1 /*******************************************************************************
2 * This file contains main functions related to the iSCSI Target Core Driver.
4 * \u00a9 Copyright 2007-2011 RisingTide Systems LLC.
6 * Licensed to the Linux Foundation under the General Public License (GPL) version 2.
8 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 ******************************************************************************/
21 #include <linux/string.h>
22 #include <linux/kthread.h>
23 #include <linux/crypto.h>
24 #include <linux/completion.h>
25 #include <linux/module.h>
26 #include <linux/idr.h>
27 #include <asm/unaligned.h>
28 #include <scsi/scsi_device.h>
29 #include <scsi/iscsi_proto.h>
30 #include <scsi/scsi_tcq.h>
31 #include <target/target_core_base.h>
32 #include <target/target_core_fabric.h>
33 #include <target/target_core_configfs.h>
35 #include "iscsi_target_core.h"
36 #include "iscsi_target_parameters.h"
37 #include "iscsi_target_seq_pdu_list.h"
38 #include "iscsi_target_tq.h"
39 #include "iscsi_target_configfs.h"
40 #include "iscsi_target_datain_values.h"
41 #include "iscsi_target_erl0.h"
42 #include "iscsi_target_erl1.h"
43 #include "iscsi_target_erl2.h"
44 #include "iscsi_target_login.h"
45 #include "iscsi_target_tmr.h"
46 #include "iscsi_target_tpg.h"
47 #include "iscsi_target_util.h"
48 #include "iscsi_target.h"
49 #include "iscsi_target_device.h"
50 #include "iscsi_target_stat.h"
52 static LIST_HEAD(g_tiqn_list);
53 static LIST_HEAD(g_np_list);
54 static DEFINE_SPINLOCK(tiqn_lock);
55 static DEFINE_SPINLOCK(np_lock);
57 static struct idr tiqn_idr;
59 struct mutex auth_id_lock;
60 spinlock_t sess_idr_lock;
62 struct iscsit_global *iscsit_global;
64 struct kmem_cache *lio_cmd_cache;
65 struct kmem_cache *lio_qr_cache;
66 struct kmem_cache *lio_dr_cache;
67 struct kmem_cache *lio_ooo_cache;
68 struct kmem_cache *lio_r2t_cache;
70 static int iscsit_handle_immediate_data(struct iscsi_cmd *,
71 unsigned char *buf, u32);
72 static int iscsit_logout_post_handler(struct iscsi_cmd *, struct iscsi_conn *);
74 struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf)
76 struct iscsi_tiqn *tiqn = NULL;
78 spin_lock(&tiqn_lock);
79 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) {
80 if (!strcmp(tiqn->tiqn, buf)) {
82 spin_lock(&tiqn->tiqn_state_lock);
83 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) {
84 tiqn->tiqn_access_count++;
85 spin_unlock(&tiqn->tiqn_state_lock);
86 spin_unlock(&tiqn_lock);
89 spin_unlock(&tiqn->tiqn_state_lock);
92 spin_unlock(&tiqn_lock);
97 static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn)
99 spin_lock(&tiqn->tiqn_state_lock);
100 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) {
101 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN;
102 spin_unlock(&tiqn->tiqn_state_lock);
105 spin_unlock(&tiqn->tiqn_state_lock);
110 void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn)
112 spin_lock(&tiqn->tiqn_state_lock);
113 tiqn->tiqn_access_count--;
114 spin_unlock(&tiqn->tiqn_state_lock);
118 * Note that IQN formatting is expected to be done in userspace, and
119 * no explict IQN format checks are done here.
121 struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf)
123 struct iscsi_tiqn *tiqn = NULL;
126 if (strlen(buf) >= ISCSI_IQN_LEN) {
127 pr_err("Target IQN exceeds %d bytes\n",
129 return ERR_PTR(-EINVAL);
132 tiqn = kzalloc(sizeof(struct iscsi_tiqn), GFP_KERNEL);
134 pr_err("Unable to allocate struct iscsi_tiqn\n");
135 return ERR_PTR(-ENOMEM);
138 sprintf(tiqn->tiqn, "%s", buf);
139 INIT_LIST_HEAD(&tiqn->tiqn_list);
140 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list);
141 spin_lock_init(&tiqn->tiqn_state_lock);
142 spin_lock_init(&tiqn->tiqn_tpg_lock);
143 spin_lock_init(&tiqn->sess_err_stats.lock);
144 spin_lock_init(&tiqn->login_stats.lock);
145 spin_lock_init(&tiqn->logout_stats.lock);
147 tiqn->tiqn_state = TIQN_STATE_ACTIVE;
149 idr_preload(GFP_KERNEL);
150 spin_lock(&tiqn_lock);
152 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT);
154 pr_err("idr_alloc() failed for tiqn->tiqn_index\n");
155 spin_unlock(&tiqn_lock);
160 tiqn->tiqn_index = ret;
161 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list);
163 spin_unlock(&tiqn_lock);
166 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn);
172 static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn)
175 * Wait for accesses to said struct iscsi_tiqn to end.
177 spin_lock(&tiqn->tiqn_state_lock);
178 while (tiqn->tiqn_access_count != 0) {
179 spin_unlock(&tiqn->tiqn_state_lock);
181 spin_lock(&tiqn->tiqn_state_lock);
183 spin_unlock(&tiqn->tiqn_state_lock);
186 void iscsit_del_tiqn(struct iscsi_tiqn *tiqn)
189 * iscsit_set_tiqn_shutdown sets tiqn->tiqn_state = TIQN_STATE_SHUTDOWN
190 * while holding tiqn->tiqn_state_lock. This means that all subsequent
191 * attempts to access this struct iscsi_tiqn will fail from both transport
192 * fabric and control code paths.
194 if (iscsit_set_tiqn_shutdown(tiqn) < 0) {
195 pr_err("iscsit_set_tiqn_shutdown() failed\n");
199 iscsit_wait_for_tiqn(tiqn);
201 spin_lock(&tiqn_lock);
202 list_del(&tiqn->tiqn_list);
203 idr_remove(&tiqn_idr, tiqn->tiqn_index);
204 spin_unlock(&tiqn_lock);
206 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n",
211 int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg)
215 * Determine if the network portal is accepting storage traffic.
217 spin_lock_bh(&np->np_thread_lock);
218 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) {
219 spin_unlock_bh(&np->np_thread_lock);
222 if (np->np_login_tpg) {
223 pr_err("np->np_login_tpg() is not NULL!\n");
224 spin_unlock_bh(&np->np_thread_lock);
227 spin_unlock_bh(&np->np_thread_lock);
229 * Determine if the portal group is accepting storage traffic.
231 spin_lock_bh(&tpg->tpg_state_lock);
232 if (tpg->tpg_state != TPG_STATE_ACTIVE) {
233 spin_unlock_bh(&tpg->tpg_state_lock);
236 spin_unlock_bh(&tpg->tpg_state_lock);
239 * Here we serialize access across the TIQN+TPG Tuple.
241 ret = mutex_lock_interruptible(&tpg->np_login_lock);
242 if ((ret != 0) || signal_pending(current))
245 spin_lock_bh(&np->np_thread_lock);
246 np->np_login_tpg = tpg;
247 spin_unlock_bh(&np->np_thread_lock);
252 int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg)
254 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn;
256 spin_lock_bh(&np->np_thread_lock);
257 np->np_login_tpg = NULL;
258 spin_unlock_bh(&np->np_thread_lock);
260 mutex_unlock(&tpg->np_login_lock);
263 iscsit_put_tiqn_for_login(tiqn);
268 bool iscsit_check_np_match(
269 struct __kernel_sockaddr_storage *sockaddr,
271 int network_transport)
273 struct sockaddr_in *sock_in, *sock_in_e;
274 struct sockaddr_in6 *sock_in6, *sock_in6_e;
275 bool ip_match = false;
278 if (sockaddr->ss_family == AF_INET6) {
279 sock_in6 = (struct sockaddr_in6 *)sockaddr;
280 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr;
282 if (!memcmp(&sock_in6->sin6_addr.in6_u,
283 &sock_in6_e->sin6_addr.in6_u,
284 sizeof(struct in6_addr)))
287 port = ntohs(sock_in6->sin6_port);
289 sock_in = (struct sockaddr_in *)sockaddr;
290 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr;
292 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr)
295 port = ntohs(sock_in->sin_port);
298 if ((ip_match == true) && (np->np_port == port) &&
299 (np->np_network_transport == network_transport))
305 static struct iscsi_np *iscsit_get_np(
306 struct __kernel_sockaddr_storage *sockaddr,
307 int network_transport)
312 spin_lock_bh(&np_lock);
313 list_for_each_entry(np, &g_np_list, np_list) {
314 spin_lock(&np->np_thread_lock);
315 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) {
316 spin_unlock(&np->np_thread_lock);
320 match = iscsit_check_np_match(sockaddr, np, network_transport);
323 * Increment the np_exports reference count now to
324 * prevent iscsit_del_np() below from being called
325 * while iscsi_tpg_add_network_portal() is called.
328 spin_unlock(&np->np_thread_lock);
329 spin_unlock_bh(&np_lock);
332 spin_unlock(&np->np_thread_lock);
334 spin_unlock_bh(&np_lock);
339 struct iscsi_np *iscsit_add_np(
340 struct __kernel_sockaddr_storage *sockaddr,
342 int network_transport)
344 struct sockaddr_in *sock_in;
345 struct sockaddr_in6 *sock_in6;
349 * Locate the existing struct iscsi_np if already active..
351 np = iscsit_get_np(sockaddr, network_transport);
355 np = kzalloc(sizeof(struct iscsi_np), GFP_KERNEL);
357 pr_err("Unable to allocate memory for struct iscsi_np\n");
358 return ERR_PTR(-ENOMEM);
361 np->np_flags |= NPF_IP_NETWORK;
362 if (sockaddr->ss_family == AF_INET6) {
363 sock_in6 = (struct sockaddr_in6 *)sockaddr;
364 snprintf(np->np_ip, IPV6_ADDRESS_SPACE, "%s", ip_str);
365 np->np_port = ntohs(sock_in6->sin6_port);
367 sock_in = (struct sockaddr_in *)sockaddr;
368 sprintf(np->np_ip, "%s", ip_str);
369 np->np_port = ntohs(sock_in->sin_port);
372 np->np_network_transport = network_transport;
373 spin_lock_init(&np->np_thread_lock);
374 init_completion(&np->np_restart_comp);
375 INIT_LIST_HEAD(&np->np_list);
377 ret = iscsi_target_setup_login_socket(np, sockaddr);
383 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np");
384 if (IS_ERR(np->np_thread)) {
385 pr_err("Unable to create kthread: iscsi_np\n");
386 ret = PTR_ERR(np->np_thread);
391 * Increment the np_exports reference count now to prevent
392 * iscsit_del_np() below from being run while a new call to
393 * iscsi_tpg_add_network_portal() for a matching iscsi_np is
394 * active. We don't need to hold np->np_thread_lock at this
395 * point because iscsi_np has not been added to g_np_list yet.
399 spin_lock_bh(&np_lock);
400 list_add_tail(&np->np_list, &g_np_list);
401 spin_unlock_bh(&np_lock);
403 pr_debug("CORE[0] - Added Network Portal: %s:%hu on %s\n",
404 np->np_ip, np->np_port, (np->np_network_transport == ISCSI_TCP) ?
410 int iscsit_reset_np_thread(
412 struct iscsi_tpg_np *tpg_np,
413 struct iscsi_portal_group *tpg)
415 spin_lock_bh(&np->np_thread_lock);
418 * The reset operation need only be performed when the
419 * passed struct iscsi_portal_group has a login in progress
420 * to one of the network portals.
422 if (tpg_np->tpg_np->np_login_tpg != tpg) {
423 spin_unlock_bh(&np->np_thread_lock);
427 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) {
428 spin_unlock_bh(&np->np_thread_lock);
431 np->np_thread_state = ISCSI_NP_THREAD_RESET;
434 spin_unlock_bh(&np->np_thread_lock);
435 send_sig(SIGINT, np->np_thread, 1);
436 wait_for_completion(&np->np_restart_comp);
437 spin_lock_bh(&np->np_thread_lock);
439 spin_unlock_bh(&np->np_thread_lock);
444 static int iscsit_del_np_comm(struct iscsi_np *np)
447 sock_release(np->np_socket);
451 int iscsit_del_np(struct iscsi_np *np)
453 spin_lock_bh(&np->np_thread_lock);
455 if (np->np_exports) {
456 spin_unlock_bh(&np->np_thread_lock);
459 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN;
460 spin_unlock_bh(&np->np_thread_lock);
464 * We need to send the signal to wakeup Linux/Net
465 * which may be sleeping in sock_accept()..
467 send_sig(SIGINT, np->np_thread, 1);
468 kthread_stop(np->np_thread);
470 iscsit_del_np_comm(np);
472 spin_lock_bh(&np_lock);
473 list_del(&np->np_list);
474 spin_unlock_bh(&np_lock);
476 pr_debug("CORE[0] - Removed Network Portal: %s:%hu on %s\n",
477 np->np_ip, np->np_port, (np->np_network_transport == ISCSI_TCP) ?
484 static int __init iscsi_target_init_module(void)
488 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n");
490 iscsit_global = kzalloc(sizeof(struct iscsit_global), GFP_KERNEL);
491 if (!iscsit_global) {
492 pr_err("Unable to allocate memory for iscsit_global\n");
495 mutex_init(&auth_id_lock);
496 spin_lock_init(&sess_idr_lock);
500 ret = iscsi_target_register_configfs();
504 ret = iscsi_thread_set_init();
508 if (iscsi_allocate_thread_sets(TARGET_THREAD_SET_COUNT) !=
509 TARGET_THREAD_SET_COUNT) {
510 pr_err("iscsi_allocate_thread_sets() returned"
511 " unexpected value!\n");
515 lio_cmd_cache = kmem_cache_create("lio_cmd_cache",
516 sizeof(struct iscsi_cmd), __alignof__(struct iscsi_cmd),
518 if (!lio_cmd_cache) {
519 pr_err("Unable to kmem_cache_create() for"
524 lio_qr_cache = kmem_cache_create("lio_qr_cache",
525 sizeof(struct iscsi_queue_req),
526 __alignof__(struct iscsi_queue_req), 0, NULL);
528 pr_err("nable to kmem_cache_create() for"
533 lio_dr_cache = kmem_cache_create("lio_dr_cache",
534 sizeof(struct iscsi_datain_req),
535 __alignof__(struct iscsi_datain_req), 0, NULL);
537 pr_err("Unable to kmem_cache_create() for"
542 lio_ooo_cache = kmem_cache_create("lio_ooo_cache",
543 sizeof(struct iscsi_ooo_cmdsn),
544 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL);
545 if (!lio_ooo_cache) {
546 pr_err("Unable to kmem_cache_create() for"
551 lio_r2t_cache = kmem_cache_create("lio_r2t_cache",
552 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t),
554 if (!lio_r2t_cache) {
555 pr_err("Unable to kmem_cache_create() for"
560 if (iscsit_load_discovery_tpg() < 0)
565 kmem_cache_destroy(lio_r2t_cache);
567 kmem_cache_destroy(lio_ooo_cache);
569 kmem_cache_destroy(lio_dr_cache);
571 kmem_cache_destroy(lio_qr_cache);
573 kmem_cache_destroy(lio_cmd_cache);
575 iscsi_deallocate_thread_sets();
577 iscsi_thread_set_free();
579 iscsi_target_deregister_configfs();
581 kfree(iscsit_global);
585 static void __exit iscsi_target_cleanup_module(void)
587 iscsi_deallocate_thread_sets();
588 iscsi_thread_set_free();
589 iscsit_release_discovery_tpg();
590 kmem_cache_destroy(lio_cmd_cache);
591 kmem_cache_destroy(lio_qr_cache);
592 kmem_cache_destroy(lio_dr_cache);
593 kmem_cache_destroy(lio_ooo_cache);
594 kmem_cache_destroy(lio_r2t_cache);
596 iscsi_target_deregister_configfs();
598 kfree(iscsit_global);
601 static int iscsit_add_reject(
605 struct iscsi_conn *conn)
607 struct iscsi_cmd *cmd;
608 struct iscsi_reject *hdr;
611 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL);
615 cmd->iscsi_opcode = ISCSI_OP_REJECT;
617 cmd->cmd_flags |= ICF_REJECT_FAIL_CONN;
619 hdr = (struct iscsi_reject *) cmd->pdu;
620 hdr->reason = reason;
622 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL);
624 pr_err("Unable to allocate memory for cmd->buf_ptr\n");
625 iscsit_release_cmd(cmd);
629 spin_lock_bh(&conn->cmd_lock);
630 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
631 spin_unlock_bh(&conn->cmd_lock);
633 cmd->i_state = ISTATE_SEND_REJECT;
634 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
636 ret = wait_for_completion_interruptible(&cmd->reject_comp);
640 return (!fail_conn) ? 0 : -1;
643 int iscsit_add_reject_from_cmd(
648 struct iscsi_cmd *cmd)
650 struct iscsi_conn *conn;
651 struct iscsi_reject *hdr;
655 pr_err("cmd->conn is NULL for ITT: 0x%08x\n",
661 cmd->iscsi_opcode = ISCSI_OP_REJECT;
663 cmd->cmd_flags |= ICF_REJECT_FAIL_CONN;
665 hdr = (struct iscsi_reject *) cmd->pdu;
666 hdr->reason = reason;
668 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL);
670 pr_err("Unable to allocate memory for cmd->buf_ptr\n");
671 iscsit_release_cmd(cmd);
676 spin_lock_bh(&conn->cmd_lock);
677 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
678 spin_unlock_bh(&conn->cmd_lock);
681 cmd->i_state = ISTATE_SEND_REJECT;
682 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
684 ret = wait_for_completion_interruptible(&cmd->reject_comp);
688 return (!fail_conn) ? 0 : -1;
692 * Map some portion of the allocated scatterlist to an iovec, suitable for
693 * kernel sockets to copy data in/out.
695 static int iscsit_map_iovec(
696 struct iscsi_cmd *cmd,
702 struct scatterlist *sg;
703 unsigned int page_off;
706 * We know each entry in t_data_sg contains a page.
708 sg = &cmd->se_cmd.t_data_sg[data_offset / PAGE_SIZE];
709 page_off = (data_offset % PAGE_SIZE);
711 cmd->first_data_sg = sg;
712 cmd->first_data_sg_off = page_off;
714 while (data_length) {
715 u32 cur_len = min_t(u32, data_length, sg->length - page_off);
717 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off;
718 iov[i].iov_len = cur_len;
720 data_length -= cur_len;
726 cmd->kmapped_nents = i;
731 static void iscsit_unmap_iovec(struct iscsi_cmd *cmd)
734 struct scatterlist *sg;
736 sg = cmd->first_data_sg;
738 for (i = 0; i < cmd->kmapped_nents; i++)
739 kunmap(sg_page(&sg[i]));
742 static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn)
744 struct iscsi_cmd *cmd;
746 conn->exp_statsn = exp_statsn;
748 spin_lock_bh(&conn->cmd_lock);
749 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) {
750 spin_lock(&cmd->istate_lock);
751 if ((cmd->i_state == ISTATE_SENT_STATUS) &&
752 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) {
753 cmd->i_state = ISTATE_REMOVE;
754 spin_unlock(&cmd->istate_lock);
755 iscsit_add_cmd_to_immediate_queue(cmd, conn,
759 spin_unlock(&cmd->istate_lock);
761 spin_unlock_bh(&conn->cmd_lock);
764 static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd)
766 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE));
768 iov_count += ISCSI_IOV_DATA_BUFFER;
770 cmd->iov_data = kzalloc(iov_count * sizeof(struct kvec), GFP_KERNEL);
771 if (!cmd->iov_data) {
772 pr_err("Unable to allocate cmd->iov_data\n");
776 cmd->orig_iov_data_count = iov_count;
780 static int iscsit_handle_scsi_cmd(
781 struct iscsi_conn *conn,
784 int data_direction, payload_length, cmdsn_ret = 0, immed_ret;
785 struct iscsi_cmd *cmd = NULL;
786 struct iscsi_scsi_req *hdr;
790 spin_lock_bh(&conn->sess->session_stats_lock);
791 conn->sess->cmd_pdus++;
792 if (conn->sess->se_sess->se_node_acl) {
793 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock);
794 conn->sess->se_sess->se_node_acl->num_cmds++;
795 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock);
797 spin_unlock_bh(&conn->sess->session_stats_lock);
799 hdr = (struct iscsi_scsi_req *) buf;
800 payload_length = ntoh24(hdr->dlength);
802 /* FIXME; Add checks for AdditionalHeaderSegment */
804 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) &&
805 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) {
806 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL"
807 " not set. Bad iSCSI Initiator.\n");
808 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_INVALID, 1,
812 if (((hdr->flags & ISCSI_FLAG_CMD_READ) ||
813 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) {
815 * Vmware ESX v3.0 uses a modified Cisco Initiator (v3.4.2)
816 * that adds support for RESERVE/RELEASE. There is a bug
817 * add with this new functionality that sets R/W bits when
818 * neither CDB carries any READ or WRITE datapayloads.
820 if ((hdr->cdb[0] == 0x16) || (hdr->cdb[0] == 0x17)) {
821 hdr->flags &= ~ISCSI_FLAG_CMD_READ;
822 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE;
826 pr_err("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE"
827 " set when Expected Data Transfer Length is 0 for"
828 " CDB: 0x%02x. Bad iSCSI Initiator.\n", hdr->cdb[0]);
829 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_INVALID, 1,
834 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) &&
835 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) {
836 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE"
837 " MUST be set if Expected Data Transfer Length is not 0."
838 " Bad iSCSI Initiator\n");
839 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_INVALID, 1,
843 if ((hdr->flags & ISCSI_FLAG_CMD_READ) &&
844 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) {
845 pr_err("Bidirectional operations not supported!\n");
846 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_INVALID, 1,
850 if (hdr->opcode & ISCSI_OP_IMMEDIATE) {
851 pr_err("Illegally set Immediate Bit in iSCSI Initiator"
852 " Scsi Command PDU.\n");
853 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_INVALID, 1,
857 if (payload_length && !conn->sess->sess_ops->ImmediateData) {
858 pr_err("ImmediateData=No but DataSegmentLength=%u,"
859 " protocol error.\n", payload_length);
860 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
864 if ((be32_to_cpu(hdr->data_length )== payload_length) &&
865 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) {
866 pr_err("Expected Data Transfer Length and Length of"
867 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL"
868 " bit is not set protocol error\n");
869 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
873 if (payload_length > be32_to_cpu(hdr->data_length)) {
874 pr_err("DataSegmentLength: %u is greater than"
875 " EDTL: %u, protocol error.\n", payload_length,
877 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
881 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
882 pr_err("DataSegmentLength: %u is greater than"
883 " MaxXmitDataSegmentLength: %u, protocol error.\n",
884 payload_length, conn->conn_ops->MaxXmitDataSegmentLength);
885 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
889 if (payload_length > conn->sess->sess_ops->FirstBurstLength) {
890 pr_err("DataSegmentLength: %u is greater than"
891 " FirstBurstLength: %u, protocol error.\n",
892 payload_length, conn->sess->sess_ops->FirstBurstLength);
893 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_INVALID, 1,
897 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE :
898 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE :
901 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL);
903 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_NO_RESOURCES, 1,
906 cmd->data_direction = data_direction;
907 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK;
909 * Figure out the SAM Task Attribute for the incoming SCSI CDB
911 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) ||
912 (iscsi_task_attr == ISCSI_ATTR_SIMPLE))
913 sam_task_attr = MSG_SIMPLE_TAG;
914 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED)
915 sam_task_attr = MSG_ORDERED_TAG;
916 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE)
917 sam_task_attr = MSG_HEAD_TAG;
918 else if (iscsi_task_attr == ISCSI_ATTR_ACA)
919 sam_task_attr = MSG_ACA_TAG;
921 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using"
922 " MSG_SIMPLE_TAG\n", iscsi_task_attr);
923 sam_task_attr = MSG_SIMPLE_TAG;
926 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD;
927 cmd->i_state = ISTATE_NEW_CMD;
928 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
929 cmd->immediate_data = (payload_length) ? 1 : 0;
930 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) &&
931 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0);
932 if (cmd->unsolicited_data)
933 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA;
935 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
936 if (hdr->flags & ISCSI_FLAG_CMD_READ) {
937 spin_lock_bh(&conn->sess->ttt_lock);
938 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++;
939 if (cmd->targ_xfer_tag == 0xFFFFFFFF)
940 cmd->targ_xfer_tag = conn->sess->targ_xfer_tag++;
941 spin_unlock_bh(&conn->sess->ttt_lock);
942 } else if (hdr->flags & ISCSI_FLAG_CMD_WRITE)
943 cmd->targ_xfer_tag = 0xFFFFFFFF;
944 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
945 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
946 cmd->first_burst_len = payload_length;
948 if (cmd->data_direction == DMA_FROM_DEVICE) {
949 struct iscsi_datain_req *dr;
951 dr = iscsit_allocate_datain_req();
953 return iscsit_add_reject_from_cmd(
954 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
957 iscsit_attach_datain_req(cmd, dr);
961 * Initialize struct se_cmd descriptor from target_core_mod infrastructure
963 transport_init_se_cmd(&cmd->se_cmd, &lio_target_fabric_configfs->tf_ops,
964 conn->sess->se_sess, be32_to_cpu(hdr->data_length),
965 cmd->data_direction, sam_task_attr,
966 cmd->sense_buffer + 2);
968 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x,"
969 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt,
970 hdr->cmdsn, hdr->data_length, payload_length, conn->cid);
972 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd,
973 scsilun_to_int(&hdr->lun));
974 if (cmd->sense_reason)
977 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb);
978 if (cmd->sense_reason) {
979 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) {
980 return iscsit_add_reject_from_cmd(
981 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
988 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) {
989 return iscsit_add_reject_from_cmd(
990 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
995 spin_lock_bh(&conn->cmd_lock);
996 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
997 spin_unlock_bh(&conn->cmd_lock);
999 * Check if we need to delay processing because of ALUA
1000 * Active/NonOptimized primary access state..
1002 core_alua_check_nonop_delay(&cmd->se_cmd);
1004 if (iscsit_allocate_iovecs(cmd) < 0) {
1005 return iscsit_add_reject_from_cmd(
1006 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1011 * Check the CmdSN against ExpCmdSN/MaxCmdSN here if
1012 * the Immediate Bit is not set, and no Immediate
1015 * A PDU/CmdSN carrying Immediate Data can only
1016 * be processed after the DataCRC has passed.
1017 * If the DataCRC fails, the CmdSN MUST NOT
1018 * be acknowledged. (See below)
1020 if (!cmd->immediate_data) {
1021 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, hdr->cmdsn);
1022 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP)
1024 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1025 return iscsit_add_reject_from_cmd(
1026 ISCSI_REASON_PROTOCOL_ERROR,
1030 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
1033 * If no Immediate Data is attached, it's OK to return now.
1035 if (!cmd->immediate_data) {
1036 if (!cmd->sense_reason && cmd->unsolicited_data) {
1037 iscsit_set_dataout_sequence_values(cmd);
1039 spin_lock_bh(&cmd->dataout_timeout_lock);
1040 iscsit_start_dataout_timer(cmd, cmd->conn);
1041 spin_unlock_bh(&cmd->dataout_timeout_lock);
1048 * Early CHECK_CONDITIONs never make it to the transport processing
1049 * thread. They are processed in CmdSN order by
1050 * iscsit_check_received_cmdsn() below.
1052 if (cmd->sense_reason) {
1053 immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION;
1054 goto after_immediate_data;
1057 * Call directly into transport_generic_new_cmd() to perform
1058 * the backend memory allocation.
1060 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd);
1061 if (cmd->sense_reason) {
1062 immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION;
1063 goto after_immediate_data;
1066 immed_ret = iscsit_handle_immediate_data(cmd, buf, payload_length);
1067 after_immediate_data:
1068 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) {
1070 * A PDU/CmdSN carrying Immediate Data passed
1071 * DataCRC, check against ExpCmdSN/MaxCmdSN if
1072 * Immediate Bit is not set.
1074 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, hdr->cmdsn);
1076 * Special case for Unsupported SAM WRITE Opcodes
1077 * and ImmediateData=Yes.
1079 if (cmd->sense_reason) {
1080 if (iscsit_dump_data_payload(conn, payload_length, 1) < 0)
1082 } else if (cmd->unsolicited_data) {
1083 iscsit_set_dataout_sequence_values(cmd);
1085 spin_lock_bh(&cmd->dataout_timeout_lock);
1086 iscsit_start_dataout_timer(cmd, cmd->conn);
1087 spin_unlock_bh(&cmd->dataout_timeout_lock);
1090 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1091 return iscsit_add_reject_from_cmd(
1092 ISCSI_REASON_PROTOCOL_ERROR,
1095 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) {
1097 * Immediate Data failed DataCRC and ERL>=1,
1098 * silently drop this PDU and let the initiator
1099 * plug the CmdSN gap.
1101 * FIXME: Send Unsolicited NOPIN with reserved
1102 * TTT here to help the initiator figure out
1103 * the missing CmdSN, although they should be
1104 * intelligent enough to determine the missing
1105 * CmdSN and issue a retry to plug the sequence.
1107 cmd->i_state = ISTATE_REMOVE;
1108 iscsit_add_cmd_to_immediate_queue(cmd, conn, cmd->i_state);
1109 } else /* immed_ret == IMMEDIATE_DATA_CANNOT_RECOVER */
1115 static u32 iscsit_do_crypto_hash_sg(
1116 struct hash_desc *hash,
1117 struct iscsi_cmd *cmd,
1125 struct scatterlist *sg;
1126 unsigned int page_off;
1128 crypto_hash_init(hash);
1130 sg = cmd->first_data_sg;
1131 page_off = cmd->first_data_sg_off;
1134 while (data_length) {
1135 u32 cur_len = min_t(u32, data_length, (sg[i].length - page_off));
1137 crypto_hash_update(hash, &sg[i], cur_len);
1139 data_length -= cur_len;
1145 struct scatterlist pad_sg;
1147 sg_init_one(&pad_sg, pad_bytes, padding);
1148 crypto_hash_update(hash, &pad_sg, padding);
1150 crypto_hash_final(hash, (u8 *) &data_crc);
1155 static void iscsit_do_crypto_hash_buf(
1156 struct hash_desc *hash,
1163 struct scatterlist sg;
1165 crypto_hash_init(hash);
1167 sg_init_one(&sg, buf, payload_length);
1168 crypto_hash_update(hash, &sg, payload_length);
1171 sg_init_one(&sg, pad_bytes, padding);
1172 crypto_hash_update(hash, &sg, padding);
1174 crypto_hash_final(hash, data_crc);
1177 static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf)
1179 int iov_ret, ooo_cmdsn = 0, ret;
1180 u8 data_crc_failed = 0;
1181 u32 checksum, iov_count = 0, padding = 0, rx_got = 0;
1182 u32 rx_size = 0, payload_length;
1183 struct iscsi_cmd *cmd = NULL;
1184 struct se_cmd *se_cmd;
1185 struct iscsi_data *hdr;
1187 unsigned long flags;
1189 hdr = (struct iscsi_data *) buf;
1190 payload_length = ntoh24(hdr->dlength);
1192 if (!payload_length) {
1193 pr_err("DataOUT payload is ZERO, protocol error.\n");
1194 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
1199 spin_lock_bh(&conn->sess->session_stats_lock);
1200 conn->sess->rx_data_octets += payload_length;
1201 if (conn->sess->se_sess->se_node_acl) {
1202 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock);
1203 conn->sess->se_sess->se_node_acl->write_bytes += payload_length;
1204 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock);
1206 spin_unlock_bh(&conn->sess->session_stats_lock);
1208 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
1209 pr_err("DataSegmentLength: %u is greater than"
1210 " MaxXmitDataSegmentLength: %u\n", payload_length,
1211 conn->conn_ops->MaxXmitDataSegmentLength);
1212 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
1216 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt,
1221 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x,"
1222 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n",
1223 hdr->itt, hdr->ttt, hdr->datasn, hdr->offset,
1224 payload_length, conn->cid);
1226 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) {
1227 pr_err("Command ITT: 0x%08x received DataOUT after"
1228 " last DataOUT received, dumping payload\n",
1229 cmd->init_task_tag);
1230 return iscsit_dump_data_payload(conn, payload_length, 1);
1233 if (cmd->data_direction != DMA_TO_DEVICE) {
1234 pr_err("Command ITT: 0x%08x received DataOUT for a"
1235 " NON-WRITE command.\n", cmd->init_task_tag);
1236 return iscsit_add_reject_from_cmd(ISCSI_REASON_PROTOCOL_ERROR,
1239 se_cmd = &cmd->se_cmd;
1240 iscsit_mod_dataout_timer(cmd);
1242 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) {
1243 pr_err("DataOut Offset: %u, Length %u greater than"
1244 " iSCSI Command EDTL %u, protocol error.\n",
1245 hdr->offset, payload_length, cmd->se_cmd.data_length);
1246 return iscsit_add_reject_from_cmd(ISCSI_REASON_BOOKMARK_INVALID,
1250 if (cmd->unsolicited_data) {
1251 int dump_unsolicited_data = 0;
1253 if (conn->sess->sess_ops->InitialR2T) {
1254 pr_err("Received unexpected unsolicited data"
1255 " while InitialR2T=Yes, protocol error.\n");
1256 transport_send_check_condition_and_sense(&cmd->se_cmd,
1257 TCM_UNEXPECTED_UNSOLICITED_DATA, 0);
1261 * Special case for dealing with Unsolicited DataOUT
1262 * and Unsupported SAM WRITE Opcodes and SE resource allocation
1266 /* Something's amiss if we're not in WRITE_PENDING state... */
1267 spin_lock_irqsave(&se_cmd->t_state_lock, flags);
1268 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING);
1269 spin_unlock_irqrestore(&se_cmd->t_state_lock, flags);
1271 spin_lock_irqsave(&se_cmd->t_state_lock, flags);
1272 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE))
1273 dump_unsolicited_data = 1;
1274 spin_unlock_irqrestore(&se_cmd->t_state_lock, flags);
1276 if (dump_unsolicited_data) {
1278 * Check if a delayed TASK_ABORTED status needs to
1279 * be sent now if the ISCSI_FLAG_CMD_FINAL has been
1280 * received with the unsolicitied data out.
1282 if (hdr->flags & ISCSI_FLAG_CMD_FINAL)
1283 iscsit_stop_dataout_timer(cmd);
1285 transport_check_aborted_status(se_cmd,
1286 (hdr->flags & ISCSI_FLAG_CMD_FINAL));
1287 return iscsit_dump_data_payload(conn, payload_length, 1);
1291 * For the normal solicited data path:
1293 * Check for a delayed TASK_ABORTED status and dump any
1294 * incoming data out payload if one exists. Also, when the
1295 * ISCSI_FLAG_CMD_FINAL is set to denote the end of the current
1296 * data out sequence, we decrement outstanding_r2ts. Once
1297 * outstanding_r2ts reaches zero, go ahead and send the delayed
1298 * TASK_ABORTED status.
1300 if (se_cmd->transport_state & CMD_T_ABORTED) {
1301 if (hdr->flags & ISCSI_FLAG_CMD_FINAL)
1302 if (--cmd->outstanding_r2ts < 1) {
1303 iscsit_stop_dataout_timer(cmd);
1304 transport_check_aborted_status(
1308 return iscsit_dump_data_payload(conn, payload_length, 1);
1312 * Preform DataSN, DataSequenceInOrder, DataPDUInOrder, and
1313 * within-command recovery checks before receiving the payload.
1315 ret = iscsit_check_pre_dataout(cmd, buf);
1316 if (ret == DATAOUT_WITHIN_COMMAND_RECOVERY)
1318 else if (ret == DATAOUT_CANNOT_RECOVER)
1321 rx_size += payload_length;
1322 iov = &cmd->iov_data[0];
1324 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset),
1329 iov_count += iov_ret;
1331 padding = ((-payload_length) & 3);
1333 iov[iov_count].iov_base = cmd->pad_bytes;
1334 iov[iov_count++].iov_len = padding;
1336 pr_debug("Receiving %u padding bytes.\n", padding);
1339 if (conn->conn_ops->DataDigest) {
1340 iov[iov_count].iov_base = &checksum;
1341 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
1342 rx_size += ISCSI_CRC_LEN;
1345 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size);
1347 iscsit_unmap_iovec(cmd);
1349 if (rx_got != rx_size)
1352 if (conn->conn_ops->DataDigest) {
1355 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd,
1356 be32_to_cpu(hdr->offset),
1357 payload_length, padding,
1360 if (checksum != data_crc) {
1361 pr_err("ITT: 0x%08x, Offset: %u, Length: %u,"
1362 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x"
1363 " does not match computed 0x%08x\n",
1364 hdr->itt, hdr->offset, payload_length,
1365 hdr->datasn, checksum, data_crc);
1366 data_crc_failed = 1;
1368 pr_debug("Got CRC32C DataDigest 0x%08x for"
1369 " %u bytes of Data Out\n", checksum,
1374 * Increment post receive data and CRC values or perform
1375 * within-command recovery.
1377 ret = iscsit_check_post_dataout(cmd, buf, data_crc_failed);
1378 if ((ret == DATAOUT_NORMAL) || (ret == DATAOUT_WITHIN_COMMAND_RECOVERY))
1380 else if (ret == DATAOUT_SEND_R2T) {
1381 iscsit_set_dataout_sequence_values(cmd);
1382 iscsit_build_r2ts_for_cmd(cmd, conn, false);
1383 } else if (ret == DATAOUT_SEND_TO_TRANSPORT) {
1385 * Handle extra special case for out of order
1386 * Unsolicited Data Out.
1388 spin_lock_bh(&cmd->istate_lock);
1389 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN);
1390 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT;
1391 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT;
1392 spin_unlock_bh(&cmd->istate_lock);
1394 iscsit_stop_dataout_timer(cmd);
1397 target_execute_cmd(&cmd->se_cmd);
1399 } else /* DATAOUT_CANNOT_RECOVER */
1405 static int iscsit_handle_nop_out(
1406 struct iscsi_conn *conn,
1409 unsigned char *ping_data = NULL;
1410 int cmdsn_ret, niov = 0, ret = 0, rx_got, rx_size;
1411 u32 checksum, data_crc, padding = 0, payload_length;
1412 struct iscsi_cmd *cmd = NULL;
1413 struct kvec *iov = NULL;
1414 struct iscsi_nopout *hdr;
1416 hdr = (struct iscsi_nopout *) buf;
1417 payload_length = ntoh24(hdr->dlength);
1419 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
1420 pr_err("NOPOUT ITT is reserved, but Immediate Bit is"
1421 " not set, protocol error.\n");
1422 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
1426 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
1427 pr_err("NOPOUT Ping Data DataSegmentLength: %u is"
1428 " greater than MaxXmitDataSegmentLength: %u, protocol"
1429 " error.\n", payload_length,
1430 conn->conn_ops->MaxXmitDataSegmentLength);
1431 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
1435 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%09x,"
1436 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n",
1437 hdr->itt == RESERVED_ITT ? "Response" : "Request",
1438 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn,
1441 * This is not a response to a Unsolicited NopIN, which means
1442 * it can either be a NOPOUT ping request (with a valid ITT),
1443 * or a NOPOUT not requesting a NOPIN (with a reserved ITT).
1444 * Either way, make sure we allocate an struct iscsi_cmd, as both
1445 * can contain ping data.
1447 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) {
1448 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL);
1450 return iscsit_add_reject(
1451 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1454 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT;
1455 cmd->i_state = ISTATE_SEND_NOPIN;
1456 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ?
1458 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
1459 cmd->targ_xfer_tag = 0xFFFFFFFF;
1460 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
1461 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
1462 cmd->data_direction = DMA_NONE;
1465 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) {
1466 rx_size = payload_length;
1467 ping_data = kzalloc(payload_length + 1, GFP_KERNEL);
1469 pr_err("Unable to allocate memory for"
1470 " NOPOUT ping data.\n");
1475 iov = &cmd->iov_misc[0];
1476 iov[niov].iov_base = ping_data;
1477 iov[niov++].iov_len = payload_length;
1479 padding = ((-payload_length) & 3);
1481 pr_debug("Receiving %u additional bytes"
1482 " for padding.\n", padding);
1483 iov[niov].iov_base = &cmd->pad_bytes;
1484 iov[niov++].iov_len = padding;
1487 if (conn->conn_ops->DataDigest) {
1488 iov[niov].iov_base = &checksum;
1489 iov[niov++].iov_len = ISCSI_CRC_LEN;
1490 rx_size += ISCSI_CRC_LEN;
1493 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size);
1494 if (rx_got != rx_size) {
1499 if (conn->conn_ops->DataDigest) {
1500 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,
1501 ping_data, payload_length,
1502 padding, cmd->pad_bytes,
1505 if (checksum != data_crc) {
1506 pr_err("Ping data CRC32C DataDigest"
1507 " 0x%08x does not match computed 0x%08x\n",
1508 checksum, data_crc);
1509 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
1510 pr_err("Unable to recover from"
1511 " NOPOUT Ping DataCRC failure while in"
1517 * Silently drop this PDU and let the
1518 * initiator plug the CmdSN gap.
1520 pr_debug("Dropping NOPOUT"
1521 " Command CmdSN: 0x%08x due to"
1522 " DataCRC error.\n", hdr->cmdsn);
1527 pr_debug("Got CRC32C DataDigest"
1528 " 0x%08x for %u bytes of ping data.\n",
1529 checksum, payload_length);
1533 ping_data[payload_length] = '\0';
1535 * Attach ping data to struct iscsi_cmd->buf_ptr.
1537 cmd->buf_ptr = ping_data;
1538 cmd->buf_ptr_size = payload_length;
1540 pr_debug("Got %u bytes of NOPOUT ping"
1541 " data.\n", payload_length);
1542 pr_debug("Ping Data: \"%s\"\n", ping_data);
1545 if (hdr->itt != RESERVED_ITT) {
1547 pr_err("Checking CmdSN for NOPOUT,"
1548 " but cmd is NULL!\n");
1552 * Initiator is expecting a NopIN ping reply,
1554 spin_lock_bh(&conn->cmd_lock);
1555 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
1556 spin_unlock_bh(&conn->cmd_lock);
1558 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
1560 if (hdr->opcode & ISCSI_OP_IMMEDIATE) {
1561 iscsit_add_cmd_to_response_queue(cmd, conn,
1566 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, hdr->cmdsn);
1567 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) {
1571 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1572 return iscsit_add_reject_from_cmd(
1573 ISCSI_REASON_PROTOCOL_ERROR,
1579 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) {
1581 * This was a response to a unsolicited NOPIN ping.
1583 cmd = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt));
1587 iscsit_stop_nopin_response_timer(conn);
1589 cmd->i_state = ISTATE_REMOVE;
1590 iscsit_add_cmd_to_immediate_queue(cmd, conn, cmd->i_state);
1591 iscsit_start_nopin_timer(conn);
1594 * Initiator is not expecting a NOPIN is response.
1595 * Just ignore for now.
1597 * iSCSI v19-91 10.18
1598 * "A NOP-OUT may also be used to confirm a changed
1599 * ExpStatSN if another PDU will not be available
1609 iscsit_release_cmd(cmd);
1615 static int iscsit_handle_task_mgt_cmd(
1616 struct iscsi_conn *conn,
1619 struct iscsi_cmd *cmd;
1620 struct se_tmr_req *se_tmr;
1621 struct iscsi_tmr_req *tmr_req;
1622 struct iscsi_tm *hdr;
1623 int out_of_order_cmdsn = 0;
1627 hdr = (struct iscsi_tm *) buf;
1628 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL;
1629 function = hdr->flags;
1631 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:"
1632 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:"
1633 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function,
1634 hdr->rtt, hdr->refcmdsn, conn->cid);
1636 if ((function != ISCSI_TM_FUNC_ABORT_TASK) &&
1637 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) &&
1638 hdr->rtt != RESERVED_ITT)) {
1639 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n");
1640 hdr->rtt = RESERVED_ITT;
1643 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) &&
1644 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
1645 pr_err("Task Management Request TASK_REASSIGN not"
1646 " issued as immediate command, bad iSCSI Initiator"
1647 "implementation\n");
1648 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
1651 if ((function != ISCSI_TM_FUNC_ABORT_TASK) &&
1652 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG)
1653 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG);
1655 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL);
1657 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1660 cmd->data_direction = DMA_NONE;
1662 cmd->tmr_req = kzalloc(sizeof(struct iscsi_tmr_req), GFP_KERNEL);
1663 if (!cmd->tmr_req) {
1664 pr_err("Unable to allocate memory for"
1665 " Task Management command!\n");
1666 return iscsit_add_reject_from_cmd(
1667 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1672 * TASK_REASSIGN for ERL=2 / connection stays inside of
1673 * LIO-Target $FABRIC_MOD
1675 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) {
1680 transport_init_se_cmd(&cmd->se_cmd,
1681 &lio_target_fabric_configfs->tf_ops,
1682 conn->sess->se_sess, 0, DMA_NONE,
1683 MSG_SIMPLE_TAG, cmd->sense_buffer + 2);
1686 case ISCSI_TM_FUNC_ABORT_TASK:
1687 tcm_function = TMR_ABORT_TASK;
1689 case ISCSI_TM_FUNC_ABORT_TASK_SET:
1690 tcm_function = TMR_ABORT_TASK_SET;
1692 case ISCSI_TM_FUNC_CLEAR_ACA:
1693 tcm_function = TMR_CLEAR_ACA;
1695 case ISCSI_TM_FUNC_CLEAR_TASK_SET:
1696 tcm_function = TMR_CLEAR_TASK_SET;
1698 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET:
1699 tcm_function = TMR_LUN_RESET;
1701 case ISCSI_TM_FUNC_TARGET_WARM_RESET:
1702 tcm_function = TMR_TARGET_WARM_RESET;
1704 case ISCSI_TM_FUNC_TARGET_COLD_RESET:
1705 tcm_function = TMR_TARGET_COLD_RESET;
1708 pr_err("Unknown iSCSI TMR Function:"
1709 " 0x%02x\n", function);
1710 return iscsit_add_reject_from_cmd(
1711 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1715 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req,
1716 tcm_function, GFP_KERNEL);
1718 return iscsit_add_reject_from_cmd(
1719 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1722 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req;
1725 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC;
1726 cmd->i_state = ISTATE_SEND_TASKMGTRSP;
1727 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
1728 cmd->init_task_tag = hdr->itt;
1729 cmd->targ_xfer_tag = 0xFFFFFFFF;
1730 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
1731 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
1732 se_tmr = cmd->se_cmd.se_tmr_req;
1733 tmr_req = cmd->tmr_req;
1735 * Locate the struct se_lun for all TMRs not related to ERL=2 TASK_REASSIGN
1737 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) {
1738 ret = transport_lookup_tmr_lun(&cmd->se_cmd,
1739 scsilun_to_int(&hdr->lun));
1741 se_tmr->response = ISCSI_TMF_RSP_NO_LUN;
1747 case ISCSI_TM_FUNC_ABORT_TASK:
1748 se_tmr->response = iscsit_tmr_abort_task(cmd, buf);
1749 if (se_tmr->response)
1752 case ISCSI_TM_FUNC_ABORT_TASK_SET:
1753 case ISCSI_TM_FUNC_CLEAR_ACA:
1754 case ISCSI_TM_FUNC_CLEAR_TASK_SET:
1755 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET:
1757 case ISCSI_TM_FUNC_TARGET_WARM_RESET:
1758 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) {
1759 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED;
1763 case ISCSI_TM_FUNC_TARGET_COLD_RESET:
1764 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) {
1765 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED;
1769 case ISCSI_TM_FUNC_TASK_REASSIGN:
1770 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf);
1772 * Perform sanity checks on the ExpDataSN only if the
1773 * TASK_REASSIGN was successful.
1775 if (se_tmr->response)
1778 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0)
1779 return iscsit_add_reject_from_cmd(
1780 ISCSI_REASON_BOOKMARK_INVALID, 1, 1,
1784 pr_err("Unknown TMR function: 0x%02x, protocol"
1785 " error.\n", function);
1786 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED;
1790 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) &&
1791 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE))
1792 se_tmr->call_transport = 1;
1794 spin_lock_bh(&conn->cmd_lock);
1795 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
1796 spin_unlock_bh(&conn->cmd_lock);
1798 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
1799 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, hdr->cmdsn);
1800 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP)
1801 out_of_order_cmdsn = 1;
1802 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP)
1804 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1805 return iscsit_add_reject_from_cmd(
1806 ISCSI_REASON_PROTOCOL_ERROR,
1809 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
1811 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE))
1814 * Found the referenced task, send to transport for processing.
1816 if (se_tmr->call_transport)
1817 return transport_generic_handle_tmr(&cmd->se_cmd);
1820 * Could not find the referenced LUN, task, or Task Management
1821 * command not authorized or supported. Change state and
1822 * let the tx_thread send the response.
1824 * For connection recovery, this is also the default action for
1825 * TMR TASK_REASSIGN.
1827 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
1831 /* #warning FIXME: Support Text Command parameters besides SendTargets */
1832 static int iscsit_handle_text_cmd(
1833 struct iscsi_conn *conn,
1836 char *text_ptr, *text_in;
1837 int cmdsn_ret, niov = 0, rx_got, rx_size;
1838 u32 checksum = 0, data_crc = 0, payload_length;
1839 u32 padding = 0, pad_bytes = 0, text_length = 0;
1840 struct iscsi_cmd *cmd;
1842 struct iscsi_text *hdr;
1844 hdr = (struct iscsi_text *) buf;
1845 payload_length = ntoh24(hdr->dlength);
1847 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
1848 pr_err("Unable to accept text parameter length: %u"
1849 "greater than MaxXmitDataSegmentLength %u.\n",
1850 payload_length, conn->conn_ops->MaxXmitDataSegmentLength);
1851 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
1855 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x,"
1856 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn,
1857 hdr->exp_statsn, payload_length);
1859 rx_size = text_length = payload_length;
1861 text_in = kzalloc(text_length, GFP_KERNEL);
1863 pr_err("Unable to allocate memory for"
1864 " incoming text parameters\n");
1868 memset(iov, 0, 3 * sizeof(struct kvec));
1869 iov[niov].iov_base = text_in;
1870 iov[niov++].iov_len = text_length;
1872 padding = ((-payload_length) & 3);
1874 iov[niov].iov_base = &pad_bytes;
1875 iov[niov++].iov_len = padding;
1877 pr_debug("Receiving %u additional bytes"
1878 " for padding.\n", padding);
1880 if (conn->conn_ops->DataDigest) {
1881 iov[niov].iov_base = &checksum;
1882 iov[niov++].iov_len = ISCSI_CRC_LEN;
1883 rx_size += ISCSI_CRC_LEN;
1886 rx_got = rx_data(conn, &iov[0], niov, rx_size);
1887 if (rx_got != rx_size) {
1892 if (conn->conn_ops->DataDigest) {
1893 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,
1894 text_in, text_length,
1895 padding, (u8 *)&pad_bytes,
1898 if (checksum != data_crc) {
1899 pr_err("Text data CRC32C DataDigest"
1900 " 0x%08x does not match computed"
1901 " 0x%08x\n", checksum, data_crc);
1902 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
1903 pr_err("Unable to recover from"
1904 " Text Data digest failure while in"
1910 * Silently drop this PDU and let the
1911 * initiator plug the CmdSN gap.
1913 pr_debug("Dropping Text"
1914 " Command CmdSN: 0x%08x due to"
1915 " DataCRC error.\n", hdr->cmdsn);
1920 pr_debug("Got CRC32C DataDigest"
1921 " 0x%08x for %u bytes of text data.\n",
1922 checksum, text_length);
1925 text_in[text_length - 1] = '\0';
1926 pr_debug("Successfully read %d bytes of text"
1927 " data.\n", text_length);
1929 if (strncmp("SendTargets", text_in, 11) != 0) {
1930 pr_err("Received Text Data that is not"
1931 " SendTargets, cannot continue.\n");
1935 text_ptr = strchr(text_in, '=');
1937 pr_err("No \"=\" separator found in Text Data,"
1938 " cannot continue.\n");
1942 if (strncmp("=All", text_ptr, 4) != 0) {
1943 pr_err("Unable to locate All value for"
1944 " SendTargets key, cannot continue.\n");
1948 /*#warning Support SendTargets=(iSCSI Target Name/Nothing) values. */
1952 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL);
1954 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1957 cmd->iscsi_opcode = ISCSI_OP_TEXT;
1958 cmd->i_state = ISTATE_SEND_TEXTRSP;
1959 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
1960 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
1961 cmd->targ_xfer_tag = 0xFFFFFFFF;
1962 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
1963 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
1964 cmd->data_direction = DMA_NONE;
1966 spin_lock_bh(&conn->cmd_lock);
1967 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
1968 spin_unlock_bh(&conn->cmd_lock);
1970 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
1972 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
1973 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, hdr->cmdsn);
1974 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1975 return iscsit_add_reject_from_cmd(
1976 ISCSI_REASON_PROTOCOL_ERROR,
1982 return iscsit_execute_cmd(cmd, 0);
1985 int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
1987 struct iscsi_conn *conn_p;
1988 struct iscsi_session *sess = conn->sess;
1990 pr_debug("Received logout request CLOSESESSION on CID: %hu"
1991 " for SID: %u.\n", conn->cid, conn->sess->sid);
1993 atomic_set(&sess->session_logout, 1);
1994 atomic_set(&conn->conn_logout_remove, 1);
1995 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION;
1997 iscsit_inc_conn_usage_count(conn);
1998 iscsit_inc_session_usage_count(sess);
2000 spin_lock_bh(&sess->conn_lock);
2001 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) {
2002 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN)
2005 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n");
2006 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT;
2008 spin_unlock_bh(&sess->conn_lock);
2010 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2015 int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2017 struct iscsi_conn *l_conn;
2018 struct iscsi_session *sess = conn->sess;
2020 pr_debug("Received logout request CLOSECONNECTION for CID:"
2021 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid);
2024 * A Logout Request with a CLOSECONNECTION reason code for a CID
2025 * can arrive on a connection with a differing CID.
2027 if (conn->cid == cmd->logout_cid) {
2028 spin_lock_bh(&conn->state_lock);
2029 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n");
2030 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT;
2032 atomic_set(&conn->conn_logout_remove, 1);
2033 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION;
2034 iscsit_inc_conn_usage_count(conn);
2036 spin_unlock_bh(&conn->state_lock);
2039 * Handle all different cid CLOSECONNECTION requests in
2040 * iscsit_logout_post_handler_diffcid() as to give enough
2041 * time for any non immediate command's CmdSN to be
2042 * acknowledged on the connection in question.
2044 * Here we simply make sure the CID is still around.
2046 l_conn = iscsit_get_conn_from_cid(sess,
2049 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND;
2050 iscsit_add_cmd_to_response_queue(cmd, conn,
2055 iscsit_dec_conn_usage_count(l_conn);
2058 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2063 int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2065 struct iscsi_session *sess = conn->sess;
2067 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for"
2068 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid);
2070 if (sess->sess_ops->ErrorRecoveryLevel != 2) {
2071 pr_err("Received Logout Request REMOVECONNFORRECOVERY"
2072 " while ERL!=2.\n");
2073 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED;
2074 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2078 if (conn->cid == cmd->logout_cid) {
2079 pr_err("Received Logout Request REMOVECONNFORRECOVERY"
2080 " with CID: %hu on CID: %hu, implementation error.\n",
2081 cmd->logout_cid, conn->cid);
2082 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED;
2083 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2087 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2092 static int iscsit_handle_logout_cmd(
2093 struct iscsi_conn *conn,
2096 int cmdsn_ret, logout_remove = 0;
2098 struct iscsi_cmd *cmd;
2099 struct iscsi_logout *hdr;
2100 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn);
2102 hdr = (struct iscsi_logout *) buf;
2103 reason_code = (hdr->flags & 0x7f);
2106 spin_lock(&tiqn->logout_stats.lock);
2107 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION)
2108 tiqn->logout_stats.normal_logouts++;
2110 tiqn->logout_stats.abnormal_logouts++;
2111 spin_unlock(&tiqn->logout_stats.lock);
2114 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x"
2115 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n",
2116 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code,
2117 hdr->cid, conn->cid);
2119 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) {
2120 pr_err("Received logout request on connection that"
2121 " is not in logged in state, ignoring request.\n");
2125 cmd = iscsit_allocate_cmd(conn, GFP_KERNEL);
2127 return iscsit_add_reject(ISCSI_REASON_BOOKMARK_NO_RESOURCES, 1,
2130 cmd->iscsi_opcode = ISCSI_OP_LOGOUT;
2131 cmd->i_state = ISTATE_SEND_LOGOUTRSP;
2132 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
2133 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
2134 cmd->targ_xfer_tag = 0xFFFFFFFF;
2135 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
2136 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
2137 cmd->logout_cid = be16_to_cpu(hdr->cid);
2138 cmd->logout_reason = reason_code;
2139 cmd->data_direction = DMA_NONE;
2142 * We need to sleep in these cases (by returning 1) until the Logout
2143 * Response gets sent in the tx thread.
2145 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) ||
2146 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) &&
2147 be16_to_cpu(hdr->cid) == conn->cid))
2150 spin_lock_bh(&conn->cmd_lock);
2151 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
2152 spin_unlock_bh(&conn->cmd_lock);
2154 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY)
2155 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
2158 * Immediate commands are executed, well, immediately.
2159 * Non-Immediate Logout Commands are executed in CmdSN order.
2161 if (cmd->immediate_cmd) {
2162 int ret = iscsit_execute_cmd(cmd, 0);
2167 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, hdr->cmdsn);
2168 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) {
2170 } else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER) {
2171 return iscsit_add_reject_from_cmd(
2172 ISCSI_REASON_PROTOCOL_ERROR,
2177 return logout_remove;
2180 static int iscsit_handle_snack(
2181 struct iscsi_conn *conn,
2184 struct iscsi_snack *hdr;
2186 hdr = (struct iscsi_snack *) buf;
2187 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL;
2189 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:"
2190 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x,"
2191 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags,
2192 hdr->begrun, hdr->runlength, conn->cid);
2194 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
2195 pr_err("Initiator sent SNACK request while in"
2196 " ErrorRecoveryLevel=0.\n");
2197 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
2201 * SNACK_DATA and SNACK_R2T are both 0, so check which function to
2202 * call from inside iscsi_send_recovery_datain_or_r2t().
2204 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) {
2206 return iscsit_handle_recovery_datain_or_r2t(conn, buf,
2208 be32_to_cpu(hdr->ttt),
2209 be32_to_cpu(hdr->begrun),
2210 be32_to_cpu(hdr->runlength));
2211 case ISCSI_FLAG_SNACK_TYPE_STATUS:
2212 return iscsit_handle_status_snack(conn, hdr->itt,
2213 be32_to_cpu(hdr->ttt),
2214 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength));
2215 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK:
2216 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt),
2217 be32_to_cpu(hdr->begrun),
2218 be32_to_cpu(hdr->runlength));
2219 case ISCSI_FLAG_SNACK_TYPE_RDATA:
2220 /* FIXME: Support R-Data SNACK */
2221 pr_err("R-Data SNACK Not Supported.\n");
2222 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
2225 pr_err("Unknown SNACK type 0x%02x, protocol"
2226 " error.\n", hdr->flags & 0x0f);
2227 return iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
2234 static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn)
2236 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) ||
2237 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) {
2238 wait_for_completion_interruptible_timeout(
2239 &conn->rx_half_close_comp,
2240 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ);
2244 static int iscsit_handle_immediate_data(
2245 struct iscsi_cmd *cmd,
2249 int iov_ret, rx_got = 0, rx_size = 0;
2250 u32 checksum, iov_count = 0, padding = 0;
2251 struct iscsi_conn *conn = cmd->conn;
2254 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length);
2256 return IMMEDIATE_DATA_CANNOT_RECOVER;
2259 iov_count = iov_ret;
2260 iov = &cmd->iov_data[0];
2262 padding = ((-length) & 3);
2264 iov[iov_count].iov_base = cmd->pad_bytes;
2265 iov[iov_count++].iov_len = padding;
2269 if (conn->conn_ops->DataDigest) {
2270 iov[iov_count].iov_base = &checksum;
2271 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
2272 rx_size += ISCSI_CRC_LEN;
2275 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size);
2277 iscsit_unmap_iovec(cmd);
2279 if (rx_got != rx_size) {
2280 iscsit_rx_thread_wait_for_tcp(conn);
2281 return IMMEDIATE_DATA_CANNOT_RECOVER;
2284 if (conn->conn_ops->DataDigest) {
2287 data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd,
2288 cmd->write_data_done, length, padding,
2291 if (checksum != data_crc) {
2292 pr_err("ImmediateData CRC32C DataDigest 0x%08x"
2293 " does not match computed 0x%08x\n", checksum,
2296 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
2297 pr_err("Unable to recover from"
2298 " Immediate Data digest failure while"
2300 iscsit_add_reject_from_cmd(
2301 ISCSI_REASON_DATA_DIGEST_ERROR,
2303 return IMMEDIATE_DATA_CANNOT_RECOVER;
2305 iscsit_add_reject_from_cmd(
2306 ISCSI_REASON_DATA_DIGEST_ERROR,
2308 return IMMEDIATE_DATA_ERL1_CRC_FAILURE;
2311 pr_debug("Got CRC32C DataDigest 0x%08x for"
2312 " %u bytes of Immediate Data\n", checksum,
2317 cmd->write_data_done += length;
2319 if (cmd->write_data_done == cmd->se_cmd.data_length) {
2320 spin_lock_bh(&cmd->istate_lock);
2321 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT;
2322 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT;
2323 spin_unlock_bh(&cmd->istate_lock);
2326 return IMMEDIATE_DATA_NORMAL_OPERATION;
2330 * Called with sess->conn_lock held.
2332 /* #warning iscsi_build_conn_drop_async_message() only sends out on connections
2333 with active network interface */
2334 static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn)
2336 struct iscsi_cmd *cmd;
2337 struct iscsi_conn *conn_p;
2340 * Only send a Asynchronous Message on connections whos network
2341 * interface is still functional.
2343 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) {
2344 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) {
2345 iscsit_inc_conn_usage_count(conn_p);
2353 cmd = iscsit_allocate_cmd(conn_p, GFP_ATOMIC);
2355 iscsit_dec_conn_usage_count(conn_p);
2359 cmd->logout_cid = conn->cid;
2360 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT;
2361 cmd->i_state = ISTATE_SEND_ASYNCMSG;
2363 spin_lock_bh(&conn_p->cmd_lock);
2364 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list);
2365 spin_unlock_bh(&conn_p->cmd_lock);
2367 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state);
2368 iscsit_dec_conn_usage_count(conn_p);
2371 static int iscsit_send_conn_drop_async_message(
2372 struct iscsi_cmd *cmd,
2373 struct iscsi_conn *conn)
2375 struct iscsi_async *hdr;
2377 cmd->tx_size = ISCSI_HDR_LEN;
2378 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT;
2380 hdr = (struct iscsi_async *) cmd->pdu;
2381 hdr->opcode = ISCSI_OP_ASYNC_EVENT;
2382 hdr->flags = ISCSI_FLAG_CMD_FINAL;
2383 cmd->init_task_tag = RESERVED_ITT;
2384 cmd->targ_xfer_tag = 0xFFFFFFFF;
2385 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]);
2386 cmd->stat_sn = conn->stat_sn++;
2387 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2388 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2389 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
2390 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION;
2391 hdr->param1 = cpu_to_be16(cmd->logout_cid);
2392 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait);
2393 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain);
2395 if (conn->conn_ops->HeaderDigest) {
2396 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
2398 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2399 (unsigned char *)hdr, ISCSI_HDR_LEN,
2400 0, NULL, (u8 *)header_digest);
2402 cmd->tx_size += ISCSI_CRC_LEN;
2403 pr_debug("Attaching CRC32C HeaderDigest to"
2404 " Async Message 0x%08x\n", *header_digest);
2407 cmd->iov_misc[0].iov_base = cmd->pdu;
2408 cmd->iov_misc[0].iov_len = cmd->tx_size;
2409 cmd->iov_misc_count = 1;
2411 pr_debug("Sending Connection Dropped Async Message StatSN:"
2412 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn,
2413 cmd->logout_cid, conn->cid);
2417 static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn)
2419 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) ||
2420 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) {
2421 wait_for_completion_interruptible_timeout(
2422 &conn->tx_half_close_comp,
2423 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ);
2427 static int iscsit_send_data_in(
2428 struct iscsi_cmd *cmd,
2429 struct iscsi_conn *conn)
2431 int iov_ret = 0, set_statsn = 0;
2432 u32 iov_count = 0, tx_size = 0;
2433 struct iscsi_datain datain;
2434 struct iscsi_datain_req *dr;
2435 struct iscsi_data_rsp *hdr;
2440 memset(&datain, 0, sizeof(struct iscsi_datain));
2441 dr = iscsit_get_datain_values(cmd, &datain);
2443 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n",
2444 cmd->init_task_tag);
2449 * Be paranoid and double check the logic for now.
2451 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) {
2452 pr_err("Command ITT: 0x%08x, datain.offset: %u and"
2453 " datain.length: %u exceeds cmd->data_length: %u\n",
2454 cmd->init_task_tag, datain.offset, datain.length,
2455 cmd->se_cmd.data_length);
2459 spin_lock_bh(&conn->sess->session_stats_lock);
2460 conn->sess->tx_data_octets += datain.length;
2461 if (conn->sess->se_sess->se_node_acl) {
2462 spin_lock(&conn->sess->se_sess->se_node_acl->stats_lock);
2463 conn->sess->se_sess->se_node_acl->read_bytes += datain.length;
2464 spin_unlock(&conn->sess->se_sess->se_node_acl->stats_lock);
2466 spin_unlock_bh(&conn->sess->session_stats_lock);
2468 * Special case for successfully execution w/ both DATAIN
2471 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) &&
2472 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE))
2473 datain.flags &= ~ISCSI_FLAG_DATA_STATUS;
2475 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) ||
2476 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) {
2477 iscsit_increment_maxcmdsn(cmd, conn->sess);
2478 cmd->stat_sn = conn->stat_sn++;
2480 } else if (dr->dr_complete ==
2481 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY)
2485 hdr = (struct iscsi_data_rsp *) cmd->pdu;
2486 memset(hdr, 0, ISCSI_HDR_LEN);
2487 hdr->opcode = ISCSI_OP_SCSI_DATA_IN;
2488 hdr->flags = datain.flags;
2489 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) {
2490 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) {
2491 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW;
2492 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
2493 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) {
2494 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW;
2495 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
2498 hton24(hdr->dlength, datain.length);
2499 if (hdr->flags & ISCSI_FLAG_DATA_ACK)
2500 int_to_scsilun(cmd->se_cmd.orig_fe_lun,
2501 (struct scsi_lun *)&hdr->lun);
2503 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun);
2505 hdr->itt = cmd->init_task_tag;
2507 if (hdr->flags & ISCSI_FLAG_DATA_ACK)
2508 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
2510 hdr->ttt = cpu_to_be32(0xFFFFFFFF);
2512 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2514 hdr->statsn = cpu_to_be32(0xFFFFFFFF);
2516 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2517 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
2518 hdr->datasn = cpu_to_be32(datain.data_sn);
2519 hdr->offset = cpu_to_be32(datain.offset);
2521 iov = &cmd->iov_data[0];
2522 iov[iov_count].iov_base = cmd->pdu;
2523 iov[iov_count++].iov_len = ISCSI_HDR_LEN;
2524 tx_size += ISCSI_HDR_LEN;
2526 if (conn->conn_ops->HeaderDigest) {
2527 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
2529 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2530 (unsigned char *)hdr, ISCSI_HDR_LEN,
2531 0, NULL, (u8 *)header_digest);
2533 iov[0].iov_len += ISCSI_CRC_LEN;
2534 tx_size += ISCSI_CRC_LEN;
2536 pr_debug("Attaching CRC32 HeaderDigest"
2537 " for DataIN PDU 0x%08x\n", *header_digest);
2540 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1], datain.offset, datain.length);
2544 iov_count += iov_ret;
2545 tx_size += datain.length;
2547 cmd->padding = ((-datain.length) & 3);
2549 iov[iov_count].iov_base = cmd->pad_bytes;
2550 iov[iov_count++].iov_len = cmd->padding;
2551 tx_size += cmd->padding;
2553 pr_debug("Attaching %u padding bytes\n",
2556 if (conn->conn_ops->DataDigest) {
2557 cmd->data_crc = iscsit_do_crypto_hash_sg(&conn->conn_tx_hash, cmd,
2558 datain.offset, datain.length, cmd->padding, cmd->pad_bytes);
2560 iov[iov_count].iov_base = &cmd->data_crc;
2561 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
2562 tx_size += ISCSI_CRC_LEN;
2564 pr_debug("Attached CRC32C DataDigest %d bytes, crc"
2565 " 0x%08x\n", datain.length+cmd->padding, cmd->data_crc);
2568 cmd->iov_data_count = iov_count;
2569 cmd->tx_size = tx_size;
2571 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x,"
2572 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n",
2573 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn),
2574 ntohl(hdr->offset), datain.length, conn->cid);
2576 /* sendpage is preferred but can't insert markers */
2577 if (!conn->conn_ops->IFMarker)
2578 ret = iscsit_fe_sendpage_sg(cmd, conn);
2580 ret = iscsit_send_tx_data(cmd, conn, 0);
2582 iscsit_unmap_iovec(cmd);
2585 iscsit_tx_thread_wait_for_tcp(conn);
2589 if (dr->dr_complete) {
2590 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ?
2592 iscsit_free_datain_req(cmd, dr);
2598 static int iscsit_send_logout_response(
2599 struct iscsi_cmd *cmd,
2600 struct iscsi_conn *conn)
2602 int niov = 0, tx_size;
2603 struct iscsi_conn *logout_conn = NULL;
2604 struct iscsi_conn_recovery *cr = NULL;
2605 struct iscsi_session *sess = conn->sess;
2607 struct iscsi_logout_rsp *hdr;
2609 * The actual shutting down of Sessions and/or Connections
2610 * for CLOSESESSION and CLOSECONNECTION Logout Requests
2611 * is done in scsi_logout_post_handler().
2613 switch (cmd->logout_reason) {
2614 case ISCSI_LOGOUT_REASON_CLOSE_SESSION:
2615 pr_debug("iSCSI session logout successful, setting"
2616 " logout response to ISCSI_LOGOUT_SUCCESS.\n");
2617 cmd->logout_response = ISCSI_LOGOUT_SUCCESS;
2619 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION:
2620 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND)
2623 * For CLOSECONNECTION logout requests carrying
2624 * a matching logout CID -> local CID, the reference
2625 * for the local CID will have been incremented in
2626 * iscsi_logout_closeconnection().
2628 * For CLOSECONNECTION logout requests carrying
2629 * a different CID than the connection it arrived
2630 * on, the connection responding to cmd->logout_cid
2631 * is stopped in iscsit_logout_post_handler_diffcid().
2634 pr_debug("iSCSI CID: %hu logout on CID: %hu"
2635 " successful.\n", cmd->logout_cid, conn->cid);
2636 cmd->logout_response = ISCSI_LOGOUT_SUCCESS;
2638 case ISCSI_LOGOUT_REASON_RECOVERY:
2639 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) ||
2640 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED))
2643 * If the connection is still active from our point of view
2644 * force connection recovery to occur.
2646 logout_conn = iscsit_get_conn_from_cid_rcfr(sess,
2649 iscsit_connection_reinstatement_rcfr(logout_conn);
2650 iscsit_dec_conn_usage_count(logout_conn);
2653 cr = iscsit_get_inactive_connection_recovery_entry(
2654 conn->sess, cmd->logout_cid);
2656 pr_err("Unable to locate CID: %hu for"
2657 " REMOVECONNFORRECOVERY Logout Request.\n",
2659 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND;
2663 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn);
2665 pr_debug("iSCSI REMOVECONNFORRECOVERY logout"
2666 " for recovery for CID: %hu on CID: %hu successful.\n",
2667 cmd->logout_cid, conn->cid);
2668 cmd->logout_response = ISCSI_LOGOUT_SUCCESS;
2671 pr_err("Unknown cmd->logout_reason: 0x%02x\n",
2672 cmd->logout_reason);
2676 tx_size = ISCSI_HDR_LEN;
2677 hdr = (struct iscsi_logout_rsp *)cmd->pdu;
2678 memset(hdr, 0, ISCSI_HDR_LEN);
2679 hdr->opcode = ISCSI_OP_LOGOUT_RSP;
2680 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2681 hdr->response = cmd->logout_response;
2682 hdr->itt = cmd->init_task_tag;
2683 cmd->stat_sn = conn->stat_sn++;
2684 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2686 iscsit_increment_maxcmdsn(cmd, conn->sess);
2687 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2688 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
2690 iov = &cmd->iov_misc[0];
2691 iov[niov].iov_base = cmd->pdu;
2692 iov[niov++].iov_len = ISCSI_HDR_LEN;
2694 if (conn->conn_ops->HeaderDigest) {
2695 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
2697 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2698 (unsigned char *)hdr, ISCSI_HDR_LEN,
2699 0, NULL, (u8 *)header_digest);
2701 iov[0].iov_len += ISCSI_CRC_LEN;
2702 tx_size += ISCSI_CRC_LEN;
2703 pr_debug("Attaching CRC32C HeaderDigest to"
2704 " Logout Response 0x%08x\n", *header_digest);
2706 cmd->iov_misc_count = niov;
2707 cmd->tx_size = tx_size;
2709 pr_debug("Sending Logout Response ITT: 0x%08x StatSN:"
2710 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n",
2711 cmd->init_task_tag, cmd->stat_sn, hdr->response,
2712 cmd->logout_cid, conn->cid);
2718 * Unsolicited NOPIN, either requesting a response or not.
2720 static int iscsit_send_unsolicited_nopin(
2721 struct iscsi_cmd *cmd,
2722 struct iscsi_conn *conn,
2725 int tx_size = ISCSI_HDR_LEN;
2726 struct iscsi_nopin *hdr;
2729 hdr = (struct iscsi_nopin *) cmd->pdu;
2730 memset(hdr, 0, ISCSI_HDR_LEN);
2731 hdr->opcode = ISCSI_OP_NOOP_IN;
2732 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2733 hdr->itt = cmd->init_task_tag;
2734 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
2735 cmd->stat_sn = conn->stat_sn;
2736 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2737 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2738 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
2740 if (conn->conn_ops->HeaderDigest) {
2741 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
2743 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2744 (unsigned char *)hdr, ISCSI_HDR_LEN,
2745 0, NULL, (u8 *)header_digest);
2747 tx_size += ISCSI_CRC_LEN;
2748 pr_debug("Attaching CRC32C HeaderDigest to"
2749 " NopIN 0x%08x\n", *header_digest);
2752 cmd->iov_misc[0].iov_base = cmd->pdu;
2753 cmd->iov_misc[0].iov_len = tx_size;
2754 cmd->iov_misc_count = 1;
2755 cmd->tx_size = tx_size;
2757 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:"
2758 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid);
2760 ret = iscsit_send_tx_data(cmd, conn, 1);
2762 iscsit_tx_thread_wait_for_tcp(conn);
2766 spin_lock_bh(&cmd->istate_lock);
2767 cmd->i_state = want_response ?
2768 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS;
2769 spin_unlock_bh(&cmd->istate_lock);
2774 static int iscsit_send_nopin_response(
2775 struct iscsi_cmd *cmd,
2776 struct iscsi_conn *conn)
2778 int niov = 0, tx_size;
2781 struct iscsi_nopin *hdr;
2783 tx_size = ISCSI_HDR_LEN;
2784 hdr = (struct iscsi_nopin *) cmd->pdu;
2785 memset(hdr, 0, ISCSI_HDR_LEN);
2786 hdr->opcode = ISCSI_OP_NOOP_IN;
2787 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2788 hton24(hdr->dlength, cmd->buf_ptr_size);
2789 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun);
2790 hdr->itt = cmd->init_task_tag;
2791 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
2792 cmd->stat_sn = conn->stat_sn++;
2793 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2795 iscsit_increment_maxcmdsn(cmd, conn->sess);
2796 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2797 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
2799 iov = &cmd->iov_misc[0];
2800 iov[niov].iov_base = cmd->pdu;
2801 iov[niov++].iov_len = ISCSI_HDR_LEN;
2803 if (conn->conn_ops->HeaderDigest) {
2804 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
2806 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2807 (unsigned char *)hdr, ISCSI_HDR_LEN,
2808 0, NULL, (u8 *)header_digest);
2810 iov[0].iov_len += ISCSI_CRC_LEN;
2811 tx_size += ISCSI_CRC_LEN;
2812 pr_debug("Attaching CRC32C HeaderDigest"
2813 " to NopIn 0x%08x\n", *header_digest);
2817 * NOPOUT Ping Data is attached to struct iscsi_cmd->buf_ptr.
2818 * NOPOUT DataSegmentLength is at struct iscsi_cmd->buf_ptr_size.
2820 if (cmd->buf_ptr_size) {
2821 iov[niov].iov_base = cmd->buf_ptr;
2822 iov[niov++].iov_len = cmd->buf_ptr_size;
2823 tx_size += cmd->buf_ptr_size;
2825 pr_debug("Echoing back %u bytes of ping"
2826 " data.\n", cmd->buf_ptr_size);
2828 padding = ((-cmd->buf_ptr_size) & 3);
2830 iov[niov].iov_base = &cmd->pad_bytes;
2831 iov[niov++].iov_len = padding;
2833 pr_debug("Attaching %u additional"
2834 " padding bytes.\n", padding);
2836 if (conn->conn_ops->DataDigest) {
2837 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2838 cmd->buf_ptr, cmd->buf_ptr_size,
2839 padding, (u8 *)&cmd->pad_bytes,
2840 (u8 *)&cmd->data_crc);
2842 iov[niov].iov_base = &cmd->data_crc;
2843 iov[niov++].iov_len = ISCSI_CRC_LEN;
2844 tx_size += ISCSI_CRC_LEN;
2845 pr_debug("Attached DataDigest for %u"
2846 " bytes of ping data, CRC 0x%08x\n",
2847 cmd->buf_ptr_size, cmd->data_crc);
2851 cmd->iov_misc_count = niov;
2852 cmd->tx_size = tx_size;
2854 pr_debug("Sending NOPIN Response ITT: 0x%08x, TTT:"
2855 " 0x%08x, StatSN: 0x%08x, Length %u\n", cmd->init_task_tag,
2856 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size);
2861 static int iscsit_send_r2t(
2862 struct iscsi_cmd *cmd,
2863 struct iscsi_conn *conn)
2866 struct iscsi_r2t *r2t;
2867 struct iscsi_r2t_rsp *hdr;
2870 r2t = iscsit_get_r2t_from_list(cmd);
2874 hdr = (struct iscsi_r2t_rsp *) cmd->pdu;
2875 memset(hdr, 0, ISCSI_HDR_LEN);
2876 hdr->opcode = ISCSI_OP_R2T;
2877 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2878 int_to_scsilun(cmd->se_cmd.orig_fe_lun,
2879 (struct scsi_lun *)&hdr->lun);
2880 hdr->itt = cmd->init_task_tag;
2881 spin_lock_bh(&conn->sess->ttt_lock);
2882 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++;
2883 if (r2t->targ_xfer_tag == 0xFFFFFFFF)
2884 r2t->targ_xfer_tag = conn->sess->targ_xfer_tag++;
2885 spin_unlock_bh(&conn->sess->ttt_lock);
2886 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag);
2887 hdr->statsn = cpu_to_be32(conn->stat_sn);
2888 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2889 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
2890 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn);
2891 hdr->data_offset = cpu_to_be32(r2t->offset);
2892 hdr->data_length = cpu_to_be32(r2t->xfer_len);
2894 cmd->iov_misc[0].iov_base = cmd->pdu;
2895 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN;
2896 tx_size += ISCSI_HDR_LEN;
2898 if (conn->conn_ops->HeaderDigest) {
2899 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
2901 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
2902 (unsigned char *)hdr, ISCSI_HDR_LEN,
2903 0, NULL, (u8 *)header_digest);
2905 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN;
2906 tx_size += ISCSI_CRC_LEN;
2907 pr_debug("Attaching CRC32 HeaderDigest for R2T"
2908 " PDU 0x%08x\n", *header_digest);
2911 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:"
2912 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n",
2913 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag,
2914 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn,
2915 r2t->offset, r2t->xfer_len, conn->cid);
2917 cmd->iov_misc_count = 1;
2918 cmd->tx_size = tx_size;
2920 spin_lock_bh(&cmd->r2t_lock);
2922 spin_unlock_bh(&cmd->r2t_lock);
2924 ret = iscsit_send_tx_data(cmd, conn, 1);
2926 iscsit_tx_thread_wait_for_tcp(conn);
2930 spin_lock_bh(&cmd->dataout_timeout_lock);
2931 iscsit_start_dataout_timer(cmd, conn);
2932 spin_unlock_bh(&cmd->dataout_timeout_lock);
2938 * @recovery: If called from iscsi_task_reassign_complete_write() for
2939 * connection recovery.
2941 int iscsit_build_r2ts_for_cmd(
2942 struct iscsi_cmd *cmd,
2943 struct iscsi_conn *conn,
2947 u32 offset = 0, xfer_len = 0;
2949 spin_lock_bh(&cmd->r2t_lock);
2950 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) {
2951 spin_unlock_bh(&cmd->r2t_lock);
2955 if (conn->sess->sess_ops->DataSequenceInOrder &&
2957 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done);
2959 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) {
2960 if (conn->sess->sess_ops->DataSequenceInOrder) {
2961 offset = cmd->r2t_offset;
2963 if (first_r2t && recovery) {
2964 int new_data_end = offset +
2965 conn->sess->sess_ops->MaxBurstLength -
2966 cmd->next_burst_len;
2968 if (new_data_end > cmd->se_cmd.data_length)
2969 xfer_len = cmd->se_cmd.data_length - offset;
2972 conn->sess->sess_ops->MaxBurstLength -
2973 cmd->next_burst_len;
2975 int new_data_end = offset +
2976 conn->sess->sess_ops->MaxBurstLength;
2978 if (new_data_end > cmd->se_cmd.data_length)
2979 xfer_len = cmd->se_cmd.data_length - offset;
2981 xfer_len = conn->sess->sess_ops->MaxBurstLength;
2983 cmd->r2t_offset += xfer_len;
2985 if (cmd->r2t_offset == cmd->se_cmd.data_length)
2986 cmd->cmd_flags |= ICF_SENT_LAST_R2T;
2988 struct iscsi_seq *seq;
2990 seq = iscsit_get_seq_holder_for_r2t(cmd);
2992 spin_unlock_bh(&cmd->r2t_lock);
2996 offset = seq->offset;
2997 xfer_len = seq->xfer_len;
2999 if (cmd->seq_send_order == cmd->seq_count)
3000 cmd->cmd_flags |= ICF_SENT_LAST_R2T;
3002 cmd->outstanding_r2ts++;
3005 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) {
3006 spin_unlock_bh(&cmd->r2t_lock);
3010 if (cmd->cmd_flags & ICF_SENT_LAST_R2T)
3013 spin_unlock_bh(&cmd->r2t_lock);
3018 static int iscsit_send_status(
3019 struct iscsi_cmd *cmd,
3020 struct iscsi_conn *conn)
3022 u8 iov_count = 0, recovery;
3023 u32 padding = 0, tx_size = 0;
3024 struct iscsi_scsi_rsp *hdr;
3027 recovery = (cmd->i_state != ISTATE_SEND_STATUS);
3029 cmd->stat_sn = conn->stat_sn++;
3031 spin_lock_bh(&conn->sess->session_stats_lock);
3032 conn->sess->rsp_pdus++;
3033 spin_unlock_bh(&conn->sess->session_stats_lock);
3035 hdr = (struct iscsi_scsi_rsp *) cmd->pdu;
3036 memset(hdr, 0, ISCSI_HDR_LEN);
3037 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP;
3038 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3039 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) {
3040 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW;
3041 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
3042 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) {
3043 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW;
3044 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
3046 hdr->response = cmd->iscsi_response;
3047 hdr->cmd_status = cmd->se_cmd.scsi_status;
3048 hdr->itt = cmd->init_task_tag;
3049 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3051 iscsit_increment_maxcmdsn(cmd, conn->sess);
3052 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3053 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
3055 iov = &cmd->iov_misc[0];
3056 iov[iov_count].iov_base = cmd->pdu;
3057 iov[iov_count++].iov_len = ISCSI_HDR_LEN;
3058 tx_size += ISCSI_HDR_LEN;
3061 * Attach SENSE DATA payload to iSCSI Response PDU
3063 if (cmd->se_cmd.sense_buffer &&
3064 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ||
3065 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) {
3066 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer);
3067 cmd->se_cmd.scsi_sense_length += sizeof (__be16);
3069 padding = -(cmd->se_cmd.scsi_sense_length) & 3;
3070 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length);
3071 iov[iov_count].iov_base = cmd->sense_buffer;
3072 iov[iov_count++].iov_len =
3073 (cmd->se_cmd.scsi_sense_length + padding);
3074 tx_size += cmd->se_cmd.scsi_sense_length;
3077 memset(cmd->sense_buffer +
3078 cmd->se_cmd.scsi_sense_length, 0, padding);
3080 pr_debug("Adding %u bytes of padding to"
3081 " SENSE.\n", padding);
3084 if (conn->conn_ops->DataDigest) {
3085 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3087 (cmd->se_cmd.scsi_sense_length + padding),
3088 0, NULL, (u8 *)&cmd->data_crc);
3090 iov[iov_count].iov_base = &cmd->data_crc;
3091 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
3092 tx_size += ISCSI_CRC_LEN;
3094 pr_debug("Attaching CRC32 DataDigest for"
3095 " SENSE, %u bytes CRC 0x%08x\n",
3096 (cmd->se_cmd.scsi_sense_length + padding),
3100 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI"
3102 cmd->se_cmd.scsi_sense_length);
3105 if (conn->conn_ops->HeaderDigest) {
3106 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
3108 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3109 (unsigned char *)hdr, ISCSI_HDR_LEN,
3110 0, NULL, (u8 *)header_digest);
3112 iov[0].iov_len += ISCSI_CRC_LEN;
3113 tx_size += ISCSI_CRC_LEN;
3114 pr_debug("Attaching CRC32 HeaderDigest for Response"
3115 " PDU 0x%08x\n", *header_digest);
3118 cmd->iov_misc_count = iov_count;
3119 cmd->tx_size = tx_size;
3121 pr_debug("Built %sSCSI Response, ITT: 0x%08x, StatSN: 0x%08x,"
3122 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n",
3123 (!recovery) ? "" : "Recovery ", cmd->init_task_tag,
3124 cmd->stat_sn, 0x00, cmd->se_cmd.scsi_status, conn->cid);
3129 static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr)
3131 switch (se_tmr->response) {
3132 case TMR_FUNCTION_COMPLETE:
3133 return ISCSI_TMF_RSP_COMPLETE;
3134 case TMR_TASK_DOES_NOT_EXIST:
3135 return ISCSI_TMF_RSP_NO_TASK;
3136 case TMR_LUN_DOES_NOT_EXIST:
3137 return ISCSI_TMF_RSP_NO_LUN;
3138 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED:
3139 return ISCSI_TMF_RSP_NOT_SUPPORTED;
3140 case TMR_FUNCTION_AUTHORIZATION_FAILED:
3141 return ISCSI_TMF_RSP_AUTH_FAILED;
3142 case TMR_FUNCTION_REJECTED:
3144 return ISCSI_TMF_RSP_REJECTED;
3148 static int iscsit_send_task_mgt_rsp(
3149 struct iscsi_cmd *cmd,
3150 struct iscsi_conn *conn)
3152 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req;
3153 struct iscsi_tm_rsp *hdr;
3156 hdr = (struct iscsi_tm_rsp *) cmd->pdu;
3157 memset(hdr, 0, ISCSI_HDR_LEN);
3158 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP;
3159 hdr->flags = ISCSI_FLAG_CMD_FINAL;
3160 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr);
3161 hdr->itt = cmd->init_task_tag;
3162 cmd->stat_sn = conn->stat_sn++;
3163 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3165 iscsit_increment_maxcmdsn(cmd, conn->sess);
3166 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3167 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
3169 cmd->iov_misc[0].iov_base = cmd->pdu;
3170 cmd->iov_misc[0].iov_len = ISCSI_HDR_LEN;
3171 tx_size += ISCSI_HDR_LEN;
3173 if (conn->conn_ops->HeaderDigest) {
3174 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
3176 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3177 (unsigned char *)hdr, ISCSI_HDR_LEN,
3178 0, NULL, (u8 *)header_digest);
3180 cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN;
3181 tx_size += ISCSI_CRC_LEN;
3182 pr_debug("Attaching CRC32 HeaderDigest for Task"
3183 " Mgmt Response PDU 0x%08x\n", *header_digest);
3186 cmd->iov_misc_count = 1;
3187 cmd->tx_size = tx_size;
3189 pr_debug("Built Task Management Response ITT: 0x%08x,"
3190 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n",
3191 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid);
3196 static bool iscsit_check_inaddr_any(struct iscsi_np *np)
3200 if (np->np_sockaddr.ss_family == AF_INET6) {
3201 const struct sockaddr_in6 sin6 = {
3202 .sin6_addr = IN6ADDR_ANY_INIT };
3203 struct sockaddr_in6 *sock_in6 =
3204 (struct sockaddr_in6 *)&np->np_sockaddr;
3206 if (!memcmp(sock_in6->sin6_addr.s6_addr,
3207 sin6.sin6_addr.s6_addr, 16))
3210 struct sockaddr_in * sock_in =
3211 (struct sockaddr_in *)&np->np_sockaddr;
3213 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY))
3220 #define SENDTARGETS_BUF_LIMIT 32768U
3222 static int iscsit_build_sendtargets_response(struct iscsi_cmd *cmd)
3224 char *payload = NULL;
3225 struct iscsi_conn *conn = cmd->conn;
3226 struct iscsi_portal_group *tpg;
3227 struct iscsi_tiqn *tiqn;
3228 struct iscsi_tpg_np *tpg_np;
3229 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0;
3230 unsigned char buf[ISCSI_IQN_LEN+12]; /* iqn + "TargetName=" + \0 */
3232 buffer_len = max(conn->conn_ops->MaxRecvDataSegmentLength,
3233 SENDTARGETS_BUF_LIMIT);
3235 payload = kzalloc(buffer_len, GFP_KERNEL);
3237 pr_err("Unable to allocate memory for sendtargets"
3242 spin_lock(&tiqn_lock);
3243 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) {
3244 len = sprintf(buf, "TargetName=%s", tiqn->tiqn);
3247 if ((len + payload_len) > buffer_len) {
3251 memcpy(payload + payload_len, buf, len);
3254 spin_lock(&tiqn->tiqn_tpg_lock);
3255 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) {
3257 spin_lock(&tpg->tpg_state_lock);
3258 if ((tpg->tpg_state == TPG_STATE_FREE) ||
3259 (tpg->tpg_state == TPG_STATE_INACTIVE)) {
3260 spin_unlock(&tpg->tpg_state_lock);
3263 spin_unlock(&tpg->tpg_state_lock);
3265 spin_lock(&tpg->tpg_np_lock);
3266 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list,
3268 struct iscsi_np *np = tpg_np->tpg_np;
3269 bool inaddr_any = iscsit_check_inaddr_any(np);
3271 len = sprintf(buf, "TargetAddress="
3273 (np->np_sockaddr.ss_family == AF_INET6) ?
3274 "[" : "", (inaddr_any == false) ?
3275 np->np_ip : conn->local_ip,
3276 (np->np_sockaddr.ss_family == AF_INET6) ?
3277 "]" : "", (inaddr_any == false) ?
3278 np->np_port : conn->local_port,
3282 if ((len + payload_len) > buffer_len) {
3283 spin_unlock(&tpg->tpg_np_lock);
3284 spin_unlock(&tiqn->tiqn_tpg_lock);
3288 memcpy(payload + payload_len, buf, len);
3291 spin_unlock(&tpg->tpg_np_lock);
3293 spin_unlock(&tiqn->tiqn_tpg_lock);
3298 spin_unlock(&tiqn_lock);
3300 cmd->buf_ptr = payload;
3306 * FIXME: Add support for F_BIT and C_BIT when the length is longer than
3307 * MaxRecvDataSegmentLength.
3309 static int iscsit_send_text_rsp(
3310 struct iscsi_cmd *cmd,
3311 struct iscsi_conn *conn)
3313 struct iscsi_text_rsp *hdr;
3315 u32 padding = 0, tx_size = 0;
3316 int text_length, iov_count = 0;
3318 text_length = iscsit_build_sendtargets_response(cmd);
3319 if (text_length < 0)
3322 padding = ((-text_length) & 3);
3324 memset(cmd->buf_ptr + text_length, 0, padding);
3325 pr_debug("Attaching %u additional bytes for"
3326 " padding.\n", padding);
3329 hdr = (struct iscsi_text_rsp *) cmd->pdu;
3330 memset(hdr, 0, ISCSI_HDR_LEN);
3331 hdr->opcode = ISCSI_OP_TEXT_RSP;
3332 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3333 hton24(hdr->dlength, text_length);
3334 hdr->itt = cmd->init_task_tag;
3335 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
3336 cmd->stat_sn = conn->stat_sn++;
3337 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3339 iscsit_increment_maxcmdsn(cmd, conn->sess);
3340 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3341 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
3343 iov = &cmd->iov_misc[0];
3345 iov[iov_count].iov_base = cmd->pdu;
3346 iov[iov_count++].iov_len = ISCSI_HDR_LEN;
3347 iov[iov_count].iov_base = cmd->buf_ptr;
3348 iov[iov_count++].iov_len = text_length + padding;
3350 tx_size += (ISCSI_HDR_LEN + text_length + padding);
3352 if (conn->conn_ops->HeaderDigest) {
3353 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
3355 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3356 (unsigned char *)hdr, ISCSI_HDR_LEN,
3357 0, NULL, (u8 *)header_digest);
3359 iov[0].iov_len += ISCSI_CRC_LEN;
3360 tx_size += ISCSI_CRC_LEN;
3361 pr_debug("Attaching CRC32 HeaderDigest for"
3362 " Text Response PDU 0x%08x\n", *header_digest);
3365 if (conn->conn_ops->DataDigest) {
3366 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3367 cmd->buf_ptr, (text_length + padding),
3368 0, NULL, (u8 *)&cmd->data_crc);
3370 iov[iov_count].iov_base = &cmd->data_crc;
3371 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
3372 tx_size += ISCSI_CRC_LEN;
3374 pr_debug("Attaching DataDigest for %u bytes of text"
3375 " data, CRC 0x%08x\n", (text_length + padding),
3379 cmd->iov_misc_count = iov_count;
3380 cmd->tx_size = tx_size;
3382 pr_debug("Built Text Response: ITT: 0x%08x, StatSN: 0x%08x,"
3383 " Length: %u, CID: %hu\n", cmd->init_task_tag, cmd->stat_sn,
3384 text_length, conn->cid);
3388 static int iscsit_send_reject(
3389 struct iscsi_cmd *cmd,
3390 struct iscsi_conn *conn)
3392 u32 iov_count = 0, tx_size = 0;
3393 struct iscsi_reject *hdr;
3396 hdr = (struct iscsi_reject *) cmd->pdu;
3397 hdr->opcode = ISCSI_OP_REJECT;
3398 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3399 hton24(hdr->dlength, ISCSI_HDR_LEN);
3400 hdr->ffffffff = cpu_to_be32(0xffffffff);
3401 cmd->stat_sn = conn->stat_sn++;
3402 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3403 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3404 hdr->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
3406 iov = &cmd->iov_misc[0];
3408 iov[iov_count].iov_base = cmd->pdu;
3409 iov[iov_count++].iov_len = ISCSI_HDR_LEN;
3410 iov[iov_count].iov_base = cmd->buf_ptr;
3411 iov[iov_count++].iov_len = ISCSI_HDR_LEN;
3413 tx_size = (ISCSI_HDR_LEN + ISCSI_HDR_LEN);
3415 if (conn->conn_ops->HeaderDigest) {
3416 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
3418 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3419 (unsigned char *)hdr, ISCSI_HDR_LEN,
3420 0, NULL, (u8 *)header_digest);
3422 iov[0].iov_len += ISCSI_CRC_LEN;
3423 tx_size += ISCSI_CRC_LEN;
3424 pr_debug("Attaching CRC32 HeaderDigest for"
3425 " REJECT PDU 0x%08x\n", *header_digest);
3428 if (conn->conn_ops->DataDigest) {
3429 iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
3430 (unsigned char *)cmd->buf_ptr, ISCSI_HDR_LEN,
3431 0, NULL, (u8 *)&cmd->data_crc);
3433 iov[iov_count].iov_base = &cmd->data_crc;
3434 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
3435 tx_size += ISCSI_CRC_LEN;
3436 pr_debug("Attaching CRC32 DataDigest for REJECT"
3437 " PDU 0x%08x\n", cmd->data_crc);
3440 cmd->iov_misc_count = iov_count;
3441 cmd->tx_size = tx_size;
3443 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x,"
3444 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid);
3449 void iscsit_thread_get_cpumask(struct iscsi_conn *conn)
3451 struct iscsi_thread_set *ts = conn->thread_set;
3454 * thread_id is assigned from iscsit_global->ts_bitmap from
3455 * within iscsi_thread_set.c:iscsi_allocate_thread_sets()
3457 * Here we use thread_id to determine which CPU that this
3458 * iSCSI connection's iscsi_thread_set will be scheduled to
3461 ord = ts->thread_id % cpumask_weight(cpu_online_mask);
3462 for_each_online_cpu(cpu) {
3464 cpumask_set_cpu(cpu, conn->conn_cpumask);
3469 * This should never be reached..
3472 cpumask_setall(conn->conn_cpumask);
3475 static inline void iscsit_thread_check_cpumask(
3476 struct iscsi_conn *conn,
3477 struct task_struct *p,
3482 * mode == 1 signals iscsi_target_tx_thread() usage.
3483 * mode == 0 signals iscsi_target_rx_thread() usage.
3486 if (!conn->conn_tx_reset_cpumask)
3488 conn->conn_tx_reset_cpumask = 0;
3490 if (!conn->conn_rx_reset_cpumask)
3492 conn->conn_rx_reset_cpumask = 0;
3495 * Update the CPU mask for this single kthread so that
3496 * both TX and RX kthreads are scheduled to run on the
3499 memset(buf, 0, 128);
3500 cpumask_scnprintf(buf, 128, conn->conn_cpumask);
3501 set_cpus_allowed_ptr(p, conn->conn_cpumask);
3504 static int handle_immediate_queue(struct iscsi_conn *conn)
3506 struct iscsi_queue_req *qr;
3507 struct iscsi_cmd *cmd;
3511 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) {
3512 atomic_set(&conn->check_immediate_queue, 0);
3515 kmem_cache_free(lio_qr_cache, qr);
3518 case ISTATE_SEND_R2T:
3519 ret = iscsit_send_r2t(cmd, conn);
3524 if (cmd->data_direction == DMA_TO_DEVICE)
3525 iscsit_stop_dataout_timer(cmd);
3527 spin_lock_bh(&conn->cmd_lock);
3528 list_del(&cmd->i_conn_node);
3529 spin_unlock_bh(&conn->cmd_lock);
3531 iscsit_free_cmd(cmd);
3533 case ISTATE_SEND_NOPIN_WANT_RESPONSE:
3534 iscsit_mod_nopin_response_timer(conn);
3535 ret = iscsit_send_unsolicited_nopin(cmd,
3540 case ISTATE_SEND_NOPIN_NO_RESPONSE:
3541 ret = iscsit_send_unsolicited_nopin(cmd,
3547 pr_err("Unknown Opcode: 0x%02x ITT:"
3548 " 0x%08x, i_state: %d on CID: %hu\n",
3549 cmd->iscsi_opcode, cmd->init_task_tag, state,
3561 static int handle_response_queue(struct iscsi_conn *conn)
3563 struct iscsi_queue_req *qr;
3564 struct iscsi_cmd *cmd;
3568 while ((qr = iscsit_get_cmd_from_response_queue(conn))) {
3571 kmem_cache_free(lio_qr_cache, qr);
3575 case ISTATE_SEND_DATAIN:
3576 ret = iscsit_send_data_in(cmd, conn);
3581 goto check_rsp_state;
3582 else if (ret == 1) {
3584 spin_lock_bh(&cmd->istate_lock);
3585 cmd->i_state = ISTATE_SENT_STATUS;
3586 spin_unlock_bh(&cmd->istate_lock);
3588 if (atomic_read(&conn->check_immediate_queue))
3592 } else if (ret == 2) {
3593 /* Still must send status,
3594 SCF_TRANSPORT_TASK_SENSE was set */
3595 spin_lock_bh(&cmd->istate_lock);
3596 cmd->i_state = ISTATE_SEND_STATUS;
3597 spin_unlock_bh(&cmd->istate_lock);
3598 state = ISTATE_SEND_STATUS;
3599 goto check_rsp_state;
3603 case ISTATE_SEND_STATUS:
3604 case ISTATE_SEND_STATUS_RECOVERY:
3605 ret = iscsit_send_status(cmd, conn);
3607 case ISTATE_SEND_LOGOUTRSP:
3608 ret = iscsit_send_logout_response(cmd, conn);
3610 case ISTATE_SEND_ASYNCMSG:
3611 ret = iscsit_send_conn_drop_async_message(
3614 case ISTATE_SEND_NOPIN:
3615 ret = iscsit_send_nopin_response(cmd, conn);
3617 case ISTATE_SEND_REJECT:
3618 ret = iscsit_send_reject(cmd, conn);
3620 case ISTATE_SEND_TASKMGTRSP:
3621 ret = iscsit_send_task_mgt_rsp(cmd, conn);
3624 ret = iscsit_tmr_post_handler(cmd, conn);
3626 iscsit_fall_back_to_erl0(conn->sess);
3628 case ISTATE_SEND_TEXTRSP:
3629 ret = iscsit_send_text_rsp(cmd, conn);
3632 pr_err("Unknown Opcode: 0x%02x ITT:"
3633 " 0x%08x, i_state: %d on CID: %hu\n",
3634 cmd->iscsi_opcode, cmd->init_task_tag,
3641 if (iscsit_send_tx_data(cmd, conn, 1) < 0) {
3642 iscsit_tx_thread_wait_for_tcp(conn);
3643 iscsit_unmap_iovec(cmd);
3646 iscsit_unmap_iovec(cmd);
3649 case ISTATE_SEND_LOGOUTRSP:
3650 if (!iscsit_logout_post_handler(cmd, conn))
3653 case ISTATE_SEND_STATUS:
3654 case ISTATE_SEND_ASYNCMSG:
3655 case ISTATE_SEND_NOPIN:
3656 case ISTATE_SEND_STATUS_RECOVERY:
3657 case ISTATE_SEND_TEXTRSP:
3658 case ISTATE_SEND_TASKMGTRSP:
3659 spin_lock_bh(&cmd->istate_lock);
3660 cmd->i_state = ISTATE_SENT_STATUS;
3661 spin_unlock_bh(&cmd->istate_lock);
3663 case ISTATE_SEND_REJECT:
3664 if (cmd->cmd_flags & ICF_REJECT_FAIL_CONN) {
3665 cmd->cmd_flags &= ~ICF_REJECT_FAIL_CONN;
3666 complete(&cmd->reject_comp);
3669 complete(&cmd->reject_comp);
3672 pr_err("Unknown Opcode: 0x%02x ITT:"
3673 " 0x%08x, i_state: %d on CID: %hu\n",
3674 cmd->iscsi_opcode, cmd->init_task_tag,
3675 cmd->i_state, conn->cid);
3679 if (atomic_read(&conn->check_immediate_queue))
3691 int iscsi_target_tx_thread(void *arg)
3694 struct iscsi_conn *conn;
3695 struct iscsi_thread_set *ts = arg;
3697 * Allow ourselves to be interrupted by SIGINT so that a
3698 * connection recovery / failure event can be triggered externally.
3700 allow_signal(SIGINT);
3703 conn = iscsi_tx_thread_pre_handler(ts);
3709 while (!kthread_should_stop()) {
3711 * Ensure that both TX and RX per connection kthreads
3712 * are scheduled to run on the same CPU.
3714 iscsit_thread_check_cpumask(conn, current, 1);
3716 wait_event_interruptible(conn->queues_wq,
3717 !iscsit_conn_all_queues_empty(conn) ||
3718 ts->status == ISCSI_THREAD_SET_RESET);
3720 if ((ts->status == ISCSI_THREAD_SET_RESET) ||
3721 signal_pending(current))
3725 ret = handle_immediate_queue(conn);
3729 ret = handle_response_queue(conn);
3732 else if (ret == -EAGAIN)
3739 iscsit_take_action_for_connection_exit(conn);
3745 int iscsi_target_rx_thread(void *arg)
3748 u8 buffer[ISCSI_HDR_LEN], opcode;
3749 u32 checksum = 0, digest = 0;
3750 struct iscsi_conn *conn = NULL;
3751 struct iscsi_thread_set *ts = arg;
3754 * Allow ourselves to be interrupted by SIGINT so that a
3755 * connection recovery / failure event can be triggered externally.
3757 allow_signal(SIGINT);
3760 conn = iscsi_rx_thread_pre_handler(ts);
3764 while (!kthread_should_stop()) {
3766 * Ensure that both TX and RX per connection kthreads
3767 * are scheduled to run on the same CPU.
3769 iscsit_thread_check_cpumask(conn, current, 0);
3771 memset(buffer, 0, ISCSI_HDR_LEN);
3772 memset(&iov, 0, sizeof(struct kvec));
3774 iov.iov_base = buffer;
3775 iov.iov_len = ISCSI_HDR_LEN;
3777 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN);
3778 if (ret != ISCSI_HDR_LEN) {
3779 iscsit_rx_thread_wait_for_tcp(conn);
3784 * Set conn->bad_hdr for use with REJECT PDUs.
3786 memcpy(&conn->bad_hdr, &buffer, ISCSI_HDR_LEN);
3788 if (conn->conn_ops->HeaderDigest) {
3789 iov.iov_base = &digest;
3790 iov.iov_len = ISCSI_CRC_LEN;
3792 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN);
3793 if (ret != ISCSI_CRC_LEN) {
3794 iscsit_rx_thread_wait_for_tcp(conn);
3798 iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,
3799 buffer, ISCSI_HDR_LEN,
3800 0, NULL, (u8 *)&checksum);
3802 if (digest != checksum) {
3803 pr_err("HeaderDigest CRC32C failed,"
3804 " received 0x%08x, computed 0x%08x\n",
3807 * Set the PDU to 0xff so it will intentionally
3808 * hit default in the switch below.
3810 memset(buffer, 0xff, ISCSI_HDR_LEN);
3811 spin_lock_bh(&conn->sess->session_stats_lock);
3812 conn->sess->conn_digest_errors++;
3813 spin_unlock_bh(&conn->sess->session_stats_lock);
3815 pr_debug("Got HeaderDigest CRC32C"
3816 " 0x%08x\n", checksum);
3820 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT)
3823 opcode = buffer[0] & ISCSI_OPCODE_MASK;
3825 if (conn->sess->sess_ops->SessionType &&
3826 ((!(opcode & ISCSI_OP_TEXT)) ||
3827 (!(opcode & ISCSI_OP_LOGOUT)))) {
3828 pr_err("Received illegal iSCSI Opcode: 0x%02x"
3829 " while in Discovery Session, rejecting.\n", opcode);
3830 iscsit_add_reject(ISCSI_REASON_PROTOCOL_ERROR, 1,
3836 case ISCSI_OP_SCSI_CMD:
3837 if (iscsit_handle_scsi_cmd(conn, buffer) < 0)
3840 case ISCSI_OP_SCSI_DATA_OUT:
3841 if (iscsit_handle_data_out(conn, buffer) < 0)
3844 case ISCSI_OP_NOOP_OUT:
3845 if (iscsit_handle_nop_out(conn, buffer) < 0)
3848 case ISCSI_OP_SCSI_TMFUNC:
3849 if (iscsit_handle_task_mgt_cmd(conn, buffer) < 0)
3853 if (iscsit_handle_text_cmd(conn, buffer) < 0)
3856 case ISCSI_OP_LOGOUT:
3857 ret = iscsit_handle_logout_cmd(conn, buffer);
3859 wait_for_completion_timeout(&conn->conn_logout_comp,
3860 SECONDS_FOR_LOGOUT_COMP * HZ);
3865 case ISCSI_OP_SNACK:
3866 if (iscsit_handle_snack(conn, buffer) < 0)
3870 pr_err("Got unknown iSCSI OpCode: 0x%02x\n",
3872 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
3873 pr_err("Cannot recover from unknown"
3874 " opcode while ERL=0, closing iSCSI connection"
3878 if (!conn->conn_ops->OFMarker) {
3879 pr_err("Unable to recover from unknown"
3880 " opcode while OFMarker=No, closing iSCSI"
3884 if (iscsit_recover_from_unknown_opcode(conn) < 0) {
3885 pr_err("Unable to recover from unknown"
3886 " opcode, closing iSCSI connection.\n");
3894 if (!signal_pending(current))
3895 atomic_set(&conn->transport_failed, 1);
3896 iscsit_take_action_for_connection_exit(conn);
3902 static void iscsit_release_commands_from_conn(struct iscsi_conn *conn)
3904 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL;
3905 struct iscsi_session *sess = conn->sess;
3907 * We expect this function to only ever be called from either RX or TX
3908 * thread context via iscsit_close_connection() once the other context
3909 * has been reset -> returned sleeping pre-handler state.
3911 spin_lock_bh(&conn->cmd_lock);
3912 list_for_each_entry_safe(cmd, cmd_tmp, &conn->conn_cmd_list, i_conn_node) {
3914 list_del(&cmd->i_conn_node);
3915 spin_unlock_bh(&conn->cmd_lock);
3917 iscsit_increment_maxcmdsn(cmd, sess);
3919 iscsit_free_cmd(cmd);
3921 spin_lock_bh(&conn->cmd_lock);
3923 spin_unlock_bh(&conn->cmd_lock);
3926 static void iscsit_stop_timers_for_cmds(
3927 struct iscsi_conn *conn)
3929 struct iscsi_cmd *cmd;
3931 spin_lock_bh(&conn->cmd_lock);
3932 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) {
3933 if (cmd->data_direction == DMA_TO_DEVICE)
3934 iscsit_stop_dataout_timer(cmd);
3936 spin_unlock_bh(&conn->cmd_lock);
3939 int iscsit_close_connection(
3940 struct iscsi_conn *conn)
3942 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT);
3943 struct iscsi_session *sess = conn->sess;
3945 pr_debug("Closing iSCSI connection CID %hu on SID:"
3946 " %u\n", conn->cid, sess->sid);
3948 * Always up conn_logout_comp just in case the RX Thread is sleeping
3949 * and the logout response never got sent because the connection
3952 complete(&conn->conn_logout_comp);
3954 iscsi_release_thread_set(conn);
3956 iscsit_stop_timers_for_cmds(conn);
3957 iscsit_stop_nopin_response_timer(conn);
3958 iscsit_stop_nopin_timer(conn);
3959 iscsit_free_queue_reqs_for_conn(conn);
3962 * During Connection recovery drop unacknowledged out of order
3963 * commands for this connection, and prepare the other commands
3966 * During normal operation clear the out of order commands (but
3967 * do not free the struct iscsi_ooo_cmdsn's) and release all
3968 * struct iscsi_cmds.
3970 if (atomic_read(&conn->connection_recovery)) {
3971 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn);
3972 iscsit_prepare_cmds_for_realligance(conn);
3974 iscsit_clear_ooo_cmdsns_for_conn(conn);
3975 iscsit_release_commands_from_conn(conn);
3979 * Handle decrementing session or connection usage count if
3980 * a logout response was not able to be sent because the
3981 * connection failed. Fall back to Session Recovery here.
3983 if (atomic_read(&conn->conn_logout_remove)) {
3984 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) {
3985 iscsit_dec_conn_usage_count(conn);
3986 iscsit_dec_session_usage_count(sess);
3988 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION)
3989 iscsit_dec_conn_usage_count(conn);
3991 atomic_set(&conn->conn_logout_remove, 0);
3992 atomic_set(&sess->session_reinstatement, 0);
3993 atomic_set(&sess->session_fall_back_to_erl0, 1);
3996 spin_lock_bh(&sess->conn_lock);
3997 list_del(&conn->conn_list);
4000 * Attempt to let the Initiator know this connection failed by
4001 * sending an Connection Dropped Async Message on another
4002 * active connection.
4004 if (atomic_read(&conn->connection_recovery))
4005 iscsit_build_conn_drop_async_message(conn);
4007 spin_unlock_bh(&sess->conn_lock);
4010 * If connection reinstatement is being performed on this connection,
4011 * up the connection reinstatement semaphore that is being blocked on
4012 * in iscsit_cause_connection_reinstatement().
4014 spin_lock_bh(&conn->state_lock);
4015 if (atomic_read(&conn->sleep_on_conn_wait_comp)) {
4016 spin_unlock_bh(&conn->state_lock);
4017 complete(&conn->conn_wait_comp);
4018 wait_for_completion(&conn->conn_post_wait_comp);
4019 spin_lock_bh(&conn->state_lock);
4023 * If connection reinstatement is being performed on this connection
4024 * by receiving a REMOVECONNFORRECOVERY logout request, up the
4025 * connection wait rcfr semaphore that is being blocked on
4026 * an iscsit_connection_reinstatement_rcfr().
4028 if (atomic_read(&conn->connection_wait_rcfr)) {
4029 spin_unlock_bh(&conn->state_lock);
4030 complete(&conn->conn_wait_rcfr_comp);
4031 wait_for_completion(&conn->conn_post_wait_comp);
4032 spin_lock_bh(&conn->state_lock);
4034 atomic_set(&conn->connection_reinstatement, 1);
4035 spin_unlock_bh(&conn->state_lock);
4038 * If any other processes are accessing this connection pointer we
4039 * must wait until they have completed.
4041 iscsit_check_conn_usage_count(conn);
4043 if (conn->conn_rx_hash.tfm)
4044 crypto_free_hash(conn->conn_rx_hash.tfm);
4045 if (conn->conn_tx_hash.tfm)
4046 crypto_free_hash(conn->conn_tx_hash.tfm);
4048 if (conn->conn_cpumask)
4049 free_cpumask_var(conn->conn_cpumask);
4051 kfree(conn->conn_ops);
4052 conn->conn_ops = NULL;
4055 sock_release(conn->sock);
4056 conn->thread_set = NULL;
4058 pr_debug("Moving to TARG_CONN_STATE_FREE.\n");
4059 conn->conn_state = TARG_CONN_STATE_FREE;
4062 spin_lock_bh(&sess->conn_lock);
4063 atomic_dec(&sess->nconn);
4064 pr_debug("Decremented iSCSI connection count to %hu from node:"
4065 " %s\n", atomic_read(&sess->nconn),
4066 sess->sess_ops->InitiatorName);
4068 * Make sure that if one connection fails in an non ERL=2 iSCSI
4069 * Session that they all fail.
4071 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout &&
4072 !atomic_read(&sess->session_logout))
4073 atomic_set(&sess->session_fall_back_to_erl0, 1);
4076 * If this was not the last connection in the session, and we are
4077 * performing session reinstatement or falling back to ERL=0, call
4078 * iscsit_stop_session() without sleeping to shutdown the other
4079 * active connections.
4081 if (atomic_read(&sess->nconn)) {
4082 if (!atomic_read(&sess->session_reinstatement) &&
4083 !atomic_read(&sess->session_fall_back_to_erl0)) {
4084 spin_unlock_bh(&sess->conn_lock);
4087 if (!atomic_read(&sess->session_stop_active)) {
4088 atomic_set(&sess->session_stop_active, 1);
4089 spin_unlock_bh(&sess->conn_lock);
4090 iscsit_stop_session(sess, 0, 0);
4093 spin_unlock_bh(&sess->conn_lock);
4098 * If this was the last connection in the session and one of the
4099 * following is occurring:
4101 * Session Reinstatement is not being performed, and are falling back
4102 * to ERL=0 call iscsit_close_session().
4104 * Session Logout was requested. iscsit_close_session() will be called
4107 * Session Continuation is not being performed, start the Time2Retain
4108 * handler and check if sleep_on_sess_wait_sem is active.
4110 if (!atomic_read(&sess->session_reinstatement) &&
4111 atomic_read(&sess->session_fall_back_to_erl0)) {
4112 spin_unlock_bh(&sess->conn_lock);
4113 target_put_session(sess->se_sess);
4116 } else if (atomic_read(&sess->session_logout)) {
4117 pr_debug("Moving to TARG_SESS_STATE_FREE.\n");
4118 sess->session_state = TARG_SESS_STATE_FREE;
4119 spin_unlock_bh(&sess->conn_lock);
4121 if (atomic_read(&sess->sleep_on_sess_wait_comp))
4122 complete(&sess->session_wait_comp);
4126 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n");
4127 sess->session_state = TARG_SESS_STATE_FAILED;
4129 if (!atomic_read(&sess->session_continuation)) {
4130 spin_unlock_bh(&sess->conn_lock);
4131 iscsit_start_time2retain_handler(sess);
4133 spin_unlock_bh(&sess->conn_lock);
4135 if (atomic_read(&sess->sleep_on_sess_wait_comp))
4136 complete(&sess->session_wait_comp);
4140 spin_unlock_bh(&sess->conn_lock);
4145 int iscsit_close_session(struct iscsi_session *sess)
4147 struct iscsi_portal_group *tpg = ISCSI_TPG_S(sess);
4148 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
4150 if (atomic_read(&sess->nconn)) {
4151 pr_err("%d connection(s) still exist for iSCSI session"
4152 " to %s\n", atomic_read(&sess->nconn),
4153 sess->sess_ops->InitiatorName);
4157 spin_lock_bh(&se_tpg->session_lock);
4158 atomic_set(&sess->session_logout, 1);
4159 atomic_set(&sess->session_reinstatement, 1);
4160 iscsit_stop_time2retain_timer(sess);
4161 spin_unlock_bh(&se_tpg->session_lock);
4164 * transport_deregister_session_configfs() will clear the
4165 * struct se_node_acl->nacl_sess pointer now as a iscsi_np process context
4166 * can be setting it again with __transport_register_session() in
4167 * iscsi_post_login_handler() again after the iscsit_stop_session()
4168 * completes in iscsi_np context.
4170 transport_deregister_session_configfs(sess->se_sess);
4173 * If any other processes are accessing this session pointer we must
4174 * wait until they have completed. If we are in an interrupt (the
4175 * time2retain handler) and contain and active session usage count we
4176 * restart the timer and exit.
4178 if (!in_interrupt()) {
4179 if (iscsit_check_session_usage_count(sess) == 1)
4180 iscsit_stop_session(sess, 1, 1);
4182 if (iscsit_check_session_usage_count(sess) == 2) {
4183 atomic_set(&sess->session_logout, 0);
4184 iscsit_start_time2retain_handler(sess);
4189 transport_deregister_session(sess->se_sess);
4191 if (sess->sess_ops->ErrorRecoveryLevel == 2)
4192 iscsit_free_connection_recovery_entires(sess);
4194 iscsit_free_all_ooo_cmdsns(sess);
4196 spin_lock_bh(&se_tpg->session_lock);
4197 pr_debug("Moving to TARG_SESS_STATE_FREE.\n");
4198 sess->session_state = TARG_SESS_STATE_FREE;
4199 pr_debug("Released iSCSI session from node: %s\n",
4200 sess->sess_ops->InitiatorName);
4203 tpg->tpg_tiqn->tiqn_nsessions--;
4205 pr_debug("Decremented number of active iSCSI Sessions on"
4206 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions);
4208 spin_lock(&sess_idr_lock);
4209 idr_remove(&sess_idr, sess->session_index);
4210 spin_unlock(&sess_idr_lock);
4212 kfree(sess->sess_ops);
4213 sess->sess_ops = NULL;
4214 spin_unlock_bh(&se_tpg->session_lock);
4220 static void iscsit_logout_post_handler_closesession(
4221 struct iscsi_conn *conn)
4223 struct iscsi_session *sess = conn->sess;
4225 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD);
4226 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD);
4228 atomic_set(&conn->conn_logout_remove, 0);
4229 complete(&conn->conn_logout_comp);
4231 iscsit_dec_conn_usage_count(conn);
4232 iscsit_stop_session(sess, 1, 1);
4233 iscsit_dec_session_usage_count(sess);
4234 target_put_session(sess->se_sess);
4237 static void iscsit_logout_post_handler_samecid(
4238 struct iscsi_conn *conn)
4240 iscsi_set_thread_clear(conn, ISCSI_CLEAR_TX_THREAD);
4241 iscsi_set_thread_set_signal(conn, ISCSI_SIGNAL_TX_THREAD);
4243 atomic_set(&conn->conn_logout_remove, 0);
4244 complete(&conn->conn_logout_comp);
4246 iscsit_cause_connection_reinstatement(conn, 1);
4247 iscsit_dec_conn_usage_count(conn);
4250 static void iscsit_logout_post_handler_diffcid(
4251 struct iscsi_conn *conn,
4254 struct iscsi_conn *l_conn;
4255 struct iscsi_session *sess = conn->sess;
4260 spin_lock_bh(&sess->conn_lock);
4261 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) {
4262 if (l_conn->cid == cid) {
4263 iscsit_inc_conn_usage_count(l_conn);
4267 spin_unlock_bh(&sess->conn_lock);
4273 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN);
4275 spin_lock_bh(&l_conn->state_lock);
4276 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n");
4277 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT;
4278 spin_unlock_bh(&l_conn->state_lock);
4280 iscsit_cause_connection_reinstatement(l_conn, 1);
4281 iscsit_dec_conn_usage_count(l_conn);
4285 * Return of 0 causes the TX thread to restart.
4287 static int iscsit_logout_post_handler(
4288 struct iscsi_cmd *cmd,
4289 struct iscsi_conn *conn)
4293 switch (cmd->logout_reason) {
4294 case ISCSI_LOGOUT_REASON_CLOSE_SESSION:
4295 switch (cmd->logout_response) {
4296 case ISCSI_LOGOUT_SUCCESS:
4297 case ISCSI_LOGOUT_CLEANUP_FAILED:
4299 iscsit_logout_post_handler_closesession(conn);
4304 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION:
4305 if (conn->cid == cmd->logout_cid) {
4306 switch (cmd->logout_response) {
4307 case ISCSI_LOGOUT_SUCCESS:
4308 case ISCSI_LOGOUT_CLEANUP_FAILED:
4310 iscsit_logout_post_handler_samecid(conn);
4315 switch (cmd->logout_response) {
4316 case ISCSI_LOGOUT_SUCCESS:
4317 iscsit_logout_post_handler_diffcid(conn,
4320 case ISCSI_LOGOUT_CID_NOT_FOUND:
4321 case ISCSI_LOGOUT_CLEANUP_FAILED:
4328 case ISCSI_LOGOUT_REASON_RECOVERY:
4329 switch (cmd->logout_response) {
4330 case ISCSI_LOGOUT_SUCCESS:
4331 case ISCSI_LOGOUT_CID_NOT_FOUND:
4332 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED:
4333 case ISCSI_LOGOUT_CLEANUP_FAILED:
4346 void iscsit_fail_session(struct iscsi_session *sess)
4348 struct iscsi_conn *conn;
4350 spin_lock_bh(&sess->conn_lock);
4351 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) {
4352 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n");
4353 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT;
4355 spin_unlock_bh(&sess->conn_lock);
4357 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n");
4358 sess->session_state = TARG_SESS_STATE_FAILED;
4361 int iscsit_free_session(struct iscsi_session *sess)
4363 u16 conn_count = atomic_read(&sess->nconn);
4364 struct iscsi_conn *conn, *conn_tmp = NULL;
4367 spin_lock_bh(&sess->conn_lock);
4368 atomic_set(&sess->sleep_on_sess_wait_comp, 1);
4370 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list,
4372 if (conn_count == 0)
4375 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) {
4378 iscsit_inc_conn_usage_count(conn_tmp);
4381 iscsit_inc_conn_usage_count(conn);
4383 spin_unlock_bh(&sess->conn_lock);
4384 iscsit_cause_connection_reinstatement(conn, 1);
4385 spin_lock_bh(&sess->conn_lock);
4387 iscsit_dec_conn_usage_count(conn);
4389 iscsit_dec_conn_usage_count(conn_tmp);
4394 if (atomic_read(&sess->nconn)) {
4395 spin_unlock_bh(&sess->conn_lock);
4396 wait_for_completion(&sess->session_wait_comp);
4398 spin_unlock_bh(&sess->conn_lock);
4400 target_put_session(sess->se_sess);
4404 void iscsit_stop_session(
4405 struct iscsi_session *sess,
4407 int connection_sleep)
4409 u16 conn_count = atomic_read(&sess->nconn);
4410 struct iscsi_conn *conn, *conn_tmp = NULL;
4413 spin_lock_bh(&sess->conn_lock);
4415 atomic_set(&sess->sleep_on_sess_wait_comp, 1);
4417 if (connection_sleep) {
4418 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list,
4420 if (conn_count == 0)
4423 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) {
4426 iscsit_inc_conn_usage_count(conn_tmp);
4429 iscsit_inc_conn_usage_count(conn);
4431 spin_unlock_bh(&sess->conn_lock);
4432 iscsit_cause_connection_reinstatement(conn, 1);
4433 spin_lock_bh(&sess->conn_lock);
4435 iscsit_dec_conn_usage_count(conn);
4437 iscsit_dec_conn_usage_count(conn_tmp);
4441 list_for_each_entry(conn, &sess->sess_conn_list, conn_list)
4442 iscsit_cause_connection_reinstatement(conn, 0);
4445 if (session_sleep && atomic_read(&sess->nconn)) {
4446 spin_unlock_bh(&sess->conn_lock);
4447 wait_for_completion(&sess->session_wait_comp);
4449 spin_unlock_bh(&sess->conn_lock);
4452 int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force)
4454 struct iscsi_session *sess;
4455 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
4456 struct se_session *se_sess, *se_sess_tmp;
4457 int session_count = 0;
4459 spin_lock_bh(&se_tpg->session_lock);
4460 if (tpg->nsessions && !force) {
4461 spin_unlock_bh(&se_tpg->session_lock);
4465 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list,
4467 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr;
4469 spin_lock(&sess->conn_lock);
4470 if (atomic_read(&sess->session_fall_back_to_erl0) ||
4471 atomic_read(&sess->session_logout) ||
4472 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) {
4473 spin_unlock(&sess->conn_lock);
4476 atomic_set(&sess->session_reinstatement, 1);
4477 spin_unlock(&sess->conn_lock);
4478 spin_unlock_bh(&se_tpg->session_lock);
4480 iscsit_free_session(sess);
4481 spin_lock_bh(&se_tpg->session_lock);
4485 spin_unlock_bh(&se_tpg->session_lock);
4487 pr_debug("Released %d iSCSI Session(s) from Target Portal"
4488 " Group: %hu\n", session_count, tpg->tpgt);
4492 MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure");
4493 MODULE_VERSION("4.1.x");
4494 MODULE_AUTHOR("nab@Linux-iSCSI.org");
4495 MODULE_LICENSE("GPL");
4497 module_init(iscsi_target_init_module);
4498 module_exit(iscsi_target_cleanup_module);
git.samba.org / sfrench / cifs-2.6.git / blob