iscsi.c revision 265526
1/*- 2 * Copyright (c) 2012 The FreeBSD Foundation 3 * All rights reserved. 4 * 5 * This software was developed by Edward Tomasz Napierala under sponsorship 6 * from the FreeBSD Foundation. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD: stable/10/sys/dev/iscsi/iscsi.c 265526 2014-05-07 07:56:36Z trasz $ 30 */ 31 32#include <sys/param.h> 33#include <sys/condvar.h> 34#include <sys/conf.h> 35#include <sys/eventhandler.h> 36#include <sys/file.h> 37#include <sys/kernel.h> 38#include <sys/kthread.h> 39#include <sys/lock.h> 40#include <sys/malloc.h> 41#include <sys/mutex.h> 42#include <sys/module.h> 43#include <sys/sysctl.h> 44#include <sys/systm.h> 45#include <sys/sx.h> 46#include <vm/uma.h> 47 48#include <cam/cam.h> 49#include <cam/cam_ccb.h> 50#include <cam/cam_xpt.h> 51#include <cam/cam_debug.h> 52#include <cam/cam_sim.h> 53#include <cam/cam_xpt_sim.h> 54#include <cam/cam_xpt_periph.h> 55#include <cam/cam_periph.h> 56#include <cam/scsi/scsi_all.h> 57#include <cam/scsi/scsi_message.h> 58 59#include "iscsi_ioctl.h" 60#include "iscsi.h" 61#include "icl.h" 62#include "iscsi_proto.h" 63 64#ifdef ICL_KERNEL_PROXY 65#include <sys/socketvar.h> 66#endif 67 68#ifdef ICL_KERNEL_PROXY 69FEATURE(iscsi_kernel_proxy, "iSCSI initiator built with ICL_KERNEL_PROXY"); 70#endif 71 72/* 73 * XXX: This is global so the iscsi_unload() can access it. 74 * Think about how to do this properly. 75 */ 76static struct iscsi_softc *sc; 77 78SYSCTL_NODE(_kern, OID_AUTO, iscsi, CTLFLAG_RD, 0, "iSCSI initiator"); 79static int debug = 1; 80TUNABLE_INT("kern.iscsi.debug", &debug); 81SYSCTL_INT(_kern_iscsi, OID_AUTO, debug, CTLFLAG_RWTUN, 82 &debug, 2, "Enable debug messages"); 83static int ping_timeout = 5; 84TUNABLE_INT("kern.iscsi.ping_timeout", &ping_timeout); 85SYSCTL_INT(_kern_iscsi, OID_AUTO, ping_timeout, CTLFLAG_RWTUN, &ping_timeout, 86 5, "Timeout for ping (NOP-Out) requests, in seconds"); 87static int iscsid_timeout = 60; 88TUNABLE_INT("kern.iscsi.iscsid_timeout", &iscsid_timeout); 89SYSCTL_INT(_kern_iscsi, OID_AUTO, iscsid_timeout, CTLFLAG_RWTUN, &iscsid_timeout, 90 60, "Time to wait for iscsid(8) to handle reconnection, in seconds"); 91static int login_timeout = 60; 92TUNABLE_INT("kern.iscsi.login_timeout", &login_timeout); 93SYSCTL_INT(_kern_iscsi, OID_AUTO, login_timeout, CTLFLAG_RWTUN, &login_timeout, 94 60, "Time to wait for iscsid(8) to finish Login Phase, in seconds"); 95static int maxtags = 255; 96TUNABLE_INT("kern.iscsi.maxtags", &maxtags); 97SYSCTL_INT(_kern_iscsi, OID_AUTO, maxtags, CTLFLAG_RWTUN, &maxtags, 98 255, "Max number of IO requests queued"); 99static int fail_on_disconnection = 0; 100TUNABLE_INT("kern.iscsi.fail_on_disconnection", &fail_on_disconnection); 101SYSCTL_INT(_kern_iscsi, OID_AUTO, fail_on_disconnection, CTLFLAG_RWTUN, 102 &fail_on_disconnection, 0, "Destroy CAM SIM on connection failure"); 103 104static MALLOC_DEFINE(M_ISCSI, "iSCSI", "iSCSI initiator"); 105static uma_zone_t iscsi_outstanding_zone; 106 107#define CONN_SESSION(X) ((struct iscsi_session *)X->ic_prv0) 108#define PDU_SESSION(X) (CONN_SESSION(X->ip_conn)) 109 110#define ISCSI_DEBUG(X, ...) \ 111 do { \ 112 if (debug > 1) \ 113 printf("%s: " X "\n", __func__, ## __VA_ARGS__);\ 114 } while (0) 115 116#define ISCSI_WARN(X, ...) \ 117 do { \ 118 if (debug > 0) { \ 119 printf("WARNING: %s: " X "\n", \ 120 __func__, ## __VA_ARGS__); \ 121 } \ 122 } while (0) 123 124#define ISCSI_SESSION_DEBUG(S, X, ...) \ 125 do { \ 126 if (debug > 1) { \ 127 printf("%s: %s (%s): " X "\n", \ 128 __func__, S->is_conf.isc_target_addr, \ 129 S->is_conf.isc_target, ## __VA_ARGS__); \ 130 } \ 131 } while (0) 132 133#define ISCSI_SESSION_WARN(S, X, ...) \ 134 do { \ 135 if (debug > 0) { \ 136 printf("WARNING: %s (%s): " X "\n", \ 137 S->is_conf.isc_target_addr, \ 138 S->is_conf.isc_target, ## __VA_ARGS__); \ 139 } \ 140 } while (0) 141 142#define ISCSI_SESSION_LOCK(X) mtx_lock(&X->is_lock) 143#define ISCSI_SESSION_UNLOCK(X) mtx_unlock(&X->is_lock) 144#define ISCSI_SESSION_LOCK_ASSERT(X) mtx_assert(&X->is_lock, MA_OWNED) 145 146static int iscsi_ioctl(struct cdev *dev, u_long cmd, caddr_t arg, 147 int mode, struct thread *td); 148 149static struct cdevsw iscsi_cdevsw = { 150 .d_version = D_VERSION, 151 .d_ioctl = iscsi_ioctl, 152 .d_name = "iscsi", 153}; 154 155static void iscsi_pdu_queue_locked(struct icl_pdu *request); 156static void iscsi_pdu_queue(struct icl_pdu *request); 157static void iscsi_pdu_update_statsn(const struct icl_pdu *response); 158static void iscsi_pdu_handle_nop_in(struct icl_pdu *response); 159static void iscsi_pdu_handle_scsi_response(struct icl_pdu *response); 160static void iscsi_pdu_handle_data_in(struct icl_pdu *response); 161static void iscsi_pdu_handle_logout_response(struct icl_pdu *response); 162static void iscsi_pdu_handle_r2t(struct icl_pdu *response); 163static void iscsi_pdu_handle_async_message(struct icl_pdu *response); 164static void iscsi_pdu_handle_reject(struct icl_pdu *response); 165static void iscsi_session_reconnect(struct iscsi_session *is); 166static void iscsi_session_terminate(struct iscsi_session *is); 167static void iscsi_action(struct cam_sim *sim, union ccb *ccb); 168static void iscsi_poll(struct cam_sim *sim); 169static struct iscsi_outstanding *iscsi_outstanding_find(struct iscsi_session *is, 170 uint32_t initiator_task_tag); 171static int iscsi_outstanding_add(struct iscsi_session *is, 172 uint32_t initiator_task_tag, union ccb *ccb); 173static void iscsi_outstanding_remove(struct iscsi_session *is, 174 struct iscsi_outstanding *io); 175 176static bool 177iscsi_pdu_prepare(struct icl_pdu *request) 178{ 179 struct iscsi_session *is; 180 struct iscsi_bhs_scsi_command *bhssc; 181 182 is = PDU_SESSION(request); 183 184 ISCSI_SESSION_LOCK_ASSERT(is); 185 186 /* 187 * We're only using fields common for all the request 188 * (initiator -> target) PDUs. 189 */ 190 bhssc = (struct iscsi_bhs_scsi_command *)request->ip_bhs; 191 192 /* 193 * Data-Out PDU does not contain CmdSN. 194 */ 195 if (bhssc->bhssc_opcode != ISCSI_BHS_OPCODE_SCSI_DATA_OUT) { 196 if (is->is_cmdsn > is->is_maxcmdsn && 197 (bhssc->bhssc_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0) { 198 /* 199 * Current MaxCmdSN prevents us from sending any more 200 * SCSI Command PDUs to the target; postpone the PDU. 201 * It will get resent by either iscsi_pdu_queue(), 202 * or by maintenance thread. 203 */ 204#if 0 205 ISCSI_SESSION_DEBUG(is, "postponing send, CmdSN %d, ExpCmdSN %d, MaxCmdSN %d, opcode 0x%x", 206 is->is_cmdsn, is->is_expcmdsn, is->is_maxcmdsn, bhssc->bhssc_opcode); 207#endif 208 return (true); 209 } 210 bhssc->bhssc_cmdsn = htonl(is->is_cmdsn); 211 if ((bhssc->bhssc_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0) 212 is->is_cmdsn++; 213 } 214 bhssc->bhssc_expstatsn = htonl(is->is_statsn + 1); 215 216 return (false); 217} 218 219static void 220iscsi_session_send_postponed(struct iscsi_session *is) 221{ 222 struct icl_pdu *request; 223 bool postpone; 224 225 ISCSI_SESSION_LOCK_ASSERT(is); 226 227 while (!STAILQ_EMPTY(&is->is_postponed)) { 228 request = STAILQ_FIRST(&is->is_postponed); 229 postpone = iscsi_pdu_prepare(request); 230 if (postpone) 231 break; 232 STAILQ_REMOVE_HEAD(&is->is_postponed, ip_next); 233 icl_pdu_queue(request); 234 } 235} 236 237static void 238iscsi_pdu_queue_locked(struct icl_pdu *request) 239{ 240 struct iscsi_session *is; 241 bool postpone; 242 243 is = PDU_SESSION(request); 244 ISCSI_SESSION_LOCK_ASSERT(is); 245 iscsi_session_send_postponed(is); 246 postpone = iscsi_pdu_prepare(request); 247 if (postpone) { 248 STAILQ_INSERT_TAIL(&is->is_postponed, request, ip_next); 249 return; 250 } 251 icl_pdu_queue(request); 252} 253 254static void 255iscsi_pdu_queue(struct icl_pdu *request) 256{ 257 struct iscsi_session *is; 258 259 is = PDU_SESSION(request); 260 ISCSI_SESSION_LOCK(is); 261 iscsi_pdu_queue_locked(request); 262 ISCSI_SESSION_UNLOCK(is); 263} 264 265static void 266iscsi_session_logout(struct iscsi_session *is) 267{ 268 struct icl_pdu *request; 269 struct iscsi_bhs_logout_request *bhslr; 270 271 request = icl_pdu_new_bhs(is->is_conn, M_NOWAIT); 272 if (request == NULL) 273 return; 274 275 bhslr = (struct iscsi_bhs_logout_request *)request->ip_bhs; 276 bhslr->bhslr_opcode = ISCSI_BHS_OPCODE_LOGOUT_REQUEST; 277 bhslr->bhslr_reason = BHSLR_REASON_CLOSE_SESSION; 278 iscsi_pdu_queue_locked(request); 279} 280 281static void 282iscsi_session_terminate_tasks(struct iscsi_session *is, bool requeue) 283{ 284 struct iscsi_outstanding *io, *tmp; 285 286 ISCSI_SESSION_LOCK_ASSERT(is); 287 288 TAILQ_FOREACH_SAFE(io, &is->is_outstanding, io_next, tmp) { 289 if (requeue) { 290 io->io_ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 291 io->io_ccb->ccb_h.status |= CAM_REQUEUE_REQ; 292 } else { 293 io->io_ccb->ccb_h.status = CAM_REQ_ABORTED; 294 } 295 296 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 297 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 298 ISCSI_SESSION_DEBUG(is, "freezing devq"); 299 } 300 io->io_ccb->ccb_h.status |= CAM_DEV_QFRZN; 301 xpt_done(io->io_ccb); 302 iscsi_outstanding_remove(is, io); 303 } 304} 305 306static void 307iscsi_session_cleanup(struct iscsi_session *is, bool destroy_sim) 308{ 309 struct icl_pdu *pdu; 310 311 ISCSI_SESSION_LOCK_ASSERT(is); 312 313 /* 314 * Don't queue any new PDUs. 315 */ 316 if (is->is_sim != NULL && is->is_simq_frozen == false) { 317 ISCSI_SESSION_DEBUG(is, "freezing"); 318 xpt_freeze_simq(is->is_sim, 1); 319 is->is_simq_frozen = true; 320 } 321 322 /* 323 * Remove postponed PDUs. 324 */ 325 while (!STAILQ_EMPTY(&is->is_postponed)) { 326 pdu = STAILQ_FIRST(&is->is_postponed); 327 STAILQ_REMOVE_HEAD(&is->is_postponed, ip_next); 328 icl_pdu_free(pdu); 329 } 330 331 if (destroy_sim == false) { 332 /* 333 * Terminate SCSI tasks, asking CAM to requeue them. 334 */ 335 iscsi_session_terminate_tasks(is, true); 336 return; 337 } 338 339 iscsi_session_terminate_tasks(is, false); 340 341 if (is->is_sim == NULL) 342 return; 343 344 ISCSI_SESSION_DEBUG(is, "deregistering SIM"); 345 xpt_async(AC_LOST_DEVICE, is->is_path, NULL); 346 347 if (is->is_simq_frozen) { 348 xpt_release_simq(is->is_sim, 1); 349 is->is_simq_frozen = false; 350 } 351 352 xpt_free_path(is->is_path); 353 is->is_path = NULL; 354 xpt_bus_deregister(cam_sim_path(is->is_sim)); 355 cam_sim_free(is->is_sim, TRUE /*free_devq*/); 356 is->is_sim = NULL; 357 is->is_devq = NULL; 358} 359 360static void 361iscsi_maintenance_thread_reconnect(struct iscsi_session *is) 362{ 363 364 icl_conn_shutdown(is->is_conn); 365 icl_conn_close(is->is_conn); 366 367 ISCSI_SESSION_LOCK(is); 368 369 is->is_connected = false; 370 is->is_reconnecting = false; 371 is->is_login_phase = false; 372 373#ifdef ICL_KERNEL_PROXY 374 if (is->is_login_pdu != NULL) { 375 icl_pdu_free(is->is_login_pdu); 376 is->is_login_pdu = NULL; 377 } 378 cv_signal(&is->is_login_cv); 379#endif 380 381 if (fail_on_disconnection) { 382 ISCSI_SESSION_DEBUG(is, "connection failed, destroying devices"); 383 iscsi_session_cleanup(is, true); 384 } else { 385 iscsi_session_cleanup(is, false); 386 } 387 388 KASSERT(TAILQ_EMPTY(&is->is_outstanding), 389 ("destroying session with active tasks")); 390 KASSERT(STAILQ_EMPTY(&is->is_postponed), 391 ("destroying session with postponed PDUs")); 392 393 /* 394 * Request immediate reconnection from iscsid(8). 395 */ 396 //ISCSI_SESSION_DEBUG(is, "waking up iscsid(8)"); 397 is->is_waiting_for_iscsid = true; 398 strlcpy(is->is_reason, "Waiting for iscsid(8)", sizeof(is->is_reason)); 399 is->is_timeout = 0; 400 ISCSI_SESSION_UNLOCK(is); 401 cv_signal(&is->is_softc->sc_cv); 402} 403 404static void 405iscsi_maintenance_thread_terminate(struct iscsi_session *is) 406{ 407 struct iscsi_softc *sc; 408 409 sc = is->is_softc; 410 sx_xlock(&sc->sc_lock); 411 TAILQ_REMOVE(&sc->sc_sessions, is, is_next); 412 sx_xunlock(&sc->sc_lock); 413 414 icl_conn_close(is->is_conn); 415 416 ISCSI_SESSION_LOCK(is); 417 418 KASSERT(is->is_terminating, ("is_terminating == false")); 419 420#ifdef ICL_KERNEL_PROXY 421 if (is->is_login_pdu != NULL) { 422 icl_pdu_free(is->is_login_pdu); 423 is->is_login_pdu = NULL; 424 } 425 cv_signal(&is->is_login_cv); 426#endif 427 428 callout_drain(&is->is_callout); 429 430 iscsi_session_cleanup(is, true); 431 432 KASSERT(TAILQ_EMPTY(&is->is_outstanding), 433 ("destroying session with active tasks")); 434 KASSERT(STAILQ_EMPTY(&is->is_postponed), 435 ("destroying session with postponed PDUs")); 436 437 ISCSI_SESSION_UNLOCK(is); 438 439 icl_conn_free(is->is_conn); 440 mtx_destroy(&is->is_lock); 441 cv_destroy(&is->is_maintenance_cv); 442#ifdef ICL_KERNEL_PROXY 443 cv_destroy(&is->is_login_cv); 444#endif 445 ISCSI_SESSION_DEBUG(is, "terminated"); 446 free(is, M_ISCSI); 447 448 /* 449 * The iscsi_unload() routine might be waiting. 450 */ 451 cv_signal(&sc->sc_cv); 452} 453 454static void 455iscsi_maintenance_thread(void *arg) 456{ 457 struct iscsi_session *is; 458 459 is = arg; 460 461 for (;;) { 462 ISCSI_SESSION_LOCK(is); 463 if (is->is_reconnecting == false && 464 is->is_terminating == false && 465 STAILQ_EMPTY(&is->is_postponed)) 466 cv_wait(&is->is_maintenance_cv, &is->is_lock); 467 468 if (is->is_reconnecting) { 469 ISCSI_SESSION_UNLOCK(is); 470 iscsi_maintenance_thread_reconnect(is); 471 continue; 472 } 473 474 if (is->is_terminating) { 475 ISCSI_SESSION_UNLOCK(is); 476 iscsi_maintenance_thread_terminate(is); 477 kthread_exit(); 478 return; 479 } 480 481 iscsi_session_send_postponed(is); 482 ISCSI_SESSION_UNLOCK(is); 483 } 484} 485 486static void 487iscsi_session_reconnect(struct iscsi_session *is) 488{ 489 490 /* 491 * XXX: We can't use locking here, because 492 * it's being called from various contexts. 493 * Hope it doesn't break anything. 494 */ 495 if (is->is_reconnecting) 496 return; 497 498 is->is_reconnecting = true; 499 cv_signal(&is->is_maintenance_cv); 500} 501 502static void 503iscsi_session_terminate(struct iscsi_session *is) 504{ 505 if (is->is_terminating) 506 return; 507 508 is->is_terminating = true; 509 510#if 0 511 iscsi_session_logout(is); 512#endif 513 cv_signal(&is->is_maintenance_cv); 514} 515 516static void 517iscsi_callout(void *context) 518{ 519 struct icl_pdu *request; 520 struct iscsi_bhs_nop_out *bhsno; 521 struct iscsi_session *is; 522 bool reconnect_needed = false; 523 524 is = context; 525 526 if (is->is_terminating) 527 return; 528 529 callout_schedule(&is->is_callout, 1 * hz); 530 531 ISCSI_SESSION_LOCK(is); 532 is->is_timeout++; 533 534 if (is->is_waiting_for_iscsid) { 535 if (is->is_timeout > iscsid_timeout) { 536 ISCSI_SESSION_WARN(is, "timed out waiting for iscsid(8) " 537 "for %d seconds; reconnecting", 538 is->is_timeout); 539 reconnect_needed = true; 540 } 541 goto out; 542 } 543 544 if (is->is_login_phase) { 545 if (is->is_timeout > login_timeout) { 546 ISCSI_SESSION_WARN(is, "login timed out after %d seconds; " 547 "reconnecting", is->is_timeout); 548 reconnect_needed = true; 549 } 550 goto out; 551 } 552 553 if (is->is_timeout >= ping_timeout) { 554 ISCSI_SESSION_WARN(is, "no ping reply (NOP-In) after %d seconds; " 555 "reconnecting", ping_timeout); 556 reconnect_needed = true; 557 goto out; 558 } 559 560 ISCSI_SESSION_UNLOCK(is); 561 562 /* 563 * If the ping was reset less than one second ago - which means 564 * that we've received some PDU during the last second - assume 565 * the traffic flows correctly and don't bother sending a NOP-Out. 566 * 567 * (It's 2 - one for one second, and one for incrementing is_timeout 568 * earlier in this routine.) 569 */ 570 if (is->is_timeout < 2) 571 return; 572 573 request = icl_pdu_new_bhs(is->is_conn, M_NOWAIT); 574 if (request == NULL) { 575 ISCSI_SESSION_WARN(is, "failed to allocate PDU"); 576 return; 577 } 578 bhsno = (struct iscsi_bhs_nop_out *)request->ip_bhs; 579 bhsno->bhsno_opcode = ISCSI_BHS_OPCODE_NOP_OUT | 580 ISCSI_BHS_OPCODE_IMMEDIATE; 581 bhsno->bhsno_flags = 0x80; 582 bhsno->bhsno_target_transfer_tag = 0xffffffff; 583 iscsi_pdu_queue(request); 584 return; 585 586out: 587 ISCSI_SESSION_UNLOCK(is); 588 589 if (reconnect_needed) 590 iscsi_session_reconnect(is); 591} 592 593static void 594iscsi_pdu_update_statsn(const struct icl_pdu *response) 595{ 596 const struct iscsi_bhs_data_in *bhsdi; 597 struct iscsi_session *is; 598 uint32_t expcmdsn, maxcmdsn; 599 600 is = PDU_SESSION(response); 601 602 ISCSI_SESSION_LOCK_ASSERT(is); 603 604 /* 605 * We're only using fields common for all the response 606 * (target -> initiator) PDUs. 607 */ 608 bhsdi = (const struct iscsi_bhs_data_in *)response->ip_bhs; 609 /* 610 * Ok, I lied. In case of Data-In, "The fields StatSN, Status, 611 * and Residual Count only have meaningful content if the S bit 612 * is set to 1", so we also need to check the bit specific for 613 * Data-In PDU. 614 */ 615 if (bhsdi->bhsdi_opcode != ISCSI_BHS_OPCODE_SCSI_DATA_IN || 616 (bhsdi->bhsdi_flags & BHSDI_FLAGS_S) != 0) { 617 if (ntohl(bhsdi->bhsdi_statsn) < is->is_statsn) { 618 ISCSI_SESSION_WARN(is, 619 "PDU StatSN %d >= session StatSN %d, opcode 0x%x", 620 is->is_statsn, ntohl(bhsdi->bhsdi_statsn), 621 bhsdi->bhsdi_opcode); 622 } 623 is->is_statsn = ntohl(bhsdi->bhsdi_statsn); 624 } 625 626 expcmdsn = ntohl(bhsdi->bhsdi_expcmdsn); 627 maxcmdsn = ntohl(bhsdi->bhsdi_maxcmdsn); 628 629 /* 630 * XXX: Compare using Serial Arithmetic Sense. 631 */ 632 if (maxcmdsn + 1 < expcmdsn) { 633 ISCSI_SESSION_DEBUG(is, "PDU MaxCmdSN %d + 1 < PDU ExpCmdSN %d; ignoring", 634 maxcmdsn, expcmdsn); 635 } else { 636 if (maxcmdsn > is->is_maxcmdsn) { 637 is->is_maxcmdsn = maxcmdsn; 638 639 /* 640 * Command window increased; kick the maintanance thread 641 * to send out postponed commands. 642 */ 643 if (!STAILQ_EMPTY(&is->is_postponed)) 644 cv_signal(&is->is_maintenance_cv); 645 } else if (maxcmdsn < is->is_maxcmdsn) { 646 ISCSI_SESSION_DEBUG(is, "PDU MaxCmdSN %d < session MaxCmdSN %d; ignoring", 647 maxcmdsn, is->is_maxcmdsn); 648 } 649 650 if (expcmdsn > is->is_expcmdsn) { 651 is->is_expcmdsn = expcmdsn; 652 } else if (expcmdsn < is->is_expcmdsn) { 653 ISCSI_SESSION_DEBUG(is, "PDU ExpCmdSN %d < session ExpCmdSN %d; ignoring", 654 expcmdsn, is->is_expcmdsn); 655 } 656 } 657 658 /* 659 * Every incoming PDU - not just NOP-In - resets the ping timer. 660 * The purpose of the timeout is to reset the connection when it stalls; 661 * we don't want this to happen when NOP-In or NOP-Out ends up delayed 662 * in some queue. 663 */ 664 is->is_timeout = 0; 665} 666 667static void 668iscsi_receive_callback(struct icl_pdu *response) 669{ 670 struct iscsi_session *is; 671 672 is = PDU_SESSION(response); 673 674 ISCSI_SESSION_LOCK(is); 675 676#ifdef ICL_KERNEL_PROXY 677 if (is->is_login_phase) { 678 if (is->is_login_pdu == NULL) 679 is->is_login_pdu = response; 680 else 681 icl_pdu_free(response); 682 ISCSI_SESSION_UNLOCK(is); 683 cv_signal(&is->is_login_cv); 684 return; 685 } 686#endif 687 688 iscsi_pdu_update_statsn(response); 689 690 /* 691 * The handling routine is responsible for freeing the PDU 692 * when it's no longer needed. 693 */ 694 switch (response->ip_bhs->bhs_opcode) { 695 case ISCSI_BHS_OPCODE_NOP_IN: 696 iscsi_pdu_handle_nop_in(response); 697 break; 698 case ISCSI_BHS_OPCODE_SCSI_RESPONSE: 699 iscsi_pdu_handle_scsi_response(response); 700 break; 701 case ISCSI_BHS_OPCODE_SCSI_DATA_IN: 702 iscsi_pdu_handle_data_in(response); 703 break; 704 case ISCSI_BHS_OPCODE_LOGOUT_RESPONSE: 705 iscsi_pdu_handle_logout_response(response); 706 break; 707 case ISCSI_BHS_OPCODE_R2T: 708 iscsi_pdu_handle_r2t(response); 709 break; 710 case ISCSI_BHS_OPCODE_ASYNC_MESSAGE: 711 iscsi_pdu_handle_async_message(response); 712 break; 713 case ISCSI_BHS_OPCODE_REJECT: 714 iscsi_pdu_handle_reject(response); 715 break; 716 default: 717 ISCSI_SESSION_WARN(is, "received PDU with unsupported " 718 "opcode 0x%x; reconnecting", 719 response->ip_bhs->bhs_opcode); 720 iscsi_session_reconnect(is); 721 icl_pdu_free(response); 722 } 723 724 ISCSI_SESSION_UNLOCK(is); 725} 726 727static void 728iscsi_error_callback(struct icl_conn *ic) 729{ 730 struct iscsi_session *is; 731 732 is = CONN_SESSION(ic); 733 734 ISCSI_SESSION_WARN(is, "connection error; reconnecting"); 735 iscsi_session_reconnect(is); 736} 737 738static void 739iscsi_pdu_handle_nop_in(struct icl_pdu *response) 740{ 741 struct iscsi_session *is; 742 struct iscsi_bhs_nop_out *bhsno; 743 struct iscsi_bhs_nop_in *bhsni; 744 struct icl_pdu *request; 745 void *data = NULL; 746 size_t datasize; 747 int error; 748 749 is = PDU_SESSION(response); 750 bhsni = (struct iscsi_bhs_nop_in *)response->ip_bhs; 751 752 if (bhsni->bhsni_target_transfer_tag == 0xffffffff) { 753 /* 754 * Nothing to do; iscsi_pdu_update_statsn() already 755 * zeroed the timeout. 756 */ 757 icl_pdu_free(response); 758 return; 759 } 760 761 datasize = icl_pdu_data_segment_length(response); 762 if (datasize > 0) { 763 data = malloc(datasize, M_ISCSI, M_NOWAIT | M_ZERO); 764 if (data == NULL) { 765 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 766 "reconnecting"); 767 icl_pdu_free(response); 768 iscsi_session_reconnect(is); 769 return; 770 } 771 icl_pdu_get_data(response, 0, data, datasize); 772 } 773 774 request = icl_pdu_new_bhs(response->ip_conn, M_NOWAIT); 775 if (request == NULL) { 776 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 777 "reconnecting"); 778 free(data, M_ISCSI); 779 icl_pdu_free(response); 780 iscsi_session_reconnect(is); 781 return; 782 } 783 bhsno = (struct iscsi_bhs_nop_out *)request->ip_bhs; 784 bhsno->bhsno_opcode = ISCSI_BHS_OPCODE_NOP_OUT | 785 ISCSI_BHS_OPCODE_IMMEDIATE; 786 bhsno->bhsno_flags = 0x80; 787 bhsno->bhsno_initiator_task_tag = 0xffffffff; 788 bhsno->bhsno_target_transfer_tag = bhsni->bhsni_target_transfer_tag; 789 if (datasize > 0) { 790 error = icl_pdu_append_data(request, data, datasize, M_NOWAIT); 791 if (error != 0) { 792 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 793 "reconnecting"); 794 free(data, M_ISCSI); 795 icl_pdu_free(request); 796 icl_pdu_free(response); 797 iscsi_session_reconnect(is); 798 return; 799 } 800 free(data, M_ISCSI); 801 } 802 803 icl_pdu_free(response); 804 iscsi_pdu_queue_locked(request); 805} 806 807static void 808iscsi_pdu_handle_scsi_response(struct icl_pdu *response) 809{ 810 struct iscsi_bhs_scsi_response *bhssr; 811 struct iscsi_outstanding *io; 812 struct iscsi_session *is; 813 struct ccb_scsiio *csio; 814 size_t data_segment_len; 815 uint16_t sense_len; 816 817 is = PDU_SESSION(response); 818 819 bhssr = (struct iscsi_bhs_scsi_response *)response->ip_bhs; 820 io = iscsi_outstanding_find(is, bhssr->bhssr_initiator_task_tag); 821 if (io == NULL) { 822 ISCSI_SESSION_WARN(is, "bad itt 0x%x", bhssr->bhssr_initiator_task_tag); 823 icl_pdu_free(response); 824 iscsi_session_reconnect(is); 825 return; 826 } 827 828 if (bhssr->bhssr_response != BHSSR_RESPONSE_COMMAND_COMPLETED) { 829 ISCSI_SESSION_WARN(is, "service response 0x%x", bhssr->bhssr_response); 830 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 831 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 832 ISCSI_SESSION_DEBUG(is, "freezing devq"); 833 } 834 io->io_ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN; 835 } else if (bhssr->bhssr_status == 0) { 836 io->io_ccb->ccb_h.status = CAM_REQ_CMP; 837 } else { 838 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 839 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 840 ISCSI_SESSION_DEBUG(is, "freezing devq"); 841 } 842 io->io_ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | CAM_DEV_QFRZN; 843 io->io_ccb->csio.scsi_status = bhssr->bhssr_status; 844 } 845 846 if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_OVERFLOW) { 847 ISCSI_SESSION_WARN(is, "target indicated residual overflow"); 848 icl_pdu_free(response); 849 iscsi_session_reconnect(is); 850 return; 851 } 852 853 csio = &io->io_ccb->csio; 854 855 data_segment_len = icl_pdu_data_segment_length(response); 856 if (data_segment_len > 0) { 857 if (data_segment_len < sizeof(sense_len)) { 858 ISCSI_SESSION_WARN(is, "truncated data segment (%zd bytes)", 859 data_segment_len); 860 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 861 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 862 ISCSI_SESSION_DEBUG(is, "freezing devq"); 863 } 864 io->io_ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN; 865 goto out; 866 } 867 icl_pdu_get_data(response, 0, &sense_len, sizeof(sense_len)); 868 sense_len = ntohs(sense_len); 869#if 0 870 ISCSI_SESSION_DEBUG(is, "sense_len %d, data len %zd", 871 sense_len, data_segment_len); 872#endif 873 if (sizeof(sense_len) + sense_len > data_segment_len) { 874 ISCSI_SESSION_WARN(is, "truncated data segment " 875 "(%zd bytes, should be %zd)", 876 data_segment_len, sizeof(sense_len) + sense_len); 877 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 878 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 879 ISCSI_SESSION_DEBUG(is, "freezing devq"); 880 } 881 io->io_ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN; 882 goto out; 883 } else if (sizeof(sense_len) + sense_len < data_segment_len) 884 ISCSI_SESSION_WARN(is, "oversize data segment " 885 "(%zd bytes, should be %zd)", 886 data_segment_len, sizeof(sense_len) + sense_len); 887 if (sense_len > csio->sense_len) { 888 ISCSI_SESSION_DEBUG(is, "truncating sense from %d to %d", 889 sense_len, csio->sense_len); 890 sense_len = csio->sense_len; 891 } 892 icl_pdu_get_data(response, sizeof(sense_len), &csio->sense_data, sense_len); 893 csio->sense_resid = csio->sense_len - sense_len; 894 io->io_ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 895 } 896 897out: 898 if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_UNDERFLOW) 899 csio->resid = ntohl(bhssr->bhssr_residual_count); 900 901 if ((csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 902 KASSERT(io->io_received <= csio->dxfer_len, 903 ("io->io_received > csio->dxfer_len")); 904 if (io->io_received < csio->dxfer_len) { 905 if (csio->resid != csio->dxfer_len - io->io_received) { 906 ISCSI_SESSION_WARN(is, "underflow mismatch: " 907 "target indicates %d, we calculated %zd", 908 csio->resid, 909 csio->dxfer_len - io->io_received); 910 } 911 csio->resid = csio->dxfer_len - io->io_received; 912 } 913 } 914 915 xpt_done(io->io_ccb); 916 iscsi_outstanding_remove(is, io); 917 icl_pdu_free(response); 918} 919 920static void 921iscsi_pdu_handle_data_in(struct icl_pdu *response) 922{ 923 struct iscsi_bhs_data_in *bhsdi; 924 struct iscsi_outstanding *io; 925 struct iscsi_session *is; 926 struct ccb_scsiio *csio; 927 size_t data_segment_len; 928 929 is = PDU_SESSION(response); 930 bhsdi = (struct iscsi_bhs_data_in *)response->ip_bhs; 931 io = iscsi_outstanding_find(is, bhsdi->bhsdi_initiator_task_tag); 932 if (io == NULL) { 933 ISCSI_SESSION_WARN(is, "bad itt 0x%x", bhsdi->bhsdi_initiator_task_tag); 934 icl_pdu_free(response); 935 iscsi_session_reconnect(is); 936 return; 937 } 938 939 data_segment_len = icl_pdu_data_segment_length(response); 940 if (data_segment_len == 0) { 941 /* 942 * "The sending of 0 length data segments should be avoided, 943 * but initiators and targets MUST be able to properly receive 944 * 0 length data segments." 945 */ 946 icl_pdu_free(response); 947 return; 948 } 949 950 /* 951 * We need to track this for security reasons - without it, malicious target 952 * could respond to SCSI READ without sending Data-In PDUs, which would result 953 * in read operation on the initiator side returning random kernel data. 954 */ 955 if (ntohl(bhsdi->bhsdi_buffer_offset) != io->io_received) { 956 ISCSI_SESSION_WARN(is, "data out of order; expected offset %zd, got %zd", 957 io->io_received, (size_t)ntohl(bhsdi->bhsdi_buffer_offset)); 958 icl_pdu_free(response); 959 iscsi_session_reconnect(is); 960 return; 961 } 962 963 csio = &io->io_ccb->csio; 964 965 if (io->io_received + data_segment_len > csio->dxfer_len) { 966 ISCSI_SESSION_WARN(is, "oversize data segment (%zd bytes " 967 "at offset %zd, buffer is %d)", 968 data_segment_len, io->io_received, csio->dxfer_len); 969 icl_pdu_free(response); 970 iscsi_session_reconnect(is); 971 return; 972 } 973 974 icl_pdu_get_data(response, 0, csio->data_ptr + io->io_received, data_segment_len); 975 io->io_received += data_segment_len; 976 977 /* 978 * XXX: Check DataSN. 979 * XXX: Check F. 980 */ 981 if ((bhsdi->bhsdi_flags & BHSDI_FLAGS_S) == 0) { 982 /* 983 * Nothing more to do. 984 */ 985 icl_pdu_free(response); 986 return; 987 } 988 989 //ISCSI_SESSION_DEBUG(is, "got S flag; status 0x%x", bhsdi->bhsdi_status); 990 if (bhsdi->bhsdi_status == 0) { 991 io->io_ccb->ccb_h.status = CAM_REQ_CMP; 992 } else { 993 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 994 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 995 ISCSI_SESSION_DEBUG(is, "freezing devq"); 996 } 997 io->io_ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | CAM_DEV_QFRZN; 998 csio->scsi_status = bhsdi->bhsdi_status; 999 } 1000 1001 if ((csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1002 KASSERT(io->io_received <= csio->dxfer_len, 1003 ("io->io_received > csio->dxfer_len")); 1004 if (io->io_received < csio->dxfer_len) { 1005 csio->resid = ntohl(bhsdi->bhsdi_residual_count); 1006 if (csio->resid != csio->dxfer_len - io->io_received) { 1007 ISCSI_SESSION_WARN(is, "underflow mismatch: " 1008 "target indicates %d, we calculated %zd", 1009 csio->resid, 1010 csio->dxfer_len - io->io_received); 1011 } 1012 csio->resid = csio->dxfer_len - io->io_received; 1013 } 1014 } 1015 1016 xpt_done(io->io_ccb); 1017 iscsi_outstanding_remove(is, io); 1018 icl_pdu_free(response); 1019} 1020 1021static void 1022iscsi_pdu_handle_logout_response(struct icl_pdu *response) 1023{ 1024 1025 ISCSI_SESSION_DEBUG(PDU_SESSION(response), "logout response"); 1026 icl_pdu_free(response); 1027} 1028 1029static void 1030iscsi_pdu_handle_r2t(struct icl_pdu *response) 1031{ 1032 struct icl_pdu *request; 1033 struct iscsi_session *is; 1034 struct iscsi_bhs_r2t *bhsr2t; 1035 struct iscsi_bhs_data_out *bhsdo; 1036 struct iscsi_outstanding *io; 1037 struct ccb_scsiio *csio; 1038 size_t off, len, total_len; 1039 int error; 1040 1041 is = PDU_SESSION(response); 1042 1043 bhsr2t = (struct iscsi_bhs_r2t *)response->ip_bhs; 1044 io = iscsi_outstanding_find(is, bhsr2t->bhsr2t_initiator_task_tag); 1045 if (io == NULL) { 1046 ISCSI_SESSION_WARN(is, "bad itt 0x%x; reconnecting", 1047 bhsr2t->bhsr2t_initiator_task_tag); 1048 icl_pdu_free(response); 1049 iscsi_session_reconnect(is); 1050 return; 1051 } 1052 1053 csio = &io->io_ccb->csio; 1054 1055 if ((csio->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_OUT) { 1056 ISCSI_SESSION_WARN(is, "received R2T for read command; reconnecting"); 1057 icl_pdu_free(response); 1058 iscsi_session_reconnect(is); 1059 return; 1060 } 1061 1062 /* 1063 * XXX: Verify R2TSN. 1064 */ 1065 1066 io->io_datasn = 0; 1067 1068 off = ntohl(bhsr2t->bhsr2t_buffer_offset); 1069 if (off > csio->dxfer_len) { 1070 ISCSI_SESSION_WARN(is, "target requested invalid offset " 1071 "%zd, buffer is is %d; reconnecting", off, csio->dxfer_len); 1072 icl_pdu_free(response); 1073 iscsi_session_reconnect(is); 1074 return; 1075 } 1076 1077 total_len = ntohl(bhsr2t->bhsr2t_desired_data_transfer_length); 1078 if (total_len == 0 || total_len > csio->dxfer_len) { 1079 ISCSI_SESSION_WARN(is, "target requested invalid length " 1080 "%zd, buffer is %d; reconnecting", total_len, csio->dxfer_len); 1081 icl_pdu_free(response); 1082 iscsi_session_reconnect(is); 1083 return; 1084 } 1085 1086 //ISCSI_SESSION_DEBUG(is, "r2t; off %zd, len %zd", off, total_len); 1087 1088 for (;;) { 1089 len = total_len; 1090 1091 if (len > is->is_max_data_segment_length) 1092 len = is->is_max_data_segment_length; 1093 1094 if (off + len > csio->dxfer_len) { 1095 ISCSI_SESSION_WARN(is, "target requested invalid " 1096 "length/offset %zd, buffer is %d; reconnecting", 1097 off + len, csio->dxfer_len); 1098 icl_pdu_free(response); 1099 iscsi_session_reconnect(is); 1100 return; 1101 } 1102 1103 request = icl_pdu_new_bhs(response->ip_conn, M_NOWAIT); 1104 if (request == NULL) { 1105 icl_pdu_free(response); 1106 iscsi_session_reconnect(is); 1107 return; 1108 } 1109 1110 bhsdo = (struct iscsi_bhs_data_out *)request->ip_bhs; 1111 bhsdo->bhsdo_opcode = ISCSI_BHS_OPCODE_SCSI_DATA_OUT; 1112 bhsdo->bhsdo_lun = bhsr2t->bhsr2t_lun; 1113 bhsdo->bhsdo_initiator_task_tag = 1114 bhsr2t->bhsr2t_initiator_task_tag; 1115 bhsdo->bhsdo_target_transfer_tag = 1116 bhsr2t->bhsr2t_target_transfer_tag; 1117 bhsdo->bhsdo_datasn = htonl(io->io_datasn++); 1118 bhsdo->bhsdo_buffer_offset = htonl(off); 1119 error = icl_pdu_append_data(request, csio->data_ptr + off, len, 1120 M_NOWAIT); 1121 if (error != 0) { 1122 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 1123 "reconnecting"); 1124 icl_pdu_free(request); 1125 icl_pdu_free(response); 1126 iscsi_session_reconnect(is); 1127 return; 1128 } 1129 1130 off += len; 1131 total_len -= len; 1132 1133 if (total_len == 0) { 1134 bhsdo->bhsdo_flags |= BHSDO_FLAGS_F; 1135 //ISCSI_SESSION_DEBUG(is, "setting F, off %zd", off); 1136 } else { 1137 //ISCSI_SESSION_DEBUG(is, "not finished, off %zd", off); 1138 } 1139 1140 iscsi_pdu_queue_locked(request); 1141 1142 if (total_len == 0) 1143 break; 1144 } 1145 1146 icl_pdu_free(response); 1147} 1148 1149static void 1150iscsi_pdu_handle_async_message(struct icl_pdu *response) 1151{ 1152 struct iscsi_bhs_asynchronous_message *bhsam; 1153 struct iscsi_session *is; 1154 1155 is = PDU_SESSION(response); 1156 bhsam = (struct iscsi_bhs_asynchronous_message *)response->ip_bhs; 1157 switch (bhsam->bhsam_async_event) { 1158 case BHSAM_EVENT_TARGET_REQUESTS_LOGOUT: 1159 ISCSI_SESSION_WARN(is, "target requests logout; removing session"); 1160 iscsi_session_logout(is); 1161 iscsi_session_terminate(is); 1162 break; 1163 case BHSAM_EVENT_TARGET_TERMINATES_CONNECTION: 1164 ISCSI_SESSION_WARN(is, "target indicates it will drop drop the connection"); 1165 break; 1166 case BHSAM_EVENT_TARGET_TERMINATES_SESSION: 1167 ISCSI_SESSION_WARN(is, "target indicates it will drop drop the session"); 1168 break; 1169 default: 1170 /* 1171 * XXX: Technically, we're obligated to also handle 1172 * parameter renegotiation. 1173 */ 1174 ISCSI_SESSION_WARN(is, "ignoring AsyncEvent %d", bhsam->bhsam_async_event); 1175 break; 1176 } 1177 1178 icl_pdu_free(response); 1179} 1180 1181static void 1182iscsi_pdu_handle_reject(struct icl_pdu *response) 1183{ 1184 struct iscsi_bhs_reject *bhsr; 1185 struct iscsi_session *is; 1186 1187 is = PDU_SESSION(response); 1188 bhsr = (struct iscsi_bhs_reject *)response->ip_bhs; 1189 ISCSI_SESSION_WARN(is, "received Reject PDU, reason 0x%x; protocol error?", 1190 bhsr->bhsr_reason); 1191 1192 icl_pdu_free(response); 1193} 1194 1195static int 1196iscsi_ioctl_daemon_wait(struct iscsi_softc *sc, 1197 struct iscsi_daemon_request *request) 1198{ 1199 struct iscsi_session *is; 1200 int error; 1201 1202 sx_slock(&sc->sc_lock); 1203 for (;;) { 1204 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1205 ISCSI_SESSION_LOCK(is); 1206 if (is->is_waiting_for_iscsid) 1207 break; 1208 ISCSI_SESSION_UNLOCK(is); 1209 } 1210 1211 if (is == NULL) { 1212 /* 1213 * No session requires attention from iscsid(8); wait. 1214 */ 1215 error = cv_wait_sig(&sc->sc_cv, &sc->sc_lock); 1216 if (error != 0) { 1217 sx_sunlock(&sc->sc_lock); 1218 return (error); 1219 } 1220 continue; 1221 } 1222 1223 is->is_waiting_for_iscsid = false; 1224 is->is_login_phase = true; 1225 is->is_reason[0] = '\0'; 1226 ISCSI_SESSION_UNLOCK(is); 1227 1228 request->idr_session_id = is->is_id; 1229 memcpy(&request->idr_conf, &is->is_conf, 1230 sizeof(request->idr_conf)); 1231 1232 sx_sunlock(&sc->sc_lock); 1233 return (0); 1234 } 1235} 1236 1237static int 1238iscsi_ioctl_daemon_handoff(struct iscsi_softc *sc, 1239 struct iscsi_daemon_handoff *handoff) 1240{ 1241 struct iscsi_session *is; 1242 int error; 1243 1244 sx_slock(&sc->sc_lock); 1245 1246 /* 1247 * Find the session to hand off socket to. 1248 */ 1249 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1250 if (is->is_id == handoff->idh_session_id) 1251 break; 1252 } 1253 if (is == NULL) { 1254 sx_sunlock(&sc->sc_lock); 1255 return (ESRCH); 1256 } 1257 ISCSI_SESSION_LOCK(is); 1258 if (is->is_conf.isc_discovery || is->is_terminating) { 1259 ISCSI_SESSION_UNLOCK(is); 1260 sx_sunlock(&sc->sc_lock); 1261 return (EINVAL); 1262 } 1263 if (is->is_connected) { 1264 /* 1265 * This might have happened because another iscsid(8) 1266 * instance handed off the connection in the meantime. 1267 * Just return. 1268 */ 1269 ISCSI_SESSION_WARN(is, "handoff on already connected " 1270 "session"); 1271 ISCSI_SESSION_UNLOCK(is); 1272 sx_sunlock(&sc->sc_lock); 1273 return (EBUSY); 1274 } 1275 1276 strlcpy(is->is_target_alias, handoff->idh_target_alias, 1277 sizeof(is->is_target_alias)); 1278 memcpy(is->is_isid, handoff->idh_isid, sizeof(is->is_isid)); 1279 is->is_statsn = handoff->idh_statsn; 1280 is->is_initial_r2t = handoff->idh_initial_r2t; 1281 is->is_immediate_data = handoff->idh_immediate_data; 1282 is->is_max_data_segment_length = handoff->idh_max_data_segment_length; 1283 is->is_max_burst_length = handoff->idh_max_burst_length; 1284 is->is_first_burst_length = handoff->idh_first_burst_length; 1285 1286 if (handoff->idh_header_digest == ISCSI_DIGEST_CRC32C) 1287 is->is_conn->ic_header_crc32c = true; 1288 else 1289 is->is_conn->ic_header_crc32c = false; 1290 if (handoff->idh_data_digest == ISCSI_DIGEST_CRC32C) 1291 is->is_conn->ic_data_crc32c = true; 1292 else 1293 is->is_conn->ic_data_crc32c = false; 1294 1295 is->is_cmdsn = 0; 1296 is->is_expcmdsn = 0; 1297 is->is_maxcmdsn = 0; 1298 is->is_waiting_for_iscsid = false; 1299 is->is_login_phase = false; 1300 is->is_timeout = 0; 1301 is->is_connected = true; 1302 is->is_reason[0] = '\0'; 1303 1304 ISCSI_SESSION_UNLOCK(is); 1305 1306#ifdef ICL_KERNEL_PROXY 1307 if (handoff->idh_socket != 0) { 1308#endif 1309 /* 1310 * Handoff without using ICL proxy. 1311 */ 1312 error = icl_conn_handoff(is->is_conn, handoff->idh_socket); 1313 if (error != 0) { 1314 sx_sunlock(&sc->sc_lock); 1315 iscsi_session_terminate(is); 1316 return (error); 1317 } 1318#ifdef ICL_KERNEL_PROXY 1319 } 1320#endif 1321 1322 sx_sunlock(&sc->sc_lock); 1323 1324 if (is->is_sim != NULL) { 1325 /* 1326 * When reconnecting, there already is SIM allocated for the session. 1327 */ 1328 KASSERT(is->is_simq_frozen, ("reconnect without frozen simq")); 1329 ISCSI_SESSION_LOCK(is); 1330 ISCSI_SESSION_DEBUG(is, "releasing"); 1331 xpt_release_simq(is->is_sim, 1); 1332 is->is_simq_frozen = false; 1333 ISCSI_SESSION_UNLOCK(is); 1334 1335 } else { 1336 ISCSI_SESSION_LOCK(is); 1337 is->is_devq = cam_simq_alloc(maxtags); 1338 if (is->is_devq == NULL) { 1339 ISCSI_SESSION_WARN(is, "failed to allocate simq"); 1340 iscsi_session_terminate(is); 1341 return (ENOMEM); 1342 } 1343 1344 is->is_sim = cam_sim_alloc(iscsi_action, iscsi_poll, "iscsi", 1345 is, is->is_id /* unit */, &is->is_lock, 1346 maxtags, maxtags, is->is_devq); 1347 if (is->is_sim == NULL) { 1348 ISCSI_SESSION_UNLOCK(is); 1349 ISCSI_SESSION_WARN(is, "failed to allocate SIM"); 1350 cam_simq_free(is->is_devq); 1351 iscsi_session_terminate(is); 1352 return (ENOMEM); 1353 } 1354 1355 error = xpt_bus_register(is->is_sim, NULL, 0); 1356 if (error != 0) { 1357 ISCSI_SESSION_UNLOCK(is); 1358 ISCSI_SESSION_WARN(is, "failed to register bus"); 1359 iscsi_session_terminate(is); 1360 return (ENOMEM); 1361 } 1362 1363 error = xpt_create_path(&is->is_path, /*periph*/NULL, 1364 cam_sim_path(is->is_sim), CAM_TARGET_WILDCARD, 1365 CAM_LUN_WILDCARD); 1366 if (error != CAM_REQ_CMP) { 1367 ISCSI_SESSION_UNLOCK(is); 1368 ISCSI_SESSION_WARN(is, "failed to create path"); 1369 iscsi_session_terminate(is); 1370 return (ENOMEM); 1371 } 1372 ISCSI_SESSION_UNLOCK(is); 1373 } 1374 1375 return (0); 1376} 1377 1378static int 1379iscsi_ioctl_daemon_fail(struct iscsi_softc *sc, 1380 struct iscsi_daemon_fail *fail) 1381{ 1382 struct iscsi_session *is; 1383 1384 sx_slock(&sc->sc_lock); 1385 1386 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1387 if (is->is_id == fail->idf_session_id) 1388 break; 1389 } 1390 if (is == NULL) { 1391 sx_sunlock(&sc->sc_lock); 1392 return (ESRCH); 1393 } 1394 ISCSI_SESSION_LOCK(is); 1395 ISCSI_SESSION_DEBUG(is, "iscsid(8) failed: %s", 1396 fail->idf_reason); 1397 strlcpy(is->is_reason, fail->idf_reason, sizeof(is->is_reason)); 1398 //is->is_waiting_for_iscsid = false; 1399 //is->is_login_phase = true; 1400 //iscsi_session_reconnect(is); 1401 ISCSI_SESSION_UNLOCK(is); 1402 sx_sunlock(&sc->sc_lock); 1403 1404 return (0); 1405} 1406 1407#ifdef ICL_KERNEL_PROXY 1408static int 1409iscsi_ioctl_daemon_connect(struct iscsi_softc *sc, 1410 struct iscsi_daemon_connect *idc) 1411{ 1412 struct iscsi_session *is; 1413 struct sockaddr *from_sa, *to_sa; 1414 int error; 1415 1416 sx_slock(&sc->sc_lock); 1417 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1418 if (is->is_id == idc->idc_session_id) 1419 break; 1420 } 1421 if (is == NULL) { 1422 sx_sunlock(&sc->sc_lock); 1423 return (ESRCH); 1424 } 1425 sx_sunlock(&sc->sc_lock); 1426 1427 if (idc->idc_from_addrlen > 0) { 1428 error = getsockaddr(&from_sa, (void *)idc->idc_from_addr, idc->idc_from_addrlen); 1429 if (error != 0) { 1430 ISCSI_SESSION_WARN(is, 1431 "getsockaddr failed with error %d", error); 1432 return (error); 1433 } 1434 } else { 1435 from_sa = NULL; 1436 } 1437 error = getsockaddr(&to_sa, (void *)idc->idc_to_addr, idc->idc_to_addrlen); 1438 if (error != 0) { 1439 ISCSI_SESSION_WARN(is, "getsockaddr failed with error %d", 1440 error); 1441 free(from_sa, M_SONAME); 1442 return (error); 1443 } 1444 1445 ISCSI_SESSION_LOCK(is); 1446 is->is_waiting_for_iscsid = false; 1447 is->is_login_phase = true; 1448 is->is_timeout = 0; 1449 ISCSI_SESSION_UNLOCK(is); 1450 1451 error = icl_conn_connect(is->is_conn, idc->idc_iser, idc->idc_domain, 1452 idc->idc_socktype, idc->idc_protocol, from_sa, to_sa); 1453 free(from_sa, M_SONAME); 1454 free(to_sa, M_SONAME); 1455 1456 /* 1457 * Digests are always disabled during login phase. 1458 */ 1459 is->is_conn->ic_header_crc32c = false; 1460 is->is_conn->ic_data_crc32c = false; 1461 1462 return (error); 1463} 1464 1465static int 1466iscsi_ioctl_daemon_send(struct iscsi_softc *sc, 1467 struct iscsi_daemon_send *ids) 1468{ 1469 struct iscsi_session *is; 1470 struct icl_pdu *ip; 1471 size_t datalen; 1472 void *data; 1473 int error; 1474 1475 sx_slock(&sc->sc_lock); 1476 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1477 if (is->is_id == ids->ids_session_id) 1478 break; 1479 } 1480 if (is == NULL) { 1481 sx_sunlock(&sc->sc_lock); 1482 return (ESRCH); 1483 } 1484 sx_sunlock(&sc->sc_lock); 1485 1486 if (is->is_login_phase == false) 1487 return (EBUSY); 1488 1489 if (is->is_terminating || is->is_reconnecting) 1490 return (EIO); 1491 1492 datalen = ids->ids_data_segment_len; 1493 if (datalen > ISCSI_MAX_DATA_SEGMENT_LENGTH) 1494 return (EINVAL); 1495 if (datalen > 0) { 1496 data = malloc(datalen, M_ISCSI, M_WAITOK); 1497 error = copyin(ids->ids_data_segment, data, datalen); 1498 if (error != 0) { 1499 free(data, M_ISCSI); 1500 return (error); 1501 } 1502 } 1503 1504 ip = icl_pdu_new_bhs(is->is_conn, M_WAITOK); 1505 memcpy(ip->ip_bhs, ids->ids_bhs, sizeof(*ip->ip_bhs)); 1506 if (datalen > 0) { 1507 error = icl_pdu_append_data(ip, data, datalen, M_WAITOK); 1508 KASSERT(error == 0, ("icl_pdu_append_data(..., M_WAITOK) failed")); 1509 free(data, M_ISCSI); 1510 } 1511 icl_pdu_queue(ip); 1512 1513 return (0); 1514} 1515 1516static int 1517iscsi_ioctl_daemon_receive(struct iscsi_softc *sc, 1518 struct iscsi_daemon_receive *idr) 1519{ 1520 struct iscsi_session *is; 1521 struct icl_pdu *ip; 1522 void *data; 1523 1524 sx_slock(&sc->sc_lock); 1525 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1526 if (is->is_id == idr->idr_session_id) 1527 break; 1528 } 1529 if (is == NULL) { 1530 sx_sunlock(&sc->sc_lock); 1531 return (ESRCH); 1532 } 1533 sx_sunlock(&sc->sc_lock); 1534 1535 if (is->is_login_phase == false) 1536 return (EBUSY); 1537 1538 ISCSI_SESSION_LOCK(is); 1539 while (is->is_login_pdu == NULL && 1540 is->is_terminating == false && 1541 is->is_reconnecting == false) 1542 cv_wait(&is->is_login_cv, &is->is_lock); 1543 if (is->is_terminating || is->is_reconnecting) { 1544 ISCSI_SESSION_UNLOCK(is); 1545 return (EIO); 1546 } 1547 ip = is->is_login_pdu; 1548 is->is_login_pdu = NULL; 1549 ISCSI_SESSION_UNLOCK(is); 1550 1551 if (ip->ip_data_len > idr->idr_data_segment_len) { 1552 icl_pdu_free(ip); 1553 return (EMSGSIZE); 1554 } 1555 1556 copyout(ip->ip_bhs, idr->idr_bhs, sizeof(*ip->ip_bhs)); 1557 if (ip->ip_data_len > 0) { 1558 data = malloc(ip->ip_data_len, M_ISCSI, M_WAITOK); 1559 icl_pdu_get_data(ip, 0, data, ip->ip_data_len); 1560 copyout(data, idr->idr_data_segment, ip->ip_data_len); 1561 free(data, M_ISCSI); 1562 } 1563 1564 icl_pdu_free(ip); 1565 1566 return (0); 1567} 1568#endif /* ICL_KERNEL_PROXY */ 1569 1570static void 1571iscsi_sanitize_session_conf(struct iscsi_session_conf *isc) 1572{ 1573 /* 1574 * Just make sure all the fields are null-terminated. 1575 * 1576 * XXX: This is not particularly secure. We should 1577 * create our own conf and then copy in relevant 1578 * fields. 1579 */ 1580 isc->isc_initiator[ISCSI_NAME_LEN - 1] = '\0'; 1581 isc->isc_initiator_addr[ISCSI_ADDR_LEN - 1] = '\0'; 1582 isc->isc_initiator_alias[ISCSI_ALIAS_LEN - 1] = '\0'; 1583 isc->isc_target[ISCSI_NAME_LEN - 1] = '\0'; 1584 isc->isc_target_addr[ISCSI_ADDR_LEN - 1] = '\0'; 1585 isc->isc_user[ISCSI_NAME_LEN - 1] = '\0'; 1586 isc->isc_secret[ISCSI_SECRET_LEN - 1] = '\0'; 1587 isc->isc_mutual_user[ISCSI_NAME_LEN - 1] = '\0'; 1588 isc->isc_mutual_secret[ISCSI_SECRET_LEN - 1] = '\0'; 1589} 1590 1591static int 1592iscsi_ioctl_session_add(struct iscsi_softc *sc, struct iscsi_session_add *isa) 1593{ 1594 struct iscsi_session *is; 1595 const struct iscsi_session *is2; 1596 int error; 1597 1598 iscsi_sanitize_session_conf(&isa->isa_conf); 1599 1600 is = malloc(sizeof(*is), M_ISCSI, M_ZERO | M_WAITOK); 1601 memcpy(&is->is_conf, &isa->isa_conf, sizeof(is->is_conf)); 1602 1603 if (is->is_conf.isc_initiator[0] == '\0' || 1604 is->is_conf.isc_target_addr[0] == '\0') { 1605 free(is, M_ISCSI); 1606 return (EINVAL); 1607 } 1608 1609 if ((is->is_conf.isc_discovery != 0 && is->is_conf.isc_target[0] != 0) || 1610 (is->is_conf.isc_discovery == 0 && is->is_conf.isc_target[0] == 0)) { 1611 free(is, M_ISCSI); 1612 return (EINVAL); 1613 } 1614 1615 sx_xlock(&sc->sc_lock); 1616 1617 /* 1618 * Prevent duplicates. 1619 */ 1620 TAILQ_FOREACH(is2, &sc->sc_sessions, is_next) { 1621 if (!!is->is_conf.isc_discovery != 1622 !!is2->is_conf.isc_discovery) 1623 continue; 1624 1625 if (strcmp(is->is_conf.isc_target_addr, 1626 is2->is_conf.isc_target_addr) != 0) 1627 continue; 1628 1629 if (is->is_conf.isc_discovery == 0 && 1630 strcmp(is->is_conf.isc_target, 1631 is2->is_conf.isc_target) != 0) 1632 continue; 1633 1634 sx_xunlock(&sc->sc_lock); 1635 free(is, M_ISCSI); 1636 return (EBUSY); 1637 } 1638 1639 is->is_conn = icl_conn_new("iscsi", &is->is_lock); 1640 is->is_conn->ic_receive = iscsi_receive_callback; 1641 is->is_conn->ic_error = iscsi_error_callback; 1642 is->is_conn->ic_prv0 = is; 1643 TAILQ_INIT(&is->is_outstanding); 1644 STAILQ_INIT(&is->is_postponed); 1645 mtx_init(&is->is_lock, "iscsi_lock", NULL, MTX_DEF); 1646 cv_init(&is->is_maintenance_cv, "iscsi_mt"); 1647#ifdef ICL_KERNEL_PROXY 1648 cv_init(&is->is_login_cv, "iscsi_login"); 1649#endif 1650 1651 is->is_softc = sc; 1652 sc->sc_last_session_id++; 1653 is->is_id = sc->sc_last_session_id; 1654 callout_init(&is->is_callout, 1); 1655 callout_reset(&is->is_callout, 1 * hz, iscsi_callout, is); 1656 TAILQ_INSERT_TAIL(&sc->sc_sessions, is, is_next); 1657 1658 error = kthread_add(iscsi_maintenance_thread, is, NULL, NULL, 0, 0, "iscsimt"); 1659 if (error != 0) { 1660 ISCSI_SESSION_WARN(is, "kthread_add(9) failed with error %d", error); 1661 return (error); 1662 } 1663 1664 /* 1665 * Trigger immediate reconnection. 1666 */ 1667 ISCSI_SESSION_LOCK(is); 1668 is->is_waiting_for_iscsid = true; 1669 strlcpy(is->is_reason, "Waiting for iscsid(8)", sizeof(is->is_reason)); 1670 ISCSI_SESSION_UNLOCK(is); 1671 cv_signal(&sc->sc_cv); 1672 1673 sx_xunlock(&sc->sc_lock); 1674 1675 return (0); 1676} 1677 1678static bool 1679iscsi_session_conf_matches(unsigned int id1, const struct iscsi_session_conf *c1, 1680 unsigned int id2, const struct iscsi_session_conf *c2) 1681{ 1682 if (id2 == 0 && c2->isc_target[0] == '\0' && 1683 c2->isc_target_addr[0] == '\0') 1684 return (true); 1685 if (id2 != 0 && id2 == id1) 1686 return (true); 1687 if (c2->isc_target[0] != '\0' && 1688 strcmp(c1->isc_target, c2->isc_target) == 0) 1689 return (true); 1690 if (c2->isc_target_addr[0] != '\0' && 1691 strcmp(c1->isc_target_addr, c2->isc_target_addr) == 0) 1692 return (true); 1693 return (false); 1694} 1695 1696static int 1697iscsi_ioctl_session_remove(struct iscsi_softc *sc, 1698 struct iscsi_session_remove *isr) 1699{ 1700 struct iscsi_session *is, *tmp; 1701 bool found = false; 1702 1703 iscsi_sanitize_session_conf(&isr->isr_conf); 1704 1705 sx_xlock(&sc->sc_lock); 1706 TAILQ_FOREACH_SAFE(is, &sc->sc_sessions, is_next, tmp) { 1707 ISCSI_SESSION_LOCK(is); 1708 if (iscsi_session_conf_matches(is->is_id, &is->is_conf, 1709 isr->isr_session_id, &isr->isr_conf)) { 1710 found = true; 1711 iscsi_session_logout(is); 1712 iscsi_session_terminate(is); 1713 } 1714 ISCSI_SESSION_UNLOCK(is); 1715 } 1716 sx_xunlock(&sc->sc_lock); 1717 1718 if (!found) 1719 return (ESRCH); 1720 1721 return (0); 1722} 1723 1724static int 1725iscsi_ioctl_session_list(struct iscsi_softc *sc, struct iscsi_session_list *isl) 1726{ 1727 int error; 1728 unsigned int i = 0; 1729 struct iscsi_session *is; 1730 struct iscsi_session_state iss; 1731 1732 sx_slock(&sc->sc_lock); 1733 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1734 if (i >= isl->isl_nentries) { 1735 sx_sunlock(&sc->sc_lock); 1736 return (EMSGSIZE); 1737 } 1738 memset(&iss, 0, sizeof(iss)); 1739 memcpy(&iss.iss_conf, &is->is_conf, sizeof(iss.iss_conf)); 1740 iss.iss_id = is->is_id; 1741 strlcpy(iss.iss_target_alias, is->is_target_alias, sizeof(iss.iss_target_alias)); 1742 strlcpy(iss.iss_reason, is->is_reason, sizeof(iss.iss_reason)); 1743 1744 if (is->is_conn->ic_header_crc32c) 1745 iss.iss_header_digest = ISCSI_DIGEST_CRC32C; 1746 else 1747 iss.iss_header_digest = ISCSI_DIGEST_NONE; 1748 1749 if (is->is_conn->ic_data_crc32c) 1750 iss.iss_data_digest = ISCSI_DIGEST_CRC32C; 1751 else 1752 iss.iss_data_digest = ISCSI_DIGEST_NONE; 1753 1754 iss.iss_max_data_segment_length = is->is_max_data_segment_length; 1755 iss.iss_immediate_data = is->is_immediate_data; 1756 iss.iss_connected = is->is_connected; 1757 1758 error = copyout(&iss, isl->isl_pstates + i, sizeof(iss)); 1759 if (error != 0) { 1760 sx_sunlock(&sc->sc_lock); 1761 return (error); 1762 } 1763 i++; 1764 } 1765 sx_sunlock(&sc->sc_lock); 1766 1767 isl->isl_nentries = i; 1768 1769 return (0); 1770} 1771 1772static int 1773iscsi_ioctl(struct cdev *dev, u_long cmd, caddr_t arg, int mode, 1774 struct thread *td) 1775{ 1776 struct iscsi_softc *sc; 1777 1778 sc = dev->si_drv1; 1779 1780 switch (cmd) { 1781 case ISCSIDWAIT: 1782 return (iscsi_ioctl_daemon_wait(sc, 1783 (struct iscsi_daemon_request *)arg)); 1784 case ISCSIDHANDOFF: 1785 return (iscsi_ioctl_daemon_handoff(sc, 1786 (struct iscsi_daemon_handoff *)arg)); 1787 case ISCSIDFAIL: 1788 return (iscsi_ioctl_daemon_fail(sc, 1789 (struct iscsi_daemon_fail *)arg)); 1790#ifdef ICL_KERNEL_PROXY 1791 case ISCSIDCONNECT: 1792 return (iscsi_ioctl_daemon_connect(sc, 1793 (struct iscsi_daemon_connect *)arg)); 1794 case ISCSIDSEND: 1795 return (iscsi_ioctl_daemon_send(sc, 1796 (struct iscsi_daemon_send *)arg)); 1797 case ISCSIDRECEIVE: 1798 return (iscsi_ioctl_daemon_receive(sc, 1799 (struct iscsi_daemon_receive *)arg)); 1800#endif /* ICL_KERNEL_PROXY */ 1801 case ISCSISADD: 1802 return (iscsi_ioctl_session_add(sc, 1803 (struct iscsi_session_add *)arg)); 1804 case ISCSISREMOVE: 1805 return (iscsi_ioctl_session_remove(sc, 1806 (struct iscsi_session_remove *)arg)); 1807 case ISCSISLIST: 1808 return (iscsi_ioctl_session_list(sc, 1809 (struct iscsi_session_list *)arg)); 1810 default: 1811 return (EINVAL); 1812 } 1813} 1814 1815static uint64_t 1816iscsi_encode_lun(uint32_t lun) 1817{ 1818 uint8_t encoded[8]; 1819 uint64_t result; 1820 1821 memset(encoded, 0, sizeof(encoded)); 1822 1823 if (lun < 256) { 1824 /* 1825 * Peripheral device addressing. 1826 */ 1827 encoded[1] = lun; 1828 } else if (lun < 16384) { 1829 /* 1830 * Flat space addressing. 1831 */ 1832 encoded[0] = 0x40; 1833 encoded[0] |= (lun >> 8) & 0x3f; 1834 encoded[1] = lun & 0xff; 1835 } else { 1836 /* 1837 * Extended flat space addressing. 1838 */ 1839 encoded[0] = 0xd2; 1840 encoded[1] = lun >> 16; 1841 encoded[2] = lun >> 8; 1842 encoded[3] = lun; 1843 } 1844 1845 memcpy(&result, encoded, sizeof(result)); 1846 return (result); 1847} 1848 1849static struct iscsi_outstanding * 1850iscsi_outstanding_find(struct iscsi_session *is, uint32_t initiator_task_tag) 1851{ 1852 struct iscsi_outstanding *io; 1853 1854 ISCSI_SESSION_LOCK_ASSERT(is); 1855 1856 TAILQ_FOREACH(io, &is->is_outstanding, io_next) { 1857 if (io->io_initiator_task_tag == initiator_task_tag) 1858 return (io); 1859 } 1860 return (NULL); 1861} 1862 1863static int 1864iscsi_outstanding_add(struct iscsi_session *is, 1865 uint32_t initiator_task_tag, union ccb *ccb) 1866{ 1867 struct iscsi_outstanding *io; 1868 1869 ISCSI_SESSION_LOCK_ASSERT(is); 1870 1871 KASSERT(iscsi_outstanding_find(is, initiator_task_tag) == NULL, 1872 ("initiator_task_tag 0x%x already added", initiator_task_tag)); 1873 1874 io = uma_zalloc(iscsi_outstanding_zone, M_NOWAIT | M_ZERO); 1875 if (io == NULL) { 1876 ISCSI_SESSION_WARN(is, "failed to allocate %zd bytes", sizeof(*io)); 1877 return (ENOMEM); 1878 } 1879 io->io_initiator_task_tag = initiator_task_tag; 1880 io->io_ccb = ccb; 1881 TAILQ_INSERT_TAIL(&is->is_outstanding, io, io_next); 1882 return (0); 1883} 1884 1885static void 1886iscsi_outstanding_remove(struct iscsi_session *is, struct iscsi_outstanding *io) 1887{ 1888 1889 ISCSI_SESSION_LOCK_ASSERT(is); 1890 1891 TAILQ_REMOVE(&is->is_outstanding, io, io_next); 1892 uma_zfree(iscsi_outstanding_zone, io); 1893} 1894 1895static void 1896iscsi_action_scsiio(struct iscsi_session *is, union ccb *ccb) 1897{ 1898 struct icl_pdu *request; 1899 struct iscsi_bhs_scsi_command *bhssc; 1900 struct ccb_scsiio *csio; 1901 size_t len; 1902 int error; 1903 1904 ISCSI_SESSION_LOCK_ASSERT(is); 1905 1906#if 0 1907 KASSERT(is->is_login_phase == false, ("%s called during Login Phase", __func__)); 1908#else 1909 if (is->is_login_phase) { 1910 ISCSI_SESSION_DEBUG(is, "called during login phase"); 1911 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1912 xpt_freeze_devq(ccb->ccb_h.path, 1); 1913 ISCSI_SESSION_DEBUG(is, "freezing devq"); 1914 } 1915 ccb->ccb_h.status = CAM_REQ_ABORTED | CAM_DEV_QFRZN; 1916 xpt_done(ccb); 1917 return; 1918 } 1919#endif 1920 1921 request = icl_pdu_new_bhs(is->is_conn, M_NOWAIT); 1922 if (request == NULL) { 1923 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1924 xpt_freeze_devq(ccb->ccb_h.path, 1); 1925 ISCSI_SESSION_DEBUG(is, "freezing devq"); 1926 } 1927 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN; 1928 xpt_done(ccb); 1929 return; 1930 } 1931 1932 csio = &ccb->csio; 1933 bhssc = (struct iscsi_bhs_scsi_command *)request->ip_bhs; 1934 bhssc->bhssc_opcode = ISCSI_BHS_OPCODE_SCSI_COMMAND; 1935 bhssc->bhssc_flags |= BHSSC_FLAGS_F; 1936 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1937 case CAM_DIR_IN: 1938 bhssc->bhssc_flags |= BHSSC_FLAGS_R; 1939 break; 1940 case CAM_DIR_OUT: 1941 bhssc->bhssc_flags |= BHSSC_FLAGS_W; 1942 break; 1943 } 1944 1945 switch (csio->tag_action) { 1946 case MSG_HEAD_OF_Q_TAG: 1947 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_HOQ; 1948 break; 1949 break; 1950 case MSG_ORDERED_Q_TAG: 1951 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_ORDERED; 1952 break; 1953 case MSG_ACA_TASK: 1954 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_ACA; 1955 break; 1956 case CAM_TAG_ACTION_NONE: 1957 case MSG_SIMPLE_Q_TAG: 1958 default: 1959 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_SIMPLE; 1960 break; 1961 } 1962 1963 bhssc->bhssc_lun = iscsi_encode_lun(csio->ccb_h.target_lun); 1964 bhssc->bhssc_initiator_task_tag = is->is_initiator_task_tag; 1965 is->is_initiator_task_tag++; 1966 bhssc->bhssc_expected_data_transfer_length = htonl(csio->dxfer_len); 1967 KASSERT(csio->cdb_len <= sizeof(bhssc->bhssc_cdb), 1968 ("unsupported CDB size %zd", (size_t)csio->cdb_len)); 1969 1970 if (csio->ccb_h.flags & CAM_CDB_POINTER) 1971 memcpy(&bhssc->bhssc_cdb, csio->cdb_io.cdb_ptr, csio->cdb_len); 1972 else 1973 memcpy(&bhssc->bhssc_cdb, csio->cdb_io.cdb_bytes, csio->cdb_len); 1974 1975 error = iscsi_outstanding_add(is, bhssc->bhssc_initiator_task_tag, ccb); 1976 if (error != 0) { 1977 icl_pdu_free(request); 1978 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1979 xpt_freeze_devq(ccb->ccb_h.path, 1); 1980 ISCSI_SESSION_DEBUG(is, "freezing devq"); 1981 } 1982 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN; 1983 xpt_done(ccb); 1984 return; 1985 } 1986 1987 if (is->is_immediate_data && 1988 (csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) { 1989 len = csio->dxfer_len; 1990 //ISCSI_SESSION_DEBUG(is, "adding %zd of immediate data", len); 1991 if (len > is->is_first_burst_length) { 1992 ISCSI_SESSION_DEBUG(is, "len %zd -> %zd", len, is->is_first_burst_length); 1993 len = is->is_first_burst_length; 1994 } 1995 1996 error = icl_pdu_append_data(request, csio->data_ptr, len, M_NOWAIT); 1997 if (error != 0) { 1998 icl_pdu_free(request); 1999 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 2000 xpt_freeze_devq(ccb->ccb_h.path, 1); 2001 ISCSI_SESSION_DEBUG(is, "freezing devq"); 2002 } 2003 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN; 2004 xpt_done(ccb); 2005 return; 2006 } 2007 } 2008 iscsi_pdu_queue_locked(request); 2009} 2010 2011static void 2012iscsi_action(struct cam_sim *sim, union ccb *ccb) 2013{ 2014 struct iscsi_session *is; 2015 2016 is = cam_sim_softc(sim); 2017 2018 ISCSI_SESSION_LOCK_ASSERT(is); 2019 2020 if (is->is_terminating || 2021 (is->is_connected == false && fail_on_disconnection)) { 2022 ccb->ccb_h.status = CAM_DEV_NOT_THERE; 2023 xpt_done(ccb); 2024 return; 2025 } 2026 2027 switch (ccb->ccb_h.func_code) { 2028 case XPT_PATH_INQ: 2029 { 2030 struct ccb_pathinq *cpi = &ccb->cpi; 2031 2032 cpi->version_num = 1; 2033 cpi->hba_inquiry = PI_TAG_ABLE; 2034 cpi->target_sprt = 0; 2035 //cpi->hba_misc = PIM_NOBUSRESET; 2036 cpi->hba_misc = 0; 2037 cpi->hba_eng_cnt = 0; 2038 cpi->max_target = 0; 2039 cpi->max_lun = 255; 2040 //cpi->initiator_id = 0; /* XXX */ 2041 cpi->initiator_id = 64; /* XXX */ 2042 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 2043 strlcpy(cpi->hba_vid, "iSCSI", HBA_IDLEN); 2044 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 2045 cpi->unit_number = cam_sim_unit(sim); 2046 cpi->bus_id = cam_sim_bus(sim); 2047 cpi->base_transfer_speed = 150000; /* XXX */ 2048 cpi->transport = XPORT_ISCSI; 2049 cpi->transport_version = 0; 2050 cpi->protocol = PROTO_SCSI; 2051 cpi->protocol_version = SCSI_REV_SPC3; 2052 cpi->maxio = MAXPHYS; 2053 cpi->ccb_h.status = CAM_REQ_CMP; 2054 break; 2055 } 2056 case XPT_CALC_GEOMETRY: 2057 cam_calc_geometry(&ccb->ccg, /*extended*/1); 2058 ccb->ccb_h.status = CAM_REQ_CMP; 2059 break; 2060#if 0 2061 /* 2062 * XXX: What's the point? 2063 */ 2064 case XPT_RESET_BUS: 2065 case XPT_ABORT: 2066 case XPT_TERM_IO: 2067 ISCSI_SESSION_DEBUG(is, "faking success for reset, abort, or term_io"); 2068 ccb->ccb_h.status = CAM_REQ_CMP; 2069 break; 2070#endif 2071 case XPT_SCSI_IO: 2072 iscsi_action_scsiio(is, ccb); 2073 return; 2074 default: 2075#if 0 2076 ISCSI_SESSION_DEBUG(is, "got unsupported code 0x%x", ccb->ccb_h.func_code); 2077#endif 2078 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL; 2079 break; 2080 } 2081 xpt_done(ccb); 2082} 2083 2084static void 2085iscsi_poll(struct cam_sim *sim) 2086{ 2087 2088 KASSERT(0, ("%s: you're not supposed to be here", __func__)); 2089} 2090 2091static void 2092iscsi_shutdown(struct iscsi_softc *sc) 2093{ 2094 struct iscsi_session *is; 2095 2096 ISCSI_DEBUG("removing all sessions due to shutdown"); 2097 2098 sx_slock(&sc->sc_lock); 2099 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) 2100 iscsi_session_terminate(is); 2101 sx_sunlock(&sc->sc_lock); 2102} 2103 2104static int 2105iscsi_load(void) 2106{ 2107 int error; 2108 2109 sc = malloc(sizeof(*sc), M_ISCSI, M_ZERO | M_WAITOK); 2110 sx_init(&sc->sc_lock, "iscsi"); 2111 TAILQ_INIT(&sc->sc_sessions); 2112 cv_init(&sc->sc_cv, "iscsi_cv"); 2113 2114 iscsi_outstanding_zone = uma_zcreate("iscsi_outstanding", 2115 sizeof(struct iscsi_outstanding), NULL, NULL, NULL, NULL, 2116 UMA_ALIGN_PTR, 0); 2117 2118 error = make_dev_p(MAKEDEV_CHECKNAME, &sc->sc_cdev, &iscsi_cdevsw, 2119 NULL, UID_ROOT, GID_WHEEL, 0600, "iscsi"); 2120 if (error != 0) { 2121 ISCSI_WARN("failed to create device node, error %d", error); 2122 return (error); 2123 } 2124 sc->sc_cdev->si_drv1 = sc; 2125 2126 /* 2127 * Note that this needs to get run before dashutdown(). Otherwise, 2128 * when rebooting with iSCSI session with outstanding requests, 2129 * but disconnected, dashutdown() will hang on cam_periph_runccb(). 2130 */ 2131 sc->sc_shutdown_eh = EVENTHANDLER_REGISTER(shutdown_post_sync, 2132 iscsi_shutdown, sc, SHUTDOWN_PRI_FIRST); 2133 2134 return (0); 2135} 2136 2137static int 2138iscsi_unload(void) 2139{ 2140 struct iscsi_session *is, *tmp; 2141 2142 if (sc->sc_cdev != NULL) { 2143 ISCSI_DEBUG("removing device node"); 2144 destroy_dev(sc->sc_cdev); 2145 ISCSI_DEBUG("device node removed"); 2146 } 2147 2148 if (sc->sc_shutdown_eh != NULL) 2149 EVENTHANDLER_DEREGISTER(shutdown_post_sync, sc->sc_shutdown_eh); 2150 2151 sx_slock(&sc->sc_lock); 2152 TAILQ_FOREACH_SAFE(is, &sc->sc_sessions, is_next, tmp) 2153 iscsi_session_terminate(is); 2154 while(!TAILQ_EMPTY(&sc->sc_sessions)) { 2155 ISCSI_DEBUG("waiting for sessions to terminate"); 2156 cv_wait(&sc->sc_cv, &sc->sc_lock); 2157 } 2158 ISCSI_DEBUG("all sessions terminated"); 2159 sx_sunlock(&sc->sc_lock); 2160 2161 uma_zdestroy(iscsi_outstanding_zone); 2162 sx_destroy(&sc->sc_lock); 2163 cv_destroy(&sc->sc_cv); 2164 free(sc, M_ISCSI); 2165 return (0); 2166} 2167 2168static int 2169iscsi_quiesce(void) 2170{ 2171 sx_slock(&sc->sc_lock); 2172 if (!TAILQ_EMPTY(&sc->sc_sessions)) { 2173 sx_sunlock(&sc->sc_lock); 2174 return (EBUSY); 2175 } 2176 sx_sunlock(&sc->sc_lock); 2177 return (0); 2178} 2179 2180static int 2181iscsi_modevent(module_t mod, int what, void *arg) 2182{ 2183 int error; 2184 2185 switch (what) { 2186 case MOD_LOAD: 2187 error = iscsi_load(); 2188 break; 2189 case MOD_UNLOAD: 2190 error = iscsi_unload(); 2191 break; 2192 case MOD_QUIESCE: 2193 error = iscsi_quiesce(); 2194 break; 2195 default: 2196 error = EINVAL; 2197 break; 2198 } 2199 return (error); 2200} 2201 2202moduledata_t iscsi_data = { 2203 "iscsi", 2204 iscsi_modevent, 2205 0 2206}; 2207 2208DECLARE_MODULE(iscsi, iscsi_data, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); 2209MODULE_DEPEND(iscsi, cam, 1, 1, 1); 2210MODULE_DEPEND(iscsi, icl, 1, 1, 1); 2211