2 * Copyright (c) 2012 The FreeBSD Foundation
5 * This software was developed by Edward Tomasz Napierala under sponsorship
6 * from the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/types.h>
34 #include <sys/socket.h>
36 #include <netinet/in.h>
51 static volatile bool sighup_received = false;
52 static volatile bool sigterm_received = false;
53 static volatile bool sigalrm_received = false;
55 static int nchildren = 0;
61 fprintf(stderr, "usage: ctld [-d][-f config-file]\n");
66 checked_strdup(const char *s)
81 conf = calloc(1, sizeof(*conf));
84 TAILQ_INIT(&conf->conf_targets);
85 TAILQ_INIT(&conf->conf_auth_groups);
86 TAILQ_INIT(&conf->conf_portal_groups);
89 conf->conf_timeout = 60;
90 conf->conf_maxproc = 30;
96 conf_delete(struct conf *conf)
98 struct target *targ, *tmp;
99 struct auth_group *ag, *cagtmp;
100 struct portal_group *pg, *cpgtmp;
102 assert(conf->conf_pidfh == NULL);
104 TAILQ_FOREACH_SAFE(targ, &conf->conf_targets, t_next, tmp)
106 TAILQ_FOREACH_SAFE(ag, &conf->conf_auth_groups, ag_next, cagtmp)
107 auth_group_delete(ag);
108 TAILQ_FOREACH_SAFE(pg, &conf->conf_portal_groups, pg_next, cpgtmp)
109 portal_group_delete(pg);
110 free(conf->conf_pidfile_path);
115 auth_new(struct auth_group *ag)
119 auth = calloc(1, sizeof(*auth));
121 log_err(1, "calloc");
122 auth->a_auth_group = ag;
123 TAILQ_INSERT_TAIL(&ag->ag_auths, auth, a_next);
128 auth_delete(struct auth *auth)
130 TAILQ_REMOVE(&auth->a_auth_group->ag_auths, auth, a_next);
133 free(auth->a_secret);
134 free(auth->a_mutual_user);
135 free(auth->a_mutual_secret);
140 auth_find(struct auth_group *ag, const char *user)
142 const struct auth *auth;
144 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) {
145 if (strcmp(auth->a_user, user) == 0)
153 auth_group_new(struct conf *conf, const char *name)
155 struct auth_group *ag;
158 ag = auth_group_find(conf, name);
160 log_warnx("duplicated auth-group \"%s\"", name);
165 ag = calloc(1, sizeof(*ag));
167 log_err(1, "calloc");
169 ag->ag_name = checked_strdup(name);
170 TAILQ_INIT(&ag->ag_auths);
172 TAILQ_INSERT_TAIL(&conf->conf_auth_groups, ag, ag_next);
178 auth_group_delete(struct auth_group *ag)
180 struct auth *auth, *tmp;
182 TAILQ_REMOVE(&ag->ag_conf->conf_auth_groups, ag, ag_next);
184 TAILQ_FOREACH_SAFE(auth, &ag->ag_auths, a_next, tmp)
191 auth_group_find(struct conf *conf, const char *name)
193 struct auth_group *ag;
195 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) {
196 if (ag->ag_name != NULL && strcmp(ag->ag_name, name) == 0)
204 auth_check_secret_length(struct auth *auth)
208 len = strlen(auth->a_secret);
210 if (auth->a_auth_group->ag_name != NULL)
211 log_warnx("secret for user \"%s\", auth-group \"%s\", "
212 "is too long; it should be at most 16 characters "
213 "long", auth->a_user, auth->a_auth_group->ag_name);
215 log_warnx("secret for user \"%s\", target \"%s\", "
216 "is too long; it should be at most 16 characters "
217 "long", auth->a_user,
218 auth->a_auth_group->ag_target->t_iqn);
221 if (auth->a_auth_group->ag_name != NULL)
222 log_warnx("secret for user \"%s\", auth-group \"%s\", "
223 "is too short; it should be at least 12 characters "
224 "long", auth->a_user,
225 auth->a_auth_group->ag_name);
227 log_warnx("secret for user \"%s\", target \"%s\", "
228 "is too short; it should be at least 16 characters "
229 "long", auth->a_user,
230 auth->a_auth_group->ag_target->t_iqn);
233 if (auth->a_mutual_secret != NULL) {
234 len = strlen(auth->a_secret);
236 if (auth->a_auth_group->ag_name != NULL)
237 log_warnx("mutual secret for user \"%s\", "
238 "auth-group \"%s\", is too long; it should "
239 "be at most 16 characters long",
240 auth->a_user, auth->a_auth_group->ag_name);
242 log_warnx("mutual secret for user \"%s\", "
243 "target \"%s\", is too long; it should "
244 "be at most 16 characters long",
246 auth->a_auth_group->ag_target->t_iqn);
249 if (auth->a_auth_group->ag_name != NULL)
250 log_warnx("mutual secret for user \"%s\", "
251 "auth-group \"%s\", is too short; it "
252 "should be at least 12 characters long",
253 auth->a_user, auth->a_auth_group->ag_name);
255 log_warnx("mutual secret for user \"%s\", "
256 "target \"%s\", is too short; it should be "
257 "at least 16 characters long",
259 auth->a_auth_group->ag_target->t_iqn);
265 auth_new_chap(struct auth_group *ag, const char *user,
270 if (ag->ag_type == AG_TYPE_UNKNOWN)
271 ag->ag_type = AG_TYPE_CHAP;
272 if (ag->ag_type != AG_TYPE_CHAP) {
273 if (ag->ag_name != NULL)
274 log_warnx("cannot mix \"chap\" authentication with "
275 "other types for auth-group \"%s\"", ag->ag_name);
277 log_warnx("cannot mix \"chap\" authentication with "
278 "other types for target \"%s\"",
279 ag->ag_target->t_iqn);
284 auth->a_user = checked_strdup(user);
285 auth->a_secret = checked_strdup(secret);
287 auth_check_secret_length(auth);
293 auth_new_chap_mutual(struct auth_group *ag, const char *user,
294 const char *secret, const char *user2, const char *secret2)
298 if (ag->ag_type == AG_TYPE_UNKNOWN)
299 ag->ag_type = AG_TYPE_CHAP_MUTUAL;
300 if (ag->ag_type != AG_TYPE_CHAP_MUTUAL) {
301 if (ag->ag_name != NULL)
302 log_warnx("cannot mix \"chap-mutual\" authentication "
303 "with other types for auth-group \"%s\"",
306 log_warnx("cannot mix \"chap-mutual\" authentication "
307 "with other types for target \"%s\"",
308 ag->ag_target->t_iqn);
313 auth->a_user = checked_strdup(user);
314 auth->a_secret = checked_strdup(secret);
315 auth->a_mutual_user = checked_strdup(user2);
316 auth->a_mutual_secret = checked_strdup(secret2);
318 auth_check_secret_length(auth);
323 static struct portal *
324 portal_new(struct portal_group *pg)
326 struct portal *portal;
328 portal = calloc(1, sizeof(*portal));
330 log_err(1, "calloc");
331 TAILQ_INIT(&portal->p_targets);
332 portal->p_portal_group = pg;
333 TAILQ_INSERT_TAIL(&pg->pg_portals, portal, p_next);
338 portal_delete(struct portal *portal)
340 TAILQ_REMOVE(&portal->p_portal_group->pg_portals, portal, p_next);
341 freeaddrinfo(portal->p_ai);
342 free(portal->p_listen);
346 struct portal_group *
347 portal_group_new(struct conf *conf, const char *name)
349 struct portal_group *pg;
351 pg = portal_group_find(conf, name);
353 log_warnx("duplicated portal-group \"%s\"", name);
357 pg = calloc(1, sizeof(*pg));
359 log_err(1, "calloc");
360 pg->pg_name = checked_strdup(name);
361 TAILQ_INIT(&pg->pg_portals);
363 conf->conf_last_portal_group_tag++;
364 pg->pg_tag = conf->conf_last_portal_group_tag;
365 TAILQ_INSERT_TAIL(&conf->conf_portal_groups, pg, pg_next);
371 portal_group_delete(struct portal_group *pg)
373 struct portal *portal, *tmp;
375 TAILQ_REMOVE(&pg->pg_conf->conf_portal_groups, pg, pg_next);
377 TAILQ_FOREACH_SAFE(portal, &pg->pg_portals, p_next, tmp)
378 portal_delete(portal);
383 struct portal_group *
384 portal_group_find(struct conf *conf, const char *name)
386 struct portal_group *pg;
388 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) {
389 if (strcmp(pg->pg_name, name) == 0)
397 portal_group_add_listen(struct portal_group *pg, const char *value, bool iser)
399 struct addrinfo hints;
400 struct portal *portal;
401 char *addr, *ch, *arg;
403 int error, colons = 0;
405 #ifndef ICL_KERNEL_PROXY
407 log_warnx("ctld(8) compiled without ICL_KERNEL_PROXY "
408 "does not support iSER protocol");
413 portal = portal_new(pg);
414 portal->p_listen = checked_strdup(value);
415 portal->p_iser = iser;
417 arg = portal->p_listen;
418 if (arg[0] == '\0') {
419 log_warnx("empty listen address");
420 free(portal->p_listen);
426 * IPv6 address in square brackets, perhaps with port.
429 addr = strsep(&arg, "]");
431 log_warnx("invalid listen address %s",
433 free(portal->p_listen);
437 if (arg[0] == '\0') {
439 } else if (arg[0] == ':') {
442 log_warnx("invalid listen address %s",
444 free(portal->p_listen);
450 * Either IPv6 address without brackets - and without
451 * a port - or IPv4 address. Just count the colons.
453 for (ch = arg; *ch != '\0'; ch++) {
461 addr = strsep(&arg, ":");
469 memset(&hints, 0, sizeof(hints));
470 hints.ai_family = PF_UNSPEC;
471 hints.ai_socktype = SOCK_STREAM;
472 hints.ai_flags = AI_PASSIVE;
474 error = getaddrinfo(addr, port, &hints, &portal->p_ai);
476 log_warnx("getaddrinfo for %s failed: %s",
477 portal->p_listen, gai_strerror(error));
478 free(portal->p_listen);
484 * XXX: getaddrinfo(3) may return multiple addresses; we should turn
485 * those into multiple portals.
492 valid_hex(const char ch)
524 valid_iscsi_name(const char *name)
528 if (strlen(name) >= MAX_NAME_LEN) {
529 log_warnx("overlong name for target \"%s\"; max length allowed "
530 "by iSCSI specification is %d characters",
536 * In the cases below, we don't return an error, just in case the admin
537 * was right, and we're wrong.
539 if (strncasecmp(name, "iqn.", strlen("iqn.")) == 0) {
540 for (i = strlen("iqn."); name[i] != '\0'; i++) {
542 * XXX: We should verify UTF-8 normalisation, as defined
543 * by 3.2.6.2: iSCSI Name Encoding.
545 if (isalnum(name[i]))
547 if (name[i] == '-' || name[i] == '.' || name[i] == ':')
549 log_warnx("invalid character \"%c\" in target name "
550 "\"%s\"; allowed characters are letters, digits, "
551 "'-', '.', and ':'", name[i], name);
555 * XXX: Check more stuff: valid date and a valid reversed domain.
557 } else if (strncasecmp(name, "eui.", strlen("eui.")) == 0) {
558 if (strlen(name) != strlen("eui.") + 16)
559 log_warnx("invalid target name \"%s\"; the \"eui.\" "
560 "should be followed by exactly 16 hexadecimal "
562 for (i = strlen("eui."); name[i] != '\0'; i++) {
563 if (!valid_hex(name[i])) {
564 log_warnx("invalid character \"%c\" in target "
565 "name \"%s\"; allowed characters are 1-9 "
566 "and A-F", name[i], name);
570 } else if (strncasecmp(name, "naa.", strlen("naa.")) == 0) {
571 if (strlen(name) > strlen("naa.") + 32)
572 log_warnx("invalid target name \"%s\"; the \"naa.\" "
573 "should be followed by at most 32 hexadecimal "
575 for (i = strlen("naa."); name[i] != '\0'; i++) {
576 if (!valid_hex(name[i])) {
577 log_warnx("invalid character \"%c\" in target "
578 "name \"%s\"; allowed characters are 1-9 "
579 "and A-F", name[i], name);
584 log_warnx("invalid target name \"%s\"; should start with "
585 "either \".iqn\", \"eui.\", or \"naa.\"",
592 target_new(struct conf *conf, const char *iqn)
597 targ = target_find(conf, iqn);
599 log_warnx("duplicated target \"%s\"", iqn);
602 if (valid_iscsi_name(iqn) == false) {
603 log_warnx("target name \"%s\" is invalid", iqn);
606 targ = calloc(1, sizeof(*targ));
608 log_err(1, "calloc");
609 targ->t_iqn = checked_strdup(iqn);
612 * RFC 3722 requires us to normalize the name to lowercase.
615 for (i = 0; i < len; i++)
616 targ->t_iqn[i] = tolower(targ->t_iqn[i]);
618 TAILQ_INIT(&targ->t_luns);
620 TAILQ_INSERT_TAIL(&conf->conf_targets, targ, t_next);
626 target_delete(struct target *targ)
628 struct lun *lun, *tmp;
630 TAILQ_REMOVE(&targ->t_conf->conf_targets, targ, t_next);
632 TAILQ_FOREACH_SAFE(lun, &targ->t_luns, l_next, tmp)
639 target_find(struct conf *conf, const char *iqn)
643 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) {
644 if (strcasecmp(targ->t_iqn, iqn) == 0)
652 lun_new(struct target *targ, int lun_id)
656 lun = lun_find(targ, lun_id);
658 log_warnx("duplicated lun %d for target \"%s\"",
659 lun_id, targ->t_iqn);
663 lun = calloc(1, sizeof(*lun));
665 log_err(1, "calloc");
667 TAILQ_INIT(&lun->l_options);
668 lun->l_target = targ;
669 TAILQ_INSERT_TAIL(&targ->t_luns, lun, l_next);
675 lun_delete(struct lun *lun)
677 struct lun_option *lo, *tmp;
679 TAILQ_REMOVE(&lun->l_target->t_luns, lun, l_next);
681 TAILQ_FOREACH_SAFE(lo, &lun->l_options, lo_next, tmp)
682 lun_option_delete(lo);
683 free(lun->l_backend);
684 free(lun->l_device_id);
691 lun_find(struct target *targ, int lun_id)
695 TAILQ_FOREACH(lun, &targ->t_luns, l_next) {
696 if (lun->l_lun == lun_id)
704 lun_set_backend(struct lun *lun, const char *value)
706 free(lun->l_backend);
707 lun->l_backend = checked_strdup(value);
711 lun_set_blocksize(struct lun *lun, size_t value)
714 lun->l_blocksize = value;
718 lun_set_device_id(struct lun *lun, const char *value)
720 free(lun->l_device_id);
721 lun->l_device_id = checked_strdup(value);
725 lun_set_path(struct lun *lun, const char *value)
728 lun->l_path = checked_strdup(value);
732 lun_set_serial(struct lun *lun, const char *value)
735 lun->l_serial = checked_strdup(value);
739 lun_set_size(struct lun *lun, size_t value)
746 lun_set_ctl_lun(struct lun *lun, uint32_t value)
749 lun->l_ctl_lun = value;
753 lun_option_new(struct lun *lun, const char *name, const char *value)
755 struct lun_option *lo;
757 lo = lun_option_find(lun, name);
759 log_warnx("duplicated lun option %s for lun %d, target \"%s\"",
760 name, lun->l_lun, lun->l_target->t_iqn);
764 lo = calloc(1, sizeof(*lo));
766 log_err(1, "calloc");
767 lo->lo_name = checked_strdup(name);
768 lo->lo_value = checked_strdup(value);
770 TAILQ_INSERT_TAIL(&lun->l_options, lo, lo_next);
776 lun_option_delete(struct lun_option *lo)
779 TAILQ_REMOVE(&lo->lo_lun->l_options, lo, lo_next);
787 lun_option_find(struct lun *lun, const char *name)
789 struct lun_option *lo;
791 TAILQ_FOREACH(lo, &lun->l_options, lo_next) {
792 if (strcmp(lo->lo_name, name) == 0)
800 lun_option_set(struct lun_option *lo, const char *value)
804 lo->lo_value = checked_strdup(value);
807 static struct connection *
808 connection_new(struct portal *portal, int fd, const char *host)
810 struct connection *conn;
812 conn = calloc(1, sizeof(*conn));
814 log_err(1, "calloc");
815 conn->conn_portal = portal;
816 conn->conn_socket = fd;
817 conn->conn_initiator_addr = checked_strdup(host);
820 * Default values, from RFC 3720, section 12.
822 conn->conn_max_data_segment_length = 8192;
823 conn->conn_max_burst_length = 262144;
824 conn->conn_immediate_data = true;
831 conf_print(struct conf *conf)
833 struct auth_group *ag;
835 struct portal_group *pg;
836 struct portal *portal;
839 struct lun_option *lo;
841 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) {
842 fprintf(stderr, "auth-group %s {\n", ag->ag_name);
843 TAILQ_FOREACH(auth, &ag->ag_auths, a_next)
844 fprintf(stderr, "\t chap-mutual %s %s %s %s\n",
845 auth->a_user, auth->a_secret,
846 auth->a_mutual_user, auth->a_mutual_secret);
847 fprintf(stderr, "}\n");
849 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) {
850 fprintf(stderr, "portal-group %s {\n", pg->pg_name);
851 TAILQ_FOREACH(portal, &pg->pg_portals, p_next)
852 fprintf(stderr, "\t listen %s\n", portal->p_listen);
853 fprintf(stderr, "}\n");
855 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) {
856 fprintf(stderr, "target %s {\n", targ->t_iqn);
857 if (targ->t_alias != NULL)
858 fprintf(stderr, "\t alias %s\n", targ->t_alias);
859 TAILQ_FOREACH(lun, &targ->t_luns, l_next) {
860 fprintf(stderr, "\tlun %d {\n", lun->l_lun);
861 fprintf(stderr, "\t\tpath %s\n", lun->l_path);
862 TAILQ_FOREACH(lo, &lun->l_options, lo_next)
863 fprintf(stderr, "\t\toption %s %s\n",
864 lo->lo_name, lo->lo_value);
865 fprintf(stderr, "\t}\n");
867 fprintf(stderr, "}\n");
873 conf_verify(struct conf *conf)
875 struct auth_group *ag;
876 struct portal_group *pg;
878 struct lun *lun, *lun2;
881 if (conf->conf_pidfile_path == NULL)
882 conf->conf_pidfile_path = checked_strdup(DEFAULT_PIDFILE);
884 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) {
885 if (targ->t_auth_group == NULL) {
886 log_warnx("missing authentication for target \"%s\"; "
887 "must specify either \"auth-group\", \"chap\", "
888 "or \"chap-mutual\"", targ->t_iqn);
891 if (targ->t_portal_group == NULL) {
892 targ->t_portal_group = portal_group_find(conf,
894 assert(targ->t_portal_group != NULL);
897 TAILQ_FOREACH(lun, &targ->t_luns, l_next) {
900 if (lun->l_backend == NULL)
901 lun_set_backend(lun, "block");
902 if (strcmp(lun->l_backend, "block") == 0 &&
903 lun->l_path == NULL) {
904 log_warnx("missing path for lun %d, "
905 "target \"%s\"", lun->l_lun, targ->t_iqn);
908 if (strcmp(lun->l_backend, "ramdisk") == 0) {
909 if (lun->l_size == 0) {
910 log_warnx("missing size for "
911 "ramdisk-backed lun %d, "
913 lun->l_lun, targ->t_iqn);
916 if (lun->l_path != NULL) {
917 log_warnx("path must not be specified "
918 "for ramdisk-backed lun %d, "
920 lun->l_lun, targ->t_iqn);
924 if (lun->l_lun < 0 || lun->l_lun > 255) {
925 log_warnx("invalid lun number for lun %d, "
926 "target \"%s\"; must be between 0 and 255",
927 lun->l_lun, targ->t_iqn);
930 #if 1 /* Should we? */
931 TAILQ_FOREACH(lun2, &targ->t_luns, l_next) {
934 if (lun->l_path != NULL &&
935 lun2->l_path != NULL &&
936 strcmp(lun->l_path, lun2->l_path) == 0)
937 log_debugx("WARNING: duplicate path "
938 "for lun %d, target \"%s\"",
939 lun->l_lun, targ->t_iqn);
942 if (lun->l_blocksize == 0) {
943 lun_set_blocksize(lun, DEFAULT_BLOCKSIZE);
944 } else if (lun->l_blocksize <= 0) {
945 log_warnx("invalid blocksize for lun %d, "
946 "target \"%s\"; must be larger than 0",
947 lun->l_lun, targ->t_iqn);
950 if (lun->l_size != 0 &&
951 lun->l_size % lun->l_blocksize != 0) {
952 log_warnx("invalid size for lun %d, target "
953 "\"%s\"; must be multiple of blocksize",
954 lun->l_lun, targ->t_iqn);
959 log_warnx("mandatory LUN 0 not configured "
960 "for target \"%s\"", targ->t_iqn);
964 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) {
965 assert(pg->pg_name != NULL);
966 if (pg->pg_discovery_auth_group == NULL) {
967 pg->pg_discovery_auth_group =
968 auth_group_find(conf, "no-access");
969 assert(pg->pg_discovery_auth_group != NULL);
972 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) {
973 if (targ->t_portal_group == pg)
977 if (strcmp(pg->pg_name, "default") != 0)
978 log_warnx("portal-group \"%s\" not assigned "
979 "to any target", pg->pg_name);
980 pg->pg_unassigned = true;
982 pg->pg_unassigned = false;
984 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) {
985 if (ag->ag_name == NULL)
986 assert(ag->ag_target != NULL);
988 assert(ag->ag_target == NULL);
990 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) {
991 if (targ->t_auth_group == ag)
994 if (targ == NULL && ag->ag_name != NULL &&
995 strcmp(ag->ag_name, "no-authentication") != 0 &&
996 strcmp(ag->ag_name, "no-access") != 0) {
997 log_warnx("auth-group \"%s\" not assigned "
998 "to any target", ag->ag_name);
1006 conf_apply(struct conf *oldconf, struct conf *newconf)
1008 struct target *oldtarg, *newtarg, *tmptarg;
1009 struct lun *oldlun, *newlun, *tmplun;
1010 struct portal_group *oldpg, *newpg;
1011 struct portal *oldp, *newp;
1013 int changed, cumulated_error = 0, error;
1014 #ifndef ICL_KERNEL_PROXY
1018 if (oldconf->conf_debug != newconf->conf_debug) {
1019 log_debugx("changing debug level to %d", newconf->conf_debug);
1020 log_init(newconf->conf_debug);
1023 if (oldconf->conf_pidfh != NULL) {
1024 assert(oldconf->conf_pidfile_path != NULL);
1025 if (newconf->conf_pidfile_path != NULL &&
1026 strcmp(oldconf->conf_pidfile_path,
1027 newconf->conf_pidfile_path) == 0) {
1028 newconf->conf_pidfh = oldconf->conf_pidfh;
1029 oldconf->conf_pidfh = NULL;
1031 log_debugx("removing pidfile %s",
1032 oldconf->conf_pidfile_path);
1033 pidfile_remove(oldconf->conf_pidfh);
1034 oldconf->conf_pidfh = NULL;
1038 if (newconf->conf_pidfh == NULL && newconf->conf_pidfile_path != NULL) {
1039 log_debugx("opening pidfile %s", newconf->conf_pidfile_path);
1040 newconf->conf_pidfh =
1041 pidfile_open(newconf->conf_pidfile_path, 0600, &otherpid);
1042 if (newconf->conf_pidfh == NULL) {
1043 if (errno == EEXIST)
1044 log_errx(1, "daemon already running, pid: %jd.",
1045 (intmax_t)otherpid);
1046 log_err(1, "cannot open or create pidfile \"%s\"",
1047 newconf->conf_pidfile_path);
1051 TAILQ_FOREACH_SAFE(oldtarg, &oldconf->conf_targets, t_next, tmptarg) {
1053 * First, remove any targets present in the old configuration
1054 * and missing in the new one.
1056 newtarg = target_find(newconf, oldtarg->t_iqn);
1057 if (newtarg == NULL) {
1058 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next,
1060 log_debugx("target %s not found in the "
1061 "configuration file; removing its lun %d, "
1062 "backed by CTL lun %d",
1063 oldtarg->t_iqn, oldlun->l_lun,
1065 error = kernel_lun_remove(oldlun);
1067 log_warnx("failed to remove lun %d, "
1068 "target %s, CTL lun %d",
1069 oldlun->l_lun, oldtarg->t_iqn,
1075 target_delete(oldtarg);
1080 * Second, remove any LUNs present in the old target
1081 * and missing in the new one.
1083 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, tmplun) {
1084 newlun = lun_find(newtarg, oldlun->l_lun);
1085 if (newlun == NULL) {
1086 log_debugx("lun %d, target %s, CTL lun %d "
1087 "not found in the configuration file; "
1088 "removing", oldlun->l_lun, oldtarg->t_iqn,
1090 error = kernel_lun_remove(oldlun);
1092 log_warnx("failed to remove lun %d, "
1093 "target %s, CTL lun %d",
1094 oldlun->l_lun, oldtarg->t_iqn,
1103 * Also remove the LUNs changed by more than size.
1106 assert(oldlun->l_backend != NULL);
1107 assert(newlun->l_backend != NULL);
1108 if (strcmp(newlun->l_backend, oldlun->l_backend) != 0) {
1109 log_debugx("backend for lun %d, target %s, "
1110 "CTL lun %d changed; removing",
1111 oldlun->l_lun, oldtarg->t_iqn,
1115 if (oldlun->l_blocksize != newlun->l_blocksize) {
1116 log_debugx("blocksize for lun %d, target %s, "
1117 "CTL lun %d changed; removing",
1118 oldlun->l_lun, oldtarg->t_iqn,
1122 if (newlun->l_device_id != NULL &&
1123 (oldlun->l_device_id == NULL ||
1124 strcmp(oldlun->l_device_id, newlun->l_device_id) !=
1126 log_debugx("device-id for lun %d, target %s, "
1127 "CTL lun %d changed; removing",
1128 oldlun->l_lun, oldtarg->t_iqn,
1132 if (newlun->l_path != NULL &&
1133 (oldlun->l_path == NULL ||
1134 strcmp(oldlun->l_path, newlun->l_path) != 0)) {
1135 log_debugx("path for lun %d, target %s, "
1136 "CTL lun %d, changed; removing",
1137 oldlun->l_lun, oldtarg->t_iqn,
1141 if (newlun->l_serial != NULL &&
1142 (oldlun->l_serial == NULL ||
1143 strcmp(oldlun->l_serial, newlun->l_serial) != 0)) {
1144 log_debugx("serial for lun %d, target %s, "
1145 "CTL lun %d changed; removing",
1146 oldlun->l_lun, oldtarg->t_iqn,
1151 error = kernel_lun_remove(oldlun);
1153 log_warnx("failed to remove lun %d, "
1154 "target %s, CTL lun %d",
1155 oldlun->l_lun, oldtarg->t_iqn,
1163 lun_set_ctl_lun(newlun, oldlun->l_ctl_lun);
1168 * Now add new targets or modify existing ones.
1170 TAILQ_FOREACH(newtarg, &newconf->conf_targets, t_next) {
1171 oldtarg = target_find(oldconf, newtarg->t_iqn);
1173 TAILQ_FOREACH(newlun, &newtarg->t_luns, l_next) {
1174 if (oldtarg != NULL) {
1175 oldlun = lun_find(oldtarg, newlun->l_lun);
1176 if (oldlun != NULL) {
1177 if (newlun->l_size != oldlun->l_size) {
1178 log_debugx("resizing lun %d, "
1179 "target %s, CTL lun %d",
1184 kernel_lun_resize(newlun);
1186 log_warnx("failed to "
1199 log_debugx("adding lun %d, target %s",
1200 newlun->l_lun, newtarg->t_iqn);
1201 error = kernel_lun_add(newlun);
1203 log_warnx("failed to add lun %d, target %s",
1204 newlun->l_lun, newtarg->t_iqn);
1211 * Go through the new portals, opening the sockets as neccessary.
1213 TAILQ_FOREACH(newpg, &newconf->conf_portal_groups, pg_next) {
1214 if (newpg->pg_unassigned) {
1215 log_debugx("not listening on portal-group \"%s\", "
1216 "not assigned to any target",
1220 TAILQ_FOREACH(newp, &newpg->pg_portals, p_next) {
1222 * Try to find already open portal and reuse
1223 * the listening socket. We don't care about
1224 * what portal or portal group that was, what
1225 * matters is the listening address.
1227 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups,
1229 TAILQ_FOREACH(oldp, &oldpg->pg_portals,
1231 if (strcmp(newp->p_listen,
1232 oldp->p_listen) == 0 &&
1233 oldp->p_socket > 0) {
1241 if (newp->p_socket > 0) {
1243 * We're done with this portal.
1248 #ifdef ICL_KERNEL_PROXY
1249 log_debugx("listening on %s, portal-group \"%s\" using ICL proxy",
1250 newp->p_listen, newpg->pg_name);
1251 kernel_listen(newp->p_ai, newp->p_iser);
1253 assert(newp->p_iser == false);
1255 log_debugx("listening on %s, portal-group \"%s\"",
1256 newp->p_listen, newpg->pg_name);
1257 newp->p_socket = socket(newp->p_ai->ai_family,
1258 newp->p_ai->ai_socktype,
1259 newp->p_ai->ai_protocol);
1260 if (newp->p_socket < 0) {
1261 log_warn("socket(2) failed for %s",
1266 error = setsockopt(newp->p_socket, SOL_SOCKET,
1267 SO_REUSEADDR, &one, sizeof(one));
1269 log_warn("setsockopt(SO_REUSEADDR) failed "
1270 "for %s", newp->p_listen);
1271 close(newp->p_socket);
1276 error = bind(newp->p_socket, newp->p_ai->ai_addr,
1277 newp->p_ai->ai_addrlen);
1279 log_warn("bind(2) failed for %s",
1281 close(newp->p_socket);
1286 error = listen(newp->p_socket, -1);
1288 log_warn("listen(2) failed for %s",
1290 close(newp->p_socket);
1295 #endif /* !ICL_KERNEL_PROXY */
1300 * Go through the no longer used sockets, closing them.
1302 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, pg_next) {
1303 TAILQ_FOREACH(oldp, &oldpg->pg_portals, p_next) {
1304 if (oldp->p_socket <= 0)
1306 log_debugx("closing socket for %s, portal-group \"%s\"",
1307 oldp->p_listen, oldpg->pg_name);
1308 close(oldp->p_socket);
1313 return (cumulated_error);
1320 return (sigalrm_received);
1324 sigalrm_handler(int dummy __unused)
1327 * It would be easiest to just log an error and exit. We can't
1328 * do this, though, because log_errx() is not signal safe, since
1329 * it calls syslog(3). Instead, set a flag checked by pdu_send()
1330 * and pdu_receive(), to call log_errx() there. Should they fail
1331 * to notice, we'll exit here one second later.
1333 if (sigalrm_received) {
1335 * Oh well. Just give up and quit.
1340 sigalrm_received = true;
1344 set_timeout(const struct conf *conf)
1346 struct sigaction sa;
1347 struct itimerval itv;
1350 if (conf->conf_timeout <= 0) {
1351 log_debugx("session timeout disabled");
1355 bzero(&sa, sizeof(sa));
1356 sa.sa_handler = sigalrm_handler;
1357 sigfillset(&sa.sa_mask);
1358 error = sigaction(SIGALRM, &sa, NULL);
1360 log_err(1, "sigaction");
1363 * First SIGALRM will arive after conf_timeout seconds.
1364 * If we do nothing, another one will arrive a second later.
1366 bzero(&itv, sizeof(itv));
1367 itv.it_interval.tv_sec = 1;
1368 itv.it_value.tv_sec = conf->conf_timeout;
1370 log_debugx("setting session timeout to %d seconds",
1371 conf->conf_timeout);
1372 error = setitimer(ITIMER_REAL, &itv, NULL);
1374 log_err(1, "setitimer");
1378 wait_for_children(bool block)
1386 * If "block" is true, wait for at least one process.
1388 if (block && num == 0)
1389 pid = wait4(-1, &status, 0, NULL);
1391 pid = wait4(-1, &status, WNOHANG, NULL);
1394 if (WIFSIGNALED(status)) {
1395 log_warnx("child process %d terminated with signal %d",
1396 pid, WTERMSIG(status));
1397 } else if (WEXITSTATUS(status) != 0) {
1398 log_warnx("child process %d terminated with exit status %d",
1399 pid, WEXITSTATUS(status));
1401 log_debugx("child process %d terminated gracefully", pid);
1410 handle_connection(struct portal *portal, int fd, bool dont_fork)
1412 struct connection *conn;
1413 #ifndef ICL_KERNEL_PROXY
1414 struct sockaddr_storage ss;
1415 socklen_t sslen = sizeof(ss);
1419 char host[NI_MAXHOST + 1];
1422 conf = portal->p_portal_group->pg_conf;
1425 log_debugx("incoming connection; not forking due to -d flag");
1427 nchildren -= wait_for_children(false);
1428 assert(nchildren >= 0);
1430 while (conf->conf_maxproc > 0 && nchildren >= conf->conf_maxproc) {
1431 log_debugx("maxproc limit of %d child processes hit; "
1432 "waiting for child process to exit", conf->conf_maxproc);
1433 nchildren -= wait_for_children(true);
1434 assert(nchildren >= 0);
1436 log_debugx("incoming connection; forking child process #%d",
1447 pidfile_close(conf->conf_pidfh);
1449 #ifdef ICL_KERNEL_PROXY
1453 log_set_peer_addr("XXX");
1455 error = getpeername(fd, (struct sockaddr *)&ss, &sslen);
1457 log_err(1, "getpeername");
1458 error = getnameinfo((struct sockaddr *)&ss, sslen,
1459 host, sizeof(host), NULL, 0, NI_NUMERICHOST);
1461 log_errx(1, "getaddrinfo: %s", gai_strerror(error));
1463 log_debugx("accepted connection from %s; portal group \"%s\"",
1464 host, portal->p_portal_group->pg_name);
1465 log_set_peer_addr(host);
1466 setproctitle("%s", host);
1469 conn = connection_new(portal, fd, host);
1473 if (conn->conn_session_type == CONN_SESSION_TYPE_NORMAL) {
1474 kernel_handoff(conn);
1475 log_debugx("connection handed off to the kernel");
1477 assert(conn->conn_session_type == CONN_SESSION_TYPE_DISCOVERY);
1480 log_debugx("nothing more to do; exiting");
1484 #ifndef ICL_KERNEL_PROXY
1486 fd_add(int fd, fd_set *fdset, int nfds)
1490 * Skip sockets which we failed to bind.
1503 main_loop(struct conf *conf, bool dont_fork)
1505 struct portal_group *pg;
1506 struct portal *portal;
1507 #ifdef ICL_KERNEL_PROXY
1511 int error, nfds, client_fd;
1514 pidfile_write(conf->conf_pidfh);
1517 if (sighup_received || sigterm_received)
1520 #ifdef ICL_KERNEL_PROXY
1521 connection_id = kernel_accept();
1522 if (connection_id == 0)
1526 * XXX: This is obviously temporary.
1528 pg = TAILQ_FIRST(&conf->conf_portal_groups);
1529 portal = TAILQ_FIRST(&pg->pg_portals);
1531 handle_connection(portal, connection_id, dont_fork);
1535 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) {
1536 TAILQ_FOREACH(portal, &pg->pg_portals, p_next)
1537 nfds = fd_add(portal->p_socket, &fdset, nfds);
1539 error = select(nfds + 1, &fdset, NULL, NULL, NULL);
1543 log_err(1, "select");
1545 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) {
1546 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) {
1547 if (!FD_ISSET(portal->p_socket, &fdset))
1549 client_fd = accept(portal->p_socket, NULL, 0);
1551 log_err(1, "accept");
1552 handle_connection(portal, client_fd, dont_fork);
1556 #endif /* !ICL_KERNEL_PROXY */
1561 sighup_handler(int dummy __unused)
1564 sighup_received = true;
1568 sigterm_handler(int dummy __unused)
1571 sigterm_received = true;
1575 register_signals(void)
1577 struct sigaction sa;
1580 bzero(&sa, sizeof(sa));
1581 sa.sa_handler = sighup_handler;
1582 sigfillset(&sa.sa_mask);
1583 error = sigaction(SIGHUP, &sa, NULL);
1585 log_err(1, "sigaction");
1587 sa.sa_handler = sigterm_handler;
1588 error = sigaction(SIGTERM, &sa, NULL);
1590 log_err(1, "sigaction");
1592 sa.sa_handler = sigterm_handler;
1593 error = sigaction(SIGINT, &sa, NULL);
1595 log_err(1, "sigaction");
1599 main(int argc, char **argv)
1601 struct conf *oldconf, *newconf, *tmpconf;
1602 const char *config_path = DEFAULT_CONFIG_PATH;
1603 int debug = 0, ch, error;
1604 bool dont_daemonize = false;
1606 while ((ch = getopt(argc, argv, "df:")) != -1) {
1609 dont_daemonize = true;
1613 config_path = optarg;
1627 oldconf = conf_new_from_kernel();
1628 newconf = conf_new_from_file(config_path);
1629 if (newconf == NULL)
1630 log_errx(1, "configuration error, exiting");
1632 oldconf->conf_debug = debug;
1633 newconf->conf_debug = debug;
1636 if (dont_daemonize == false) {
1637 if (daemon(0, 0) == -1) {
1638 log_warn("cannot daemonize");
1639 pidfile_remove(newconf->conf_pidfh);
1644 #ifdef ICL_KERNEL_PROXY
1645 log_debugx("enabling CTL iSCSI port");
1646 error = kernel_port_on();
1648 log_errx(1, "failed to enable CTL iSCSI port, exiting");
1651 error = conf_apply(oldconf, newconf);
1653 log_errx(1, "failed to apply configuration, exiting");
1654 conf_delete(oldconf);
1659 #ifndef ICL_KERNEL_PROXY
1660 log_debugx("enabling CTL iSCSI port");
1661 error = kernel_port_on();
1663 log_errx(1, "failed to enable CTL iSCSI port, exiting");
1667 main_loop(newconf, dont_daemonize);
1668 if (sighup_received) {
1669 sighup_received = false;
1670 log_debugx("received SIGHUP, reloading configuration");
1671 tmpconf = conf_new_from_file(config_path);
1672 if (tmpconf == NULL) {
1673 log_warnx("configuration error, "
1674 "continuing with old configuration");
1677 tmpconf->conf_debug = debug;
1680 error = conf_apply(oldconf, newconf);
1682 log_warnx("failed to reload "
1684 conf_delete(oldconf);
1687 } else if (sigterm_received) {
1688 log_debugx("exiting on signal; "
1689 "reloading empty configuration");
1691 log_debugx("disabling CTL iSCSI port "
1692 "and terminating all connections");
1693 error = kernel_port_off();
1695 log_warnx("failed to disable CTL iSCSI port");
1698 newconf = conf_new();
1700 newconf->conf_debug = debug;
1701 error = conf_apply(oldconf, newconf);
1703 log_warnx("failed to apply configuration");
1705 log_warnx("exiting on signal");
1708 nchildren -= wait_for_children(false);
1709 assert(nchildren >= 0);