iscsi_target_nego.c (36354B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/******************************************************************************* 3 * This file contains main functions related to iSCSI Parameter negotiation. 4 * 5 * (c) Copyright 2007-2013 Datera, Inc. 6 * 7 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> 8 * 9 ******************************************************************************/ 10 11#include <linux/ctype.h> 12#include <linux/kthread.h> 13#include <linux/slab.h> 14#include <linux/sched/signal.h> 15#include <net/sock.h> 16#include <scsi/iscsi_proto.h> 17#include <target/target_core_base.h> 18#include <target/target_core_fabric.h> 19#include <target/iscsi/iscsi_transport.h> 20 21#include <target/iscsi/iscsi_target_core.h> 22#include "iscsi_target_parameters.h" 23#include "iscsi_target_login.h" 24#include "iscsi_target_nego.h" 25#include "iscsi_target_tpg.h" 26#include "iscsi_target_util.h" 27#include "iscsi_target.h" 28#include "iscsi_target_auth.h" 29 30#define MAX_LOGIN_PDUS 7 31 32void convert_null_to_semi(char *buf, int len) 33{ 34 int i; 35 36 for (i = 0; i < len; i++) 37 if (buf[i] == '\0') 38 buf[i] = ';'; 39} 40 41static int strlen_semi(char *buf) 42{ 43 int i = 0; 44 45 while (buf[i] != '\0') { 46 if (buf[i] == ';') 47 return i; 48 i++; 49 } 50 51 return -1; 52} 53 54int extract_param( 55 const char *in_buf, 56 const char *pattern, 57 unsigned int max_length, 58 char *out_buf, 59 unsigned char *type) 60{ 61 char *ptr; 62 int len; 63 64 if (!in_buf || !pattern || !out_buf || !type) 65 return -1; 66 67 ptr = strstr(in_buf, pattern); 68 if (!ptr) 69 return -1; 70 71 ptr = strstr(ptr, "="); 72 if (!ptr) 73 return -1; 74 75 ptr += 1; 76 if (*ptr == '0' && (*(ptr+1) == 'x' || *(ptr+1) == 'X')) { 77 ptr += 2; /* skip 0x */ 78 *type = HEX; 79 } else 80 *type = DECIMAL; 81 82 len = strlen_semi(ptr); 83 if (len < 0) 84 return -1; 85 86 if (len >= max_length) { 87 pr_err("Length of input: %d exceeds max_length:" 88 " %d\n", len, max_length); 89 return -1; 90 } 91 memcpy(out_buf, ptr, len); 92 out_buf[len] = '\0'; 93 94 return 0; 95} 96 97static u32 iscsi_handle_authentication( 98 struct iscsit_conn *conn, 99 char *in_buf, 100 char *out_buf, 101 int in_length, 102 int *out_length, 103 unsigned char *authtype) 104{ 105 struct iscsit_session *sess = conn->sess; 106 struct iscsi_node_auth *auth; 107 struct iscsi_node_acl *iscsi_nacl; 108 struct iscsi_portal_group *iscsi_tpg; 109 struct se_node_acl *se_nacl; 110 111 if (!sess->sess_ops->SessionType) { 112 /* 113 * For SessionType=Normal 114 */ 115 se_nacl = conn->sess->se_sess->se_node_acl; 116 if (!se_nacl) { 117 pr_err("Unable to locate struct se_node_acl for" 118 " CHAP auth\n"); 119 return -1; 120 } 121 122 if (se_nacl->dynamic_node_acl) { 123 iscsi_tpg = container_of(se_nacl->se_tpg, 124 struct iscsi_portal_group, tpg_se_tpg); 125 126 auth = &iscsi_tpg->tpg_demo_auth; 127 } else { 128 iscsi_nacl = container_of(se_nacl, struct iscsi_node_acl, 129 se_node_acl); 130 131 auth = &iscsi_nacl->node_auth; 132 } 133 } else { 134 /* 135 * For SessionType=Discovery 136 */ 137 auth = &iscsit_global->discovery_acl.node_auth; 138 } 139 140 if (strstr("CHAP", authtype)) 141 strcpy(conn->sess->auth_type, "CHAP"); 142 else 143 strcpy(conn->sess->auth_type, NONE); 144 145 if (strstr("None", authtype)) 146 return 1; 147 else if (strstr("CHAP", authtype)) 148 return chap_main_loop(conn, auth, in_buf, out_buf, 149 &in_length, out_length); 150 /* SRP, SPKM1, SPKM2 and KRB5 are unsupported */ 151 return 2; 152} 153 154static void iscsi_remove_failed_auth_entry(struct iscsit_conn *conn) 155{ 156 kfree(conn->auth_protocol); 157} 158 159int iscsi_target_check_login_request( 160 struct iscsit_conn *conn, 161 struct iscsi_login *login) 162{ 163 int req_csg, req_nsg; 164 u32 payload_length; 165 struct iscsi_login_req *login_req; 166 167 login_req = (struct iscsi_login_req *) login->req; 168 payload_length = ntoh24(login_req->dlength); 169 170 switch (login_req->opcode & ISCSI_OPCODE_MASK) { 171 case ISCSI_OP_LOGIN: 172 break; 173 default: 174 pr_err("Received unknown opcode 0x%02x.\n", 175 login_req->opcode & ISCSI_OPCODE_MASK); 176 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 177 ISCSI_LOGIN_STATUS_INIT_ERR); 178 return -1; 179 } 180 181 if ((login_req->flags & ISCSI_FLAG_LOGIN_CONTINUE) && 182 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) { 183 pr_err("Login request has both ISCSI_FLAG_LOGIN_CONTINUE" 184 " and ISCSI_FLAG_LOGIN_TRANSIT set, protocol error.\n"); 185 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 186 ISCSI_LOGIN_STATUS_INIT_ERR); 187 return -1; 188 } 189 190 req_csg = ISCSI_LOGIN_CURRENT_STAGE(login_req->flags); 191 req_nsg = ISCSI_LOGIN_NEXT_STAGE(login_req->flags); 192 193 if (req_csg != login->current_stage) { 194 pr_err("Initiator unexpectedly changed login stage" 195 " from %d to %d, login failed.\n", login->current_stage, 196 req_csg); 197 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 198 ISCSI_LOGIN_STATUS_INIT_ERR); 199 return -1; 200 } 201 202 if ((req_nsg == 2) || (req_csg >= 2) || 203 ((login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT) && 204 (req_nsg <= req_csg))) { 205 pr_err("Illegal login_req->flags Combination, CSG: %d," 206 " NSG: %d, ISCSI_FLAG_LOGIN_TRANSIT: %d.\n", req_csg, 207 req_nsg, (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)); 208 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 209 ISCSI_LOGIN_STATUS_INIT_ERR); 210 return -1; 211 } 212 213 if ((login_req->max_version != login->version_max) || 214 (login_req->min_version != login->version_min)) { 215 pr_err("Login request changed Version Max/Nin" 216 " unexpectedly to 0x%02x/0x%02x, protocol error\n", 217 login_req->max_version, login_req->min_version); 218 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 219 ISCSI_LOGIN_STATUS_INIT_ERR); 220 return -1; 221 } 222 223 if (memcmp(login_req->isid, login->isid, 6) != 0) { 224 pr_err("Login request changed ISID unexpectedly," 225 " protocol error.\n"); 226 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 227 ISCSI_LOGIN_STATUS_INIT_ERR); 228 return -1; 229 } 230 231 if (login_req->itt != login->init_task_tag) { 232 pr_err("Login request changed ITT unexpectedly to" 233 " 0x%08x, protocol error.\n", login_req->itt); 234 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 235 ISCSI_LOGIN_STATUS_INIT_ERR); 236 return -1; 237 } 238 239 if (payload_length > MAX_KEY_VALUE_PAIRS) { 240 pr_err("Login request payload exceeds default" 241 " MaxRecvDataSegmentLength: %u, protocol error.\n", 242 MAX_KEY_VALUE_PAIRS); 243 return -1; 244 } 245 246 return 0; 247} 248EXPORT_SYMBOL(iscsi_target_check_login_request); 249 250static int iscsi_target_check_first_request( 251 struct iscsit_conn *conn, 252 struct iscsi_login *login) 253{ 254 struct iscsi_param *param = NULL; 255 struct se_node_acl *se_nacl; 256 257 login->first_request = 0; 258 259 list_for_each_entry(param, &conn->param_list->param_list, p_list) { 260 if (!strncmp(param->name, SESSIONTYPE, 11)) { 261 if (!IS_PSTATE_ACCEPTOR(param)) { 262 pr_err("SessionType key not received" 263 " in first login request.\n"); 264 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 265 ISCSI_LOGIN_STATUS_MISSING_FIELDS); 266 return -1; 267 } 268 if (!strncmp(param->value, DISCOVERY, 9)) 269 return 0; 270 } 271 272 if (!strncmp(param->name, INITIATORNAME, 13)) { 273 if (!IS_PSTATE_ACCEPTOR(param)) { 274 if (!login->leading_connection) 275 continue; 276 277 pr_err("InitiatorName key not received" 278 " in first login request.\n"); 279 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 280 ISCSI_LOGIN_STATUS_MISSING_FIELDS); 281 return -1; 282 } 283 284 /* 285 * For non-leading connections, double check that the 286 * received InitiatorName matches the existing session's 287 * struct iscsi_node_acl. 288 */ 289 if (!login->leading_connection) { 290 se_nacl = conn->sess->se_sess->se_node_acl; 291 if (!se_nacl) { 292 pr_err("Unable to locate" 293 " struct se_node_acl\n"); 294 iscsit_tx_login_rsp(conn, 295 ISCSI_STATUS_CLS_INITIATOR_ERR, 296 ISCSI_LOGIN_STATUS_TGT_NOT_FOUND); 297 return -1; 298 } 299 300 if (strcmp(param->value, 301 se_nacl->initiatorname)) { 302 pr_err("Incorrect" 303 " InitiatorName: %s for this" 304 " iSCSI Initiator Node.\n", 305 param->value); 306 iscsit_tx_login_rsp(conn, 307 ISCSI_STATUS_CLS_INITIATOR_ERR, 308 ISCSI_LOGIN_STATUS_TGT_NOT_FOUND); 309 return -1; 310 } 311 } 312 } 313 } 314 315 return 0; 316} 317 318static int iscsi_target_do_tx_login_io(struct iscsit_conn *conn, struct iscsi_login *login) 319{ 320 u32 padding = 0; 321 struct iscsi_login_rsp *login_rsp; 322 323 login_rsp = (struct iscsi_login_rsp *) login->rsp; 324 325 login_rsp->opcode = ISCSI_OP_LOGIN_RSP; 326 hton24(login_rsp->dlength, login->rsp_length); 327 memcpy(login_rsp->isid, login->isid, 6); 328 login_rsp->tsih = cpu_to_be16(login->tsih); 329 login_rsp->itt = login->init_task_tag; 330 login_rsp->statsn = cpu_to_be32(conn->stat_sn++); 331 login_rsp->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn); 332 login_rsp->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn)); 333 334 pr_debug("Sending Login Response, Flags: 0x%02x, ITT: 0x%08x," 335 " ExpCmdSN; 0x%08x, MaxCmdSN: 0x%08x, StatSN: 0x%08x, Length:" 336 " %u\n", login_rsp->flags, (__force u32)login_rsp->itt, 337 ntohl(login_rsp->exp_cmdsn), ntohl(login_rsp->max_cmdsn), 338 ntohl(login_rsp->statsn), login->rsp_length); 339 340 padding = ((-login->rsp_length) & 3); 341 /* 342 * Before sending the last login response containing the transition 343 * bit for full-feature-phase, go ahead and start up TX/RX threads 344 * now to avoid potential resource allocation failures after the 345 * final login response has been sent. 346 */ 347 if (login->login_complete) { 348 int rc = iscsit_start_kthreads(conn); 349 if (rc) { 350 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 351 ISCSI_LOGIN_STATUS_NO_RESOURCES); 352 return -1; 353 } 354 } 355 356 if (conn->conn_transport->iscsit_put_login_tx(conn, login, 357 login->rsp_length + padding) < 0) 358 goto err; 359 360 login->rsp_length = 0; 361 362 return 0; 363 364err: 365 if (login->login_complete) { 366 if (conn->rx_thread && conn->rx_thread_active) { 367 send_sig(SIGINT, conn->rx_thread, 1); 368 complete(&conn->rx_login_comp); 369 kthread_stop(conn->rx_thread); 370 } 371 if (conn->tx_thread && conn->tx_thread_active) { 372 send_sig(SIGINT, conn->tx_thread, 1); 373 kthread_stop(conn->tx_thread); 374 } 375 spin_lock(&iscsit_global->ts_bitmap_lock); 376 bitmap_release_region(iscsit_global->ts_bitmap, conn->bitmap_id, 377 get_order(1)); 378 spin_unlock(&iscsit_global->ts_bitmap_lock); 379 } 380 return -1; 381} 382 383static void iscsi_target_sk_data_ready(struct sock *sk) 384{ 385 struct iscsit_conn *conn = sk->sk_user_data; 386 bool rc; 387 388 pr_debug("Entering iscsi_target_sk_data_ready: conn: %p\n", conn); 389 390 write_lock_bh(&sk->sk_callback_lock); 391 if (!sk->sk_user_data) { 392 write_unlock_bh(&sk->sk_callback_lock); 393 return; 394 } 395 if (!test_bit(LOGIN_FLAGS_READY, &conn->login_flags)) { 396 write_unlock_bh(&sk->sk_callback_lock); 397 pr_debug("Got LOGIN_FLAGS_READY=0, conn: %p >>>>\n", conn); 398 return; 399 } 400 if (test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags)) { 401 write_unlock_bh(&sk->sk_callback_lock); 402 pr_debug("Got LOGIN_FLAGS_CLOSED=1, conn: %p >>>>\n", conn); 403 return; 404 } 405 if (test_and_set_bit(LOGIN_FLAGS_READ_ACTIVE, &conn->login_flags)) { 406 write_unlock_bh(&sk->sk_callback_lock); 407 pr_debug("Got LOGIN_FLAGS_READ_ACTIVE=1, conn: %p >>>>\n", conn); 408 if (iscsi_target_sk_data_ready == conn->orig_data_ready) 409 return; 410 conn->orig_data_ready(sk); 411 return; 412 } 413 414 rc = schedule_delayed_work(&conn->login_work, 0); 415 if (!rc) { 416 pr_debug("iscsi_target_sk_data_ready, schedule_delayed_work" 417 " got false\n"); 418 } 419 write_unlock_bh(&sk->sk_callback_lock); 420} 421 422static void iscsi_target_sk_state_change(struct sock *); 423 424static void iscsi_target_set_sock_callbacks(struct iscsit_conn *conn) 425{ 426 struct sock *sk; 427 428 if (!conn->sock) 429 return; 430 431 sk = conn->sock->sk; 432 pr_debug("Entering iscsi_target_set_sock_callbacks: conn: %p\n", conn); 433 434 write_lock_bh(&sk->sk_callback_lock); 435 sk->sk_user_data = conn; 436 conn->orig_data_ready = sk->sk_data_ready; 437 conn->orig_state_change = sk->sk_state_change; 438 sk->sk_data_ready = iscsi_target_sk_data_ready; 439 sk->sk_state_change = iscsi_target_sk_state_change; 440 write_unlock_bh(&sk->sk_callback_lock); 441 442 sk->sk_sndtimeo = TA_LOGIN_TIMEOUT * HZ; 443 sk->sk_rcvtimeo = TA_LOGIN_TIMEOUT * HZ; 444} 445 446static void iscsi_target_restore_sock_callbacks(struct iscsit_conn *conn) 447{ 448 struct sock *sk; 449 450 if (!conn->sock) 451 return; 452 453 sk = conn->sock->sk; 454 pr_debug("Entering iscsi_target_restore_sock_callbacks: conn: %p\n", conn); 455 456 write_lock_bh(&sk->sk_callback_lock); 457 if (!sk->sk_user_data) { 458 write_unlock_bh(&sk->sk_callback_lock); 459 return; 460 } 461 sk->sk_user_data = NULL; 462 sk->sk_data_ready = conn->orig_data_ready; 463 sk->sk_state_change = conn->orig_state_change; 464 write_unlock_bh(&sk->sk_callback_lock); 465 466 sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT; 467 sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT; 468} 469 470static int iscsi_target_do_login(struct iscsit_conn *, struct iscsi_login *); 471 472static bool __iscsi_target_sk_check_close(struct sock *sk) 473{ 474 if (sk->sk_state == TCP_CLOSE_WAIT || sk->sk_state == TCP_CLOSE) { 475 pr_debug("__iscsi_target_sk_check_close: TCP_CLOSE_WAIT|TCP_CLOSE," 476 "returning TRUE\n"); 477 return true; 478 } 479 return false; 480} 481 482static bool iscsi_target_sk_check_close(struct iscsit_conn *conn) 483{ 484 bool state = false; 485 486 if (conn->sock) { 487 struct sock *sk = conn->sock->sk; 488 489 read_lock_bh(&sk->sk_callback_lock); 490 state = (__iscsi_target_sk_check_close(sk) || 491 test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags)); 492 read_unlock_bh(&sk->sk_callback_lock); 493 } 494 return state; 495} 496 497static bool iscsi_target_sk_check_flag(struct iscsit_conn *conn, unsigned int flag) 498{ 499 bool state = false; 500 501 if (conn->sock) { 502 struct sock *sk = conn->sock->sk; 503 504 read_lock_bh(&sk->sk_callback_lock); 505 state = test_bit(flag, &conn->login_flags); 506 read_unlock_bh(&sk->sk_callback_lock); 507 } 508 return state; 509} 510 511static bool iscsi_target_sk_check_and_clear(struct iscsit_conn *conn, unsigned int flag) 512{ 513 bool state = false; 514 515 if (conn->sock) { 516 struct sock *sk = conn->sock->sk; 517 518 write_lock_bh(&sk->sk_callback_lock); 519 state = (__iscsi_target_sk_check_close(sk) || 520 test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags)); 521 if (!state) 522 clear_bit(flag, &conn->login_flags); 523 write_unlock_bh(&sk->sk_callback_lock); 524 } 525 return state; 526} 527 528static void iscsi_target_login_drop(struct iscsit_conn *conn, struct iscsi_login *login) 529{ 530 bool zero_tsih = login->zero_tsih; 531 532 iscsi_remove_failed_auth_entry(conn); 533 iscsi_target_nego_release(conn); 534 iscsi_target_login_sess_out(conn, zero_tsih, true); 535} 536 537struct conn_timeout { 538 struct timer_list timer; 539 struct iscsit_conn *conn; 540}; 541 542static void iscsi_target_login_timeout(struct timer_list *t) 543{ 544 struct conn_timeout *timeout = from_timer(timeout, t, timer); 545 struct iscsit_conn *conn = timeout->conn; 546 547 pr_debug("Entering iscsi_target_login_timeout >>>>>>>>>>>>>>>>>>>\n"); 548 549 if (conn->login_kworker) { 550 pr_debug("Sending SIGINT to conn->login_kworker %s/%d\n", 551 conn->login_kworker->comm, conn->login_kworker->pid); 552 send_sig(SIGINT, conn->login_kworker, 1); 553 } 554} 555 556static void iscsi_target_do_login_rx(struct work_struct *work) 557{ 558 struct iscsit_conn *conn = container_of(work, 559 struct iscsit_conn, login_work.work); 560 struct iscsi_login *login = conn->login; 561 struct iscsi_np *np = login->np; 562 struct iscsi_portal_group *tpg = conn->tpg; 563 struct iscsi_tpg_np *tpg_np = conn->tpg_np; 564 struct conn_timeout timeout; 565 int rc, zero_tsih = login->zero_tsih; 566 bool state; 567 568 pr_debug("entering iscsi_target_do_login_rx, conn: %p, %s:%d\n", 569 conn, current->comm, current->pid); 570 /* 571 * If iscsi_target_do_login_rx() has been invoked by ->sk_data_ready() 572 * before initial PDU processing in iscsi_target_start_negotiation() 573 * has completed, go ahead and retry until it's cleared. 574 * 575 * Otherwise if the TCP connection drops while this is occuring, 576 * iscsi_target_start_negotiation() will detect the failure, call 577 * cancel_delayed_work_sync(&conn->login_work), and cleanup the 578 * remaining iscsi connection resources from iscsi_np process context. 579 */ 580 if (iscsi_target_sk_check_flag(conn, LOGIN_FLAGS_INITIAL_PDU)) { 581 schedule_delayed_work(&conn->login_work, msecs_to_jiffies(10)); 582 return; 583 } 584 585 spin_lock(&tpg->tpg_state_lock); 586 state = (tpg->tpg_state == TPG_STATE_ACTIVE); 587 spin_unlock(&tpg->tpg_state_lock); 588 589 if (!state) { 590 pr_debug("iscsi_target_do_login_rx: tpg_state != TPG_STATE_ACTIVE\n"); 591 goto err; 592 } 593 594 if (iscsi_target_sk_check_close(conn)) { 595 pr_debug("iscsi_target_do_login_rx, TCP state CLOSE\n"); 596 goto err; 597 } 598 599 conn->login_kworker = current; 600 allow_signal(SIGINT); 601 602 timeout.conn = conn; 603 timer_setup_on_stack(&timeout.timer, iscsi_target_login_timeout, 0); 604 mod_timer(&timeout.timer, jiffies + TA_LOGIN_TIMEOUT * HZ); 605 pr_debug("Starting login timer for %s/%d\n", current->comm, current->pid); 606 607 rc = conn->conn_transport->iscsit_get_login_rx(conn, login); 608 del_timer_sync(&timeout.timer); 609 destroy_timer_on_stack(&timeout.timer); 610 flush_signals(current); 611 conn->login_kworker = NULL; 612 613 if (rc < 0) 614 goto err; 615 616 pr_debug("iscsi_target_do_login_rx after rx_login_io, %p, %s:%d\n", 617 conn, current->comm, current->pid); 618 619 /* 620 * LOGIN_FLAGS_READ_ACTIVE is cleared so that sk_data_ready 621 * could be triggered again after this. 622 * 623 * LOGIN_FLAGS_WRITE_ACTIVE is cleared after we successfully 624 * process a login PDU, so that sk_state_chage can do login 625 * cleanup as needed if the socket is closed. If a delayed work is 626 * ongoing (LOGIN_FLAGS_WRITE_ACTIVE or LOGIN_FLAGS_READ_ACTIVE), 627 * sk_state_change will leave the cleanup to the delayed work or 628 * it will schedule a delayed work to do cleanup. 629 */ 630 if (conn->sock) { 631 struct sock *sk = conn->sock->sk; 632 633 write_lock_bh(&sk->sk_callback_lock); 634 if (!test_bit(LOGIN_FLAGS_INITIAL_PDU, &conn->login_flags)) { 635 clear_bit(LOGIN_FLAGS_READ_ACTIVE, &conn->login_flags); 636 set_bit(LOGIN_FLAGS_WRITE_ACTIVE, &conn->login_flags); 637 } 638 write_unlock_bh(&sk->sk_callback_lock); 639 } 640 641 rc = iscsi_target_do_login(conn, login); 642 if (rc < 0) { 643 goto err; 644 } else if (!rc) { 645 if (iscsi_target_sk_check_and_clear(conn, 646 LOGIN_FLAGS_WRITE_ACTIVE)) 647 goto err; 648 } else if (rc == 1) { 649 cancel_delayed_work(&conn->login_work); 650 iscsi_target_nego_release(conn); 651 iscsi_post_login_handler(np, conn, zero_tsih); 652 iscsit_deaccess_np(np, tpg, tpg_np); 653 } 654 return; 655 656err: 657 iscsi_target_restore_sock_callbacks(conn); 658 cancel_delayed_work(&conn->login_work); 659 iscsi_target_login_drop(conn, login); 660 iscsit_deaccess_np(np, tpg, tpg_np); 661} 662 663static void iscsi_target_sk_state_change(struct sock *sk) 664{ 665 struct iscsit_conn *conn; 666 void (*orig_state_change)(struct sock *); 667 bool state; 668 669 pr_debug("Entering iscsi_target_sk_state_change\n"); 670 671 write_lock_bh(&sk->sk_callback_lock); 672 conn = sk->sk_user_data; 673 if (!conn) { 674 write_unlock_bh(&sk->sk_callback_lock); 675 return; 676 } 677 orig_state_change = conn->orig_state_change; 678 679 if (!test_bit(LOGIN_FLAGS_READY, &conn->login_flags)) { 680 pr_debug("Got LOGIN_FLAGS_READY=0 sk_state_change conn: %p\n", 681 conn); 682 write_unlock_bh(&sk->sk_callback_lock); 683 orig_state_change(sk); 684 return; 685 } 686 state = __iscsi_target_sk_check_close(sk); 687 pr_debug("__iscsi_target_sk_close_change: state: %d\n", state); 688 689 if (test_bit(LOGIN_FLAGS_READ_ACTIVE, &conn->login_flags) || 690 test_bit(LOGIN_FLAGS_WRITE_ACTIVE, &conn->login_flags)) { 691 pr_debug("Got LOGIN_FLAGS_{READ|WRITE}_ACTIVE=1" 692 " sk_state_change conn: %p\n", conn); 693 if (state) 694 set_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags); 695 write_unlock_bh(&sk->sk_callback_lock); 696 orig_state_change(sk); 697 return; 698 } 699 if (test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags)) { 700 pr_debug("Got LOGIN_FLAGS_CLOSED=1 sk_state_change conn: %p\n", 701 conn); 702 write_unlock_bh(&sk->sk_callback_lock); 703 orig_state_change(sk); 704 return; 705 } 706 /* 707 * If the TCP connection has dropped, go ahead and set LOGIN_FLAGS_CLOSED, 708 * but only queue conn->login_work -> iscsi_target_do_login_rx() 709 * processing if LOGIN_FLAGS_INITIAL_PDU has already been cleared. 710 * 711 * When iscsi_target_do_login_rx() runs, iscsi_target_sk_check_close() 712 * will detect the dropped TCP connection from delayed workqueue context. 713 * 714 * If LOGIN_FLAGS_INITIAL_PDU is still set, which means the initial 715 * iscsi_target_start_negotiation() is running, iscsi_target_do_login() 716 * via iscsi_target_sk_check_close() or iscsi_target_start_negotiation() 717 * via iscsi_target_sk_check_and_clear() is responsible for detecting the 718 * dropped TCP connection in iscsi_np process context, and cleaning up 719 * the remaining iscsi connection resources. 720 */ 721 if (state) { 722 pr_debug("iscsi_target_sk_state_change got failed state\n"); 723 set_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags); 724 state = test_bit(LOGIN_FLAGS_INITIAL_PDU, &conn->login_flags); 725 write_unlock_bh(&sk->sk_callback_lock); 726 727 orig_state_change(sk); 728 729 if (!state) 730 schedule_delayed_work(&conn->login_work, 0); 731 return; 732 } 733 write_unlock_bh(&sk->sk_callback_lock); 734 735 orig_state_change(sk); 736} 737 738/* 739 * NOTE: We check for existing sessions or connections AFTER the initiator 740 * has been successfully authenticated in order to protect against faked 741 * ISID/TSIH combinations. 742 */ 743static int iscsi_target_check_for_existing_instances( 744 struct iscsit_conn *conn, 745 struct iscsi_login *login) 746{ 747 if (login->checked_for_existing) 748 return 0; 749 750 login->checked_for_existing = 1; 751 752 if (!login->tsih) 753 return iscsi_check_for_session_reinstatement(conn); 754 else 755 return iscsi_login_post_auth_non_zero_tsih(conn, login->cid, 756 login->initial_exp_statsn); 757} 758 759static int iscsi_target_do_authentication( 760 struct iscsit_conn *conn, 761 struct iscsi_login *login) 762{ 763 int authret; 764 u32 payload_length; 765 struct iscsi_param *param; 766 struct iscsi_login_req *login_req; 767 struct iscsi_login_rsp *login_rsp; 768 769 login_req = (struct iscsi_login_req *) login->req; 770 login_rsp = (struct iscsi_login_rsp *) login->rsp; 771 payload_length = ntoh24(login_req->dlength); 772 773 param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list); 774 if (!param) 775 return -1; 776 777 authret = iscsi_handle_authentication( 778 conn, 779 login->req_buf, 780 login->rsp_buf, 781 payload_length, 782 &login->rsp_length, 783 param->value); 784 switch (authret) { 785 case 0: 786 pr_debug("Received OK response" 787 " from LIO Authentication, continuing.\n"); 788 break; 789 case 1: 790 pr_debug("iSCSI security negotiation" 791 " completed successfully.\n"); 792 login->auth_complete = 1; 793 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE1) && 794 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) { 795 login_rsp->flags |= (ISCSI_FLAG_LOGIN_NEXT_STAGE1 | 796 ISCSI_FLAG_LOGIN_TRANSIT); 797 login->current_stage = 1; 798 } 799 return iscsi_target_check_for_existing_instances( 800 conn, login); 801 case 2: 802 pr_err("Security negotiation" 803 " failed.\n"); 804 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 805 ISCSI_LOGIN_STATUS_AUTH_FAILED); 806 return -1; 807 default: 808 pr_err("Received unknown error %d from LIO" 809 " Authentication\n", authret); 810 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 811 ISCSI_LOGIN_STATUS_TARGET_ERROR); 812 return -1; 813 } 814 815 return 0; 816} 817 818static int iscsi_target_handle_csg_zero( 819 struct iscsit_conn *conn, 820 struct iscsi_login *login) 821{ 822 int ret; 823 u32 payload_length; 824 struct iscsi_param *param; 825 struct iscsi_login_req *login_req; 826 struct iscsi_login_rsp *login_rsp; 827 828 login_req = (struct iscsi_login_req *) login->req; 829 login_rsp = (struct iscsi_login_rsp *) login->rsp; 830 payload_length = ntoh24(login_req->dlength); 831 832 param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list); 833 if (!param) 834 return -1; 835 836 ret = iscsi_decode_text_input( 837 PHASE_SECURITY|PHASE_DECLARATIVE, 838 SENDER_INITIATOR|SENDER_RECEIVER, 839 login->req_buf, 840 payload_length, 841 conn); 842 if (ret < 0) 843 return -1; 844 845 if (ret > 0) { 846 if (login->auth_complete) { 847 pr_err("Initiator has already been" 848 " successfully authenticated, but is still" 849 " sending %s keys.\n", param->value); 850 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 851 ISCSI_LOGIN_STATUS_INIT_ERR); 852 return -1; 853 } 854 855 goto do_auth; 856 } else if (!payload_length) { 857 pr_err("Initiator sent zero length security payload," 858 " login failed\n"); 859 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 860 ISCSI_LOGIN_STATUS_AUTH_FAILED); 861 return -1; 862 } 863 864 if (login->first_request) 865 if (iscsi_target_check_first_request(conn, login) < 0) 866 return -1; 867 868 ret = iscsi_encode_text_output( 869 PHASE_SECURITY|PHASE_DECLARATIVE, 870 SENDER_TARGET, 871 login->rsp_buf, 872 &login->rsp_length, 873 conn->param_list, 874 conn->tpg->tpg_attrib.login_keys_workaround); 875 if (ret < 0) 876 return -1; 877 878 if (!iscsi_check_negotiated_keys(conn->param_list)) { 879 if (conn->tpg->tpg_attrib.authentication && 880 !strncmp(param->value, NONE, 4)) { 881 pr_err("Initiator sent AuthMethod=None but" 882 " Target is enforcing iSCSI Authentication," 883 " login failed.\n"); 884 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 885 ISCSI_LOGIN_STATUS_AUTH_FAILED); 886 return -1; 887 } 888 889 if (conn->tpg->tpg_attrib.authentication && 890 !login->auth_complete) 891 return 0; 892 893 if (strncmp(param->value, NONE, 4) && !login->auth_complete) 894 return 0; 895 896 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE1) && 897 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) { 898 login_rsp->flags |= ISCSI_FLAG_LOGIN_NEXT_STAGE1 | 899 ISCSI_FLAG_LOGIN_TRANSIT; 900 login->current_stage = 1; 901 } 902 } 903 904 return 0; 905do_auth: 906 return iscsi_target_do_authentication(conn, login); 907} 908 909static int iscsi_target_handle_csg_one(struct iscsit_conn *conn, struct iscsi_login *login) 910{ 911 int ret; 912 u32 payload_length; 913 struct iscsi_login_req *login_req; 914 struct iscsi_login_rsp *login_rsp; 915 916 login_req = (struct iscsi_login_req *) login->req; 917 login_rsp = (struct iscsi_login_rsp *) login->rsp; 918 payload_length = ntoh24(login_req->dlength); 919 920 ret = iscsi_decode_text_input( 921 PHASE_OPERATIONAL|PHASE_DECLARATIVE, 922 SENDER_INITIATOR|SENDER_RECEIVER, 923 login->req_buf, 924 payload_length, 925 conn); 926 if (ret < 0) { 927 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 928 ISCSI_LOGIN_STATUS_INIT_ERR); 929 return -1; 930 } 931 932 if (login->first_request) 933 if (iscsi_target_check_first_request(conn, login) < 0) 934 return -1; 935 936 if (iscsi_target_check_for_existing_instances(conn, login) < 0) 937 return -1; 938 939 ret = iscsi_encode_text_output( 940 PHASE_OPERATIONAL|PHASE_DECLARATIVE, 941 SENDER_TARGET, 942 login->rsp_buf, 943 &login->rsp_length, 944 conn->param_list, 945 conn->tpg->tpg_attrib.login_keys_workaround); 946 if (ret < 0) { 947 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 948 ISCSI_LOGIN_STATUS_INIT_ERR); 949 return -1; 950 } 951 952 if (!login->auth_complete && 953 conn->tpg->tpg_attrib.authentication) { 954 pr_err("Initiator is requesting CSG: 1, has not been" 955 " successfully authenticated, and the Target is" 956 " enforcing iSCSI Authentication, login failed.\n"); 957 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 958 ISCSI_LOGIN_STATUS_AUTH_FAILED); 959 return -1; 960 } 961 962 if (!iscsi_check_negotiated_keys(conn->param_list)) 963 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE3) && 964 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) 965 login_rsp->flags |= ISCSI_FLAG_LOGIN_NEXT_STAGE3 | 966 ISCSI_FLAG_LOGIN_TRANSIT; 967 968 return 0; 969} 970 971static int iscsi_target_do_login(struct iscsit_conn *conn, struct iscsi_login *login) 972{ 973 int pdu_count = 0; 974 struct iscsi_login_req *login_req; 975 struct iscsi_login_rsp *login_rsp; 976 977 login_req = (struct iscsi_login_req *) login->req; 978 login_rsp = (struct iscsi_login_rsp *) login->rsp; 979 980 while (1) { 981 if (++pdu_count > MAX_LOGIN_PDUS) { 982 pr_err("MAX_LOGIN_PDUS count reached.\n"); 983 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 984 ISCSI_LOGIN_STATUS_TARGET_ERROR); 985 return -1; 986 } 987 988 switch (ISCSI_LOGIN_CURRENT_STAGE(login_req->flags)) { 989 case 0: 990 login_rsp->flags &= ~ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK; 991 if (iscsi_target_handle_csg_zero(conn, login) < 0) 992 return -1; 993 break; 994 case 1: 995 login_rsp->flags |= ISCSI_FLAG_LOGIN_CURRENT_STAGE1; 996 if (iscsi_target_handle_csg_one(conn, login) < 0) 997 return -1; 998 if (login_rsp->flags & ISCSI_FLAG_LOGIN_TRANSIT) { 999 /* 1000 * Check to make sure the TCP connection has not 1001 * dropped asynchronously while session reinstatement 1002 * was occuring in this kthread context, before 1003 * transitioning to full feature phase operation. 1004 */ 1005 if (iscsi_target_sk_check_close(conn)) 1006 return -1; 1007 1008 login->tsih = conn->sess->tsih; 1009 login->login_complete = 1; 1010 iscsi_target_restore_sock_callbacks(conn); 1011 if (iscsi_target_do_tx_login_io(conn, 1012 login) < 0) 1013 return -1; 1014 return 1; 1015 } 1016 break; 1017 default: 1018 pr_err("Illegal CSG: %d received from" 1019 " Initiator, protocol error.\n", 1020 ISCSI_LOGIN_CURRENT_STAGE(login_req->flags)); 1021 break; 1022 } 1023 1024 if (iscsi_target_do_tx_login_io(conn, login) < 0) 1025 return -1; 1026 1027 if (login_rsp->flags & ISCSI_FLAG_LOGIN_TRANSIT) { 1028 login_rsp->flags &= ~ISCSI_FLAG_LOGIN_TRANSIT; 1029 login_rsp->flags &= ~ISCSI_FLAG_LOGIN_NEXT_STAGE_MASK; 1030 } 1031 break; 1032 } 1033 1034 return 0; 1035} 1036 1037static void iscsi_initiatorname_tolower( 1038 char *param_buf) 1039{ 1040 char *c; 1041 u32 iqn_size = strlen(param_buf), i; 1042 1043 for (i = 0; i < iqn_size; i++) { 1044 c = ¶m_buf[i]; 1045 if (!isupper(*c)) 1046 continue; 1047 1048 *c = tolower(*c); 1049 } 1050} 1051 1052/* 1053 * Processes the first Login Request.. 1054 */ 1055int iscsi_target_locate_portal( 1056 struct iscsi_np *np, 1057 struct iscsit_conn *conn, 1058 struct iscsi_login *login) 1059{ 1060 char *i_buf = NULL, *s_buf = NULL, *t_buf = NULL; 1061 char *tmpbuf, *start = NULL, *end = NULL, *key, *value; 1062 struct iscsit_session *sess = conn->sess; 1063 struct iscsi_tiqn *tiqn; 1064 struct iscsi_tpg_np *tpg_np = NULL; 1065 struct iscsi_login_req *login_req; 1066 struct se_node_acl *se_nacl; 1067 u32 payload_length, queue_depth = 0; 1068 int sessiontype = 0, ret = 0, tag_num, tag_size; 1069 1070 INIT_DELAYED_WORK(&conn->login_work, iscsi_target_do_login_rx); 1071 iscsi_target_set_sock_callbacks(conn); 1072 1073 login->np = np; 1074 1075 login_req = (struct iscsi_login_req *) login->req; 1076 payload_length = ntoh24(login_req->dlength); 1077 1078 tmpbuf = kmemdup_nul(login->req_buf, payload_length, GFP_KERNEL); 1079 if (!tmpbuf) { 1080 pr_err("Unable to allocate memory for tmpbuf.\n"); 1081 return -1; 1082 } 1083 1084 start = tmpbuf; 1085 end = (start + payload_length); 1086 1087 /* 1088 * Locate the initial keys expected from the Initiator node in 1089 * the first login request in order to progress with the login phase. 1090 */ 1091 while (start < end) { 1092 if (iscsi_extract_key_value(start, &key, &value) < 0) { 1093 ret = -1; 1094 goto out; 1095 } 1096 1097 if (!strncmp(key, "InitiatorName", 13)) 1098 i_buf = value; 1099 else if (!strncmp(key, "SessionType", 11)) 1100 s_buf = value; 1101 else if (!strncmp(key, "TargetName", 10)) 1102 t_buf = value; 1103 1104 start += strlen(key) + strlen(value) + 2; 1105 } 1106 /* 1107 * See 5.3. Login Phase. 1108 */ 1109 if (!i_buf) { 1110 pr_err("InitiatorName key not received" 1111 " in first login request.\n"); 1112 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 1113 ISCSI_LOGIN_STATUS_MISSING_FIELDS); 1114 ret = -1; 1115 goto out; 1116 } 1117 /* 1118 * Convert the incoming InitiatorName to lowercase following 1119 * RFC-3720 3.2.6.1. section c) that says that iSCSI IQNs 1120 * are NOT case sensitive. 1121 */ 1122 iscsi_initiatorname_tolower(i_buf); 1123 1124 if (!s_buf) { 1125 if (!login->leading_connection) 1126 goto get_target; 1127 1128 pr_err("SessionType key not received" 1129 " in first login request.\n"); 1130 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 1131 ISCSI_LOGIN_STATUS_MISSING_FIELDS); 1132 ret = -1; 1133 goto out; 1134 } 1135 1136 /* 1137 * Use default portal group for discovery sessions. 1138 */ 1139 sessiontype = strncmp(s_buf, DISCOVERY, 9); 1140 if (!sessiontype) { 1141 conn->tpg = iscsit_global->discovery_tpg; 1142 if (!login->leading_connection) 1143 goto get_target; 1144 1145 sess->sess_ops->SessionType = 1; 1146 /* 1147 * Setup crc32c modules from libcrypto 1148 */ 1149 if (iscsi_login_setup_crypto(conn) < 0) { 1150 pr_err("iscsi_login_setup_crypto() failed\n"); 1151 ret = -1; 1152 goto out; 1153 } 1154 /* 1155 * Serialize access across the discovery struct iscsi_portal_group to 1156 * process login attempt. 1157 */ 1158 if (iscsit_access_np(np, conn->tpg) < 0) { 1159 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 1160 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE); 1161 ret = -1; 1162 goto out; 1163 } 1164 ret = 0; 1165 goto alloc_tags; 1166 } 1167 1168get_target: 1169 if (!t_buf) { 1170 pr_err("TargetName key not received" 1171 " in first login request while" 1172 " SessionType=Normal.\n"); 1173 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 1174 ISCSI_LOGIN_STATUS_MISSING_FIELDS); 1175 ret = -1; 1176 goto out; 1177 } 1178 1179 /* 1180 * Locate Target IQN from Storage Node. 1181 */ 1182 tiqn = iscsit_get_tiqn_for_login(t_buf); 1183 if (!tiqn) { 1184 pr_err("Unable to locate Target IQN: %s in" 1185 " Storage Node\n", t_buf); 1186 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 1187 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE); 1188 ret = -1; 1189 goto out; 1190 } 1191 pr_debug("Located Storage Object: %s\n", tiqn->tiqn); 1192 1193 /* 1194 * Locate Target Portal Group from Storage Node. 1195 */ 1196 conn->tpg = iscsit_get_tpg_from_np(tiqn, np, &tpg_np); 1197 if (!conn->tpg) { 1198 pr_err("Unable to locate Target Portal Group" 1199 " on %s\n", tiqn->tiqn); 1200 iscsit_put_tiqn_for_login(tiqn); 1201 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 1202 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE); 1203 ret = -1; 1204 goto out; 1205 } 1206 conn->tpg_np = tpg_np; 1207 pr_debug("Located Portal Group Object: %hu\n", conn->tpg->tpgt); 1208 /* 1209 * Setup crc32c modules from libcrypto 1210 */ 1211 if (iscsi_login_setup_crypto(conn) < 0) { 1212 pr_err("iscsi_login_setup_crypto() failed\n"); 1213 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 1214 iscsit_put_tiqn_for_login(tiqn); 1215 conn->tpg = NULL; 1216 ret = -1; 1217 goto out; 1218 } 1219 /* 1220 * Serialize access across the struct iscsi_portal_group to 1221 * process login attempt. 1222 */ 1223 if (iscsit_access_np(np, conn->tpg) < 0) { 1224 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put); 1225 iscsit_put_tiqn_for_login(tiqn); 1226 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 1227 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE); 1228 conn->tpg = NULL; 1229 ret = -1; 1230 goto out; 1231 } 1232 1233 /* 1234 * conn->sess->node_acl will be set when the referenced 1235 * struct iscsit_session is located from received ISID+TSIH in 1236 * iscsi_login_non_zero_tsih_s2(). 1237 */ 1238 if (!login->leading_connection) { 1239 ret = 0; 1240 goto out; 1241 } 1242 1243 /* 1244 * This value is required in iscsi_login_zero_tsih_s2() 1245 */ 1246 sess->sess_ops->SessionType = 0; 1247 1248 /* 1249 * Locate incoming Initiator IQN reference from Storage Node. 1250 */ 1251 sess->se_sess->se_node_acl = core_tpg_check_initiator_node_acl( 1252 &conn->tpg->tpg_se_tpg, i_buf); 1253 if (!sess->se_sess->se_node_acl) { 1254 pr_err("iSCSI Initiator Node: %s is not authorized to" 1255 " access iSCSI target portal group: %hu.\n", 1256 i_buf, conn->tpg->tpgt); 1257 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, 1258 ISCSI_LOGIN_STATUS_TGT_FORBIDDEN); 1259 ret = -1; 1260 goto out; 1261 } 1262 se_nacl = sess->se_sess->se_node_acl; 1263 queue_depth = se_nacl->queue_depth; 1264 /* 1265 * Setup pre-allocated tags based upon allowed per NodeACL CmdSN 1266 * depth for non immediate commands, plus extra tags for immediate 1267 * commands. 1268 * 1269 * Also enforce a ISCSIT_MIN_TAGS to prevent unnecessary contention 1270 * in per-cpu-ida tag allocation logic + small queue_depth. 1271 */ 1272alloc_tags: 1273 tag_num = max_t(u32, ISCSIT_MIN_TAGS, queue_depth); 1274 tag_num = (tag_num * 2) + ISCSIT_EXTRA_TAGS; 1275 tag_size = sizeof(struct iscsit_cmd) + conn->conn_transport->priv_size; 1276 1277 ret = transport_alloc_session_tags(sess->se_sess, tag_num, tag_size); 1278 if (ret < 0) { 1279 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, 1280 ISCSI_LOGIN_STATUS_NO_RESOURCES); 1281 ret = -1; 1282 } 1283out: 1284 kfree(tmpbuf); 1285 return ret; 1286} 1287 1288int iscsi_target_start_negotiation( 1289 struct iscsi_login *login, 1290 struct iscsit_conn *conn) 1291{ 1292 int ret; 1293 1294 if (conn->sock) { 1295 struct sock *sk = conn->sock->sk; 1296 1297 write_lock_bh(&sk->sk_callback_lock); 1298 set_bit(LOGIN_FLAGS_READY, &conn->login_flags); 1299 set_bit(LOGIN_FLAGS_INITIAL_PDU, &conn->login_flags); 1300 write_unlock_bh(&sk->sk_callback_lock); 1301 } 1302 /* 1303 * If iscsi_target_do_login returns zero to signal more PDU 1304 * exchanges are required to complete the login, go ahead and 1305 * clear LOGIN_FLAGS_INITIAL_PDU but only if the TCP connection 1306 * is still active. 1307 * 1308 * Otherwise if TCP connection dropped asynchronously, go ahead 1309 * and perform connection cleanup now. 1310 */ 1311 ret = iscsi_target_do_login(conn, login); 1312 if (!ret && iscsi_target_sk_check_and_clear(conn, LOGIN_FLAGS_INITIAL_PDU)) 1313 ret = -1; 1314 1315 if (ret < 0) { 1316 cancel_delayed_work_sync(&conn->login_work); 1317 iscsi_target_restore_sock_callbacks(conn); 1318 iscsi_remove_failed_auth_entry(conn); 1319 } 1320 if (ret != 0) 1321 iscsi_target_nego_release(conn); 1322 1323 return ret; 1324} 1325 1326void iscsi_target_nego_release(struct iscsit_conn *conn) 1327{ 1328 struct iscsi_login *login = conn->conn_login; 1329 1330 if (!login) 1331 return; 1332 1333 kfree(login->req_buf); 1334 kfree(login->rsp_buf); 1335 kfree(login); 1336 1337 conn->conn_login = NULL; 1338}