 4075 4076 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN); 4077 if (ret != ISCSI_CRC_LEN) { 4078 iscsit_rx_thread_wait_for_tcp(conn); 4079 goto transport_err; 4080 } 4081 4082 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash, 4083 buffer, ISCSI_HDR_LEN, 4084 0, NULL, (u8 *)&checksum); 4085 4086 if (digest != checksum) { 4087 pr_err("HeaderDigest CRC32C failed," 4088 " received 0x%08x, computed 0x%08x\n", 4089 digest, checksum); 4090 /* 4091 * Set the PDU to 0xff so it will intentionally 4092 * hit default in the switch below. 4093 */ 4094 memset(buffer, 0xff, ISCSI_HDR_LEN); 4095 spin_lock_bh(&conn->sess->session_stats_lock); 4096 conn->sess->conn_digest_errors++; 4097 spin_unlock_bh(&conn->sess->session_stats_lock); 4098 } else { 4099 pr_debug("Got HeaderDigest CRC32C" 4100 " 0x%08x\n", checksum); 4101 } 4102 } 4103 4104 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT) 4105 goto transport_err; 4106 4107 opcode = buffer[0] & ISCSI_OPCODE_MASK; 4108 4109 if (conn->sess->sess_ops->SessionType && 4110 ((!(opcode & ISCSI_OP_TEXT)) || 4111 (!(opcode & ISCSI_OP_LOGOUT)))) { 4112 pr_err("Received illegal iSCSI Opcode: 0x%02x" 4113 " while in Discovery Session, rejecting.\n", opcode); 4114 iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR, 4115 buffer); 4116 goto transport_err; 4117 } 4118 4119 ret = iscsi_target_rx_opcode(conn, buffer); 4120 if (ret < 0) 4121 goto transport_err; 4122 } 4123 4124 transport_err: 4125 if (!signal_pending(current)) 4126 atomic_set(&conn->transport_failed, 1); 4127 iscsit_take_action_for_connection_exit(conn); 4128 goto restart; 4129 out: 4130 return 0; 4131 } 4132 4133 static void iscsit_release_commands_from_conn(struct iscsi_conn *conn) 4134 { 4135 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL; 4136 struct iscsi_session *sess = conn->sess; 4137 /* 4138 * We expect this function to only ever be called from either RX or TX 4139 * thread context via iscsit_close_connection() once the other context 4140 * has been reset -> returned sleeping pre-handler state. 4141 */ 4142 spin_lock_bh(&conn->cmd_lock); 4143 list_for_each_entry_safe(cmd, cmd_tmp, &conn->conn_cmd_list, i_conn_node) { 4144 4145 list_del(&cmd->i_conn_node); 4146 spin_unlock_bh(&conn->cmd_lock); 4147 4148 iscsit_increment_maxcmdsn(cmd, sess); 4149 4150 iscsit_free_cmd(cmd, true); 4151 4152 spin_lock_bh(&conn->cmd_lock); 4153 } 4154 spin_unlock_bh(&conn->cmd_lock); 4155 } 4156 4157 static void iscsit_stop_timers_for_cmds( 4158 struct iscsi_conn *conn) 4159 { 4160 struct iscsi_cmd *cmd; 4161 4162 spin_lock_bh(&conn->cmd_lock); 4163 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) { 4164 if (cmd->data_direction == DMA_TO_DEVICE) 4165 iscsit_stop_dataout_timer(cmd); 4166 } 4167 spin_unlock_bh(&conn->cmd_lock); 4168 } 4169 4170 int iscsit_close_connection( 4171 struct iscsi_conn *conn) 4172 { 4173 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT); 4174 struct iscsi_session *sess = conn->sess; 4175 4176 pr_debug("Closing iSCSI connection CID %hu on SID:" 4177 " %u\n", conn->cid, sess->sid); 4178 /* 4179 * Always up conn_logout_comp just in case the RX Thread is sleeping 4180 * and the logout response never got sent because the connection 4181 * failed. 4182 */ 4183 complete(&conn->conn_logout_comp); 4184 4185 iscsi_release_thread_set(conn); 4186 4187 iscsit_stop_timers_for_cmds(conn); 4188 iscsit_stop_nopin_response_timer(conn); 4189 iscsit_stop_nopin_timer(conn); 4190 iscsit_free_queue_reqs_for_conn(conn); 4191 4192 /* 4193 * During Connection recovery drop unacknowledged out of order 4194 * commands for this connection, and prepare the other commands 4195 * for realligence. 4196 * 4197 * During normal operation clear the out of order commands (but 4198 * do not free the struct iscsi_ooo_cmdsn's) and release all 4199 * struct iscsi_cmds. 4200 */ 4201 if (atomic_read(&conn->connection_recovery)) { 4202 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn); 4203 iscsit_prepare_cmds_for_realligance(conn); 4204 } else { 4205 iscsit_clear_ooo_cmdsns_for_conn(conn); 4206 iscsit_release_commands_from_conn(conn); 4207 } 4208 4209 /* 4210 * Handle decrementing session or connection usage count if 4211 * a logout response was not able to be sent because the 4212 * connection failed. Fall back to Session Recovery here. 4213 */ 4214 if (atomic_read(&conn->conn_logout_remove)) { 4215 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) { 4216 iscsit_dec_conn_usage_count(conn); 4217 iscsit_dec_session_usage_count(sess); 4218 } 4219 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) 4220 iscsit_dec_conn_usage_count(conn); 4221 4222 atomic_set(&conn->conn_logout_remove, 0); 4223 atomic_set(&sess->session_reinstatement, 0); 4224 atomic_set(&sess->session_fall_back_to_erl0, 1); 4225 } 4226 4227 spin_lock_bh(&sess->conn_lock); 4228 list_del(&conn->conn_list); 4229 4230 /* 4231 * Attempt to let the Initiator know this connection failed by 4232 * sending an Connection Dropped Async Message on another 4233 * active connection. 4234 */ 4235 if (atomic_read(&conn->connection_recovery)) 4236 iscsit_build_conn_drop_async_message(conn); 4237 4238 spin_unlock_bh(&sess->conn_lock); 4239 4240 /* 4241 * If connection reinstatement is being performed on this connection, 4242 * up the connection reinstatement semaphore that is being blocked on 4243 * in iscsit_cause_connection_reinstatement(). 4244 */ 4245 spin_lock_bh(&conn->state_lock); 4246 if (atomic_read(&conn->sleep_on_conn_wait_comp)) { 4247 spin_unlock_bh(&conn->state_lock); 4248 complete(&conn->conn_wait_comp); 4249 wait_for_completion(&conn->conn_post_wait_comp); 4250 spin_lock_bh(&conn->state_lock); 4251 } 4252 4253 /* 4254 * If connection reinstatement is being performed on this connection 4255 * by receiving a REMOVECONNFORRECOVERY logout request, up the 4256 * connection wait rcfr semaphore that is being blocked on 4257 * an iscsit_connection_reinstatement_rcfr(). 4258 */ 4259 if (atomic_read(&conn->connection_wait_rcfr)) { 4260 spin_unlock_bh(&conn->state_lock); 4261 complete(&conn->conn_wait_rcfr_comp); 4262 wait_for_completion(&conn->conn_post_wait_comp); 4263 spin_lock_bh(&conn->state_lock); 4264 } 4265 atomic_set(&conn->connection_reinstatement, 1); 4266 spin_unlock_bh(&conn->state_lock); 4267 4268 /* 4269 * If any other processes are accessing this connection pointer we 4270 * must wait until they have completed. 4271 */ 4272 iscsit_check_conn_usage_count(conn); 4273 4274 if (conn->conn_rx_hash.tfm) 4275 crypto_free_hash(conn->conn_rx_hash.tfm); 4276 if (conn->conn_tx_hash.tfm) 4277 crypto_free_hash(conn->conn_tx_hash.tfm); 4278 4279 if (conn->conn_cpumask) 4280 free_cpumask_var(conn->conn_cpumask); 4281 4282 kfree(conn->conn_ops); 4283 conn->conn_ops = NULL; 4284 4285 if (conn->sock) 4286 sock_release(conn->sock); 4287 4288 if (conn->conn_transport->iscsit_free_conn) 4289 conn->conn_transport->iscsit_free_conn(conn); 4290 4291 iscsit_put_transport(conn->conn_transport); 4292 4293 conn->thread_set = NULL; 4294 4295 pr_debug("Moving to TARG_CONN_STATE_FREE.\n"); 4296 conn->conn_state = TARG_CONN_STATE_FREE; 4297 kfree(conn); 4298 4299 spin_lock_bh(&sess->conn_lock); 4300 atomic_dec(&sess->nconn); 4301 pr_debug("Decremented iSCSI connection count to %hu from node:" 4302 " %s\n", atomic_read(&sess->nconn), 4303 sess->sess_ops->InitiatorName); 4304 /* 4305 * Make sure that if one connection fails in an non ERL=2 iSCSI 4306 * Session that they all fail. 4307 */ 4308 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout && 4309 !atomic_read(&sess->session_logout)) 4310 atomic_set(&sess->session_fall_back_to_erl0, 1); 4311 4312 /* 4313 * If this was not the last connection in the session, and we are 4314 * performing session reinstatement or falling back to ERL=0, call 4315 * iscsit_stop_session() without sleeping to shutdown the other 4316 * active connections. 4317 */ 4318 if (atomic_read(&sess->nconn)) { 4319 if (!atomic_read(&sess->session_reinstatement) && 4320 !atomic_read(&sess->session_fall_back_to_erl0)) { 4321 spin_unlock_bh(&sess->conn_lock); 4322 return 0; 4323 } 4324 if (!atomic_read(&sess->session_stop_active)) { 4325 atomic_set(&sess->session_stop_active, 1); 4326 spin_unlock_bh(&sess->conn_lock); 4327 iscsit_stop_session(sess, 0, 0); 4328 return 0; 4329 } 4330 spin_unlock_bh(&sess->conn_lock); 4331 return 0; 4332 } 4333 4334 /* 4335 * If this was the last connection in the session and one of the 4336 * following is occurring: 4337 * 4338 * Session Reinstatement is not being performed, and are falling back 4339 * to ERL=0 call iscsit_close_session(). 4340 * 4341 * Session Logout was requested. iscsit_close_session() will be called 4342 * elsewhere. 4343 * 4344 * Session Continuation is not being performed, start the Time2Retain 4345 * handler and check if sleep_on_sess_wait_sem is active. 4346 */ 4347 if (!atomic_read(&sess->session_reinstatement) && 4348 atomic_read(&sess->session_fall_back_to_erl0)) { 4349 spin_unlock_bh(&sess->conn_lock); 4350 target_put_session(sess->se_sess); 4351 4352 return 0; 4353 } else if (atomic_read(&sess->session_logout)) { 4354 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4355 sess->session_state = TARG_SESS_STATE_FREE; 4356 spin_unlock_bh(&sess->conn_lock); 4357 4358 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4359 complete(&sess->session_wait_comp); 4360 4361 return 0; 4362 } else { 4363 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4364 sess->session_state = TARG_SESS_STATE_FAILED; 4365 4366 if (!atomic_read(&sess->session_continuation)) { 4367 spin_unlock_bh(&sess->conn_lock); 4368 iscsit_start_time2retain_handler(sess); 4369 } else 4370 spin_unlock_bh(&sess->conn_lock); 4371 4372 if (atomic_read(&sess->sleep_on_sess_wait_comp)) 4373 complete(&sess->session_wait_comp); 4374 4375 return 0; 4376 } 4377 spin_unlock_bh(&sess->conn_lock); 4378 4379 return 0; 4380 } 4381 4382 int iscsit_close_session(struct iscsi_session *sess) 4383 { 4384 struct iscsi_portal_group *tpg = ISCSI_TPG_S(sess); 4385 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4386 4387 if (atomic_read(&sess->nconn)) { 4388 pr_err("%d connection(s) still exist for iSCSI session" 4389 " to %s\n", atomic_read(&sess->nconn), 4390 sess->sess_ops->InitiatorName); 4391 BUG(); 4392 } 4393 4394 spin_lock_bh(&se_tpg->session_lock); 4395 atomic_set(&sess->session_logout, 1); 4396 atomic_set(&sess->session_reinstatement, 1); 4397 iscsit_stop_time2retain_timer(sess); 4398 spin_unlock_bh(&se_tpg->session_lock); 4399 4400 /* 4401 * transport_deregister_session_configfs() will clear the 4402 * struct se_node_acl->nacl_sess pointer now as a iscsi_np process context 4403 * can be setting it again with __transport_register_session() in 4404 * iscsi_post_login_handler() again after the iscsit_stop_session() 4405 * completes in iscsi_np context. 4406 */ 4407 transport_deregister_session_configfs(sess->se_sess); 4408 4409 /* 4410 * If any other processes are accessing this session pointer we must 4411 * wait until they have completed. If we are in an interrupt (the 4412 * time2retain handler) and contain and active session usage count we 4413 * restart the timer and exit. 4414 */ 4415 if (!in_interrupt()) { 4416 if (iscsit_check_session_usage_count(sess) == 1) 4417 iscsit_stop_session(sess, 1, 1); 4418 } else { 4419 if (iscsit_check_session_usage_count(sess) == 2) { 4420 atomic_set(&sess->session_logout, 0); 4421 iscsit_start_time2retain_handler(sess); 4422 return 0; 4423 } 4424 } 4425 4426 transport_deregister_session(sess->se_sess); 4427 4428 if (sess->sess_ops->ErrorRecoveryLevel == 2) 4429 iscsit_free_connection_recovery_entires(sess); 4430 4431 iscsit_free_all_ooo_cmdsns(sess); 4432 4433 spin_lock_bh(&se_tpg->session_lock); 4434 pr_debug("Moving to TARG_SESS_STATE_FREE.\n"); 4435 sess->session_state = TARG_SESS_STATE_FREE; 4436 pr_debug("Released iSCSI session from node: %s\n", 4437 sess->sess_ops->InitiatorName); 4438 tpg->nsessions--; 4439 if (tpg->tpg_tiqn) 4440 tpg->tpg_tiqn->tiqn_nsessions--; 4441 4442 pr_debug("Decremented number of active iSCSI Sessions on" 4443 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions); 4444 4445 spin_lock(&sess_idr_lock); 4446 idr_remove(&sess_idr, sess->session_index); 4447 spin_unlock(&sess_idr_lock); 4448 4449 kfree(sess->sess_ops); 4450 sess->sess_ops = NULL; 4451 spin_unlock_bh(&se_tpg->session_lock); 4452 4453 kfree(sess); 4454 return 0; 4455 } 4456 4457 static void iscsit_logout_post_handler_closesession( 4458 struct iscsi_conn *conn) 4459 { 4460 struct iscsi_session *sess = conn->sess; 4461 4462 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD); 4463 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD); 4464 4465 atomic_set(&conn->conn_logout_remove, 0); 4466 complete(&conn->conn_logout_comp); 4467 4468 iscsit_dec_conn_usage_count(conn); 4469 iscsit_stop_session(sess, 1, 1); 4470 iscsit_dec_session_usage_count(sess); 4471 target_put_session(sess->se_sess); 4472 } 4473 4474 static void iscsit_logout_post_handler_samecid( 4475 struct iscsi_conn *conn) 4476 { 4477 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD); 4478 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD); 4479 4480 atomic_set(&conn->conn_logout_remove, 0); 4481 complete(&conn->conn_logout_comp); 4482 4483 iscsit_cause_connection_reinstatement(conn, 1); 4484 iscsit_dec_conn_usage_count(conn); 4485 } 4486 4487 static void iscsit_logout_post_handler_diffcid( 4488 struct iscsi_conn *conn, 4489 u16 cid) 4490 { 4491 struct iscsi_conn *l_conn; 4492 struct iscsi_session *sess = conn->sess; 4493 4494 if (!sess) 4495 return; 4496 4497 spin_lock_bh(&sess->conn_lock); 4498 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) { 4499 if (l_conn->cid == cid) { 4500 iscsit_inc_conn_usage_count(l_conn); 4501 break; 4502 } 4503 } 4504 spin_unlock_bh(&sess->conn_lock); 4505 4506 if (!l_conn) 4507 return; 4508 4509 if (l_conn->sock) 4510 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN); 4511 4512 spin_lock_bh(&l_conn->state_lock); 4513 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n"); 4514 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT; 4515 spin_unlock_bh(&l_conn->state_lock); 4516 4517 iscsit_cause_connection_reinstatement(l_conn, 1); 4518 iscsit_dec_conn_usage_count(l_conn); 4519 } 4520 4521 /* 4522 * Return of 0 causes the TX thread to restart. 4523 */ 4524 int iscsit_logout_post_handler( 4525 struct iscsi_cmd *cmd, 4526 struct iscsi_conn *conn) 4527 { 4528 int ret = 0; 4529 4530 switch (cmd->logout_reason) { 4531 case ISCSI_LOGOUT_REASON_CLOSE_SESSION: 4532 switch (cmd->logout_response) { 4533 case ISCSI_LOGOUT_SUCCESS: 4534 case ISCSI_LOGOUT_CLEANUP_FAILED: 4535 default: 4536 iscsit_logout_post_handler_closesession(conn); 4537 break; 4538 } 4539 ret = 0; 4540 break; 4541 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION: 4542 if (conn->cid == cmd->logout_cid) { 4543 switch (cmd->logout_response) { 4544 case ISCSI_LOGOUT_SUCCESS: 4545 case ISCSI_LOGOUT_CLEANUP_FAILED: 4546 default: 4547 iscsit_logout_post_handler_samecid(conn); 4548 break; 4549 } 4550 ret = 0; 4551 } else { 4552 switch (cmd->logout_response) { 4553 case ISCSI_LOGOUT_SUCCESS: 4554 iscsit_logout_post_handler_diffcid(conn, 4555 cmd->logout_cid); 4556 break; 4557 case ISCSI_LOGOUT_CID_NOT_FOUND: 4558 case ISCSI_LOGOUT_CLEANUP_FAILED: 4559 default: 4560 break; 4561 } 4562 ret = 1; 4563 } 4564 break; 4565 case ISCSI_LOGOUT_REASON_RECOVERY: 4566 switch (cmd->logout_response) { 4567 case ISCSI_LOGOUT_SUCCESS: 4568 case ISCSI_LOGOUT_CID_NOT_FOUND: 4569 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED: 4570 case ISCSI_LOGOUT_CLEANUP_FAILED: 4571 default: 4572 break; 4573 } 4574 ret = 1; 4575 break; 4576 default: 4577 break; 4578 4579 } 4580 return ret; 4581 } 4582 EXPORT_SYMBOL(iscsit_logout_post_handler); 4583 4584 void iscsit_fail_session(struct iscsi_session *sess) 4585 { 4586 struct iscsi_conn *conn; 4587 4588 spin_lock_bh(&sess->conn_lock); 4589 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) { 4590 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n"); 4591 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT; 4592 } 4593 spin_unlock_bh(&sess->conn_lock); 4594 4595 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n"); 4596 sess->session_state = TARG_SESS_STATE_FAILED; 4597 } 4598 4599 int iscsit_free_session(struct iscsi_session *sess) 4600 { 4601 u16 conn_count = atomic_read(&sess->nconn); 4602 struct iscsi_conn *conn, *conn_tmp = NULL; 4603 int is_last; 4604 4605 spin_lock_bh(&sess->conn_lock); 4606 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4607 4608 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4609 conn_list) { 4610 if (conn_count == 0) 4611 break; 4612 4613 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4614 is_last = 1; 4615 } else { 4616 iscsit_inc_conn_usage_count(conn_tmp); 4617 is_last = 0; 4618 } 4619 iscsit_inc_conn_usage_count(conn); 4620 4621 spin_unlock_bh(&sess->conn_lock); 4622 iscsit_cause_connection_reinstatement(conn, 1); 4623 spin_lock_bh(&sess->conn_lock); 4624 4625 iscsit_dec_conn_usage_count(conn); 4626 if (is_last == 0) 4627 iscsit_dec_conn_usage_count(conn_tmp); 4628 4629 conn_count--; 4630 } 4631 4632 if (atomic_read(&sess->nconn)) { 4633 spin_unlock_bh(&sess->conn_lock); 4634 wait_for_completion(&sess->session_wait_comp); 4635 } else 4636 spin_unlock_bh(&sess->conn_lock); 4637 4638 target_put_session(sess->se_sess); 4639 return 0; 4640 } 4641 4642 void iscsit_stop_session( 4643 struct iscsi_session *sess, 4644 int session_sleep, 4645 int connection_sleep) 4646 { 4647 u16 conn_count = atomic_read(&sess->nconn); 4648 struct iscsi_conn *conn, *conn_tmp = NULL; 4649 int is_last; 4650 4651 spin_lock_bh(&sess->conn_lock); 4652 if (session_sleep) 4653 atomic_set(&sess->sleep_on_sess_wait_comp, 1); 4654 4655 if (connection_sleep) { 4656 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list, 4657 conn_list) { 4658 if (conn_count == 0) 4659 break; 4660 4661 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) { 4662 is_last = 1; 4663 } else { 4664 iscsit_inc_conn_usage_count(conn_tmp); 4665 is_last = 0; 4666 } 4667 iscsit_inc_conn_usage_count(conn); 4668 4669 spin_unlock_bh(&sess->conn_lock); 4670 iscsit_cause_connection_reinstatement(conn, 1); 4671 spin_lock_bh(&sess->conn_lock); 4672 4673 iscsit_dec_conn_usage_count(conn); 4674 if (is_last == 0) 4675 iscsit_dec_conn_usage_count(conn_tmp); 4676 conn_count--; 4677 } 4678 } else { 4679 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) 4680 iscsit_cause_connection_reinstatement(conn, 0); 4681 } 4682 4683 if (session_sleep && atomic_read(&sess->nconn)) { 4684 spin_unlock_bh(&sess->conn_lock); 4685 wait_for_completion(&sess->session_wait_comp); 4686 } else 4687 spin_unlock_bh(&sess->conn_lock); 4688 } 4689 4690 int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force) 4691 { 4692 struct iscsi_session *sess; 4693 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg; 4694 struct se_session *se_sess, *se_sess_tmp; 4695 int session_count = 0; 4696 4697 spin_lock_bh(&se_tpg->session_lock); 4698 if (tpg->nsessions && !force) { 4699 spin_unlock_bh(&se_tpg->session_lock); 4700 return -1; 4701 } 4702 4703 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list, 4704 sess_list) { 4705 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr; 4706 4707 spin_lock(&sess->conn_lock); 4708 if (atomic_read(&sess->session_fall_back_to_erl0) || 4709 atomic_read(&sess->session_logout) || 4710 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) { 4711 spin_unlock(&sess->conn_lock); 4712 continue; 4713 } 4714 atomic_set(&sess->session_reinstatement, 1); 4715 spin_unlock(&sess->conn_lock); 4716 spin_unlock_bh(&se_tpg->session_lock); 4717 4718 iscsit_free_session(sess); 4719 spin_lock_bh(&se_tpg->session_lock); 4720 4721 session_count++; 4722 } 4723 spin_unlock_bh(&se_tpg->session_lock); 4724 4725 pr_debug("Released %d iSCSI Session(s) from Target Portal" 4726 " Group: %hu\n", session_count, tpg->tpgt); 4727 return 0; 4728 } 4729 4730 MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure"); 4731 MODULE_VERSION("4.1.x"); 4732 MODULE_AUTHOR("nab@Linux-iSCSI.org"); 4733 MODULE_LICENSE("GPL"); 4734 4735 module_init(iscsi_target_init_module); 4736 module_exit(iscsi_target_cleanup_module); 4737