2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2012 The FreeBSD Foundation
6 * This software was developed by Edward Tomasz Napierala under sponsorship
7 * from the FreeBSD Foundation.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
35 #include <sys/param.h>
37 #include <sys/condvar.h>
39 #include <sys/endian.h>
40 #include <sys/eventhandler.h>
42 #include <sys/kernel.h>
43 #include <sys/kthread.h>
45 #include <sys/malloc.h>
47 #include <sys/mutex.h>
48 #include <sys/module.h>
49 #include <sys/socket.h>
50 #include <sys/sockopt.h>
51 #include <sys/sysctl.h>
52 #include <sys/systm.h>
57 #include <cam/cam_ccb.h>
58 #include <cam/cam_xpt.h>
59 #include <cam/cam_debug.h>
60 #include <cam/cam_sim.h>
61 #include <cam/cam_xpt_sim.h>
62 #include <cam/cam_xpt_periph.h>
63 #include <cam/cam_periph.h>
64 #include <cam/scsi/scsi_all.h>
65 #include <cam/scsi/scsi_message.h>
67 #include <dev/iscsi/icl.h>
68 #include <dev/iscsi/icl_wrappers.h>
69 #include <dev/iscsi/iscsi_ioctl.h>
70 #include <dev/iscsi/iscsi_proto.h>
71 #include <dev/iscsi/iscsi.h>
73 #ifdef ICL_KERNEL_PROXY
74 #include <sys/socketvar.h>
77 #ifdef ICL_KERNEL_PROXY
78 FEATURE(iscsi_kernel_proxy, "iSCSI initiator built with ICL_KERNEL_PROXY");
82 * XXX: This is global so the iscsi_unload() can access it.
83 * Think about how to do this properly.
85 static struct iscsi_softc *sc;
87 SYSCTL_NODE(_kern, OID_AUTO, iscsi, CTLFLAG_RD | CTLFLAG_MPSAFE, 0,
90 SYSCTL_INT(_kern_iscsi, OID_AUTO, debug, CTLFLAG_RWTUN,
91 &debug, 0, "Enable debug messages");
93 static int ping_timeout = 5;
94 SYSCTL_INT(_kern_iscsi, OID_AUTO, ping_timeout, CTLFLAG_RWTUN, &ping_timeout,
95 0, "Timeout for ping (NOP-Out) requests, in seconds");
96 static int iscsid_timeout = 60;
97 SYSCTL_INT(_kern_iscsi, OID_AUTO, iscsid_timeout, CTLFLAG_RWTUN, &iscsid_timeout,
98 0, "Time to wait for iscsid(8) to handle reconnection, in seconds");
99 static int login_timeout = 60;
100 SYSCTL_INT(_kern_iscsi, OID_AUTO, login_timeout, CTLFLAG_RWTUN, &login_timeout,
101 0, "Time to wait for iscsid(8) to finish Login Phase, in seconds");
102 static int maxtags = 255;
103 SYSCTL_INT(_kern_iscsi, OID_AUTO, maxtags, CTLFLAG_RWTUN, &maxtags,
104 0, "Max number of IO requests queued");
105 static int fail_on_disconnection = 0;
106 SYSCTL_INT(_kern_iscsi, OID_AUTO, fail_on_disconnection, CTLFLAG_RWTUN,
107 &fail_on_disconnection, 0, "Destroy CAM SIM on connection failure");
108 static int fail_on_shutdown = 1;
109 SYSCTL_INT(_kern_iscsi, OID_AUTO, fail_on_shutdown, CTLFLAG_RWTUN,
110 &fail_on_shutdown, 0, "Fail disconnected sessions on shutdown");
112 static MALLOC_DEFINE(M_ISCSI, "iSCSI", "iSCSI initiator");
113 static uma_zone_t iscsi_outstanding_zone;
115 #define CONN_SESSION(X) ((struct iscsi_session *)X->ic_prv0)
116 #define PDU_SESSION(X) (CONN_SESSION(X->ip_conn))
118 #define ISCSI_DEBUG(X, ...) \
121 printf("%s: " X "\n", __func__, ## __VA_ARGS__);\
124 #define ISCSI_WARN(X, ...) \
127 printf("WARNING: %s: " X "\n", \
128 __func__, ## __VA_ARGS__); \
132 #define ISCSI_SESSION_DEBUG(S, X, ...) \
135 printf("%s: %s (%s): " X "\n", \
136 __func__, S->is_conf.isc_target_addr, \
137 S->is_conf.isc_target, ## __VA_ARGS__); \
141 #define ISCSI_SESSION_WARN(S, X, ...) \
144 printf("WARNING: %s (%s): " X "\n", \
145 S->is_conf.isc_target_addr, \
146 S->is_conf.isc_target, ## __VA_ARGS__); \
150 #define ISCSI_SESSION_LOCK(X) mtx_lock(&X->is_lock)
151 #define ISCSI_SESSION_UNLOCK(X) mtx_unlock(&X->is_lock)
152 #define ISCSI_SESSION_LOCK_ASSERT(X) mtx_assert(&X->is_lock, MA_OWNED)
153 #define ISCSI_SESSION_LOCK_ASSERT_NOT(X) mtx_assert(&X->is_lock, MA_NOTOWNED)
155 static int iscsi_ioctl(struct cdev *dev, u_long cmd, caddr_t arg,
156 int mode, struct thread *td);
158 static struct cdevsw iscsi_cdevsw = {
159 .d_version = D_VERSION,
160 .d_ioctl = iscsi_ioctl,
164 static void iscsi_pdu_queue_locked(struct icl_pdu *request);
165 static void iscsi_pdu_queue(struct icl_pdu *request);
166 static void iscsi_pdu_update_statsn(const struct icl_pdu *response);
167 static void iscsi_pdu_handle_nop_in(struct icl_pdu *response);
168 static void iscsi_pdu_handle_scsi_response(struct icl_pdu *response);
169 static void iscsi_pdu_handle_task_response(struct icl_pdu *response);
170 static void iscsi_pdu_handle_data_in(struct icl_pdu *response);
171 static void iscsi_pdu_handle_logout_response(struct icl_pdu *response);
172 static void iscsi_pdu_handle_r2t(struct icl_pdu *response);
173 static void iscsi_pdu_handle_async_message(struct icl_pdu *response);
174 static void iscsi_pdu_handle_reject(struct icl_pdu *response);
175 static void iscsi_session_reconnect(struct iscsi_session *is);
176 static void iscsi_session_terminate(struct iscsi_session *is);
177 static void iscsi_action(struct cam_sim *sim, union ccb *ccb);
178 static struct iscsi_outstanding *iscsi_outstanding_find(struct iscsi_session *is,
179 uint32_t initiator_task_tag);
180 static struct iscsi_outstanding *iscsi_outstanding_add(struct iscsi_session *is,
181 struct icl_pdu *request, union ccb *ccb,
182 uint32_t *initiator_task_tagp);
183 static void iscsi_outstanding_remove(struct iscsi_session *is,
184 struct iscsi_outstanding *io);
187 iscsi_pdu_prepare(struct icl_pdu *request)
189 struct iscsi_session *is;
190 struct iscsi_bhs_scsi_command *bhssc;
192 is = PDU_SESSION(request);
194 ISCSI_SESSION_LOCK_ASSERT(is);
197 * We're only using fields common for all the request
198 * (initiator -> target) PDUs.
200 bhssc = (struct iscsi_bhs_scsi_command *)request->ip_bhs;
203 * Data-Out PDU does not contain CmdSN.
205 if (bhssc->bhssc_opcode != ISCSI_BHS_OPCODE_SCSI_DATA_OUT) {
206 if (ISCSI_SNGT(is->is_cmdsn, is->is_maxcmdsn) &&
207 (bhssc->bhssc_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0) {
209 * Current MaxCmdSN prevents us from sending any more
210 * SCSI Command PDUs to the target; postpone the PDU.
211 * It will get resent by either iscsi_pdu_queue(),
212 * or by maintenance thread.
215 ISCSI_SESSION_DEBUG(is, "postponing send, CmdSN %u, "
216 "ExpCmdSN %u, MaxCmdSN %u, opcode 0x%x",
217 is->is_cmdsn, is->is_expcmdsn, is->is_maxcmdsn,
218 bhssc->bhssc_opcode);
222 bhssc->bhssc_cmdsn = htonl(is->is_cmdsn);
223 if ((bhssc->bhssc_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0)
226 bhssc->bhssc_expstatsn = htonl(is->is_statsn + 1);
232 iscsi_session_send_postponed(struct iscsi_session *is)
234 struct icl_pdu *request;
237 ISCSI_SESSION_LOCK_ASSERT(is);
239 if (STAILQ_EMPTY(&is->is_postponed))
241 while ((request = STAILQ_FIRST(&is->is_postponed)) != NULL) {
242 postpone = iscsi_pdu_prepare(request);
245 STAILQ_REMOVE_HEAD(&is->is_postponed, ip_next);
246 icl_pdu_queue(request);
248 xpt_release_simq(is->is_sim, 1);
252 iscsi_pdu_queue_locked(struct icl_pdu *request)
254 struct iscsi_session *is;
257 is = PDU_SESSION(request);
258 ISCSI_SESSION_LOCK_ASSERT(is);
259 iscsi_session_send_postponed(is);
260 postpone = iscsi_pdu_prepare(request);
262 if (STAILQ_EMPTY(&is->is_postponed))
263 xpt_freeze_simq(is->is_sim, 1);
264 STAILQ_INSERT_TAIL(&is->is_postponed, request, ip_next);
267 icl_pdu_queue(request);
271 iscsi_pdu_queue(struct icl_pdu *request)
273 struct iscsi_session *is;
275 is = PDU_SESSION(request);
276 ISCSI_SESSION_LOCK(is);
277 iscsi_pdu_queue_locked(request);
278 ISCSI_SESSION_UNLOCK(is);
282 iscsi_session_logout(struct iscsi_session *is)
284 struct icl_pdu *request;
285 struct iscsi_bhs_logout_request *bhslr;
287 request = icl_pdu_new(is->is_conn, M_NOWAIT);
291 bhslr = (struct iscsi_bhs_logout_request *)request->ip_bhs;
292 bhslr->bhslr_opcode = ISCSI_BHS_OPCODE_LOGOUT_REQUEST;
293 bhslr->bhslr_reason = BHSLR_REASON_CLOSE_SESSION;
294 iscsi_pdu_queue_locked(request);
298 iscsi_session_terminate_task(struct iscsi_session *is,
299 struct iscsi_outstanding *io, cam_status status)
302 ISCSI_SESSION_LOCK_ASSERT(is);
304 if (io->io_ccb != NULL) {
305 io->io_ccb->ccb_h.status &= ~(CAM_SIM_QUEUED | CAM_STATUS_MASK);
306 io->io_ccb->ccb_h.status |= status;
307 if ((io->io_ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
308 io->io_ccb->ccb_h.status |= CAM_DEV_QFRZN;
309 xpt_freeze_devq(io->io_ccb->ccb_h.path, 1);
310 ISCSI_SESSION_DEBUG(is, "freezing devq");
312 xpt_done(io->io_ccb);
314 iscsi_outstanding_remove(is, io);
318 iscsi_session_terminate_tasks(struct iscsi_session *is, cam_status status)
320 struct iscsi_outstanding *io, *tmp;
322 ISCSI_SESSION_LOCK_ASSERT(is);
324 TAILQ_FOREACH_SAFE(io, &is->is_outstanding, io_next, tmp) {
325 iscsi_session_terminate_task(is, io, status);
330 iscsi_session_cleanup(struct iscsi_session *is, bool destroy_sim)
334 ISCSI_SESSION_LOCK_ASSERT(is);
337 * Don't queue any new PDUs.
339 if (is->is_sim != NULL && is->is_simq_frozen == false) {
340 ISCSI_SESSION_DEBUG(is, "freezing");
341 xpt_freeze_simq(is->is_sim, 1);
342 is->is_simq_frozen = true;
346 * Remove postponed PDUs.
348 if (!STAILQ_EMPTY(&is->is_postponed))
349 xpt_release_simq(is->is_sim, 1);
350 while ((pdu = STAILQ_FIRST(&is->is_postponed)) != NULL) {
351 STAILQ_REMOVE_HEAD(&is->is_postponed, ip_next);
355 if (destroy_sim == false) {
357 * Terminate SCSI tasks, asking CAM to requeue them.
359 iscsi_session_terminate_tasks(is, CAM_REQUEUE_REQ);
363 iscsi_session_terminate_tasks(is, CAM_DEV_NOT_THERE);
365 if (is->is_sim == NULL)
368 ISCSI_SESSION_DEBUG(is, "deregistering SIM");
369 xpt_async(AC_LOST_DEVICE, is->is_path, NULL);
371 if (is->is_simq_frozen) {
372 is->is_simq_frozen = false;
373 xpt_release_simq(is->is_sim, 1);
376 xpt_free_path(is->is_path);
378 xpt_bus_deregister(cam_sim_path(is->is_sim));
379 cam_sim_free(is->is_sim, TRUE /*free_devq*/);
385 iscsi_maintenance_thread_reconnect(struct iscsi_session *is)
388 * As we will be reconnecting shortly,
389 * discard outstanding data immediately on
390 * close(), also notify peer via RST if
391 * any packets come in.
394 so = is->is_conn->ic_socket;
398 sopt.sopt_dir = SOPT_SET;
399 sopt.sopt_level = SOL_SOCKET;
400 sopt.sopt_name = SO_LINGER;
402 sopt.sopt_valsize = sizeof(sl);
403 sl.l_onoff = 1; /* non-zero value enables linger option in kernel */
404 sl.l_linger = 0; /* timeout interval in seconds */
405 sosetopt(is->is_conn->ic_socket, &sopt);
408 icl_conn_close(is->is_conn);
410 ISCSI_SESSION_LOCK(is);
412 is->is_connected = false;
413 is->is_reconnecting = false;
414 is->is_login_phase = false;
416 #ifdef ICL_KERNEL_PROXY
417 if (is->is_login_pdu != NULL) {
418 icl_pdu_free(is->is_login_pdu);
419 is->is_login_pdu = NULL;
421 cv_signal(&is->is_login_cv);
424 if (fail_on_disconnection) {
425 ISCSI_SESSION_DEBUG(is, "connection failed, destroying devices");
426 iscsi_session_cleanup(is, true);
428 iscsi_session_cleanup(is, false);
431 KASSERT(TAILQ_EMPTY(&is->is_outstanding),
432 ("destroying session with active tasks"));
433 KASSERT(STAILQ_EMPTY(&is->is_postponed),
434 ("destroying session with postponed PDUs"));
436 if (is->is_conf.isc_enable == 0 && is->is_conf.isc_discovery == 0) {
437 ISCSI_SESSION_UNLOCK(is);
442 * Request immediate reconnection from iscsid(8).
444 //ISCSI_SESSION_DEBUG(is, "waking up iscsid(8)");
445 is->is_waiting_for_iscsid = true;
446 strlcpy(is->is_reason, "Waiting for iscsid(8)", sizeof(is->is_reason));
448 ISCSI_SESSION_UNLOCK(is);
449 cv_signal(&is->is_softc->sc_cv);
453 iscsi_maintenance_thread_terminate(struct iscsi_session *is)
455 struct iscsi_softc *sc;
458 sx_xlock(&sc->sc_lock);
459 TAILQ_REMOVE(&sc->sc_sessions, is, is_next);
460 sx_xunlock(&sc->sc_lock);
462 icl_conn_close(is->is_conn);
463 callout_drain(&is->is_callout);
465 ISCSI_SESSION_LOCK(is);
467 KASSERT(is->is_terminating, ("is_terminating == false"));
469 #ifdef ICL_KERNEL_PROXY
470 if (is->is_login_pdu != NULL) {
471 icl_pdu_free(is->is_login_pdu);
472 is->is_login_pdu = NULL;
474 cv_signal(&is->is_login_cv);
477 iscsi_session_cleanup(is, true);
479 KASSERT(TAILQ_EMPTY(&is->is_outstanding),
480 ("destroying session with active tasks"));
481 KASSERT(STAILQ_EMPTY(&is->is_postponed),
482 ("destroying session with postponed PDUs"));
484 ISCSI_SESSION_UNLOCK(is);
486 icl_conn_free(is->is_conn);
487 mtx_destroy(&is->is_lock);
488 cv_destroy(&is->is_maintenance_cv);
489 #ifdef ICL_KERNEL_PROXY
490 cv_destroy(&is->is_login_cv);
493 ISCSI_SESSION_DEBUG(is, "terminated");
497 * The iscsi_unload() routine might be waiting.
499 cv_signal(&sc->sc_cv);
503 iscsi_maintenance_thread(void *arg)
505 struct iscsi_session *is = arg;
507 ISCSI_SESSION_LOCK(is);
509 if (is->is_reconnecting == false &&
510 is->is_terminating == false &&
511 (STAILQ_EMPTY(&is->is_postponed) ||
512 ISCSI_SNGT(is->is_cmdsn, is->is_maxcmdsn)))
513 cv_wait(&is->is_maintenance_cv, &is->is_lock);
515 /* Terminate supersedes reconnect. */
516 if (is->is_terminating) {
517 ISCSI_SESSION_UNLOCK(is);
518 iscsi_maintenance_thread_terminate(is);
523 if (is->is_reconnecting) {
524 ISCSI_SESSION_UNLOCK(is);
525 iscsi_maintenance_thread_reconnect(is);
526 ISCSI_SESSION_LOCK(is);
530 iscsi_session_send_postponed(is);
532 ISCSI_SESSION_UNLOCK(is);
536 iscsi_session_reconnect(struct iscsi_session *is)
540 * XXX: We can't use locking here, because
541 * it's being called from various contexts.
542 * Hope it doesn't break anything.
544 if (is->is_reconnecting)
547 is->is_reconnecting = true;
548 cv_signal(&is->is_maintenance_cv);
552 iscsi_session_terminate(struct iscsi_session *is)
555 if (is->is_terminating)
558 is->is_terminating = true;
561 iscsi_session_logout(is);
563 cv_signal(&is->is_maintenance_cv);
567 iscsi_callout(void *context)
569 struct icl_pdu *request;
570 struct iscsi_bhs_nop_out *bhsno;
571 struct iscsi_session *is;
572 bool reconnect_needed = false;
577 ISCSI_SESSION_LOCK(is);
578 if (is->is_terminating) {
579 ISCSI_SESSION_UNLOCK(is);
585 callout_schedule_sbt(&is->is_callout, sbt, pr, 0);
587 if (is->is_conf.isc_enable == 0)
592 if (is->is_waiting_for_iscsid) {
593 if (iscsid_timeout > 0 && is->is_timeout > iscsid_timeout) {
594 ISCSI_SESSION_WARN(is, "timed out waiting for iscsid(8) "
595 "for %d seconds; reconnecting",
597 reconnect_needed = true;
602 if (is->is_login_phase) {
603 if (is->is_login_timeout > 0 && is->is_timeout > is->is_login_timeout) {
604 ISCSI_SESSION_WARN(is, "login timed out after %d seconds; "
605 "reconnecting", is->is_timeout);
606 reconnect_needed = true;
611 if (is->is_ping_timeout <= 0) {
613 * Pings are disabled. Don't send NOP-Out in this case.
614 * Reset the timeout, to avoid triggering reconnection,
615 * should the user decide to reenable them.
621 if (is->is_timeout >= is->is_ping_timeout) {
622 ISCSI_SESSION_WARN(is, "no ping reply (NOP-In) after %d seconds; "
623 "reconnecting", is->is_ping_timeout);
624 reconnect_needed = true;
628 ISCSI_SESSION_UNLOCK(is);
631 * If the ping was reset less than one second ago - which means
632 * that we've received some PDU during the last second - assume
633 * the traffic flows correctly and don't bother sending a NOP-Out.
635 * (It's 2 - one for one second, and one for incrementing is_timeout
636 * earlier in this routine.)
638 if (is->is_timeout < 2)
641 request = icl_pdu_new(is->is_conn, M_NOWAIT);
642 if (request == NULL) {
643 ISCSI_SESSION_WARN(is, "failed to allocate PDU");
646 bhsno = (struct iscsi_bhs_nop_out *)request->ip_bhs;
647 bhsno->bhsno_opcode = ISCSI_BHS_OPCODE_NOP_OUT |
648 ISCSI_BHS_OPCODE_IMMEDIATE;
649 bhsno->bhsno_flags = 0x80;
650 bhsno->bhsno_target_transfer_tag = 0xffffffff;
651 iscsi_pdu_queue(request);
655 if (is->is_terminating) {
656 ISCSI_SESSION_UNLOCK(is);
660 ISCSI_SESSION_UNLOCK(is);
662 if (reconnect_needed)
663 iscsi_session_reconnect(is);
667 iscsi_pdu_update_statsn(const struct icl_pdu *response)
669 const struct iscsi_bhs_data_in *bhsdi;
670 struct iscsi_session *is;
671 uint32_t expcmdsn, maxcmdsn, statsn;
673 is = PDU_SESSION(response);
675 ISCSI_SESSION_LOCK_ASSERT(is);
678 * We're only using fields common for all the response
679 * (target -> initiator) PDUs.
681 bhsdi = (const struct iscsi_bhs_data_in *)response->ip_bhs;
683 * Ok, I lied. In case of Data-In, "The fields StatSN, Status,
684 * and Residual Count only have meaningful content if the S bit
685 * is set to 1", so we also need to check the bit specific for
688 if (bhsdi->bhsdi_opcode != ISCSI_BHS_OPCODE_SCSI_DATA_IN ||
689 (bhsdi->bhsdi_flags & BHSDI_FLAGS_S) != 0) {
690 statsn = ntohl(bhsdi->bhsdi_statsn);
691 if (statsn != is->is_statsn && statsn != (is->is_statsn + 1)) {
692 /* XXX: This is normal situation for MCS */
693 ISCSI_SESSION_WARN(is, "PDU 0x%x StatSN %u != "
694 "session ExpStatSN %u (or + 1); reconnecting",
695 bhsdi->bhsdi_opcode, statsn, is->is_statsn);
696 iscsi_session_reconnect(is);
698 if (ISCSI_SNGT(statsn, is->is_statsn))
699 is->is_statsn = statsn;
702 expcmdsn = ntohl(bhsdi->bhsdi_expcmdsn);
703 maxcmdsn = ntohl(bhsdi->bhsdi_maxcmdsn);
705 if (ISCSI_SNLT(maxcmdsn + 1, expcmdsn)) {
706 ISCSI_SESSION_DEBUG(is,
707 "PDU MaxCmdSN %u + 1 < PDU ExpCmdSN %u; ignoring",
710 if (ISCSI_SNGT(maxcmdsn, is->is_maxcmdsn)) {
711 is->is_maxcmdsn = maxcmdsn;
714 * Command window increased; kick the maintanance thread
715 * to send out postponed commands.
717 if (!STAILQ_EMPTY(&is->is_postponed))
718 cv_signal(&is->is_maintenance_cv);
719 } else if (ISCSI_SNLT(maxcmdsn, is->is_maxcmdsn)) {
720 /* XXX: This is normal situation for MCS */
721 ISCSI_SESSION_DEBUG(is,
722 "PDU MaxCmdSN %u < session MaxCmdSN %u; ignoring",
723 maxcmdsn, is->is_maxcmdsn);
726 if (ISCSI_SNGT(expcmdsn, is->is_expcmdsn)) {
727 is->is_expcmdsn = expcmdsn;
728 } else if (ISCSI_SNLT(expcmdsn, is->is_expcmdsn)) {
729 /* XXX: This is normal situation for MCS */
730 ISCSI_SESSION_DEBUG(is,
731 "PDU ExpCmdSN %u < session ExpCmdSN %u; ignoring",
732 expcmdsn, is->is_expcmdsn);
737 * Every incoming PDU - not just NOP-In - resets the ping timer.
738 * The purpose of the timeout is to reset the connection when it stalls;
739 * we don't want this to happen when NOP-In or NOP-Out ends up delayed
746 iscsi_receive_callback(struct icl_pdu *response)
748 struct iscsi_session *is;
750 is = PDU_SESSION(response);
752 ISCSI_SESSION_LOCK(is);
754 iscsi_pdu_update_statsn(response);
756 #ifdef ICL_KERNEL_PROXY
757 if (is->is_login_phase) {
758 if (is->is_login_pdu == NULL)
759 is->is_login_pdu = response;
761 icl_pdu_free(response);
762 ISCSI_SESSION_UNLOCK(is);
763 cv_signal(&is->is_login_cv);
769 * The handling routine is responsible for freeing the PDU
770 * when it's no longer needed.
772 switch (response->ip_bhs->bhs_opcode) {
773 case ISCSI_BHS_OPCODE_NOP_IN:
774 iscsi_pdu_handle_nop_in(response);
775 ISCSI_SESSION_UNLOCK(is);
777 case ISCSI_BHS_OPCODE_SCSI_RESPONSE:
778 iscsi_pdu_handle_scsi_response(response);
779 /* Session lock dropped inside. */
780 ISCSI_SESSION_LOCK_ASSERT_NOT(is);
782 case ISCSI_BHS_OPCODE_TASK_RESPONSE:
783 iscsi_pdu_handle_task_response(response);
784 ISCSI_SESSION_UNLOCK(is);
786 case ISCSI_BHS_OPCODE_SCSI_DATA_IN:
787 iscsi_pdu_handle_data_in(response);
788 /* Session lock dropped inside. */
789 ISCSI_SESSION_LOCK_ASSERT_NOT(is);
791 case ISCSI_BHS_OPCODE_LOGOUT_RESPONSE:
792 iscsi_pdu_handle_logout_response(response);
793 ISCSI_SESSION_UNLOCK(is);
795 case ISCSI_BHS_OPCODE_R2T:
796 iscsi_pdu_handle_r2t(response);
797 ISCSI_SESSION_UNLOCK(is);
799 case ISCSI_BHS_OPCODE_ASYNC_MESSAGE:
800 iscsi_pdu_handle_async_message(response);
801 ISCSI_SESSION_UNLOCK(is);
803 case ISCSI_BHS_OPCODE_REJECT:
804 iscsi_pdu_handle_reject(response);
805 ISCSI_SESSION_UNLOCK(is);
808 ISCSI_SESSION_WARN(is, "received PDU with unsupported "
809 "opcode 0x%x; reconnecting",
810 response->ip_bhs->bhs_opcode);
811 iscsi_session_reconnect(is);
812 ISCSI_SESSION_UNLOCK(is);
813 icl_pdu_free(response);
818 iscsi_error_callback(struct icl_conn *ic)
820 struct iscsi_session *is;
822 is = CONN_SESSION(ic);
824 ISCSI_SESSION_WARN(is, "connection error; reconnecting");
825 iscsi_session_reconnect(is);
829 iscsi_pdu_handle_nop_in(struct icl_pdu *response)
831 struct iscsi_session *is;
832 struct iscsi_bhs_nop_out *bhsno;
833 struct iscsi_bhs_nop_in *bhsni;
834 struct icl_pdu *request;
839 is = PDU_SESSION(response);
840 bhsni = (struct iscsi_bhs_nop_in *)response->ip_bhs;
842 if (bhsni->bhsni_target_transfer_tag == 0xffffffff) {
844 * Nothing to do; iscsi_pdu_update_statsn() already
845 * zeroed the timeout.
847 icl_pdu_free(response);
851 datasize = icl_pdu_data_segment_length(response);
853 data = malloc(datasize, M_ISCSI, M_NOWAIT | M_ZERO);
855 ISCSI_SESSION_WARN(is, "failed to allocate memory; "
857 icl_pdu_free(response);
858 iscsi_session_reconnect(is);
861 icl_pdu_get_data(response, 0, data, datasize);
864 request = icl_pdu_new(response->ip_conn, M_NOWAIT);
865 if (request == NULL) {
866 ISCSI_SESSION_WARN(is, "failed to allocate memory; "
869 icl_pdu_free(response);
870 iscsi_session_reconnect(is);
873 bhsno = (struct iscsi_bhs_nop_out *)request->ip_bhs;
874 bhsno->bhsno_opcode = ISCSI_BHS_OPCODE_NOP_OUT |
875 ISCSI_BHS_OPCODE_IMMEDIATE;
876 bhsno->bhsno_flags = 0x80;
877 bhsno->bhsno_initiator_task_tag = 0xffffffff;
878 bhsno->bhsno_target_transfer_tag = bhsni->bhsni_target_transfer_tag;
880 error = icl_pdu_append_data(request, data, datasize, M_NOWAIT);
882 ISCSI_SESSION_WARN(is, "failed to allocate memory; "
885 icl_pdu_free(request);
886 icl_pdu_free(response);
887 iscsi_session_reconnect(is);
893 icl_pdu_free(response);
894 iscsi_pdu_queue_locked(request);
898 iscsi_pdu_handle_scsi_response(struct icl_pdu *response)
900 struct iscsi_bhs_scsi_response *bhssr;
901 struct iscsi_outstanding *io;
902 struct iscsi_session *is;
904 struct ccb_scsiio *csio;
905 size_t data_segment_len, received;
909 is = PDU_SESSION(response);
911 bhssr = (struct iscsi_bhs_scsi_response *)response->ip_bhs;
912 io = iscsi_outstanding_find(is, bhssr->bhssr_initiator_task_tag);
913 if (io == NULL || io->io_ccb == NULL) {
914 ISCSI_SESSION_WARN(is, "bad itt 0x%x", bhssr->bhssr_initiator_task_tag);
915 icl_pdu_free(response);
916 iscsi_session_reconnect(is);
917 ISCSI_SESSION_UNLOCK(is);
922 if (bhssr->bhssr_response == BHSSR_RESPONSE_COMMAND_COMPLETED) {
923 if (ntohl(bhssr->bhssr_expdatasn) != io->io_datasn) {
924 ISCSI_SESSION_WARN(is,
925 "ExpDataSN mismatch in SCSI Response (%u vs %u)",
926 ntohl(bhssr->bhssr_expdatasn), io->io_datasn);
929 * XXX: Permit an ExpDataSN of zero for errors.
931 * This doesn't conform to RFC 7143, but some
932 * targets seem to do this.
934 if (bhssr->bhssr_status != 0 &&
935 bhssr->bhssr_expdatasn == htonl(0))
938 icl_pdu_free(response);
939 iscsi_session_reconnect(is);
940 ISCSI_SESSION_UNLOCK(is);
944 if (bhssr->bhssr_expdatasn != htonl(0)) {
945 ISCSI_SESSION_WARN(is,
946 "ExpDataSN mismatch in SCSI Response (%u vs 0)",
947 ntohl(bhssr->bhssr_expdatasn));
948 icl_pdu_free(response);
949 iscsi_session_reconnect(is);
950 ISCSI_SESSION_UNLOCK(is);
957 * With iSER, after getting good response we can be sure
958 * that all the data has been successfully transferred.
960 if (is->is_conn->ic_iser) {
961 resid = ntohl(bhssr->bhssr_residual_count);
962 if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_UNDERFLOW) {
963 io->io_received = ccb->csio.dxfer_len - resid;
964 } else if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_OVERFLOW) {
965 ISCSI_SESSION_WARN(is, "overflow: target indicates %d", resid);
967 io->io_received = ccb->csio.dxfer_len;
971 received = io->io_received;
972 iscsi_outstanding_remove(is, io);
973 ISCSI_SESSION_UNLOCK(is);
975 if (bhssr->bhssr_response != BHSSR_RESPONSE_COMMAND_COMPLETED) {
976 ISCSI_SESSION_WARN(is, "service response 0x%x", bhssr->bhssr_response);
977 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
978 xpt_freeze_devq(ccb->ccb_h.path, 1);
979 ISCSI_SESSION_DEBUG(is, "freezing devq");
981 ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN;
982 } else if (bhssr->bhssr_status == 0) {
983 ccb->ccb_h.status = CAM_REQ_CMP;
985 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
986 xpt_freeze_devq(ccb->ccb_h.path, 1);
987 ISCSI_SESSION_DEBUG(is, "freezing devq");
989 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | CAM_DEV_QFRZN;
990 ccb->csio.scsi_status = bhssr->bhssr_status;
994 data_segment_len = icl_pdu_data_segment_length(response);
995 if (data_segment_len > 0) {
996 if (data_segment_len < sizeof(sense_len)) {
997 ISCSI_SESSION_WARN(is, "truncated data segment (%zd bytes)",
999 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
1000 xpt_freeze_devq(ccb->ccb_h.path, 1);
1001 ISCSI_SESSION_DEBUG(is, "freezing devq");
1003 ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN;
1006 icl_pdu_get_data(response, 0, &sense_len, sizeof(sense_len));
1007 sense_len = ntohs(sense_len);
1009 ISCSI_SESSION_DEBUG(is, "sense_len %d, data len %zd",
1010 sense_len, data_segment_len);
1012 if (sizeof(sense_len) + sense_len > data_segment_len) {
1013 ISCSI_SESSION_WARN(is, "truncated data segment "
1014 "(%zd bytes, should be %zd)",
1015 data_segment_len, sizeof(sense_len) + sense_len);
1016 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
1017 xpt_freeze_devq(ccb->ccb_h.path, 1);
1018 ISCSI_SESSION_DEBUG(is, "freezing devq");
1020 ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN;
1022 } else if (sizeof(sense_len) + sense_len < data_segment_len)
1023 ISCSI_SESSION_WARN(is, "oversize data segment "
1024 "(%zd bytes, should be %zd)",
1025 data_segment_len, sizeof(sense_len) + sense_len);
1026 if (sense_len > csio->sense_len) {
1027 ISCSI_SESSION_DEBUG(is, "truncating sense from %d to %d",
1028 sense_len, csio->sense_len);
1029 sense_len = csio->sense_len;
1031 icl_pdu_get_data(response, sizeof(sense_len), &csio->sense_data, sense_len);
1032 csio->sense_resid = csio->sense_len - sense_len;
1033 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
1037 if (bhssr->bhssr_flags & BHSSR_FLAGS_RESIDUAL_UNDERFLOW)
1038 csio->resid = ntohl(bhssr->bhssr_residual_count);
1040 if ((csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1041 KASSERT(received <= csio->dxfer_len,
1042 ("received > csio->dxfer_len"));
1043 if (received < csio->dxfer_len) {
1044 if (csio->resid != csio->dxfer_len - received) {
1045 ISCSI_SESSION_WARN(is, "underflow mismatch: "
1046 "target indicates %d, we calculated %zd",
1047 csio->resid, csio->dxfer_len - received);
1049 csio->resid = csio->dxfer_len - received;
1054 icl_pdu_free(response);
1058 iscsi_pdu_handle_task_response(struct icl_pdu *response)
1060 struct iscsi_bhs_task_management_response *bhstmr;
1061 struct iscsi_outstanding *io, *aio;
1062 struct iscsi_session *is;
1064 is = PDU_SESSION(response);
1066 bhstmr = (struct iscsi_bhs_task_management_response *)response->ip_bhs;
1067 io = iscsi_outstanding_find(is, bhstmr->bhstmr_initiator_task_tag);
1068 if (io == NULL || io->io_ccb != NULL) {
1069 ISCSI_SESSION_WARN(is, "bad itt 0x%x",
1070 bhstmr->bhstmr_initiator_task_tag);
1071 icl_pdu_free(response);
1072 iscsi_session_reconnect(is);
1076 if (bhstmr->bhstmr_response != BHSTMR_RESPONSE_FUNCTION_COMPLETE) {
1077 ISCSI_SESSION_WARN(is, "task response 0x%x",
1078 bhstmr->bhstmr_response);
1080 aio = iscsi_outstanding_find(is, io->io_referenced_task_tag);
1081 if (aio != NULL && aio->io_ccb != NULL)
1082 iscsi_session_terminate_task(is, aio, CAM_REQ_ABORTED);
1085 iscsi_outstanding_remove(is, io);
1086 icl_pdu_free(response);
1090 iscsi_pdu_get_data_csio(struct icl_pdu *response, size_t pdu_offset,
1091 struct ccb_scsiio *csio, size_t oreceived, size_t data_segment_len)
1093 switch (csio->ccb_h.flags & CAM_DATA_MASK) {
1095 icl_pdu_get_bio(response, pdu_offset,
1096 (struct bio *)csio->data_ptr, oreceived, data_segment_len);
1098 case CAM_DATA_VADDR:
1099 icl_pdu_get_data(response, pdu_offset,
1100 csio->data_ptr + oreceived, data_segment_len);
1103 __assert_unreachable();
1108 iscsi_pdu_handle_data_in(struct icl_pdu *response)
1110 struct iscsi_bhs_data_in *bhsdi;
1111 struct iscsi_outstanding *io;
1112 struct iscsi_session *is;
1114 struct ccb_scsiio *csio;
1115 size_t data_segment_len, received, oreceived;
1117 is = PDU_SESSION(response);
1118 bhsdi = (struct iscsi_bhs_data_in *)response->ip_bhs;
1119 io = iscsi_outstanding_find(is, bhsdi->bhsdi_initiator_task_tag);
1120 if (io == NULL || io->io_ccb == NULL) {
1121 ISCSI_SESSION_WARN(is, "bad itt 0x%x", bhsdi->bhsdi_initiator_task_tag);
1122 icl_pdu_free(response);
1123 iscsi_session_reconnect(is);
1124 ISCSI_SESSION_UNLOCK(is);
1128 if (io->io_datasn != ntohl(bhsdi->bhsdi_datasn)) {
1129 ISCSI_SESSION_WARN(is, "received Data-In PDU with "
1130 "DataSN %u, while expected %u; dropping connection",
1131 ntohl(bhsdi->bhsdi_datasn), io->io_datasn);
1132 icl_pdu_free(response);
1133 iscsi_session_reconnect(is);
1134 ISCSI_SESSION_UNLOCK(is);
1137 io->io_datasn += response->ip_additional_pdus + 1;
1139 data_segment_len = icl_pdu_data_segment_length(response);
1140 if (data_segment_len == 0) {
1142 * "The sending of 0 length data segments should be avoided,
1143 * but initiators and targets MUST be able to properly receive
1144 * 0 length data segments."
1146 ISCSI_SESSION_UNLOCK(is);
1147 icl_pdu_free(response);
1152 * We need to track this for security reasons - without it, malicious target
1153 * could respond to SCSI READ without sending Data-In PDUs, which would result
1154 * in read operation on the initiator side returning random kernel data.
1156 if (ntohl(bhsdi->bhsdi_buffer_offset) != io->io_received) {
1157 ISCSI_SESSION_WARN(is, "data out of order; expected offset %zd, got %zd",
1158 io->io_received, (size_t)ntohl(bhsdi->bhsdi_buffer_offset));
1159 icl_pdu_free(response);
1160 iscsi_session_reconnect(is);
1161 ISCSI_SESSION_UNLOCK(is);
1168 if (io->io_received + data_segment_len > csio->dxfer_len) {
1169 ISCSI_SESSION_WARN(is, "oversize data segment (%zd bytes "
1170 "at offset %zd, buffer is %d)",
1171 data_segment_len, io->io_received, csio->dxfer_len);
1172 icl_pdu_free(response);
1173 iscsi_session_reconnect(is);
1174 ISCSI_SESSION_UNLOCK(is);
1178 oreceived = io->io_received;
1179 io->io_received += data_segment_len;
1180 received = io->io_received;
1181 if ((bhsdi->bhsdi_flags & BHSDI_FLAGS_S) != 0)
1182 iscsi_outstanding_remove(is, io);
1183 ISCSI_SESSION_UNLOCK(is);
1185 iscsi_pdu_get_data_csio(response, 0, csio, oreceived, data_segment_len);
1190 if ((bhsdi->bhsdi_flags & BHSDI_FLAGS_S) == 0) {
1192 * Nothing more to do.
1194 icl_pdu_free(response);
1198 //ISCSI_SESSION_DEBUG(is, "got S flag; status 0x%x", bhsdi->bhsdi_status);
1199 if (bhsdi->bhsdi_status == 0) {
1200 ccb->ccb_h.status = CAM_REQ_CMP;
1202 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
1203 xpt_freeze_devq(ccb->ccb_h.path, 1);
1204 ISCSI_SESSION_DEBUG(is, "freezing devq");
1206 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | CAM_DEV_QFRZN;
1207 csio->scsi_status = bhsdi->bhsdi_status;
1210 if ((csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1211 KASSERT(received <= csio->dxfer_len,
1212 ("received > csio->dxfer_len"));
1213 if (received < csio->dxfer_len) {
1214 csio->resid = ntohl(bhsdi->bhsdi_residual_count);
1215 if (csio->resid != csio->dxfer_len - received) {
1216 ISCSI_SESSION_WARN(is, "underflow mismatch: "
1217 "target indicates %d, we calculated %zd",
1218 csio->resid, csio->dxfer_len - received);
1220 csio->resid = csio->dxfer_len - received;
1225 icl_pdu_free(response);
1229 iscsi_pdu_handle_logout_response(struct icl_pdu *response)
1232 ISCSI_SESSION_DEBUG(PDU_SESSION(response), "logout response");
1233 icl_pdu_free(response);
1237 iscsi_pdu_append_data_csio(struct icl_pdu *request, struct ccb_scsiio *csio,
1238 size_t off, size_t len, int how)
1240 switch (csio->ccb_h.flags & CAM_DATA_MASK) {
1242 return (icl_pdu_append_bio(request,
1243 (struct bio *)csio->data_ptr, off, len, how));
1244 case CAM_DATA_VADDR:
1245 return (icl_pdu_append_data(request, csio->data_ptr + off, len,
1248 __assert_unreachable();
1253 iscsi_pdu_handle_r2t(struct icl_pdu *response)
1255 struct icl_pdu *request;
1256 struct iscsi_session *is;
1257 struct iscsi_bhs_r2t *bhsr2t;
1258 struct iscsi_bhs_data_out *bhsdo;
1259 struct iscsi_outstanding *io;
1260 struct ccb_scsiio *csio;
1261 size_t off, len, max_send_data_segment_length, total_len;
1263 uint32_t datasn = 0;
1265 is = PDU_SESSION(response);
1267 bhsr2t = (struct iscsi_bhs_r2t *)response->ip_bhs;
1268 io = iscsi_outstanding_find(is, bhsr2t->bhsr2t_initiator_task_tag);
1269 if (io == NULL || io->io_ccb == NULL) {
1270 ISCSI_SESSION_WARN(is, "bad itt 0x%x; reconnecting",
1271 bhsr2t->bhsr2t_initiator_task_tag);
1272 icl_pdu_free(response);
1273 iscsi_session_reconnect(is);
1277 csio = &io->io_ccb->csio;
1279 if ((csio->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_OUT) {
1280 ISCSI_SESSION_WARN(is, "received R2T for read command; reconnecting");
1281 icl_pdu_free(response);
1282 iscsi_session_reconnect(is);
1287 * XXX: Verify R2TSN.
1290 off = ntohl(bhsr2t->bhsr2t_buffer_offset);
1291 if (off > csio->dxfer_len) {
1292 ISCSI_SESSION_WARN(is, "target requested invalid offset "
1293 "%zd, buffer is %d; reconnecting", off, csio->dxfer_len);
1294 icl_pdu_free(response);
1295 iscsi_session_reconnect(is);
1299 total_len = ntohl(bhsr2t->bhsr2t_desired_data_transfer_length);
1300 if (total_len == 0 || total_len > csio->dxfer_len) {
1301 ISCSI_SESSION_WARN(is, "target requested invalid length "
1302 "%zd, buffer is %d; reconnecting", total_len, csio->dxfer_len);
1303 icl_pdu_free(response);
1304 iscsi_session_reconnect(is);
1308 //ISCSI_SESSION_DEBUG(is, "r2t; off %zd, len %zd", off, total_len);
1310 if (is->is_conn->ic_hw_isomax != 0)
1311 max_send_data_segment_length = is->is_conn->ic_hw_isomax;
1313 max_send_data_segment_length =
1314 is->is_conn->ic_max_send_data_segment_length;
1318 if (len > max_send_data_segment_length)
1319 len = max_send_data_segment_length;
1321 if (off + len > csio->dxfer_len) {
1322 ISCSI_SESSION_WARN(is, "target requested invalid "
1323 "length/offset %zd, buffer is %d; reconnecting",
1324 off + len, csio->dxfer_len);
1325 icl_pdu_free(response);
1326 iscsi_session_reconnect(is);
1330 request = icl_pdu_new(response->ip_conn, M_NOWAIT);
1331 if (request == NULL) {
1332 icl_pdu_free(response);
1333 iscsi_session_reconnect(is);
1337 bhsdo = (struct iscsi_bhs_data_out *)request->ip_bhs;
1338 bhsdo->bhsdo_opcode = ISCSI_BHS_OPCODE_SCSI_DATA_OUT;
1339 bhsdo->bhsdo_lun = bhsr2t->bhsr2t_lun;
1340 bhsdo->bhsdo_initiator_task_tag =
1341 bhsr2t->bhsr2t_initiator_task_tag;
1342 bhsdo->bhsdo_target_transfer_tag =
1343 bhsr2t->bhsr2t_target_transfer_tag;
1344 bhsdo->bhsdo_datasn = htonl(datasn);
1345 bhsdo->bhsdo_buffer_offset = htonl(off);
1346 error = iscsi_pdu_append_data_csio(request, csio, off, len,
1347 M_NOWAIT | ICL_NOCOPY);
1349 ISCSI_SESSION_WARN(is, "failed to allocate memory; "
1351 icl_pdu_free(request);
1352 icl_pdu_free(response);
1353 iscsi_session_reconnect(is);
1357 datasn += howmany(len,
1358 is->is_conn->ic_max_send_data_segment_length);
1362 if (total_len == 0) {
1363 bhsdo->bhsdo_flags |= BHSDO_FLAGS_F;
1364 //ISCSI_SESSION_DEBUG(is, "setting F, off %zd", off);
1366 //ISCSI_SESSION_DEBUG(is, "not finished, off %zd", off);
1369 iscsi_pdu_queue_locked(request);
1375 icl_pdu_free(response);
1379 iscsi_pdu_handle_async_message(struct icl_pdu *response)
1381 struct iscsi_bhs_asynchronous_message *bhsam;
1382 struct iscsi_session *is;
1384 is = PDU_SESSION(response);
1385 bhsam = (struct iscsi_bhs_asynchronous_message *)response->ip_bhs;
1386 switch (bhsam->bhsam_async_event) {
1387 case BHSAM_EVENT_TARGET_REQUESTS_LOGOUT:
1388 ISCSI_SESSION_WARN(is, "target requests logout; removing session");
1389 iscsi_session_logout(is);
1390 iscsi_session_terminate(is);
1392 case BHSAM_EVENT_TARGET_TERMINATES_CONNECTION:
1393 ISCSI_SESSION_WARN(is, "target indicates it will drop the connection");
1395 case BHSAM_EVENT_TARGET_TERMINATES_SESSION:
1396 ISCSI_SESSION_WARN(is, "target indicates it will drop the session");
1400 * XXX: Technically, we're obligated to also handle
1401 * parameter renegotiation.
1403 ISCSI_SESSION_WARN(is, "ignoring AsyncEvent %d", bhsam->bhsam_async_event);
1407 icl_pdu_free(response);
1411 iscsi_pdu_handle_reject(struct icl_pdu *response)
1413 struct iscsi_bhs_reject *bhsr;
1414 struct iscsi_session *is;
1416 is = PDU_SESSION(response);
1417 bhsr = (struct iscsi_bhs_reject *)response->ip_bhs;
1418 ISCSI_SESSION_WARN(is, "received Reject PDU, reason 0x%x; protocol error?",
1421 icl_pdu_free(response);
1425 iscsi_ioctl_daemon_wait(struct iscsi_softc *sc,
1426 struct iscsi_daemon_request *request)
1428 struct iscsi_session *is;
1429 struct icl_drv_limits idl;
1432 sx_slock(&sc->sc_lock);
1434 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
1435 ISCSI_SESSION_LOCK(is);
1436 if (is->is_conf.isc_enable == 0 &&
1437 is->is_conf.isc_discovery == 0) {
1438 ISCSI_SESSION_UNLOCK(is);
1441 if (is->is_waiting_for_iscsid)
1443 ISCSI_SESSION_UNLOCK(is);
1447 if (sc->sc_unloading) {
1448 sx_sunlock(&sc->sc_lock);
1453 * No session requires attention from iscsid(8); wait.
1455 error = cv_wait_sig(&sc->sc_cv, &sc->sc_lock);
1457 sx_sunlock(&sc->sc_lock);
1463 is->is_waiting_for_iscsid = false;
1464 is->is_login_phase = true;
1465 is->is_reason[0] = '\0';
1466 ISCSI_SESSION_UNLOCK(is);
1468 request->idr_session_id = is->is_id;
1469 memcpy(&request->idr_isid, &is->is_isid,
1470 sizeof(request->idr_isid));
1471 request->idr_tsih = 0; /* New or reinstated session. */
1472 memcpy(&request->idr_conf, &is->is_conf,
1473 sizeof(request->idr_conf));
1475 error = icl_limits(is->is_conf.isc_offload,
1476 is->is_conf.isc_iser, &idl);
1478 ISCSI_SESSION_WARN(is, "icl_limits for offload \"%s\" "
1479 "failed with error %d", is->is_conf.isc_offload,
1481 sx_sunlock(&sc->sc_lock);
1484 request->idr_limits.isl_max_recv_data_segment_length =
1485 idl.idl_max_recv_data_segment_length;
1486 request->idr_limits.isl_max_send_data_segment_length =
1487 idl.idl_max_send_data_segment_length;
1488 request->idr_limits.isl_max_burst_length =
1489 idl.idl_max_burst_length;
1490 request->idr_limits.isl_first_burst_length =
1491 idl.idl_first_burst_length;
1493 sx_sunlock(&sc->sc_lock);
1499 iscsi_ioctl_daemon_handoff(struct iscsi_softc *sc,
1500 struct iscsi_daemon_handoff *handoff)
1502 struct iscsi_session *is;
1503 struct icl_conn *ic;
1506 sx_slock(&sc->sc_lock);
1509 * Find the session to hand off socket to.
1511 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
1512 if (is->is_id == handoff->idh_session_id)
1516 sx_sunlock(&sc->sc_lock);
1519 ISCSI_SESSION_LOCK(is);
1521 if (is->is_conf.isc_discovery || is->is_terminating) {
1522 ISCSI_SESSION_UNLOCK(is);
1523 sx_sunlock(&sc->sc_lock);
1526 if (is->is_connected) {
1528 * This might have happened because another iscsid(8)
1529 * instance handed off the connection in the meantime.
1532 ISCSI_SESSION_WARN(is, "handoff on already connected "
1534 ISCSI_SESSION_UNLOCK(is);
1535 sx_sunlock(&sc->sc_lock);
1539 strlcpy(is->is_target_alias, handoff->idh_target_alias,
1540 sizeof(is->is_target_alias));
1541 is->is_tsih = handoff->idh_tsih;
1542 is->is_statsn = handoff->idh_statsn;
1543 is->is_protocol_level = handoff->idh_protocol_level;
1544 is->is_initial_r2t = handoff->idh_initial_r2t;
1545 is->is_immediate_data = handoff->idh_immediate_data;
1547 ic->ic_max_recv_data_segment_length =
1548 handoff->idh_max_recv_data_segment_length;
1549 ic->ic_max_send_data_segment_length =
1550 handoff->idh_max_send_data_segment_length;
1551 is->is_max_burst_length = handoff->idh_max_burst_length;
1552 is->is_first_burst_length = handoff->idh_first_burst_length;
1554 if (handoff->idh_header_digest == ISCSI_DIGEST_CRC32C)
1555 ic->ic_header_crc32c = true;
1557 ic->ic_header_crc32c = false;
1558 if (handoff->idh_data_digest == ISCSI_DIGEST_CRC32C)
1559 ic->ic_data_crc32c = true;
1561 ic->ic_data_crc32c = false;
1562 ic->ic_maxtags = maxtags;
1565 is->is_expcmdsn = 0;
1566 is->is_maxcmdsn = 0;
1567 is->is_waiting_for_iscsid = false;
1568 is->is_login_phase = false;
1570 is->is_ping_timeout = is->is_conf.isc_ping_timeout;
1571 if (is->is_ping_timeout < 0)
1572 is->is_ping_timeout = ping_timeout;
1573 is->is_login_timeout = is->is_conf.isc_login_timeout;
1574 if (is->is_login_timeout < 0)
1575 is->is_login_timeout = login_timeout;
1576 is->is_connected = true;
1577 is->is_reason[0] = '\0';
1579 ISCSI_SESSION_UNLOCK(is);
1582 * If we're going through the proxy, the idh_socket will be 0,
1583 * and the ICL module can simply ignore this call. It can also
1584 * use it to determine it's no longer in the Login phase.
1586 error = icl_conn_handoff(ic, handoff->idh_socket);
1588 sx_sunlock(&sc->sc_lock);
1589 iscsi_session_terminate(is);
1593 sx_sunlock(&sc->sc_lock);
1595 if (is->is_sim != NULL) {
1597 * When reconnecting, there already is SIM allocated for the session.
1599 KASSERT(is->is_simq_frozen, ("reconnect without frozen simq"));
1600 ISCSI_SESSION_LOCK(is);
1601 ISCSI_SESSION_DEBUG(is, "releasing");
1602 is->is_simq_frozen = false;
1603 xpt_release_simq(is->is_sim, 1);
1604 ISCSI_SESSION_UNLOCK(is);
1607 ISCSI_SESSION_LOCK(is);
1608 is->is_devq = cam_simq_alloc(ic->ic_maxtags);
1609 if (is->is_devq == NULL) {
1610 ISCSI_SESSION_UNLOCK(is);
1611 ISCSI_SESSION_WARN(is, "failed to allocate simq");
1612 iscsi_session_terminate(is);
1616 is->is_sim = cam_sim_alloc(iscsi_action, NULL, "iscsi",
1617 is, is->is_id /* unit */, &is->is_lock,
1618 1, ic->ic_maxtags, is->is_devq);
1619 if (is->is_sim == NULL) {
1620 ISCSI_SESSION_UNLOCK(is);
1621 ISCSI_SESSION_WARN(is, "failed to allocate SIM");
1622 cam_simq_free(is->is_devq);
1623 iscsi_session_terminate(is);
1627 if (xpt_bus_register(is->is_sim, NULL, 0) != 0) {
1628 ISCSI_SESSION_UNLOCK(is);
1629 ISCSI_SESSION_WARN(is, "failed to register bus");
1630 iscsi_session_terminate(is);
1634 error = xpt_create_path(&is->is_path, /*periph*/NULL,
1635 cam_sim_path(is->is_sim), CAM_TARGET_WILDCARD,
1637 if (error != CAM_REQ_CMP) {
1638 ISCSI_SESSION_UNLOCK(is);
1639 ISCSI_SESSION_WARN(is, "failed to create path");
1640 iscsi_session_terminate(is);
1643 ISCSI_SESSION_UNLOCK(is);
1650 iscsi_ioctl_daemon_fail(struct iscsi_softc *sc,
1651 struct iscsi_daemon_fail *fail)
1653 struct iscsi_session *is;
1655 sx_slock(&sc->sc_lock);
1657 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
1658 if (is->is_id == fail->idf_session_id)
1662 sx_sunlock(&sc->sc_lock);
1665 ISCSI_SESSION_LOCK(is);
1666 ISCSI_SESSION_DEBUG(is, "iscsid(8) failed: %s",
1668 strlcpy(is->is_reason, fail->idf_reason, sizeof(is->is_reason));
1669 //is->is_waiting_for_iscsid = false;
1670 //is->is_login_phase = true;
1671 //iscsi_session_reconnect(is);
1672 ISCSI_SESSION_UNLOCK(is);
1673 sx_sunlock(&sc->sc_lock);
1678 #ifdef ICL_KERNEL_PROXY
1680 iscsi_ioctl_daemon_connect(struct iscsi_softc *sc,
1681 struct iscsi_daemon_connect *idc)
1683 struct iscsi_session *is;
1684 struct sockaddr *from_sa, *to_sa;
1687 sx_slock(&sc->sc_lock);
1688 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
1689 if (is->is_id == idc->idc_session_id)
1693 sx_sunlock(&sc->sc_lock);
1696 sx_sunlock(&sc->sc_lock);
1698 if (idc->idc_from_addrlen > 0) {
1699 error = getsockaddr(&from_sa, (void *)idc->idc_from_addr, idc->idc_from_addrlen);
1701 ISCSI_SESSION_WARN(is,
1702 "getsockaddr failed with error %d", error);
1708 error = getsockaddr(&to_sa, (void *)idc->idc_to_addr, idc->idc_to_addrlen);
1710 ISCSI_SESSION_WARN(is, "getsockaddr failed with error %d",
1712 free(from_sa, M_SONAME);
1716 ISCSI_SESSION_LOCK(is);
1719 is->is_expcmdsn = 0;
1720 is->is_maxcmdsn = 0;
1721 is->is_waiting_for_iscsid = false;
1722 is->is_login_phase = true;
1724 ISCSI_SESSION_UNLOCK(is);
1726 error = icl_conn_connect(is->is_conn, idc->idc_domain,
1727 idc->idc_socktype, idc->idc_protocol, from_sa, to_sa);
1728 free(from_sa, M_SONAME);
1729 free(to_sa, M_SONAME);
1732 * Digests are always disabled during login phase.
1734 is->is_conn->ic_header_crc32c = false;
1735 is->is_conn->ic_data_crc32c = false;
1741 iscsi_ioctl_daemon_send(struct iscsi_softc *sc,
1742 struct iscsi_daemon_send *ids)
1744 struct iscsi_session *is;
1750 sx_slock(&sc->sc_lock);
1751 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
1752 if (is->is_id == ids->ids_session_id)
1756 sx_sunlock(&sc->sc_lock);
1759 sx_sunlock(&sc->sc_lock);
1761 if (is->is_login_phase == false)
1764 if (is->is_terminating || is->is_reconnecting)
1767 datalen = ids->ids_data_segment_len;
1768 if (datalen > is->is_conn->ic_max_send_data_segment_length)
1771 data = malloc(datalen, M_ISCSI, M_WAITOK);
1772 error = copyin(ids->ids_data_segment, data, datalen);
1774 free(data, M_ISCSI);
1779 ip = icl_pdu_new(is->is_conn, M_WAITOK);
1780 memcpy(ip->ip_bhs, ids->ids_bhs, sizeof(*ip->ip_bhs));
1782 error = icl_pdu_append_data(ip, data, datalen, M_WAITOK);
1783 KASSERT(error == 0, ("icl_pdu_append_data(..., M_WAITOK) failed"));
1784 free(data, M_ISCSI);
1786 iscsi_pdu_queue(ip);
1792 iscsi_ioctl_daemon_receive(struct iscsi_softc *sc,
1793 struct iscsi_daemon_receive *idr)
1795 struct iscsi_session *is;
1800 sx_slock(&sc->sc_lock);
1801 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
1802 if (is->is_id == idr->idr_session_id)
1806 sx_sunlock(&sc->sc_lock);
1809 sx_sunlock(&sc->sc_lock);
1811 if (is->is_login_phase == false)
1814 ISCSI_SESSION_LOCK(is);
1815 while (is->is_login_pdu == NULL &&
1816 is->is_terminating == false &&
1817 is->is_reconnecting == false) {
1818 error = cv_wait_sig(&is->is_login_cv, &is->is_lock);
1820 ISCSI_SESSION_UNLOCK(is);
1824 if (is->is_terminating || is->is_reconnecting) {
1825 ISCSI_SESSION_UNLOCK(is);
1828 ip = is->is_login_pdu;
1829 is->is_login_pdu = NULL;
1830 ISCSI_SESSION_UNLOCK(is);
1832 if (ip->ip_data_len > idr->idr_data_segment_len) {
1837 copyout(ip->ip_bhs, idr->idr_bhs, sizeof(*ip->ip_bhs));
1838 if (ip->ip_data_len > 0) {
1839 data = malloc(ip->ip_data_len, M_ISCSI, M_WAITOK);
1840 icl_pdu_get_data(ip, 0, data, ip->ip_data_len);
1841 copyout(data, idr->idr_data_segment, ip->ip_data_len);
1842 free(data, M_ISCSI);
1849 #endif /* ICL_KERNEL_PROXY */
1852 iscsi_sanitize_session_conf(struct iscsi_session_conf *isc)
1855 * Just make sure all the fields are null-terminated.
1857 * XXX: This is not particularly secure. We should
1858 * create our own conf and then copy in relevant
1861 isc->isc_initiator[ISCSI_NAME_LEN - 1] = '\0';
1862 isc->isc_initiator_addr[ISCSI_ADDR_LEN - 1] = '\0';
1863 isc->isc_initiator_alias[ISCSI_ALIAS_LEN - 1] = '\0';
1864 isc->isc_target[ISCSI_NAME_LEN - 1] = '\0';
1865 isc->isc_target_addr[ISCSI_ADDR_LEN - 1] = '\0';
1866 isc->isc_user[ISCSI_NAME_LEN - 1] = '\0';
1867 isc->isc_secret[ISCSI_SECRET_LEN - 1] = '\0';
1868 isc->isc_mutual_user[ISCSI_NAME_LEN - 1] = '\0';
1869 isc->isc_mutual_secret[ISCSI_SECRET_LEN - 1] = '\0';
1873 iscsi_valid_session_conf(const struct iscsi_session_conf *isc)
1876 if (isc->isc_initiator[0] == '\0') {
1877 ISCSI_DEBUG("empty isc_initiator");
1881 if (isc->isc_target_addr[0] == '\0') {
1882 ISCSI_DEBUG("empty isc_target_addr");
1886 if (isc->isc_discovery != 0 && isc->isc_target[0] != 0) {
1887 ISCSI_DEBUG("non-empty isc_target for discovery session");
1891 if (isc->isc_discovery == 0 && isc->isc_target[0] == 0) {
1892 ISCSI_DEBUG("empty isc_target for non-discovery session");
1900 iscsi_ioctl_session_add(struct iscsi_softc *sc, struct iscsi_session_add *isa)
1902 struct iscsi_session *is;
1903 const struct iscsi_session *is2;
1907 iscsi_sanitize_session_conf(&isa->isa_conf);
1908 if (iscsi_valid_session_conf(&isa->isa_conf) == false)
1911 is = malloc(sizeof(*is), M_ISCSI, M_ZERO | M_WAITOK);
1912 memcpy(&is->is_conf, &isa->isa_conf, sizeof(is->is_conf));
1914 sx_xlock(&sc->sc_lock);
1917 * Prevent duplicates.
1919 TAILQ_FOREACH(is2, &sc->sc_sessions, is_next) {
1920 if (!!is->is_conf.isc_discovery !=
1921 !!is2->is_conf.isc_discovery)
1924 if (strcmp(is->is_conf.isc_target_addr,
1925 is2->is_conf.isc_target_addr) != 0)
1928 if (is->is_conf.isc_discovery == 0 &&
1929 strcmp(is->is_conf.isc_target,
1930 is2->is_conf.isc_target) != 0)
1933 sx_xunlock(&sc->sc_lock);
1938 is->is_conn = icl_new_conn(is->is_conf.isc_offload,
1939 is->is_conf.isc_iser, "iscsi", &is->is_lock);
1940 if (is->is_conn == NULL) {
1941 sx_xunlock(&sc->sc_lock);
1945 is->is_conn->ic_receive = iscsi_receive_callback;
1946 is->is_conn->ic_error = iscsi_error_callback;
1947 is->is_conn->ic_prv0 = is;
1948 TAILQ_INIT(&is->is_outstanding);
1949 STAILQ_INIT(&is->is_postponed);
1950 mtx_init(&is->is_lock, "iscsi_lock", NULL, MTX_DEF);
1951 cv_init(&is->is_maintenance_cv, "iscsi_mt");
1952 #ifdef ICL_KERNEL_PROXY
1953 cv_init(&is->is_login_cv, "iscsi_login");
1957 * Set some default values, from RFC 3720, section 12.
1959 * These values are updated by the handoff IOCTL, but are
1960 * needed prior to the handoff to support sending the ISER
1963 is->is_conn->ic_max_recv_data_segment_length = 8192;
1964 is->is_conn->ic_max_send_data_segment_length = 8192;
1965 is->is_max_burst_length = 262144;
1966 is->is_first_burst_length = 65536;
1969 sc->sc_last_session_id++;
1970 is->is_id = sc->sc_last_session_id;
1971 is->is_isid[0] = 0x80; /* RFC 3720, 10.12.5: 10b, "Random" ISID. */
1972 arc4rand(&is->is_isid[1], 5, 0);
1974 callout_init(&is->is_callout, 1);
1976 error = kthread_add(iscsi_maintenance_thread, is, NULL, NULL, 0, 0, "iscsimt");
1978 ISCSI_SESSION_WARN(is, "kthread_add(9) failed with error %d", error);
1979 sx_xunlock(&sc->sc_lock);
1982 is->is_ping_timeout = is->is_conf.isc_ping_timeout;
1983 if (is->is_ping_timeout < 0)
1984 is->is_ping_timeout = ping_timeout;
1985 is->is_login_timeout = is->is_conf.isc_login_timeout;
1986 if (is->is_login_timeout < 0)
1987 is->is_login_timeout = login_timeout;
1991 callout_reset_sbt(&is->is_callout, sbt, pr, iscsi_callout, is, 0);
1992 TAILQ_INSERT_TAIL(&sc->sc_sessions, is, is_next);
1994 ISCSI_SESSION_LOCK(is);
1996 * Don't notify iscsid(8) if the session is disabled and it's not
1997 * a discovery session,
1999 if (is->is_conf.isc_enable == 0 && is->is_conf.isc_discovery == 0) {
2000 ISCSI_SESSION_UNLOCK(is);
2001 sx_xunlock(&sc->sc_lock);
2005 is->is_waiting_for_iscsid = true;
2006 strlcpy(is->is_reason, "Waiting for iscsid(8)", sizeof(is->is_reason));
2007 ISCSI_SESSION_UNLOCK(is);
2008 cv_signal(&sc->sc_cv);
2009 sx_xunlock(&sc->sc_lock);
2014 iscsi_session_conf_matches(unsigned int id1, const struct iscsi_session_conf *c1,
2015 unsigned int id2, const struct iscsi_session_conf *c2)
2018 if (id2 != 0 && id2 != id1)
2020 if (c2->isc_target[0] != '\0' &&
2021 strcmp(c1->isc_target, c2->isc_target) != 0)
2023 if (c2->isc_target_addr[0] != '\0' &&
2024 strcmp(c1->isc_target_addr, c2->isc_target_addr) != 0)
2030 iscsi_ioctl_session_remove(struct iscsi_softc *sc,
2031 struct iscsi_session_remove *isr)
2033 struct iscsi_session *is, *tmp;
2036 iscsi_sanitize_session_conf(&isr->isr_conf);
2038 sx_xlock(&sc->sc_lock);
2039 TAILQ_FOREACH_SAFE(is, &sc->sc_sessions, is_next, tmp) {
2040 ISCSI_SESSION_LOCK(is);
2041 if (iscsi_session_conf_matches(is->is_id, &is->is_conf,
2042 isr->isr_session_id, &isr->isr_conf)) {
2044 iscsi_session_logout(is);
2045 iscsi_session_terminate(is);
2047 ISCSI_SESSION_UNLOCK(is);
2049 sx_xunlock(&sc->sc_lock);
2058 iscsi_ioctl_session_list(struct iscsi_softc *sc, struct iscsi_session_list *isl)
2062 struct iscsi_session *is;
2063 struct iscsi_session_state iss;
2065 sx_slock(&sc->sc_lock);
2066 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
2067 if (i >= isl->isl_nentries) {
2068 sx_sunlock(&sc->sc_lock);
2071 memset(&iss, 0, sizeof(iss));
2072 memcpy(&iss.iss_conf, &is->is_conf, sizeof(iss.iss_conf));
2073 iss.iss_id = is->is_id;
2074 strlcpy(iss.iss_target_alias, is->is_target_alias, sizeof(iss.iss_target_alias));
2075 strlcpy(iss.iss_reason, is->is_reason, sizeof(iss.iss_reason));
2076 strlcpy(iss.iss_offload, is->is_conn->ic_offload, sizeof(iss.iss_offload));
2078 if (is->is_conn->ic_header_crc32c)
2079 iss.iss_header_digest = ISCSI_DIGEST_CRC32C;
2081 iss.iss_header_digest = ISCSI_DIGEST_NONE;
2083 if (is->is_conn->ic_data_crc32c)
2084 iss.iss_data_digest = ISCSI_DIGEST_CRC32C;
2086 iss.iss_data_digest = ISCSI_DIGEST_NONE;
2088 iss.iss_max_send_data_segment_length =
2089 is->is_conn->ic_max_send_data_segment_length;
2090 iss.iss_max_recv_data_segment_length =
2091 is->is_conn->ic_max_recv_data_segment_length;
2092 iss.iss_max_burst_length = is->is_max_burst_length;
2093 iss.iss_first_burst_length = is->is_first_burst_length;
2094 iss.iss_immediate_data = is->is_immediate_data;
2095 iss.iss_connected = is->is_connected;
2097 error = copyout(&iss, isl->isl_pstates + i, sizeof(iss));
2099 sx_sunlock(&sc->sc_lock);
2104 sx_sunlock(&sc->sc_lock);
2106 isl->isl_nentries = i;
2112 iscsi_ioctl_session_modify(struct iscsi_softc *sc,
2113 struct iscsi_session_modify *ism)
2115 struct iscsi_session *is;
2116 const struct iscsi_session *is2;
2118 iscsi_sanitize_session_conf(&ism->ism_conf);
2119 if (iscsi_valid_session_conf(&ism->ism_conf) == false)
2122 sx_xlock(&sc->sc_lock);
2123 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
2124 ISCSI_SESSION_LOCK(is);
2125 if (is->is_id == ism->ism_session_id) {
2126 /* Note that the session remains locked. */
2129 ISCSI_SESSION_UNLOCK(is);
2132 sx_xunlock(&sc->sc_lock);
2137 * Prevent duplicates.
2139 TAILQ_FOREACH(is2, &sc->sc_sessions, is_next) {
2143 if (!!ism->ism_conf.isc_discovery !=
2144 !!is2->is_conf.isc_discovery)
2147 if (strcmp(ism->ism_conf.isc_target_addr,
2148 is2->is_conf.isc_target_addr) != 0)
2151 if (ism->ism_conf.isc_discovery == 0 &&
2152 strcmp(ism->ism_conf.isc_target,
2153 is2->is_conf.isc_target) != 0)
2156 ISCSI_SESSION_UNLOCK(is);
2157 sx_xunlock(&sc->sc_lock);
2161 sx_xunlock(&sc->sc_lock);
2163 memcpy(&is->is_conf, &ism->ism_conf, sizeof(is->is_conf));
2164 ISCSI_SESSION_UNLOCK(is);
2166 iscsi_session_reconnect(is);
2172 iscsi_ioctl(struct cdev *dev, u_long cmd, caddr_t arg, int mode,
2175 struct iscsi_softc *sc;
2181 return (iscsi_ioctl_daemon_wait(sc,
2182 (struct iscsi_daemon_request *)arg));
2184 return (iscsi_ioctl_daemon_handoff(sc,
2185 (struct iscsi_daemon_handoff *)arg));
2187 return (iscsi_ioctl_daemon_fail(sc,
2188 (struct iscsi_daemon_fail *)arg));
2189 #ifdef ICL_KERNEL_PROXY
2191 return (iscsi_ioctl_daemon_connect(sc,
2192 (struct iscsi_daemon_connect *)arg));
2194 return (iscsi_ioctl_daemon_send(sc,
2195 (struct iscsi_daemon_send *)arg));
2197 return (iscsi_ioctl_daemon_receive(sc,
2198 (struct iscsi_daemon_receive *)arg));
2199 #endif /* ICL_KERNEL_PROXY */
2201 return (iscsi_ioctl_session_add(sc,
2202 (struct iscsi_session_add *)arg));
2204 return (iscsi_ioctl_session_remove(sc,
2205 (struct iscsi_session_remove *)arg));
2207 return (iscsi_ioctl_session_list(sc,
2208 (struct iscsi_session_list *)arg));
2210 return (iscsi_ioctl_session_modify(sc,
2211 (struct iscsi_session_modify *)arg));
2217 static struct iscsi_outstanding *
2218 iscsi_outstanding_find(struct iscsi_session *is, uint32_t initiator_task_tag)
2220 struct iscsi_outstanding *io;
2222 ISCSI_SESSION_LOCK_ASSERT(is);
2224 TAILQ_FOREACH(io, &is->is_outstanding, io_next) {
2225 if (io->io_initiator_task_tag == initiator_task_tag)
2231 static struct iscsi_outstanding *
2232 iscsi_outstanding_find_ccb(struct iscsi_session *is, union ccb *ccb)
2234 struct iscsi_outstanding *io;
2236 ISCSI_SESSION_LOCK_ASSERT(is);
2238 TAILQ_FOREACH(io, &is->is_outstanding, io_next) {
2239 if (io->io_ccb == ccb)
2245 static struct iscsi_outstanding *
2246 iscsi_outstanding_add(struct iscsi_session *is, struct icl_pdu *request,
2247 union ccb *ccb, uint32_t *initiator_task_tagp)
2249 struct iscsi_outstanding *io;
2252 ISCSI_SESSION_LOCK_ASSERT(is);
2254 io = uma_zalloc(iscsi_outstanding_zone, M_NOWAIT | M_ZERO);
2256 ISCSI_SESSION_WARN(is, "failed to allocate %zd bytes",
2261 error = icl_conn_task_setup(is->is_conn, request, &ccb->csio,
2262 initiator_task_tagp, &io->io_icl_prv);
2264 ISCSI_SESSION_WARN(is,
2265 "icl_conn_task_setup() failed with error %d", error);
2266 uma_zfree(iscsi_outstanding_zone, io);
2270 KASSERT(iscsi_outstanding_find(is, *initiator_task_tagp) == NULL,
2271 ("initiator_task_tag 0x%x already added", *initiator_task_tagp));
2273 io->io_initiator_task_tag = *initiator_task_tagp;
2275 TAILQ_INSERT_TAIL(&is->is_outstanding, io, io_next);
2280 iscsi_outstanding_remove(struct iscsi_session *is, struct iscsi_outstanding *io)
2283 ISCSI_SESSION_LOCK_ASSERT(is);
2285 icl_conn_task_done(is->is_conn, io->io_icl_prv);
2286 TAILQ_REMOVE(&is->is_outstanding, io, io_next);
2287 uma_zfree(iscsi_outstanding_zone, io);
2291 iscsi_action_abort(struct iscsi_session *is, union ccb *ccb)
2293 struct icl_pdu *request;
2294 struct iscsi_bhs_task_management_request *bhstmr;
2295 struct ccb_abort *cab = &ccb->cab;
2296 struct iscsi_outstanding *io, *aio;
2297 uint32_t initiator_task_tag;
2299 ISCSI_SESSION_LOCK_ASSERT(is);
2302 KASSERT(is->is_login_phase == false, ("%s called during Login Phase", __func__));
2304 if (is->is_login_phase) {
2305 ccb->ccb_h.status = CAM_REQ_ABORTED;
2311 aio = iscsi_outstanding_find_ccb(is, cab->abort_ccb);
2313 ccb->ccb_h.status = CAM_REQ_CMP;
2318 request = icl_pdu_new(is->is_conn, M_NOWAIT);
2319 if (request == NULL) {
2320 ccb->ccb_h.status = CAM_RESRC_UNAVAIL;
2325 initiator_task_tag = is->is_initiator_task_tag++;
2326 if (initiator_task_tag == 0xffffffff)
2327 initiator_task_tag = is->is_initiator_task_tag++;
2329 io = iscsi_outstanding_add(is, request, NULL, &initiator_task_tag);
2331 icl_pdu_free(request);
2332 ccb->ccb_h.status = CAM_RESRC_UNAVAIL;
2336 io->io_referenced_task_tag = aio->io_initiator_task_tag;
2338 bhstmr = (struct iscsi_bhs_task_management_request *)request->ip_bhs;
2339 bhstmr->bhstmr_opcode = ISCSI_BHS_OPCODE_TASK_REQUEST;
2340 bhstmr->bhstmr_function = 0x80 | BHSTMR_FUNCTION_ABORT_TASK;
2341 bhstmr->bhstmr_lun = htobe64(CAM_EXTLUN_BYTE_SWIZZLE(ccb->ccb_h.target_lun));
2342 bhstmr->bhstmr_initiator_task_tag = initiator_task_tag;
2343 bhstmr->bhstmr_referenced_task_tag = aio->io_initiator_task_tag;
2345 iscsi_pdu_queue_locked(request);
2349 iscsi_action_scsiio(struct iscsi_session *is, union ccb *ccb)
2351 struct icl_pdu *request;
2352 struct iscsi_bhs_scsi_command *bhssc;
2353 struct ccb_scsiio *csio;
2354 struct iscsi_outstanding *io;
2356 uint32_t initiator_task_tag;
2359 ISCSI_SESSION_LOCK_ASSERT(is);
2362 KASSERT(is->is_login_phase == false, ("%s called during Login Phase", __func__));
2364 if (is->is_login_phase) {
2365 ISCSI_SESSION_DEBUG(is, "called during login phase");
2366 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
2367 xpt_freeze_devq(ccb->ccb_h.path, 1);
2368 ISCSI_SESSION_DEBUG(is, "freezing devq");
2370 ccb->ccb_h.status = CAM_REQ_ABORTED | CAM_DEV_QFRZN;
2376 request = icl_pdu_new(is->is_conn, M_NOWAIT);
2377 if (request == NULL) {
2378 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
2379 xpt_freeze_devq(ccb->ccb_h.path, 1);
2380 ISCSI_SESSION_DEBUG(is, "freezing devq");
2382 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN;
2387 initiator_task_tag = is->is_initiator_task_tag++;
2388 if (initiator_task_tag == 0xffffffff)
2389 initiator_task_tag = is->is_initiator_task_tag++;
2391 io = iscsi_outstanding_add(is, request, ccb, &initiator_task_tag);
2393 icl_pdu_free(request);
2394 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
2395 xpt_freeze_devq(ccb->ccb_h.path, 1);
2396 ISCSI_SESSION_DEBUG(is, "freezing devq");
2398 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN;
2404 bhssc = (struct iscsi_bhs_scsi_command *)request->ip_bhs;
2405 bhssc->bhssc_opcode = ISCSI_BHS_OPCODE_SCSI_COMMAND;
2406 bhssc->bhssc_flags |= BHSSC_FLAGS_F;
2407 switch (csio->ccb_h.flags & CAM_DIR_MASK) {
2409 bhssc->bhssc_flags |= BHSSC_FLAGS_R;
2412 bhssc->bhssc_flags |= BHSSC_FLAGS_W;
2416 if ((ccb->ccb_h.flags & CAM_TAG_ACTION_VALID) != 0) {
2417 switch (csio->tag_action) {
2418 case MSG_HEAD_OF_Q_TAG:
2419 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_HOQ;
2421 case MSG_ORDERED_Q_TAG:
2422 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_ORDERED;
2425 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_ACA;
2427 case MSG_SIMPLE_Q_TAG:
2429 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_SIMPLE;
2433 bhssc->bhssc_flags |= BHSSC_FLAGS_ATTR_UNTAGGED;
2435 if (is->is_protocol_level >= 2) {
2436 bhssc->bhssc_pri = (csio->priority << BHSSC_PRI_SHIFT) &
2440 bhssc->bhssc_lun = htobe64(CAM_EXTLUN_BYTE_SWIZZLE(ccb->ccb_h.target_lun));
2441 bhssc->bhssc_initiator_task_tag = initiator_task_tag;
2442 bhssc->bhssc_expected_data_transfer_length = htonl(csio->dxfer_len);
2443 KASSERT(csio->cdb_len <= sizeof(bhssc->bhssc_cdb),
2444 ("unsupported CDB size %zd", (size_t)csio->cdb_len));
2446 if (csio->ccb_h.flags & CAM_CDB_POINTER)
2447 memcpy(&bhssc->bhssc_cdb, csio->cdb_io.cdb_ptr, csio->cdb_len);
2449 memcpy(&bhssc->bhssc_cdb, csio->cdb_io.cdb_bytes, csio->cdb_len);
2451 if (is->is_immediate_data &&
2452 (csio->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
2453 len = csio->dxfer_len;
2454 //ISCSI_SESSION_DEBUG(is, "adding %zd of immediate data", len);
2455 if (len > is->is_first_burst_length) {
2456 ISCSI_SESSION_DEBUG(is, "len %zd -> %d", len, is->is_first_burst_length);
2457 len = is->is_first_burst_length;
2459 if (len > is->is_conn->ic_max_send_data_segment_length) {
2460 ISCSI_SESSION_DEBUG(is, "len %zd -> %d", len,
2461 is->is_conn->ic_max_send_data_segment_length);
2462 len = is->is_conn->ic_max_send_data_segment_length;
2465 error = iscsi_pdu_append_data_csio(request, csio, 0, len,
2466 M_NOWAIT | ICL_NOCOPY);
2468 iscsi_outstanding_remove(is, io);
2469 icl_pdu_free(request);
2470 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
2471 xpt_freeze_devq(ccb->ccb_h.path, 1);
2472 ISCSI_SESSION_DEBUG(is, "freezing devq");
2474 ccb->ccb_h.status = CAM_RESRC_UNAVAIL | CAM_DEV_QFRZN;
2479 iscsi_pdu_queue_locked(request);
2483 iscsi_action(struct cam_sim *sim, union ccb *ccb)
2485 struct iscsi_session *is;
2487 is = cam_sim_softc(sim);
2489 ISCSI_SESSION_LOCK_ASSERT(is);
2491 if (is->is_terminating ||
2492 (is->is_connected == false && fail_on_disconnection)) {
2493 ccb->ccb_h.status = CAM_DEV_NOT_THERE;
2499 * Make sure CAM doesn't sneak in a CCB just after freezing the queue.
2501 if (is->is_simq_frozen == true) {
2502 ccb->ccb_h.status &= ~(CAM_SIM_QUEUED | CAM_STATUS_MASK);
2503 ccb->ccb_h.status |= CAM_REQUEUE_REQ;
2504 /* Don't freeze the devq - the SIM queue is already frozen. */
2509 switch (ccb->ccb_h.func_code) {
2512 struct ccb_pathinq *cpi = &ccb->cpi;
2514 cpi->version_num = 1;
2515 cpi->hba_inquiry = PI_TAG_ABLE;
2516 cpi->target_sprt = 0;
2517 cpi->hba_misc = PIM_EXTLUNS;
2519 * XXX: It shouldn't ever be NULL; this could be turned
2520 * into a KASSERT eventually.
2522 if (is->is_conn == NULL)
2523 ISCSI_WARN("NULL conn");
2524 else if (is->is_conn->ic_unmapped)
2525 cpi->hba_misc |= PIM_UNMAPPED;
2526 cpi->hba_eng_cnt = 0;
2527 cpi->max_target = 0;
2529 * Note that the variable below is only relevant for targets
2530 * that don't claim compliance with anything above SPC2, which
2531 * means they don't support REPORT_LUNS.
2534 cpi->initiator_id = ~0;
2535 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
2536 strlcpy(cpi->hba_vid, "iSCSI", HBA_IDLEN);
2537 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
2538 cpi->unit_number = cam_sim_unit(sim);
2539 cpi->bus_id = cam_sim_bus(sim);
2540 cpi->base_transfer_speed = 150000; /* XXX */
2541 cpi->transport = XPORT_ISCSI;
2542 cpi->transport_version = 0;
2543 cpi->protocol = PROTO_SCSI;
2544 cpi->protocol_version = SCSI_REV_SPC3;
2545 cpi->maxio = maxphys;
2546 cpi->ccb_h.status = CAM_REQ_CMP;
2549 case XPT_GET_TRAN_SETTINGS:
2551 struct ccb_trans_settings *cts;
2552 struct ccb_trans_settings_scsi *scsi;
2555 scsi = &cts->proto_specific.scsi;
2557 cts->protocol = PROTO_SCSI;
2558 cts->protocol_version = SCSI_REV_SPC3;
2559 cts->transport = XPORT_ISCSI;
2560 cts->transport_version = 0;
2561 scsi->valid = CTS_SCSI_VALID_TQ;
2562 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB;
2563 cts->ccb_h.status = CAM_REQ_CMP;
2566 case XPT_CALC_GEOMETRY:
2567 cam_calc_geometry(&ccb->ccg, /*extended*/1);
2568 ccb->ccb_h.status = CAM_REQ_CMP;
2572 * XXX: What's the point?
2576 ISCSI_SESSION_DEBUG(is, "faking success for reset, abort, or term_io");
2577 ccb->ccb_h.status = CAM_REQ_CMP;
2581 iscsi_action_abort(is, ccb);
2584 iscsi_action_scsiio(is, ccb);
2588 ISCSI_SESSION_DEBUG(is, "got unsupported code 0x%x", ccb->ccb_h.func_code);
2590 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
2597 iscsi_terminate_sessions(struct iscsi_softc *sc)
2599 struct iscsi_session *is;
2601 sx_slock(&sc->sc_lock);
2602 TAILQ_FOREACH(is, &sc->sc_sessions, is_next)
2603 iscsi_session_terminate(is);
2604 while(!TAILQ_EMPTY(&sc->sc_sessions)) {
2605 ISCSI_DEBUG("waiting for sessions to terminate");
2606 cv_wait(&sc->sc_cv, &sc->sc_lock);
2608 ISCSI_DEBUG("all sessions terminated");
2609 sx_sunlock(&sc->sc_lock);
2613 iscsi_shutdown_pre(struct iscsi_softc *sc)
2615 struct iscsi_session *is;
2617 if (!fail_on_shutdown)
2621 * If we have any sessions waiting for reconnection, request
2622 * maintenance thread to fail them immediately instead of waiting
2623 * for reconnect timeout.
2625 * This prevents LUNs with mounted filesystems that are supported
2626 * by disconnected iSCSI sessions from hanging, however it will
2627 * fail all queued BIOs.
2629 ISCSI_DEBUG("forcing failing all disconnected sessions due to shutdown");
2631 fail_on_disconnection = 1;
2633 sx_slock(&sc->sc_lock);
2634 TAILQ_FOREACH(is, &sc->sc_sessions, is_next) {
2635 ISCSI_SESSION_LOCK(is);
2636 if (!is->is_connected) {
2637 ISCSI_SESSION_DEBUG(is, "force failing disconnected session early");
2638 iscsi_session_reconnect(is);
2640 ISCSI_SESSION_UNLOCK(is);
2642 sx_sunlock(&sc->sc_lock);
2646 iscsi_shutdown_post(struct iscsi_softc *sc)
2649 if (!KERNEL_PANICKED()) {
2650 ISCSI_DEBUG("removing all sessions due to shutdown");
2651 iscsi_terminate_sessions(sc);
2660 sc = malloc(sizeof(*sc), M_ISCSI, M_ZERO | M_WAITOK);
2661 sx_init(&sc->sc_lock, "iscsi");
2662 TAILQ_INIT(&sc->sc_sessions);
2663 cv_init(&sc->sc_cv, "iscsi_cv");
2665 iscsi_outstanding_zone = uma_zcreate("iscsi_outstanding",
2666 sizeof(struct iscsi_outstanding), NULL, NULL, NULL, NULL,
2669 error = make_dev_p(MAKEDEV_CHECKNAME, &sc->sc_cdev, &iscsi_cdevsw,
2670 NULL, UID_ROOT, GID_WHEEL, 0600, "iscsi");
2672 ISCSI_WARN("failed to create device node, error %d", error);
2675 sc->sc_cdev->si_drv1 = sc;
2677 sc->sc_shutdown_pre_eh = EVENTHANDLER_REGISTER(shutdown_pre_sync,
2678 iscsi_shutdown_pre, sc, SHUTDOWN_PRI_FIRST);
2680 * shutdown_post_sync needs to run after filesystem shutdown and before
2681 * CAM shutdown - otherwise when rebooting with an iSCSI session that is
2682 * disconnected but has outstanding requests, dashutdown() will hang on
2683 * cam_periph_runccb().
2685 sc->sc_shutdown_post_eh = EVENTHANDLER_REGISTER(shutdown_post_sync,
2686 iscsi_shutdown_post, sc, SHUTDOWN_PRI_DEFAULT - 1);
2695 /* Awaken any threads asleep in iscsi_ioctl(). */
2696 sx_xlock(&sc->sc_lock);
2697 sc->sc_unloading = true;
2698 cv_signal(&sc->sc_cv);
2699 sx_xunlock(&sc->sc_lock);
2701 if (sc->sc_cdev != NULL) {
2702 ISCSI_DEBUG("removing device node");
2703 destroy_dev(sc->sc_cdev);
2704 ISCSI_DEBUG("device node removed");
2707 if (sc->sc_shutdown_pre_eh != NULL)
2708 EVENTHANDLER_DEREGISTER(shutdown_pre_sync, sc->sc_shutdown_pre_eh);
2709 if (sc->sc_shutdown_post_eh != NULL)
2710 EVENTHANDLER_DEREGISTER(shutdown_post_sync, sc->sc_shutdown_post_eh);
2712 iscsi_terminate_sessions(sc);
2714 uma_zdestroy(iscsi_outstanding_zone);
2715 sx_destroy(&sc->sc_lock);
2716 cv_destroy(&sc->sc_cv);
2724 sx_slock(&sc->sc_lock);
2725 if (!TAILQ_EMPTY(&sc->sc_sessions)) {
2726 sx_sunlock(&sc->sc_lock);
2729 sx_sunlock(&sc->sc_lock);
2734 iscsi_modevent(module_t mod, int what, void *arg)
2740 error = iscsi_load();
2743 error = iscsi_unload();
2746 error = iscsi_quiesce();
2755 moduledata_t iscsi_data = {
2761 DECLARE_MODULE(iscsi, iscsi_data, SI_SUB_DRIVERS, SI_ORDER_MIDDLE);
2762 MODULE_DEPEND(iscsi, cam, 1, 1, 1);
2763 MODULE_DEPEND(iscsi, icl, 1, 1, 1);
projects / FreeBSD / FreeBSD.git / blob