iscsi.c revision 268703
1/*- 2 * Copyright (c) 2012 The FreeBSD Foundation 3 * All rights reserved. 4 * 5 * This software was developed by Edward Tomasz Napierala under sponsorship 6 * from the FreeBSD Foundation. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD: stable/10/sys/dev/iscsi/iscsi.c 268703 2014-07-15 18:21:26Z mav $ 30 */ 31 32#include <sys/param.h> 33#include <sys/condvar.h> 34#include <sys/conf.h> 35#include <sys/eventhandler.h> 36#include <sys/file.h> 37#include <sys/kernel.h> 38#include <sys/kthread.h> 39#include <sys/lock.h> 40#include <sys/malloc.h> 41#include <sys/mutex.h> 42#include <sys/module.h> 43#include <sys/sysctl.h> 44#include <sys/systm.h> 45#include <sys/sx.h> 46#include <vm/uma.h> 47 48#include <cam/cam.h> 49#include <cam/cam_ccb.h> 50#include <cam/cam_xpt.h> 51#include <cam/cam_debug.h> 52#include <cam/cam_sim.h> 53#include <cam/cam_xpt_sim.h> 54#include <cam/cam_xpt_periph.h> 55#include <cam/cam_periph.h> 56#include <cam/scsi/scsi_all.h> 57#include <cam/scsi/scsi_message.h> 58 59#include "iscsi_ioctl.h" 60#include "iscsi.h" 61#include "icl.h" 62#include "iscsi_proto.h" 63 64#ifdef ICL_KERNEL_PROXY 65#include <sys/socketvar.h> 66#endif 67 68#ifdef ICL_KERNEL_PROXY 69FEATURE(iscsi_kernel_proxy, "iSCSI initiator built with ICL_KERNEL_PROXY"); 70#endif 71 72/* 73 * XXX: This is global so the iscsi_unload() can access it. 74 * Think about how to do this properly. 75 */ 76static struct iscsi_softc *sc; 77 78SYSCTL_NODE(_kern, OID_AUTO, iscsi, CTLFLAG_RD, 0, "iSCSI initiator"); 79static int debug = 1; 80TUNABLE_INT("kern.iscsi.debug", &debug); 81SYSCTL_INT(_kern_iscsi, OID_AUTO, debug, CTLFLAG_RWTUN, 82 &debug, 0, "Enable debug messages"); 83static int ping_timeout = 5; 84TUNABLE_INT("kern.iscsi.ping_timeout", &ping_timeout); 85SYSCTL_INT(_kern_iscsi, OID_AUTO, ping_timeout, CTLFLAG_RWTUN, &ping_timeout, 86 0, "Timeout for ping (NOP-Out) requests, in seconds"); 87static int iscsid_timeout = 60; 88TUNABLE_INT("kern.iscsi.iscsid_timeout", &iscsid_timeout); 89SYSCTL_INT(_kern_iscsi, OID_AUTO, iscsid_timeout, CTLFLAG_RWTUN, &iscsid_timeout, 90 0, "Time to wait for iscsid(8) to handle reconnection, in seconds"); 91static int login_timeout = 60; 92TUNABLE_INT("kern.iscsi.login_timeout", &login_timeout); 93SYSCTL_INT(_kern_iscsi, OID_AUTO, login_timeout, CTLFLAG_RWTUN, &login_timeout, 94 0, "Time to wait for iscsid(8) to finish Login Phase, in seconds"); 95static int maxtags = 255; 96TUNABLE_INT("kern.iscsi.maxtags", &maxtags); 97SYSCTL_INT(_kern_iscsi, OID_AUTO, maxtags, CTLFLAG_RWTUN, &maxtags, 98 0, "Max number of IO requests queued"); 99static int fail_on_disconnection = 0; 100TUNABLE_INT("kern.iscsi.fail_on_disconnection", &fail_on_disconnection); 101SYSCTL_INT(_kern_iscsi, OID_AUTO, fail_on_disconnection, CTLFLAG_RWTUN, 102 &fail_on_disconnection, 0, "Destroy CAM SIM on connection failure"); 103 104static MALLOC_DEFINE(M_ISCSI, "iSCSI", "iSCSI initiator"); 105static uma_zone_t iscsi_outstanding_zone; 106 107#define CONN_SESSION(X) ((struct iscsi_session *)X->ic_prv0) 108#define PDU_SESSION(X) (CONN_SESSION(X->ip_conn)) 109 110#define ISCSI_DEBUG(X, ...) \ 111 do { \ 112 if (debug > 1) \ 113 printf("%s: " X "\n", __func__, ## __VA_ARGS__);\ 114 } while (0) 115 116#define ISCSI_WARN(X, ...) \ 117 do { \ 118 if (debug > 0) { \ 119 printf("WARNING: %s: " X "\n", \ 120 __func__, ## __VA_ARGS__); \ 121 } \ 122 } while (0) 123 124#define ISCSI_SESSION_DEBUG(S, X, ...) \ 125 do { \ 126 if (debug > 1) { \ 127 printf("%s: %s (%s): " X "\n", \ 128 __func__, S->is_conf.isc_target_addr, \ 129 S->is_conf.isc_target, ## __VA_ARGS__); \ 130 } \ 131 } while (0) 132 133#define ISCSI_SESSION_WARN(S, X, ...) \ 134 do { \ 135 if (debug > 0) { \ 136 printf("WARNING: %s (%s): " X "\n", \ 137 S->is_conf.isc_target_addr, \ 138 S->is_conf.isc_target, ## __VA_ARGS__); \ 139 } \ 140 } while (0) 141 142#define ISCSI_SESSION_LOCK(X) mtx_lock(&X->is_lock) 143#define ISCSI_SESSION_UNLOCK(X) mtx_unlock(&X->is_lock) 144#define ISCSI_SESSION_LOCK_ASSERT(X) mtx_assert(&X->is_lock, MA_OWNED) 145 146static int iscsi_ioctl(struct cdev *dev, u_long cmd, caddr_t arg, 147 int mode, struct thread *td); 148 149static struct cdevsw iscsi_cdevsw = { 150 .d_version = D_VERSION, 151 .d_ioctl = iscsi_ioctl, 152 .d_name = "iscsi", 153}; 154 155static void iscsi_pdu_queue_locked(struct icl_pdu *request); 156static void iscsi_pdu_queue(struct icl_pdu *request); 157static void iscsi_pdu_update_statsn(const struct icl_pdu *response); 158static void iscsi_pdu_handle_nop_in(struct icl_pdu *response); 159static void iscsi_pdu_handle_scsi_response(struct icl_pdu *response); 160static void iscsi_pdu_handle_data_in(struct icl_pdu *response); 161static void iscsi_pdu_handle_logout_response(struct icl_pdu *response); 162static void iscsi_pdu_handle_r2t(struct icl_pdu *response); 163static void iscsi_pdu_handle_async_message(struct icl_pdu *response); 164static void iscsi_pdu_handle_reject(struct icl_pdu *response); 165static void iscsi_session_reconnect(struct iscsi_session *is); 166static void iscsi_session_terminate(struct iscsi_session *is); 167static void iscsi_action(struct cam_sim *sim, union ccb *ccb); 168static void iscsi_poll(struct cam_sim *sim); 169static struct iscsi_outstanding *iscsi_outstanding_find(struct iscsi_session *is, 170 uint32_t initiator_task_tag); 171static int iscsi_outstanding_add(struct iscsi_session *is, 172 uint32_t initiator_task_tag, union ccb *ccb); 173static void iscsi_outstanding_remove(struct iscsi_session *is, 174 struct iscsi_outstanding *io); 175 176static bool 177iscsi_pdu_prepare(struct icl_pdu *request) 178{ 179 struct iscsi_session *is; 180 struct iscsi_bhs_scsi_command *bhssc; 181 182 is = PDU_SESSION(request); 183 184 ISCSI_SESSION_LOCK_ASSERT(is); 185 186 /* 187 * We're only using fields common for all the request 188 * (initiator -> target) PDUs. 189 */ 190 bhssc = (struct iscsi_bhs_scsi_command *)request->ip_bhs; 191 192 /* 193 * Data-Out PDU does not contain CmdSN. 194 */ 195 if (bhssc->bhssc_opcode != ISCSI_BHS_OPCODE_SCSI_DATA_OUT) { 196 if (is->is_cmdsn > is->is_maxcmdsn && 197 (bhssc->bhssc_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0) { 198 /* 199 * Current MaxCmdSN prevents us from sending any more 200 * SCSI Command PDUs to the target; postpone the PDU. 201 * It will get resent by either iscsi_pdu_queue(), 202 * or by maintenance thread. 203 */ 204#if 0 205 ISCSI_SESSION_DEBUG(is, "postponing send, CmdSN %d, ExpCmdSN %d, MaxCmdSN %d, opcode 0x%x", 206 is->is_cmdsn, is->is_expcmdsn, is->is_maxcmdsn, bhssc->bhssc_opcode); 207#endif 208 return (true); 209 } 210 bhssc->bhssc_cmdsn = htonl(is->is_cmdsn); 211 if ((bhssc->bhssc_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0) 212 is->is_cmdsn++; 213 } 214 bhssc->bhssc_expstatsn = htonl(is->is_statsn + 1); 215 216 return (false); 217} 218 219static void 220iscsi_session_send_postponed(struct iscsi_session *is) 221{ 222 struct icl_pdu *request; 223 bool postpone; 224 225 ISCSI_SESSION_LOCK_ASSERT(is); 226 227 while (!STAILQ_EMPTY(&is->is_postponed)) { 228 request = STAILQ_FIRST(&is->is_postponed); 229 postpone = iscsi_pdu_prepare(request); 230 if (postpone) 231 break; 232 STAILQ_REMOVE_HEAD(&is->is_postponed, ip_next); 233 icl_pdu_queue(request); 234 } 235} 236 237static void 238iscsi_pdu_queue_locked(struct icl_pdu *request) 239{ 240 struct iscsi_session *is; 241 bool postpone; 242 243 is = PDU_SESSION(request); 244 ISCSI_SESSION_LOCK_ASSERT(is); 245 iscsi_session_send_postponed(is); 246 postpone = iscsi_pdu_prepare(request); 247 if (postpone) { 248 STAILQ_INSERT_TAIL(&is->is_postponed, request, ip_next); 249 return; 250 } 251 icl_pdu_queue(request); 252} 253 254static void 255iscsi_pdu_queue(struct icl_pdu *request) 256{ 257 struct iscsi_session *is; 258 259 is = PDU_SESSION(request); 260 ISCSI_SESSION_LOCK(is); 261 iscsi_pdu_queue_locked(request); 262 ISCSI_SESSION_UNLOCK(is); 263} 264 265static void 266iscsi_session_logout(struct iscsi_session *is) 267{ 268 struct icl_pdu *request; 269 struct iscsi_bhs_logout_request *bhslr; 270 271 request = icl_pdu_new_bhs(is->is_conn, M_NOWAIT); 272 if (request == NULL) 273 return; 274 275 bhslr = (struct iscsi_bhs_logout_request *)request->ip_bhs; 276 bhslr->bhslr_opcode = ISCSI_BHS_OPCODE_LOGOUT_REQUEST; 277 bhslr->bhslr_reason = BHSLR_REASON_CLOSE_SESSION; 278 iscsi_pdu_queue_locked(request); 279} 280 281static void 282iscsi_session_terminate_tasks(struct iscsi_session *is, bool requeue) 283{ 284 struct iscsi_outstanding *io, *tmp; 285 286 ISCSI_SESSION_LOCK_ASSERT(is); 287 288 TAILQ_FOREACH_SAFE(io, &is->is_outstanding, io_next, tmp) { 289 if (requeue) { 290 io->io_ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 291 io->io_ccb->ccb_h.status |= CAM_REQUEUE_REQ; 292 } else { 293 io->io_ccb->ccb_h.status = CAM_REQ_ABORTED; 294 } 295 296 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 297 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 298 ISCSI_SESSION_DEBUG(is, "freezing devq"); 299 } 300 io->io_ccb->ccb_h.status |= CAM_DEV_QFRZN; 301 xpt_done(io->io_ccb); 302 iscsi_outstanding_remove(is, io); 303 } 304} 305 306static void 307iscsi_session_cleanup(struct iscsi_session *is, bool destroy_sim) 308{ 309 struct icl_pdu *pdu; 310 311 ISCSI_SESSION_LOCK_ASSERT(is); 312 313 /* 314 * Don't queue any new PDUs. 315 */ 316 if (is->is_sim != NULL && is->is_simq_frozen == false) { 317 ISCSI_SESSION_DEBUG(is, "freezing"); 318 xpt_freeze_simq(is->is_sim, 1); 319 is->is_simq_frozen = true; 320 } 321 322 /* 323 * Remove postponed PDUs. 324 */ 325 while (!STAILQ_EMPTY(&is->is_postponed)) { 326 pdu = STAILQ_FIRST(&is->is_postponed); 327 STAILQ_REMOVE_HEAD(&is->is_postponed, ip_next); 328 icl_pdu_free(pdu); 329 } 330 331 if (destroy_sim == false) { 332 /* 333 * Terminate SCSI tasks, asking CAM to requeue them. 334 */ 335 iscsi_session_terminate_tasks(is, true); 336 return; 337 } 338 339 iscsi_session_terminate_tasks(is, false); 340 341 if (is->is_sim == NULL) 342 return; 343 344 ISCSI_SESSION_DEBUG(is, "deregistering SIM"); 345 xpt_async(AC_LOST_DEVICE, is->is_path, NULL); 346 347 if (is->is_simq_frozen) { 348 xpt_release_simq(is->is_sim, 1); 349 is->is_simq_frozen = false; 350 } 351 352 xpt_free_path(is->is_path); 353 is->is_path = NULL; 354 xpt_bus_deregister(cam_sim_path(is->is_sim)); 355 cam_sim_free(is->is_sim, TRUE /*free_devq*/); 356 is->is_sim = NULL; 357 is->is_devq = NULL; 358} 359 360static void 361iscsi_maintenance_thread_reconnect(struct iscsi_session *is) 362{ 363 364 icl_conn_shutdown(is->is_conn); 365 icl_conn_close(is->is_conn); 366 367 ISCSI_SESSION_LOCK(is); 368 369 is->is_connected = false; 370 is->is_reconnecting = false; 371 is->is_login_phase = false; 372 373#ifdef ICL_KERNEL_PROXY 374 if (is->is_login_pdu != NULL) { 375 icl_pdu_free(is->is_login_pdu); 376 is->is_login_pdu = NULL; 377 } 378 cv_signal(&is->is_login_cv); 379#endif 380 381 if (fail_on_disconnection) { 382 ISCSI_SESSION_DEBUG(is, "connection failed, destroying devices"); 383 iscsi_session_cleanup(is, true); 384 } else { 385 iscsi_session_cleanup(is, false); 386 } 387 388 KASSERT(TAILQ_EMPTY(&is->is_outstanding), 389 ("destroying session with active tasks")); 390 KASSERT(STAILQ_EMPTY(&is->is_postponed), 391 ("destroying session with postponed PDUs")); 392 393 /* 394 * Request immediate reconnection from iscsid(8). 395 */ 396 //ISCSI_SESSION_DEBUG(is, "waking up iscsid(8)"); 397 is->is_waiting_for_iscsid = true; 398 strlcpy(is->is_reason, "Waiting for iscsid(8)", sizeof(is->is_reason)); 399 is->is_timeout = 0; 400 ISCSI_SESSION_UNLOCK(is); 401 cv_signal(&is->is_softc->sc_cv); 402} 403 404static void 405iscsi_maintenance_thread_terminate(struct iscsi_session *is) 406{ 407 struct iscsi_softc *sc; 408 409 sc = is->is_softc; 410 sx_xlock(&sc->sc_lock); 411 TAILQ_REMOVE(&sc->sc_sessions, is, is_next); 412 sx_xunlock(&sc->sc_lock); 413 414 icl_conn_close(is->is_conn); 415 416 ISCSI_SESSION_LOCK(is); 417 418 KASSERT(is->is_terminating, ("is_terminating == false")); 419 420#ifdef ICL_KERNEL_PROXY 421 if (is->is_login_pdu != NULL) { 422 icl_pdu_free(is->is_login_pdu); 423 is->is_login_pdu = NULL; 424 } 425 cv_signal(&is->is_login_cv); 426#endif 427 428 callout_drain(&is->is_callout); 429 430 iscsi_session_cleanup(is, true); 431 432 KASSERT(TAILQ_EMPTY(&is->is_outstanding), 433 ("destroying session with active tasks")); 434 KASSERT(STAILQ_EMPTY(&is->is_postponed), 435 ("destroying session with postponed PDUs")); 436 437 ISCSI_SESSION_UNLOCK(is); 438 439 icl_conn_free(is->is_conn); 440 mtx_destroy(&is->is_lock); 441 cv_destroy(&is->is_maintenance_cv); 442#ifdef ICL_KERNEL_PROXY 443 cv_destroy(&is->is_login_cv); 444#endif 445 ISCSI_SESSION_DEBUG(is, "terminated"); 446 free(is, M_ISCSI); 447 448 /* 449 * The iscsi_unload() routine might be waiting. 450 */ 451 cv_signal(&sc->sc_cv); 452} 453 454static void 455iscsi_maintenance_thread(void *arg) 456{ 457 struct iscsi_session *is; 458 459 is = arg; 460 461 for (;;) { 462 ISCSI_SESSION_LOCK(is); 463 if (is->is_reconnecting == false && 464 is->is_terminating == false && 465 STAILQ_EMPTY(&is->is_postponed)) 466 cv_wait(&is->is_maintenance_cv, &is->is_lock); 467 468 if (is->is_reconnecting) { 469 ISCSI_SESSION_UNLOCK(is); 470 iscsi_maintenance_thread_reconnect(is); 471 continue; 472 } 473 474 if (is->is_terminating) { 475 ISCSI_SESSION_UNLOCK(is); 476 iscsi_maintenance_thread_terminate(is); 477 kthread_exit(); 478 return; 479 } 480 481 iscsi_session_send_postponed(is); 482 ISCSI_SESSION_UNLOCK(is); 483 } 484} 485 486static void 487iscsi_session_reconnect(struct iscsi_session *is) 488{ 489 490 /* 491 * XXX: We can't use locking here, because 492 * it's being called from various contexts. 493 * Hope it doesn't break anything. 494 */ 495 if (is->is_reconnecting) 496 return; 497 498 is->is_reconnecting = true; 499 cv_signal(&is->is_maintenance_cv); 500} 501 502static void 503iscsi_session_terminate(struct iscsi_session *is) 504{ 505 if (is->is_terminating) 506 return; 507 508 is->is_terminating = true; 509 510#if 0 511 iscsi_session_logout(is); 512#endif 513 cv_signal(&is->is_maintenance_cv); 514} 515 516static void 517iscsi_callout(void *context) 518{ 519 struct icl_pdu *request; 520 struct iscsi_bhs_nop_out *bhsno; 521 struct iscsi_session *is; 522 bool reconnect_needed = false; 523 524 is = context; 525 526 if (is->is_terminating) 527 return; 528 529 callout_schedule(&is->is_callout, 1 * hz); 530 531 ISCSI_SESSION_LOCK(is); 532 is->is_timeout++; 533 534 if (is->is_waiting_for_iscsid) { 535 if (is->is_timeout > iscsid_timeout) { 536 ISCSI_SESSION_WARN(is, "timed out waiting for iscsid(8) " 537 "for %d seconds; reconnecting", 538 is->is_timeout); 539 reconnect_needed = true; 540 } 541 goto out; 542 } 543 544 if (is->is_login_phase) { 545 if (is->is_timeout > login_timeout) { 546 ISCSI_SESSION_WARN(is, "login timed out after %d seconds; " 547 "reconnecting", is->is_timeout); 548 reconnect_needed = true; 549 } 550 goto out; 551 } 552 553 if (is->is_timeout >= ping_timeout) { 554 ISCSI_SESSION_WARN(is, "no ping reply (NOP-In) after %d seconds; " 555 "reconnecting", ping_timeout); 556 reconnect_needed = true; 557 goto out; 558 } 559 560 ISCSI_SESSION_UNLOCK(is); 561 562 /* 563 * If the ping was reset less than one second ago - which means 564 * that we've received some PDU during the last second - assume 565 * the traffic flows correctly and don't bother sending a NOP-Out. 566 * 567 * (It's 2 - one for one second, and one for incrementing is_timeout 568 * earlier in this routine.) 569 */ 570 if (is->is_timeout < 2) 571 return; 572 573 request = icl_pdu_new_bhs(is->is_conn, M_NOWAIT); 574 if (request == NULL) { 575 ISCSI_SESSION_WARN(is, "failed to allocate PDU"); 576 return; 577 } 578 bhsno = (struct iscsi_bhs_nop_out *)request->ip_bhs; 579 bhsno->bhsno_opcode = ISCSI_BHS_OPCODE_NOP_OUT | 580 ISCSI_BHS_OPCODE_IMMEDIATE; 581 bhsno->bhsno_flags = 0x80; 582 bhsno->bhsno_target_transfer_tag = 0xffffffff; 583 iscsi_pdu_queue(request); 584 return; 585 586out: 587 ISCSI_SESSION_UNLOCK(is); 588 589 if (reconnect_needed) 590 iscsi_session_reconnect(is); 591} 592 593static void 594iscsi_pdu_update_statsn(const struct icl_pdu *response) 595{ 596 const struct iscsi_bhs_data_in *bhsdi; 597 struct iscsi_session *is; 598 uint32_t expcmdsn, maxcmdsn; 599 600 is = PDU_SESSION(response); 601 602 ISCSI_SESSION_LOCK_ASSERT(is); 603 604 /* 605 * We're only using fields common for all the response 606 * (target -> initiator) PDUs. 607 */ 608 bhsdi = (const struct iscsi_bhs_data_in *)response->ip_bhs; 609 /* 610 * Ok, I lied. In case of Data-In, "The fields StatSN, Status, 611 * and Residual Count only have meaningful content if the S bit 612 * is set to 1", so we also need to check the bit specific for 613 * Data-In PDU. 614 */ 615 if (bhsdi->bhsdi_opcode != ISCSI_BHS_OPCODE_SCSI_DATA_IN || 616 (bhsdi->bhsdi_flags & BHSDI_FLAGS_S) != 0) { 617 if (ntohl(bhsdi->bhsdi_statsn) < is->is_statsn) { 618 ISCSI_SESSION_WARN(is, 619 "PDU StatSN %d >= session StatSN %d, opcode 0x%x", 620 is->is_statsn, ntohl(bhsdi->bhsdi_statsn), 621 bhsdi->bhsdi_opcode); 622 } 623 is->is_statsn = ntohl(bhsdi->bhsdi_statsn); 624 } 625 626 expcmdsn = ntohl(bhsdi->bhsdi_expcmdsn); 627 maxcmdsn = ntohl(bhsdi->bhsdi_maxcmdsn); 628 629 /* 630 * XXX: Compare using Serial Arithmetic Sense. 631 */ 632 if (maxcmdsn + 1 < expcmdsn) { 633 ISCSI_SESSION_DEBUG(is, "PDU MaxCmdSN %d + 1 < PDU ExpCmdSN %d; ignoring", 634 maxcmdsn, expcmdsn); 635 } else { 636 if (maxcmdsn > is->is_maxcmdsn) { 637 is->is_maxcmdsn = maxcmdsn; 638 639 /* 640 * Command window increased; kick the maintanance thread 641 * to send out postponed commands. 642 */ 643 if (!STAILQ_EMPTY(&is->is_postponed)) 644 cv_signal(&is->is_maintenance_cv); 645 } else if (maxcmdsn < is->is_maxcmdsn) { 646 ISCSI_SESSION_DEBUG(is, "PDU MaxCmdSN %d < session MaxCmdSN %d; ignoring", 647 maxcmdsn, is->is_maxcmdsn); 648 } 649 650 if (expcmdsn > is->is_expcmdsn) { 651 is->is_expcmdsn = expcmdsn; 652 } else if (expcmdsn < is->is_expcmdsn) { 653 ISCSI_SESSION_DEBUG(is, "PDU ExpCmdSN %d < session ExpCmdSN %d; ignoring", 654 expcmdsn, is->is_expcmdsn); 655 } 656 } 657 658 /* 659 * Every incoming PDU - not just NOP-In - resets the ping timer. 660 * The purpose of the timeout is to reset the connection when it stalls; 661 * we don't want this to happen when NOP-In or NOP-Out ends up delayed 662 * in some queue. 663 */ 664 is->is_timeout = 0; 665} 666 667static void 668iscsi_receive_callback(struct icl_pdu *response) 669{ 670 struct iscsi_session *is; 671 672 is = PDU_SESSION(response); 673 674 ISCSI_SESSION_LOCK(is); 675 676#ifdef ICL_KERNEL_PROXY 677 if (is->is_login_phase) { 678 if (is->is_login_pdu == NULL) 679 is->is_login_pdu = response; 680 else 681 icl_pdu_free(response); 682 ISCSI_SESSION_UNLOCK(is); 683 cv_signal(&is->is_login_cv); 684 return; 685 } 686#endif 687 688 iscsi_pdu_update_statsn(response); 689 690 /* 691 * The handling routine is responsible for freeing the PDU 692 * when it's no longer needed. 693 */ 694 switch (response->ip_bhs->bhs_opcode) { 695 case ISCSI_BHS_OPCODE_NOP_IN: 696 iscsi_pdu_handle_nop_in(response); 697 break; 698 case ISCSI_BHS_OPCODE_SCSI_RESPONSE: 699 iscsi_pdu_handle_scsi_response(response); 700 break; 701 case ISCSI_BHS_OPCODE_SCSI_DATA_IN: 702 iscsi_pdu_handle_data_in(response); 703 break; 704 case ISCSI_BHS_OPCODE_LOGOUT_RESPONSE: 705 iscsi_pdu_handle_logout_response(response); 706 break; 707 case ISCSI_BHS_OPCODE_R2T: 708 iscsi_pdu_handle_r2t(response); 709 break; 710 case ISCSI_BHS_OPCODE_ASYNC_MESSAGE: 711 iscsi_pdu_handle_async_message(response); 712 break; 713 case ISCSI_BHS_OPCODE_REJECT: 714 iscsi_pdu_handle_reject(response); 715 break; 716 default: 717 ISCSI_SESSION_WARN(is, "received PDU with unsupported " 718 "opcode 0x%x; reconnecting", 719 response->ip_bhs->bhs_opcode); 720 iscsi_session_reconnect(is); 721 icl_pdu_free(response); 722 } 723 724 ISCSI_SESSION_UNLOCK(is); 725} 726 727static void 728iscsi_error_callback(struct icl_conn *ic) 729{ 730 struct iscsi_session *is; 731 732 is = CONN_SESSION(ic); 733 734 ISCSI_SESSION_WARN(is, "connection error; reconnecting"); 735 iscsi_session_reconnect(is); 736} 737 738static void 739iscsi_pdu_handle_nop_in(struct icl_pdu *response) 740{ 741 struct iscsi_session *is; 742 struct iscsi_bhs_nop_out *bhsno; 743 struct iscsi_bhs_nop_in *bhsni; 744 struct icl_pdu *request; 745 void *data = NULL; 746 size_t datasize; 747 int error; 748 749 is = PDU_SESSION(response); 750 bhsni = (struct iscsi_bhs_nop_in *)response->ip_bhs; 751 752 if (bhsni->bhsni_target_transfer_tag == 0xffffffff) { 753 /* 754 * Nothing to do; iscsi_pdu_update_statsn() already 755 * zeroed the timeout. 756 */ 757 icl_pdu_free(response); 758 return; 759 } 760 761 datasize = icl_pdu_data_segment_length(response); 762 if (datasize > 0) { 763 data = malloc(datasize, M_ISCSI, M_NOWAIT | M_ZERO); 764 if (data == NULL) { 765 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 766 "reconnecting"); 767 icl_pdu_free(response); 768 iscsi_session_reconnect(is); 769 return; 770 } 771 icl_pdu_get_data(response, 0, data, datasize); 772 } 773 774 request = icl_pdu_new_bhs(response->ip_conn, M_NOWAIT); 775 if (request == NULL) { 776 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 777 "reconnecting"); 778 free(data, M_ISCSI); 779 icl_pdu_free(response); 780 iscsi_session_reconnect(is); 781 return; 782 } 783 bhsno = (struct iscsi_bhs_nop_out *)request->ip_bhs; 784 bhsno->bhsno_opcode = ISCSI_BHS_OPCODE_NOP_OUT | 785 ISCSI_BHS_OPCODE_IMMEDIATE; 786 bhsno->bhsno_flags = 0x80; 787 bhsno->bhsno_initiator_task_tag = 0xffffffff; 788 bhsno->bhsno_target_transfer_tag = bhsni->bhsni_target_transfer_tag; 789 if (datasize > 0) { 790 error = icl_pdu_append_data(request, data, datasize, M_NOWAIT); 791 if (error != 0) { 792 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 793 "reconnecting"); 794 free(data, M_ISCSI); 795 icl_pdu_free(request); 796 icl_pdu_free(response); 797 iscsi_session_reconnect(is); 798 return; 799 } 800 free(data, M_ISCSI); 801 } 802 803 icl_pdu_free(response); 804 iscsi_pdu_queue_locked(request); 805} 806 807static void 808iscsi_pdu_handle_scsi_response(struct icl_pdu *response) 809{ 810 struct iscsi_bhs_scsi_response *bhssr; 811 struct iscsi_outstanding *io; 812 struct iscsi_session *is; 813 struct ccb_scsiio *csio; 814 size_t data_segment_len; 815 uint16_t sense_len; 816 817 is = PDU_SESSION(response); 818 819 bhssr = (struct iscsi_bhs_scsi_response *)response->ip_bhs; 820 io = iscsi_outstanding_find(is, bhssr->bhssr_initiator_task_tag); 821 if (io == NULL) { 822 ISCSI_SESSION_WARN(is, "bad itt 0x%x", bhssr->bhssr_initiator_task_tag); 823 icl_pdu_free(response); 824 iscsi_session_reconnect(is); 825 return; 826 } 827 828 if (bhssr->bhssr_response != BHSSR_RESPONSE_COMMAND_COMPLETED) { 829 ISCSI_SESSION_WARN(is, "service response 0x%x", bhssr->bhssr_response); 830 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 831 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 832 ISCSI_SESSION_DEBUG(is, "freezing devq"); 833 } 834 io->io_ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN; 835 } else if (bhssr->bhssr_status == 0) { 836 io->io_ccb->ccb_h.status = CAM_REQ_CMP; 837 } else { 838 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 839 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 840 ISCSI_SESSION_DEBUG(is, "freezing devq"); 841 } 842 io->io_ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | CAM_DEV_QFRZN; 843 io->io_ccb->csio.scsi_status = bhssr->bhssr_status; 844 } 845 846 if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_OVERFLOW) { 847 ISCSI_SESSION_WARN(is, "target indicated residual overflow"); 848 icl_pdu_free(response); 849 iscsi_session_reconnect(is); 850 return; 851 } 852 853 csio = &io->io_ccb->csio; 854 855 data_segment_len = icl_pdu_data_segment_length(response); 856 if (data_segment_len > 0) { 857 if (data_segment_len < sizeof(sense_len)) { 858 ISCSI_SESSION_WARN(is, "truncated data segment (%zd bytes)", 859 data_segment_len); 860 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 861 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 862 ISCSI_SESSION_DEBUG(is, "freezing devq"); 863 } 864 io->io_ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN; 865 goto out; 866 } 867 icl_pdu_get_data(response, 0, &sense_len, sizeof(sense_len)); 868 sense_len = ntohs(sense_len); 869#if 0 870 ISCSI_SESSION_DEBUG(is, "sense_len %d, data len %zd", 871 sense_len, data_segment_len); 872#endif 873 if (sizeof(sense_len) + sense_len > data_segment_len) { 874 ISCSI_SESSION_WARN(is, "truncated data segment " 875 "(%zd bytes, should be %zd)", 876 data_segment_len, sizeof(sense_len) + sense_len); 877 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 878 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 879 ISCSI_SESSION_DEBUG(is, "freezing devq"); 880 } 881 io->io_ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN; 882 goto out; 883 } else if (sizeof(sense_len) + sense_len < data_segment_len) 884 ISCSI_SESSION_WARN(is, "oversize data segment " 885 "(%zd bytes, should be %zd)", 886 data_segment_len, sizeof(sense_len) + sense_len); 887 if (sense_len > csio->sense_len) { 888 ISCSI_SESSION_DEBUG(is, "truncating sense from %d to %d", 889 sense_len, csio->sense_len); 890 sense_len = csio->sense_len; 891 } 892 icl_pdu_get_data(response, sizeof(sense_len), &csio->sense_data, sense_len); 893 csio->sense_resid = csio->sense_len - sense_len; 894 io->io_ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 895 } 896 897out: 898 if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_UNDERFLOW) 899 csio->resid = ntohl(bhssr->bhssr_residual_count); 900 901 if ((csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 902 KASSERT(io->io_received <= csio->dxfer_len, 903 ("io->io_received > csio->dxfer_len")); 904 if (io->io_received < csio->dxfer_len) { 905 if (csio->resid != csio->dxfer_len - io->io_received) { 906 ISCSI_SESSION_WARN(is, "underflow mismatch: " 907 "target indicates %d, we calculated %zd", 908 csio->resid, 909 csio->dxfer_len - io->io_received); 910 } 911 csio->resid = csio->dxfer_len - io->io_received; 912 } 913 } 914 915 xpt_done(io->io_ccb); 916 iscsi_outstanding_remove(is, io); 917 icl_pdu_free(response); 918} 919 920static void 921iscsi_pdu_handle_data_in(struct icl_pdu *response) 922{ 923 struct iscsi_bhs_data_in *bhsdi; 924 struct iscsi_outstanding *io; 925 struct iscsi_session *is; 926 struct ccb_scsiio *csio; 927 size_t data_segment_len; 928 929 is = PDU_SESSION(response); 930 bhsdi = (struct iscsi_bhs_data_in *)response->ip_bhs; 931 io = iscsi_outstanding_find(is, bhsdi->bhsdi_initiator_task_tag); 932 if (io == NULL) { 933 ISCSI_SESSION_WARN(is, "bad itt 0x%x", bhsdi->bhsdi_initiator_task_tag); 934 icl_pdu_free(response); 935 iscsi_session_reconnect(is); 936 return; 937 } 938 939 data_segment_len = icl_pdu_data_segment_length(response); 940 if (data_segment_len == 0) { 941 /* 942 * "The sending of 0 length data segments should be avoided, 943 * but initiators and targets MUST be able to properly receive 944 * 0 length data segments." 945 */ 946 icl_pdu_free(response); 947 return; 948 } 949 950 /* 951 * We need to track this for security reasons - without it, malicious target 952 * could respond to SCSI READ without sending Data-In PDUs, which would result 953 * in read operation on the initiator side returning random kernel data. 954 */ 955 if (ntohl(bhsdi->bhsdi_buffer_offset) != io->io_received) { 956 ISCSI_SESSION_WARN(is, "data out of order; expected offset %zd, got %zd", 957 io->io_received, (size_t)ntohl(bhsdi->bhsdi_buffer_offset)); 958 icl_pdu_free(response); 959 iscsi_session_reconnect(is); 960 return; 961 } 962 963 csio = &io->io_ccb->csio; 964 965 if (io->io_received + data_segment_len > csio->dxfer_len) { 966 ISCSI_SESSION_WARN(is, "oversize data segment (%zd bytes " 967 "at offset %zd, buffer is %d)", 968 data_segment_len, io->io_received, csio->dxfer_len); 969 icl_pdu_free(response); 970 iscsi_session_reconnect(is); 971 return; 972 } 973 974 icl_pdu_get_data(response, 0, csio->data_ptr + io->io_received, data_segment_len); 975 io->io_received += data_segment_len; 976 977 /* 978 * XXX: Check DataSN. 979 * XXX: Check F. 980 */ 981 if ((bhsdi->bhsdi_flags & BHSDI_FLAGS_S) == 0) { 982 /* 983 * Nothing more to do. 984 */ 985 icl_pdu_free(response); 986 return; 987 } 988 989 //ISCSI_SESSION_DEBUG(is, "got S flag; status 0x%x", bhsdi->bhsdi_status); 990 if (bhsdi->bhsdi_status == 0) { 991 io->io_ccb->ccb_h.status = CAM_REQ_CMP; 992 } else { 993 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 994 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1); 995 ISCSI_SESSION_DEBUG(is, "freezing devq"); 996 } 997 io->io_ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | CAM_DEV_QFRZN; 998 csio->scsi_status = bhsdi->bhsdi_status; 999 } 1000 1001 if ((csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1002 KASSERT(io->io_received <= csio->dxfer_len, 1003 ("io->io_received > csio->dxfer_len")); 1004 if (io->io_received < csio->dxfer_len) { 1005 csio->resid = ntohl(bhsdi->bhsdi_residual_count); 1006 if (csio->resid != csio->dxfer_len - io->io_received) { 1007 ISCSI_SESSION_WARN(is, "underflow mismatch: " 1008 "target indicates %d, we calculated %zd", 1009 csio->resid, 1010 csio->dxfer_len - io->io_received); 1011 } 1012 csio->resid = csio->dxfer_len - io->io_received; 1013 } 1014 } 1015 1016 xpt_done(io->io_ccb); 1017 iscsi_outstanding_remove(is, io); 1018 icl_pdu_free(response); 1019} 1020 1021static void 1022iscsi_pdu_handle_logout_response(struct icl_pdu *response) 1023{ 1024 1025 ISCSI_SESSION_DEBUG(PDU_SESSION(response), "logout response"); 1026 icl_pdu_free(response); 1027} 1028 1029static void 1030iscsi_pdu_handle_r2t(struct icl_pdu *response) 1031{ 1032 struct icl_pdu *request; 1033 struct iscsi_session *is; 1034 struct iscsi_bhs_r2t *bhsr2t; 1035 struct iscsi_bhs_data_out *bhsdo; 1036 struct iscsi_outstanding *io; 1037 struct ccb_scsiio *csio; 1038 size_t off, len, total_len; 1039 int error; 1040 1041 is = PDU_SESSION(response); 1042 1043 bhsr2t = (struct iscsi_bhs_r2t *)response->ip_bhs; 1044 io = iscsi_outstanding_find(is, bhsr2t->bhsr2t_initiator_task_tag); 1045 if (io == NULL) { 1046 ISCSI_SESSION_WARN(is, "bad itt 0x%x; reconnecting", 1047 bhsr2t->bhsr2t_initiator_task_tag); 1048 icl_pdu_free(response); 1049 iscsi_session_reconnect(is); 1050 return; 1051 } 1052 1053 csio = &io->io_ccb->csio; 1054 1055 if ((csio->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_OUT) { 1056 ISCSI_SESSION_WARN(is, "received R2T for read command; reconnecting"); 1057 icl_pdu_free(response); 1058 iscsi_session_reconnect(is); 1059 return; 1060 } 1061 1062 /* 1063 * XXX: Verify R2TSN. 1064 */ 1065 1066 io->io_datasn = 0; 1067 1068 off = ntohl(bhsr2t->bhsr2t_buffer_offset); 1069 if (off > csio->dxfer_len) { 1070 ISCSI_SESSION_WARN(is, "target requested invalid offset " 1071 "%zd, buffer is is %d; reconnecting", off, csio->dxfer_len); 1072 icl_pdu_free(response); 1073 iscsi_session_reconnect(is); 1074 return; 1075 } 1076 1077 total_len = ntohl(bhsr2t->bhsr2t_desired_data_transfer_length); 1078 if (total_len == 0 || total_len > csio->dxfer_len) { 1079 ISCSI_SESSION_WARN(is, "target requested invalid length " 1080 "%zd, buffer is %d; reconnecting", total_len, csio->dxfer_len); 1081 icl_pdu_free(response); 1082 iscsi_session_reconnect(is); 1083 return; 1084 } 1085 1086 //ISCSI_SESSION_DEBUG(is, "r2t; off %zd, len %zd", off, total_len); 1087 1088 for (;;) { 1089 len = total_len; 1090 1091 if (len > is->is_max_data_segment_length) 1092 len = is->is_max_data_segment_length; 1093 1094 if (off + len > csio->dxfer_len) { 1095 ISCSI_SESSION_WARN(is, "target requested invalid " 1096 "length/offset %zd, buffer is %d; reconnecting", 1097 off + len, csio->dxfer_len); 1098 icl_pdu_free(response); 1099 iscsi_session_reconnect(is); 1100 return; 1101 } 1102 1103 request = icl_pdu_new_bhs(response->ip_conn, M_NOWAIT); 1104 if (request == NULL) { 1105 icl_pdu_free(response); 1106 iscsi_session_reconnect(is); 1107 return; 1108 } 1109 1110 bhsdo = (struct iscsi_bhs_data_out *)request->ip_bhs; 1111 bhsdo->bhsdo_opcode = ISCSI_BHS_OPCODE_SCSI_DATA_OUT; 1112 bhsdo->bhsdo_lun = bhsr2t->bhsr2t_lun; 1113 bhsdo->bhsdo_initiator_task_tag = 1114 bhsr2t->bhsr2t_initiator_task_tag; 1115 bhsdo->bhsdo_target_transfer_tag = 1116 bhsr2t->bhsr2t_target_transfer_tag; 1117 bhsdo->bhsdo_datasn = htonl(io->io_datasn++); 1118 bhsdo->bhsdo_buffer_offset = htonl(off); 1119 error = icl_pdu_append_data(request, csio->data_ptr + off, len, 1120 M_NOWAIT); 1121 if (error != 0) { 1122 ISCSI_SESSION_WARN(is, "failed to allocate memory; " 1123 "reconnecting"); 1124 icl_pdu_free(request); 1125 icl_pdu_free(response); 1126 iscsi_session_reconnect(is); 1127 return; 1128 } 1129 1130 off += len; 1131 total_len -= len; 1132 1133 if (total_len == 0) { 1134 bhsdo->bhsdo_flags |= BHSDO_FLAGS_F; 1135 //ISCSI_SESSION_DEBUG(is, "setting F, off %zd", off); 1136 } else { 1137 //ISCSI_SESSION_DEBUG(is, "not finished, off %zd", off); 1138 } 1139 1140 iscsi_pdu_queue_locked(request); 1141 1142 if (total_len == 0) 1143 break; 1144 } 1145 1146 icl_pdu_free(response); 1147} 1148 1149static void 1150iscsi_pdu_handle_async_message(struct icl_pdu *response) 1151{ 1152 struct iscsi_bhs_asynchronous_message *bhsam; 1153 struct iscsi_session *is; 1154 1155 is = PDU_SESSION(response); 1156 bhsam = (struct iscsi_bhs_asynchronous_message *)response->ip_bhs; 1157 switch (bhsam->bhsam_async_event) { 1158 case BHSAM_EVENT_TARGET_REQUESTS_LOGOUT: 1159 ISCSI_SESSION_WARN(is, "target requests logout; removing session"); 1160 iscsi_session_logout(is); 1161 iscsi_session_terminate(is); 1162 break; 1163 case BHSAM_EVENT_TARGET_TERMINATES_CONNECTION: 1164 ISCSI_SESSION_WARN(is, "target indicates it will drop drop the connection"); 1165 break; 1166 case BHSAM_EVENT_TARGET_TERMINATES_SESSION: 1167 ISCSI_SESSION_WARN(is, "target indicates it will drop drop the session"); 1168 break; 1169 default: 1170 /* 1171 * XXX: Technically, we're obligated to also handle 1172 * parameter renegotiation. 1173 */ 1174 ISCSI_SESSION_WARN(is, "ignoring AsyncEvent %d", bhsam->bhsam_async_event); 1175 break; 1176 } 1177 1178 icl_pdu_free(response); 1179} 1180 1181static void 1182iscsi_pdu_handle_reject(struct icl_pdu *response) 1183{ 1184 struct iscsi_bhs_reject *bhsr; 1185 struct iscsi_session *is; 1186 1187 is = PDU_SESSION(response); 1188 bhsr = (struct iscsi_bhs_reject *)response->ip_bhs; 1189 ISCSI_SESSION_WARN(is, "received Reject PDU, reason 0x%x; protocol error?", 1190 bhsr->bhsr_reason); 1191 1192 icl_pdu_free(response); 1193} 1194 1195static int 1196iscsi_ioctl_daemon_wait(struct iscsi_softc *sc, 1197 struct iscsi_daemon_request *request) 1198{ 1199 struct iscsi_session *is; 1200 int error; 1201 1202 sx_slock(&sc->sc_lock); 1203 for (;;) { 1204 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1205 ISCSI_SESSION_LOCK(is); 1206 if (is->is_waiting_for_iscsid) 1207 break; 1208 ISCSI_SESSION_UNLOCK(is); 1209 } 1210 1211 if (is == NULL) { 1212 /* 1213 * No session requires attention from iscsid(8); wait. 1214 */ 1215 error = cv_wait_sig(&sc->sc_cv, &sc->sc_lock); 1216 if (error != 0) { 1217 sx_sunlock(&sc->sc_lock); 1218 return (error); 1219 } 1220 continue; 1221 } 1222 1223 is->is_waiting_for_iscsid = false; 1224 is->is_login_phase = true; 1225 is->is_reason[0] = '\0'; 1226 ISCSI_SESSION_UNLOCK(is); 1227 1228 request->idr_session_id = is->is_id; 1229 memcpy(&request->idr_isid, &is->is_isid, 1230 sizeof(request->idr_isid)); 1231 request->idr_tsih = 0; /* New or reinstated session. */ 1232 memcpy(&request->idr_conf, &is->is_conf, 1233 sizeof(request->idr_conf)); 1234 1235 sx_sunlock(&sc->sc_lock); 1236 return (0); 1237 } 1238} 1239 1240static int 1241iscsi_ioctl_daemon_handoff(struct iscsi_softc *sc, 1242 struct iscsi_daemon_handoff *handoff) 1243{ 1244 struct iscsi_session *is; 1245 int error; 1246 1247 sx_slock(&sc->sc_lock); 1248 1249 /* 1250 * Find the session to hand off socket to. 1251 */ 1252 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1253 if (is->is_id == handoff->idh_session_id) 1254 break; 1255 } 1256 if (is == NULL) { 1257 sx_sunlock(&sc->sc_lock); 1258 return (ESRCH); 1259 } 1260 ISCSI_SESSION_LOCK(is); 1261 if (is->is_conf.isc_discovery || is->is_terminating) { 1262 ISCSI_SESSION_UNLOCK(is); 1263 sx_sunlock(&sc->sc_lock); 1264 return (EINVAL); 1265 } 1266 if (is->is_connected) { 1267 /* 1268 * This might have happened because another iscsid(8) 1269 * instance handed off the connection in the meantime. 1270 * Just return. 1271 */ 1272 ISCSI_SESSION_WARN(is, "handoff on already connected " 1273 "session"); 1274 ISCSI_SESSION_UNLOCK(is); 1275 sx_sunlock(&sc->sc_lock); 1276 return (EBUSY); 1277 } 1278 1279 strlcpy(is->is_target_alias, handoff->idh_target_alias, 1280 sizeof(is->is_target_alias)); 1281 is->is_tsih = handoff->idh_tsih; 1282 is->is_statsn = handoff->idh_statsn; 1283 is->is_initial_r2t = handoff->idh_initial_r2t; 1284 is->is_immediate_data = handoff->idh_immediate_data; 1285 is->is_max_data_segment_length = handoff->idh_max_data_segment_length; 1286 is->is_max_burst_length = handoff->idh_max_burst_length; 1287 is->is_first_burst_length = handoff->idh_first_burst_length; 1288 1289 if (handoff->idh_header_digest == ISCSI_DIGEST_CRC32C) 1290 is->is_conn->ic_header_crc32c = true; 1291 else 1292 is->is_conn->ic_header_crc32c = false; 1293 if (handoff->idh_data_digest == ISCSI_DIGEST_CRC32C) 1294 is->is_conn->ic_data_crc32c = true; 1295 else 1296 is->is_conn->ic_data_crc32c = false; 1297 1298 is->is_cmdsn = 0; 1299 is->is_expcmdsn = 0; 1300 is->is_maxcmdsn = 0; 1301 is->is_waiting_for_iscsid = false; 1302 is->is_login_phase = false; 1303 is->is_timeout = 0; 1304 is->is_connected = true; 1305 is->is_reason[0] = '\0'; 1306 1307 ISCSI_SESSION_UNLOCK(is); 1308 1309#ifdef ICL_KERNEL_PROXY 1310 if (handoff->idh_socket != 0) { 1311#endif 1312 /* 1313 * Handoff without using ICL proxy. 1314 */ 1315 error = icl_conn_handoff(is->is_conn, handoff->idh_socket); 1316 if (error != 0) { 1317 sx_sunlock(&sc->sc_lock); 1318 iscsi_session_terminate(is); 1319 return (error); 1320 } 1321#ifdef ICL_KERNEL_PROXY 1322 } 1323#endif 1324 1325 sx_sunlock(&sc->sc_lock); 1326 1327 if (is->is_sim != NULL) { 1328 /* 1329 * When reconnecting, there already is SIM allocated for the session. 1330 */ 1331 KASSERT(is->is_simq_frozen, ("reconnect without frozen simq")); 1332 ISCSI_SESSION_LOCK(is); 1333 ISCSI_SESSION_DEBUG(is, "releasing"); 1334 xpt_release_simq(is->is_sim, 1); 1335 is->is_simq_frozen = false; 1336 ISCSI_SESSION_UNLOCK(is); 1337 1338 } else { 1339 ISCSI_SESSION_LOCK(is); 1340 is->is_devq = cam_simq_alloc(maxtags); 1341 if (is->is_devq == NULL) { 1342 ISCSI_SESSION_WARN(is, "failed to allocate simq"); 1343 iscsi_session_terminate(is); 1344 return (ENOMEM); 1345 } 1346 1347 is->is_sim = cam_sim_alloc(iscsi_action, iscsi_poll, "iscsi", 1348 is, is->is_id /* unit */, &is->is_lock, 1349 maxtags, maxtags, is->is_devq); 1350 if (is->is_sim == NULL) { 1351 ISCSI_SESSION_UNLOCK(is); 1352 ISCSI_SESSION_WARN(is, "failed to allocate SIM"); 1353 cam_simq_free(is->is_devq); 1354 iscsi_session_terminate(is); 1355 return (ENOMEM); 1356 } 1357 1358 error = xpt_bus_register(is->is_sim, NULL, 0); 1359 if (error != 0) { 1360 ISCSI_SESSION_UNLOCK(is); 1361 ISCSI_SESSION_WARN(is, "failed to register bus"); 1362 iscsi_session_terminate(is); 1363 return (ENOMEM); 1364 } 1365 1366 error = xpt_create_path(&is->is_path, /*periph*/NULL, 1367 cam_sim_path(is->is_sim), CAM_TARGET_WILDCARD, 1368 CAM_LUN_WILDCARD); 1369 if (error != CAM_REQ_CMP) { 1370 ISCSI_SESSION_UNLOCK(is); 1371 ISCSI_SESSION_WARN(is, "failed to create path"); 1372 iscsi_session_terminate(is); 1373 return (ENOMEM); 1374 } 1375 ISCSI_SESSION_UNLOCK(is); 1376 } 1377 1378 return (0); 1379} 1380 1381static int 1382iscsi_ioctl_daemon_fail(struct iscsi_softc *sc, 1383 struct iscsi_daemon_fail *fail) 1384{ 1385 struct iscsi_session *is; 1386 1387 sx_slock(&sc->sc_lock); 1388 1389 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1390 if (is->is_id == fail->idf_session_id) 1391 break; 1392 } 1393 if (is == NULL) { 1394 sx_sunlock(&sc->sc_lock); 1395 return (ESRCH); 1396 } 1397 ISCSI_SESSION_LOCK(is); 1398 ISCSI_SESSION_DEBUG(is, "iscsid(8) failed: %s", 1399 fail->idf_reason); 1400 strlcpy(is->is_reason, fail->idf_reason, sizeof(is->is_reason)); 1401 //is->is_waiting_for_iscsid = false; 1402 //is->is_login_phase = true; 1403 //iscsi_session_reconnect(is); 1404 ISCSI_SESSION_UNLOCK(is); 1405 sx_sunlock(&sc->sc_lock); 1406 1407 return (0); 1408} 1409 1410#ifdef ICL_KERNEL_PROXY 1411static int 1412iscsi_ioctl_daemon_connect(struct iscsi_softc *sc, 1413 struct iscsi_daemon_connect *idc) 1414{ 1415 struct iscsi_session *is; 1416 struct sockaddr *from_sa, *to_sa; 1417 int error; 1418 1419 sx_slock(&sc->sc_lock); 1420 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1421 if (is->is_id == idc->idc_session_id) 1422 break; 1423 } 1424 if (is == NULL) { 1425 sx_sunlock(&sc->sc_lock); 1426 return (ESRCH); 1427 } 1428 sx_sunlock(&sc->sc_lock); 1429 1430 if (idc->idc_from_addrlen > 0) { 1431 error = getsockaddr(&from_sa, (void *)idc->idc_from_addr, idc->idc_from_addrlen); 1432 if (error != 0) { 1433 ISCSI_SESSION_WARN(is, 1434 "getsockaddr failed with error %d", error); 1435 return (error); 1436 } 1437 } else { 1438 from_sa = NULL; 1439 } 1440 error = getsockaddr(&to_sa, (void *)idc->idc_to_addr, idc->idc_to_addrlen); 1441 if (error != 0) { 1442 ISCSI_SESSION_WARN(is, "getsockaddr failed with error %d", 1443 error); 1444 free(from_sa, M_SONAME); 1445 return (error); 1446 } 1447 1448 ISCSI_SESSION_LOCK(is); 1449 is->is_waiting_for_iscsid = false; 1450 is->is_login_phase = true; 1451 is->is_timeout = 0; 1452 ISCSI_SESSION_UNLOCK(is); 1453 1454 error = icl_conn_connect(is->is_conn, idc->idc_iser, idc->idc_domain, 1455 idc->idc_socktype, idc->idc_protocol, from_sa, to_sa); 1456 free(from_sa, M_SONAME); 1457 free(to_sa, M_SONAME); 1458 1459 /* 1460 * Digests are always disabled during login phase. 1461 */ 1462 is->is_conn->ic_header_crc32c = false; 1463 is->is_conn->ic_data_crc32c = false; 1464 1465 return (error); 1466} 1467 1468static int 1469iscsi_ioctl_daemon_send(struct iscsi_softc *sc, 1470 struct iscsi_daemon_send *ids) 1471{ 1472 struct iscsi_session *is; 1473 struct icl_pdu *ip; 1474 size_t datalen; 1475 void *data; 1476 int error; 1477 1478 sx_slock(&sc->sc_lock); 1479 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1480 if (is->is_id == ids->ids_session_id) 1481 break; 1482 } 1483 if (is == NULL) { 1484 sx_sunlock(&sc->sc_lock); 1485 return (ESRCH); 1486 } 1487 sx_sunlock(&sc->sc_lock); 1488 1489 if (is->is_login_phase == false) 1490 return (EBUSY); 1491 1492 if (is->is_terminating || is->is_reconnecting) 1493 return (EIO); 1494 1495 datalen = ids->ids_data_segment_len; 1496 if (datalen > ISCSI_MAX_DATA_SEGMENT_LENGTH) 1497 return (EINVAL); 1498 if (datalen > 0) { 1499 data = malloc(datalen, M_ISCSI, M_WAITOK); 1500 error = copyin(ids->ids_data_segment, data, datalen); 1501 if (error != 0) { 1502 free(data, M_ISCSI); 1503 return (error); 1504 } 1505 } 1506 1507 ip = icl_pdu_new_bhs(is->is_conn, M_WAITOK); 1508 memcpy(ip->ip_bhs, ids->ids_bhs, sizeof(*ip->ip_bhs)); 1509 if (datalen > 0) { 1510 error = icl_pdu_append_data(ip, data, datalen, M_WAITOK); 1511 KASSERT(error == 0, ("icl_pdu_append_data(..., M_WAITOK) failed")); 1512 free(data, M_ISCSI); 1513 } 1514 icl_pdu_queue(ip); 1515 1516 return (0); 1517} 1518 1519static int 1520iscsi_ioctl_daemon_receive(struct iscsi_softc *sc, 1521 struct iscsi_daemon_receive *idr) 1522{ 1523 struct iscsi_session *is; 1524 struct icl_pdu *ip; 1525 void *data; 1526 1527 sx_slock(&sc->sc_lock); 1528 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1529 if (is->is_id == idr->idr_session_id) 1530 break; 1531 } 1532 if (is == NULL) { 1533 sx_sunlock(&sc->sc_lock); 1534 return (ESRCH); 1535 } 1536 sx_sunlock(&sc->sc_lock); 1537 1538 if (is->is_login_phase == false) 1539 return (EBUSY); 1540 1541 ISCSI_SESSION_LOCK(is); 1542 while (is->is_login_pdu == NULL && 1543 is->is_terminating == false && 1544 is->is_reconnecting == false) 1545 cv_wait(&is->is_login_cv, &is->is_lock); 1546 if (is->is_terminating || is->is_reconnecting) { 1547 ISCSI_SESSION_UNLOCK(is); 1548 return (EIO); 1549 } 1550 ip = is->is_login_pdu; 1551 is->is_login_pdu = NULL; 1552 ISCSI_SESSION_UNLOCK(is); 1553 1554 if (ip->ip_data_len > idr->idr_data_segment_len) { 1555 icl_pdu_free(ip); 1556 return (EMSGSIZE); 1557 } 1558 1559 copyout(ip->ip_bhs, idr->idr_bhs, sizeof(*ip->ip_bhs)); 1560 if (ip->ip_data_len > 0) { 1561 data = malloc(ip->ip_data_len, M_ISCSI, M_WAITOK); 1562 icl_pdu_get_data(ip, 0, data, ip->ip_data_len); 1563 copyout(data, idr->idr_data_segment, ip->ip_data_len); 1564 free(data, M_ISCSI); 1565 } 1566 1567 icl_pdu_free(ip); 1568 1569 return (0); 1570} 1571#endif /* ICL_KERNEL_PROXY */ 1572 1573static void 1574iscsi_sanitize_session_conf(struct iscsi_session_conf *isc) 1575{ 1576 /* 1577 * Just make sure all the fields are null-terminated. 1578 * 1579 * XXX: This is not particularly secure. We should 1580 * create our own conf and then copy in relevant 1581 * fields. 1582 */ 1583 isc->isc_initiator[ISCSI_NAME_LEN - 1] = '\0'; 1584 isc->isc_initiator_addr[ISCSI_ADDR_LEN - 1] = '\0'; 1585 isc->isc_initiator_alias[ISCSI_ALIAS_LEN - 1] = '\0'; 1586 isc->isc_target[ISCSI_NAME_LEN - 1] = '\0'; 1587 isc->isc_target_addr[ISCSI_ADDR_LEN - 1] = '\0'; 1588 isc->isc_user[ISCSI_NAME_LEN - 1] = '\0'; 1589 isc->isc_secret[ISCSI_SECRET_LEN - 1] = '\0'; 1590 isc->isc_mutual_user[ISCSI_NAME_LEN - 1] = '\0'; 1591 isc->isc_mutual_secret[ISCSI_SECRET_LEN - 1] = '\0'; 1592} 1593 1594static int 1595iscsi_ioctl_session_add(struct iscsi_softc *sc, struct iscsi_session_add *isa) 1596{ 1597 struct iscsi_session *is; 1598 const struct iscsi_session *is2; 1599 int error; 1600 1601 iscsi_sanitize_session_conf(&isa->isa_conf); 1602 1603 is = malloc(sizeof(*is), M_ISCSI, M_ZERO | M_WAITOK); 1604 memcpy(&is->is_conf, &isa->isa_conf, sizeof(is->is_conf)); 1605 1606 if (is->is_conf.isc_initiator[0] == '\0' || 1607 is->is_conf.isc_target_addr[0] == '\0') { 1608 free(is, M_ISCSI); 1609 return (EINVAL); 1610 } 1611 1612 if ((is->is_conf.isc_discovery != 0 && is->is_conf.isc_target[0] != 0) || 1613 (is->is_conf.isc_discovery == 0 && is->is_conf.isc_target[0] == 0)) { 1614 free(is, M_ISCSI); 1615 return (EINVAL); 1616 } 1617 1618 sx_xlock(&sc->sc_lock); 1619 1620 /* 1621 * Prevent duplicates. 1622 */ 1623 TAILQ_FOREACH(is2, &sc->sc_sessions, is_next) { 1624 if (!!is->is_conf.isc_discovery != 1625 !!is2->is_conf.isc_discovery) 1626 continue; 1627 1628 if (strcmp(is->is_conf.isc_target_addr, 1629 is2->is_conf.isc_target_addr) != 0) 1630 continue; 1631 1632 if (is->is_conf.isc_discovery == 0 && 1633 strcmp(is->is_conf.isc_target, 1634 is2->is_conf.isc_target) != 0) 1635 continue; 1636 1637 sx_xunlock(&sc->sc_lock); 1638 free(is, M_ISCSI); 1639 return (EBUSY); 1640 } 1641 1642 is->is_conn = icl_conn_new("iscsi", &is->is_lock); 1643 is->is_conn->ic_receive = iscsi_receive_callback; 1644 is->is_conn->ic_error = iscsi_error_callback; 1645 is->is_conn->ic_prv0 = is; 1646 TAILQ_INIT(&is->is_outstanding); 1647 STAILQ_INIT(&is->is_postponed); 1648 mtx_init(&is->is_lock, "iscsi_lock", NULL, MTX_DEF); 1649 cv_init(&is->is_maintenance_cv, "iscsi_mt"); 1650#ifdef ICL_KERNEL_PROXY 1651 cv_init(&is->is_login_cv, "iscsi_login"); 1652#endif 1653 1654 is->is_softc = sc; 1655 sc->sc_last_session_id++; 1656 is->is_id = sc->sc_last_session_id; 1657 is->is_isid[0] = 0x80; /* RFC 3720, 10.12.5: 10b, "Random" ISID. */ 1658 arc4rand(&is->is_isid[1], 5, 0); 1659 is->is_tsih = 0; 1660 callout_init(&is->is_callout, 1); 1661 callout_reset(&is->is_callout, 1 * hz, iscsi_callout, is); 1662 TAILQ_INSERT_TAIL(&sc->sc_sessions, is, is_next); 1663 1664 error = kthread_add(iscsi_maintenance_thread, is, NULL, NULL, 0, 0, "iscsimt"); 1665 if (error != 0) { 1666 ISCSI_SESSION_WARN(is, "kthread_add(9) failed with error %d", error); 1667 return (error); 1668 } 1669 1670 /* 1671 * Trigger immediate reconnection. 1672 */ 1673 ISCSI_SESSION_LOCK(is); 1674 is->is_waiting_for_iscsid = true; 1675 strlcpy(is->is_reason, "Waiting for iscsid(8)", sizeof(is->is_reason)); 1676 ISCSI_SESSION_UNLOCK(is); 1677 cv_signal(&sc->sc_cv); 1678 1679 sx_xunlock(&sc->sc_lock); 1680 1681 return (0); 1682} 1683 1684static bool 1685iscsi_session_conf_matches(unsigned int id1, const struct iscsi_session_conf *c1, 1686 unsigned int id2, const struct iscsi_session_conf *c2) 1687{ 1688 if (id2 == 0 && c2->isc_target[0] == '\0' && 1689 c2->isc_target_addr[0] == '\0') 1690 return (true); 1691 if (id2 != 0 && id2 == id1) 1692 return (true); 1693 if (c2->isc_target[0] != '\0' && 1694 strcmp(c1->isc_target, c2->isc_target) == 0) 1695 return (true); 1696 if (c2->isc_target_addr[0] != '\0' && 1697 strcmp(c1->isc_target_addr, c2->isc_target_addr) == 0) 1698 return (true); 1699 return (false); 1700} 1701 1702static int 1703iscsi_ioctl_session_remove(struct iscsi_softc *sc, 1704 struct iscsi_session_remove *isr) 1705{ 1706 struct iscsi_session *is, *tmp; 1707 bool found = false; 1708 1709 iscsi_sanitize_session_conf(&isr->isr_conf); 1710 1711 sx_xlock(&sc->sc_lock); 1712 TAILQ_FOREACH_SAFE(is, &sc->sc_sessions, is_next, tmp) { 1713 ISCSI_SESSION_LOCK(is); 1714 if (iscsi_session_conf_matches(is->is_id, &is->is_conf, 1715 isr->isr_session_id, &isr->isr_conf)) { 1716 found = true; 1717 iscsi_session_logout(is); 1718 iscsi_session_terminate(is); 1719 } 1720 ISCSI_SESSION_UNLOCK(is); 1721 } 1722 sx_xunlock(&sc->sc_lock); 1723 1724 if (!found) 1725 return (ESRCH); 1726 1727 return (0); 1728} 1729 1730static int 1731iscsi_ioctl_session_list(struct iscsi_softc *sc, struct iscsi_session_list *isl) 1732{ 1733 int error; 1734 unsigned int i = 0; 1735 struct iscsi_session *is; 1736 struct iscsi_session_state iss; 1737 1738 sx_slock(&sc->sc_lock); 1739 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) { 1740 if (i >= isl->isl_nentries) { 1741 sx_sunlock(&sc->sc_lock); 1742 return (EMSGSIZE); 1743 } 1744 memset(&iss, 0, sizeof(iss)); 1745 memcpy(&iss.iss_conf, &is->is_conf, sizeof(iss.iss_conf)); 1746 iss.iss_id = is->is_id; 1747 strlcpy(iss.iss_target_alias, is->is_target_alias, sizeof(iss.iss_target_alias)); 1748 strlcpy(iss.iss_reason, is->is_reason, sizeof(iss.iss_reason)); 1749 1750 if (is->is_conn->ic_header_crc32c) 1751 iss.iss_header_digest = ISCSI_DIGEST_CRC32C; 1752 else 1753 iss.iss_header_digest = ISCSI_DIGEST_NONE; 1754 1755 if (is->is_conn->ic_data_crc32c) 1756 iss.iss_data_digest = ISCSI_DIGEST_CRC32C; 1757 else 1758 iss.iss_data_digest = ISCSI_DIGEST_NONE; 1759 1760 iss.iss_max_data_segment_length = is->is_max_data_segment_length; 1761 iss.iss_immediate_data = is->is_immediate_data; 1762 iss.iss_connected = is->is_connected; 1763 1764 error = copyout(&iss, isl->isl_pstates + i, sizeof(iss)); 1765 if (error != 0) { 1766 sx_sunlock(&sc->sc_lock); 1767 return (error); 1768 } 1769 i++; 1770 } 1771 sx_sunlock(&sc->sc_lock); 1772 1773 isl->isl_nentries = i; 1774 1775 return (0); 1776} 1777 1778static int 1779iscsi_ioctl(struct cdev *dev, u_long cmd, caddr_t arg, int mode, 1780 struct thread *td) 1781{ 1782 struct iscsi_softc *sc; 1783 1784 sc = dev->si_drv1; 1785 1786 switch (cmd) { 1787 case ISCSIDWAIT: 1788 return (iscsi_ioctl_daemon_wait(sc, 1789 (struct iscsi_daemon_request *)arg)); 1790 case ISCSIDHANDOFF: 1791 return (iscsi_ioctl_daemon_handoff(sc, 1792 (struct iscsi_daemon_handoff *)arg)); 1793 case ISCSIDFAIL: 1794 return (iscsi_ioctl_daemon_fail(sc, 1795 (struct iscsi_daemon_fail *)arg)); 1796#ifdef ICL_KERNEL_PROXY 1797 case ISCSIDCONNECT: 1798 return (iscsi_ioctl_daemon_connect(sc, 1799 (struct iscsi_daemon_connect *)arg)); 1800 case ISCSIDSEND: 1801 return (iscsi_ioctl_daemon_send(sc, 1802 (struct iscsi_daemon_send *)arg)); 1803 case ISCSIDRECEIVE: 1804 return (iscsi_ioctl_daemon_receive(sc, 1805 (struct iscsi_daemon_receive *)arg)); 1806#endif /* ICL_KERNEL_PROXY */ 1807 case ISCSISADD: 1808 return (iscsi_ioctl_session_add(sc, 1809 (struct iscsi_session_add *)arg)); 1810 case ISCSISREMOVE: 1811 return (iscsi_ioctl_session_remove(sc, 1812 (struct iscsi_session_remove *)arg)); 1813 case ISCSISLIST: 1814 return (iscsi_ioctl_session_list(sc, 1815 (struct iscsi_session_list *)arg)); 1816 default: 1817 return (EINVAL); 1818 } 1819} 1820 1821static uint64_t 1822iscsi_encode_lun(uint32_t lun) 1823{ 1824 uint8_t encoded[8]; 1825 uint64_t result; 1826 1827 memset(encoded, 0, sizeof(encoded)); 1828 1829 if (lun < 256) { 1830 /* 1831 * Peripheral device addressing. 1832 */ 1833 encoded[1] = lun; 1834 } else if (lun < 16384) { 1835 /* 1836 * Flat space addressing. 1837 */ 1838 encoded[0] = 0x40; 1839 encoded[0] |= (lun >> 8) & 0x3f; 1840 encoded[1] = lun & 0xff; 1841 } else { 1842 /* 1843 * Extended flat space addressing. 1844 */ 1845 encoded[0] = 0xd2; 1846 encoded[1] = lun >> 16; 1847 encoded[2] = lun >> 8; 1848 encoded[3] = lun; 1849 } 1850 1851 memcpy(&result, encoded, sizeof(result)); 1852 return (result); 1853} 1854 1855static struct iscsi_outstanding * 1856iscsi_outstanding_find(struct iscsi_session *is, uint32_t initiator_task_tag) 1857{ 1858 struct iscsi_outstanding *io; 1859 1860 ISCSI_SESSION_LOCK_ASSERT(is); 1861 1862 TAILQ_FOREACH(io, &is->is_outstanding, io_next) { 1863 if (io->io_initiator_task_tag == initiator_task_tag) 1864 return (io); 1865 } 1866 return (NULL); 1867} 1868 1869static int 1870iscsi_outstanding_add(struct iscsi_session *is, 1871 uint32_t initiator_task_tag, union ccb *ccb) 1872{ 1873 struct iscsi_outstanding *io; 1874 1875 ISCSI_SESSION_LOCK_ASSERT(is); 1876 1877 KASSERT(iscsi_outstanding_find(is, initiator_task_tag) == NULL, 1878 ("initiator_task_tag 0x%x already added", initiator_task_tag)); 1879 1880 io = uma_zalloc(iscsi_outstanding_zone, M_NOWAIT | M_ZERO); 1881 if (io == NULL) { 1882 ISCSI_SESSION_WARN(is, "failed to allocate %zd bytes", sizeof(*io)); 1883 return (ENOMEM); 1884 } 1885 io->io_initiator_task_tag = initiator_task_tag; 1886 io->io_ccb = ccb; 1887 TAILQ_INSERT_TAIL(&is->is_outstanding, io, io_next); 1888 return (0); 1889} 1890 1891static void 1892iscsi_outstanding_remove(struct iscsi_session *is, struct iscsi_outstanding *io) 1893{ 1894 1895 ISCSI_SESSION_LOCK_ASSERT(is); 1896 1897 TAILQ_REMOVE(&is->is_outstanding, io, io_next); 1898 uma_zfree(iscsi_outstanding_zone, io); 1899} 1900 1901static void 1902iscsi_action_scsiio(struct iscsi_session *is, union ccb *ccb) 1903{ 1904 struct icl_pdu *request; 1905 struct iscsi_bhs_scsi_command *bhssc; 1906 struct ccb_scsiio *csio; 1907 size_t len; 1908 int error; 1909 1910 ISCSI_SESSION_LOCK_ASSERT(is); 1911 1912#if 0 1913 KASSERT(is->is_login_phase == false, ("%s called during Login Phase", __func__)); 1914#else 1915 if (is->is_login_phase) { 1916 ISCSI_SESSION_DEBUG(is, "called during login phase"); 1917 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1918 xpt_freeze_devq(ccb->ccb_h.path, 1); 1919 ISCSI_SESSION_DEBUG(is, "freezing devq"); 1920 } 1921 ccb->ccb_h.status = CAM_REQ_ABORTED | CAM_DEV_QFRZN; 1922 xpt_done(ccb); 1923 return; 1924 } 1925#endif 1926 1927 request = icl_pdu_new_bhs(is->is_conn, M_NOWAIT); 1928 if (request == NULL) { 1929 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1930 xpt_freeze_devq(ccb->ccb_h.path, 1); 1931 ISCSI_SESSION_DEBUG(is, "freezing devq"); 1932 } 1933 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN; 1934 xpt_done(ccb); 1935 return; 1936 } 1937 1938 csio = &ccb->csio; 1939 bhssc = (struct iscsi_bhs_scsi_command *)request->ip_bhs; 1940 bhssc->bhssc_opcode = ISCSI_BHS_OPCODE_SCSI_COMMAND; 1941 bhssc->bhssc_flags |= BHSSC_FLAGS_F; 1942 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1943 case CAM_DIR_IN: 1944 bhssc->bhssc_flags |= BHSSC_FLAGS_R; 1945 break; 1946 case CAM_DIR_OUT: 1947 bhssc->bhssc_flags |= BHSSC_FLAGS_W; 1948 break; 1949 } 1950 1951 switch (csio->tag_action) { 1952 case MSG_HEAD_OF_Q_TAG: 1953 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_HOQ; 1954 break; 1955 break; 1956 case MSG_ORDERED_Q_TAG: 1957 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_ORDERED; 1958 break; 1959 case MSG_ACA_TASK: 1960 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_ACA; 1961 break; 1962 case CAM_TAG_ACTION_NONE: 1963 case MSG_SIMPLE_Q_TAG: 1964 default: 1965 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_SIMPLE; 1966 break; 1967 } 1968 1969 bhssc->bhssc_lun = iscsi_encode_lun(csio->ccb_h.target_lun); 1970 bhssc->bhssc_initiator_task_tag = is->is_initiator_task_tag; 1971 is->is_initiator_task_tag++; 1972 bhssc->bhssc_expected_data_transfer_length = htonl(csio->dxfer_len); 1973 KASSERT(csio->cdb_len <= sizeof(bhssc->bhssc_cdb), 1974 ("unsupported CDB size %zd", (size_t)csio->cdb_len)); 1975 1976 if (csio->ccb_h.flags & CAM_CDB_POINTER) 1977 memcpy(&bhssc->bhssc_cdb, csio->cdb_io.cdb_ptr, csio->cdb_len); 1978 else 1979 memcpy(&bhssc->bhssc_cdb, csio->cdb_io.cdb_bytes, csio->cdb_len); 1980 1981 error = iscsi_outstanding_add(is, bhssc->bhssc_initiator_task_tag, ccb); 1982 if (error != 0) { 1983 icl_pdu_free(request); 1984 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1985 xpt_freeze_devq(ccb->ccb_h.path, 1); 1986 ISCSI_SESSION_DEBUG(is, "freezing devq"); 1987 } 1988 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN; 1989 xpt_done(ccb); 1990 return; 1991 } 1992 1993 if (is->is_immediate_data && 1994 (csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) { 1995 len = csio->dxfer_len; 1996 //ISCSI_SESSION_DEBUG(is, "adding %zd of immediate data", len); 1997 if (len > is->is_first_burst_length) { 1998 ISCSI_SESSION_DEBUG(is, "len %zd -> %zd", len, is->is_first_burst_length); 1999 len = is->is_first_burst_length; 2000 } 2001 2002 error = icl_pdu_append_data(request, csio->data_ptr, len, M_NOWAIT); 2003 if (error != 0) { 2004 icl_pdu_free(request); 2005 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 2006 xpt_freeze_devq(ccb->ccb_h.path, 1); 2007 ISCSI_SESSION_DEBUG(is, "freezing devq"); 2008 } 2009 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN; 2010 xpt_done(ccb); 2011 return; 2012 } 2013 } 2014 iscsi_pdu_queue_locked(request); 2015} 2016 2017static void 2018iscsi_action(struct cam_sim *sim, union ccb *ccb) 2019{ 2020 struct iscsi_session *is; 2021 2022 is = cam_sim_softc(sim); 2023 2024 ISCSI_SESSION_LOCK_ASSERT(is); 2025 2026 if (is->is_terminating || 2027 (is->is_connected == false && fail_on_disconnection)) { 2028 ccb->ccb_h.status = CAM_DEV_NOT_THERE; 2029 xpt_done(ccb); 2030 return; 2031 } 2032 2033 switch (ccb->ccb_h.func_code) { 2034 case XPT_PATH_INQ: 2035 { 2036 struct ccb_pathinq *cpi = &ccb->cpi; 2037 2038 cpi->version_num = 1; 2039 cpi->hba_inquiry = PI_TAG_ABLE; 2040 cpi->target_sprt = 0; 2041 //cpi->hba_misc = PIM_NOBUSRESET; 2042 cpi->hba_misc = 0; 2043 cpi->hba_eng_cnt = 0; 2044 cpi->max_target = 0; 2045 cpi->max_lun = 255; 2046 //cpi->initiator_id = 0; /* XXX */ 2047 cpi->initiator_id = 64; /* XXX */ 2048 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 2049 strlcpy(cpi->hba_vid, "iSCSI", HBA_IDLEN); 2050 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 2051 cpi->unit_number = cam_sim_unit(sim); 2052 cpi->bus_id = cam_sim_bus(sim); 2053 cpi->base_transfer_speed = 150000; /* XXX */ 2054 cpi->transport = XPORT_ISCSI; 2055 cpi->transport_version = 0; 2056 cpi->protocol = PROTO_SCSI; 2057 cpi->protocol_version = SCSI_REV_SPC3; 2058 cpi->maxio = MAXPHYS; 2059 cpi->ccb_h.status = CAM_REQ_CMP; 2060 break; 2061 } 2062 case XPT_CALC_GEOMETRY: 2063 cam_calc_geometry(&ccb->ccg, /*extended*/1); 2064 ccb->ccb_h.status = CAM_REQ_CMP; 2065 break; 2066#if 0 2067 /* 2068 * XXX: What's the point? 2069 */ 2070 case XPT_RESET_BUS: 2071 case XPT_ABORT: 2072 case XPT_TERM_IO: 2073 ISCSI_SESSION_DEBUG(is, "faking success for reset, abort, or term_io"); 2074 ccb->ccb_h.status = CAM_REQ_CMP; 2075 break; 2076#endif 2077 case XPT_SCSI_IO: 2078 iscsi_action_scsiio(is, ccb); 2079 return; 2080 default: 2081#if 0 2082 ISCSI_SESSION_DEBUG(is, "got unsupported code 0x%x", ccb->ccb_h.func_code); 2083#endif 2084 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL; 2085 break; 2086 } 2087 xpt_done(ccb); 2088} 2089 2090static void 2091iscsi_poll(struct cam_sim *sim) 2092{ 2093 2094 KASSERT(0, ("%s: you're not supposed to be here", __func__)); 2095} 2096 2097static void 2098iscsi_shutdown(struct iscsi_softc *sc) 2099{ 2100 struct iscsi_session *is; 2101 2102 ISCSI_DEBUG("removing all sessions due to shutdown"); 2103 2104 sx_slock(&sc->sc_lock); 2105 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) 2106 iscsi_session_terminate(is); 2107 sx_sunlock(&sc->sc_lock); 2108} 2109 2110static int 2111iscsi_load(void) 2112{ 2113 int error; 2114 2115 sc = malloc(sizeof(*sc), M_ISCSI, M_ZERO | M_WAITOK); 2116 sx_init(&sc->sc_lock, "iscsi"); 2117 TAILQ_INIT(&sc->sc_sessions); 2118 cv_init(&sc->sc_cv, "iscsi_cv"); 2119 2120 iscsi_outstanding_zone = uma_zcreate("iscsi_outstanding", 2121 sizeof(struct iscsi_outstanding), NULL, NULL, NULL, NULL, 2122 UMA_ALIGN_PTR, 0); 2123 2124 error = make_dev_p(MAKEDEV_CHECKNAME, &sc->sc_cdev, &iscsi_cdevsw, 2125 NULL, UID_ROOT, GID_WHEEL, 0600, "iscsi"); 2126 if (error != 0) { 2127 ISCSI_WARN("failed to create device node, error %d", error); 2128 return (error); 2129 } 2130 sc->sc_cdev->si_drv1 = sc; 2131 2132 /* 2133 * Note that this needs to get run before dashutdown(). Otherwise, 2134 * when rebooting with iSCSI session with outstanding requests, 2135 * but disconnected, dashutdown() will hang on cam_periph_runccb(). 2136 */ 2137 sc->sc_shutdown_eh = EVENTHANDLER_REGISTER(shutdown_post_sync, 2138 iscsi_shutdown, sc, SHUTDOWN_PRI_FIRST); 2139 2140 return (0); 2141} 2142 2143static int 2144iscsi_unload(void) 2145{ 2146 struct iscsi_session *is, *tmp; 2147 2148 if (sc->sc_cdev != NULL) { 2149 ISCSI_DEBUG("removing device node"); 2150 destroy_dev(sc->sc_cdev); 2151 ISCSI_DEBUG("device node removed"); 2152 } 2153 2154 if (sc->sc_shutdown_eh != NULL) 2155 EVENTHANDLER_DEREGISTER(shutdown_post_sync, sc->sc_shutdown_eh); 2156 2157 sx_slock(&sc->sc_lock); 2158 TAILQ_FOREACH_SAFE(is, &sc->sc_sessions, is_next, tmp) 2159 iscsi_session_terminate(is); 2160 while(!TAILQ_EMPTY(&sc->sc_sessions)) { 2161 ISCSI_DEBUG("waiting for sessions to terminate"); 2162 cv_wait(&sc->sc_cv, &sc->sc_lock); 2163 } 2164 ISCSI_DEBUG("all sessions terminated"); 2165 sx_sunlock(&sc->sc_lock); 2166 2167 uma_zdestroy(iscsi_outstanding_zone); 2168 sx_destroy(&sc->sc_lock); 2169 cv_destroy(&sc->sc_cv); 2170 free(sc, M_ISCSI); 2171 return (0); 2172} 2173 2174static int 2175iscsi_quiesce(void) 2176{ 2177 sx_slock(&sc->sc_lock); 2178 if (!TAILQ_EMPTY(&sc->sc_sessions)) { 2179 sx_sunlock(&sc->sc_lock); 2180 return (EBUSY); 2181 } 2182 sx_sunlock(&sc->sc_lock); 2183 return (0); 2184} 2185 2186static int 2187iscsi_modevent(module_t mod, int what, void *arg) 2188{ 2189 int error; 2190 2191 switch (what) { 2192 case MOD_LOAD: 2193 error = iscsi_load(); 2194 break; 2195 case MOD_UNLOAD: 2196 error = iscsi_unload(); 2197 break; 2198 case MOD_QUIESCE: 2199 error = iscsi_quiesce(); 2200 break; 2201 default: 2202 error = EINVAL; 2203 break; 2204 } 2205 return (error); 2206} 2207 2208moduledata_t iscsi_data = { 2209 "iscsi", 2210 iscsi_modevent, 2211 0 2212}; 2213 2214DECLARE_MODULE(iscsi, iscsi_data, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); 2215MODULE_DEPEND(iscsi, cam, 1, 1, 1); 2216MODULE_DEPEND(iscsi, icl, 1, 1, 1); 2217