drivers/scsi/libiscsi.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * iSCSI lib functions
0004  *
0005  * Copyright (C) 2006 Red Hat, Inc.  All rights reserved.
0006  * Copyright (C) 2004 - 2006 Mike Christie
0007  * Copyright (C) 2004 - 2005 Dmitry Yusupov
0008  * Copyright (C) 2004 - 2005 Alex Aizman
0009  * maintained by open-iscsi@googlegroups.com
0010  */
0011 #include <linux/types.h>
0012 #include <linux/kfifo.h>
0013 #include <linux/delay.h>
0014 #include <linux/log2.h>
0015 #include <linux/slab.h>
0016 #include <linux/sched/signal.h>
0017 #include <linux/module.h>
0018 #include <asm/unaligned.h>
0019 #include <net/tcp.h>
0020 #include <scsi/scsi_cmnd.h>
0021 #include <scsi/scsi_device.h>
0022 #include <scsi/scsi_eh.h>
0023 #include <scsi/scsi_tcq.h>
0024 #include <scsi/scsi_host.h>
0025 #include <scsi/scsi.h>
0026 #include <scsi/iscsi_proto.h>
0027 #include <scsi/scsi_transport.h>
0028 #include <scsi/scsi_transport_iscsi.h>
0029 #include <scsi/libiscsi.h>
0030 #include <trace/events/iscsi.h>
0031
0032 static int iscsi_dbg_lib_conn;
0033 module_param_named(debug_libiscsi_conn, iscsi_dbg_lib_conn, int,
0034            S_IRUGO | S_IWUSR);
0035 MODULE_PARM_DESC(debug_libiscsi_conn,
0036          "Turn on debugging for connections in libiscsi module. "
0037          "Set to 1 to turn on, and zero to turn off. Default is off.");
0038
0039 static int iscsi_dbg_lib_session;
0040 module_param_named(debug_libiscsi_session, iscsi_dbg_lib_session, int,
0041            S_IRUGO | S_IWUSR);
0042 MODULE_PARM_DESC(debug_libiscsi_session,
0043          "Turn on debugging for sessions in libiscsi module. "
0044          "Set to 1 to turn on, and zero to turn off. Default is off.");
0045
0046 static int iscsi_dbg_lib_eh;
0047 module_param_named(debug_libiscsi_eh, iscsi_dbg_lib_eh, int,
0048            S_IRUGO | S_IWUSR);
0049 MODULE_PARM_DESC(debug_libiscsi_eh,
0050          "Turn on debugging for error handling in libiscsi module. "
0051          "Set to 1 to turn on, and zero to turn off. Default is off.");
0052
0053 #define ISCSI_DBG_CONN(_conn, dbg_fmt, arg...)          \
0054     do {                            \
0055         if (iscsi_dbg_lib_conn)             \
0056             iscsi_conn_printk(KERN_INFO, _conn, \
0057                          "%s " dbg_fmt, \
0058                          __func__, ##arg);  \
0059         iscsi_dbg_trace(trace_iscsi_dbg_conn,       \
0060                 &(_conn)->cls_conn->dev,    \
0061                 "%s " dbg_fmt, __func__, ##arg);\
0062     } while (0);
0063
0064 #define ISCSI_DBG_SESSION(_session, dbg_fmt, arg...)            \
0065     do {                                \
0066         if (iscsi_dbg_lib_session)              \
0067             iscsi_session_printk(KERN_INFO, _session,   \
0068                          "%s " dbg_fmt,     \
0069                          __func__, ##arg);      \
0070         iscsi_dbg_trace(trace_iscsi_dbg_session,        \
0071                 &(_session)->cls_session->dev,      \
0072                 "%s " dbg_fmt, __func__, ##arg);    \
0073     } while (0);
0074
0075 #define ISCSI_DBG_EH(_session, dbg_fmt, arg...)             \
0076     do {                                \
0077         if (iscsi_dbg_lib_eh)                   \
0078             iscsi_session_printk(KERN_INFO, _session,   \
0079                          "%s " dbg_fmt,     \
0080                          __func__, ##arg);      \
0081         iscsi_dbg_trace(trace_iscsi_dbg_eh,         \
0082                 &(_session)->cls_session->dev,      \
0083                 "%s " dbg_fmt, __func__, ##arg);    \
0084     } while (0);
0085
0086 #define ISCSI_CMD_COMPL_WAIT 5
0087
0088 inline void iscsi_conn_queue_xmit(struct iscsi_conn *conn)
0089 {
0090     struct Scsi_Host *shost = conn->session->host;
0091     struct iscsi_host *ihost = shost_priv(shost);
0092
0093     if (ihost->workq)
0094         queue_work(ihost->workq, &conn->xmitwork);
0095 }
0096 EXPORT_SYMBOL_GPL(iscsi_conn_queue_xmit);
0097
0098 inline void iscsi_conn_queue_recv(struct iscsi_conn *conn)
0099 {
0100     struct Scsi_Host *shost = conn->session->host;
0101     struct iscsi_host *ihost = shost_priv(shost);
0102
0103     if (ihost->workq && !test_bit(ISCSI_CONN_FLAG_SUSPEND_RX, &conn->flags))
0104         queue_work(ihost->workq, &conn->recvwork);
0105 }
0106 EXPORT_SYMBOL_GPL(iscsi_conn_queue_recv);
0107
0108 static void __iscsi_update_cmdsn(struct iscsi_session *session,
0109                  uint32_t exp_cmdsn, uint32_t max_cmdsn)
0110 {
0111     /*
0112      * standard specifies this check for when to update expected and
0113      * max sequence numbers
0114      */
0115     if (iscsi_sna_lt(max_cmdsn, exp_cmdsn - 1))
0116         return;
0117
0118     if (exp_cmdsn != session->exp_cmdsn &&
0119         !iscsi_sna_lt(exp_cmdsn, session->exp_cmdsn))
0120         session->exp_cmdsn = exp_cmdsn;
0121
0122     if (max_cmdsn != session->max_cmdsn &&
0123         !iscsi_sna_lt(max_cmdsn, session->max_cmdsn))
0124         session->max_cmdsn = max_cmdsn;
0125 }
0126
0127 void iscsi_update_cmdsn(struct iscsi_session *session, struct iscsi_nopin *hdr)
0128 {
0129     __iscsi_update_cmdsn(session, be32_to_cpu(hdr->exp_cmdsn),
0130                  be32_to_cpu(hdr->max_cmdsn));
0131 }
0132 EXPORT_SYMBOL_GPL(iscsi_update_cmdsn);
0133
0134 /**
0135  * iscsi_prep_data_out_pdu - initialize Data-Out
0136  * @task: scsi command task
0137  * @r2t: R2T info
0138  * @hdr: iscsi data in pdu
0139  *
0140  * Notes:
0141  *  Initialize Data-Out within this R2T sequence and finds
0142  *  proper data_offset within this SCSI command.
0143  *
0144  *  This function is called with connection lock taken.
0145  **/
0146 void iscsi_prep_data_out_pdu(struct iscsi_task *task, struct iscsi_r2t_info *r2t,
0147                struct iscsi_data *hdr)
0148 {
0149     struct iscsi_conn *conn = task->conn;
0150     unsigned int left = r2t->data_length - r2t->sent;
0151
0152     task->hdr_len = sizeof(struct iscsi_data);
0153
0154     memset(hdr, 0, sizeof(struct iscsi_data));
0155     hdr->ttt = r2t->ttt;
0156     hdr->datasn = cpu_to_be32(r2t->datasn);
0157     r2t->datasn++;
0158     hdr->opcode = ISCSI_OP_SCSI_DATA_OUT;
0159     hdr->lun = task->lun;
0160     hdr->itt = task->hdr_itt;
0161     hdr->exp_statsn = r2t->exp_statsn;
0162     hdr->offset = cpu_to_be32(r2t->data_offset + r2t->sent);
0163     if (left > conn->max_xmit_dlength) {
0164         hton24(hdr->dlength, conn->max_xmit_dlength);
0165         r2t->data_count = conn->max_xmit_dlength;
0166         hdr->flags = 0;
0167     } else {
0168         hton24(hdr->dlength, left);
0169         r2t->data_count = left;
0170         hdr->flags = ISCSI_FLAG_CMD_FINAL;
0171     }
0172     conn->dataout_pdus_cnt++;
0173 }
0174 EXPORT_SYMBOL_GPL(iscsi_prep_data_out_pdu);
0175
0176 static int iscsi_add_hdr(struct iscsi_task *task, unsigned len)
0177 {
0178     unsigned exp_len = task->hdr_len + len;
0179
0180     if (exp_len > task->hdr_max) {
0181         WARN_ON(1);
0182         return -EINVAL;
0183     }
0184
0185     WARN_ON(len & (ISCSI_PAD_LEN - 1)); /* caller must pad the AHS */
0186     task->hdr_len = exp_len;
0187     return 0;
0188 }
0189
0190 /*
0191  * make an extended cdb AHS
0192  */
0193 static int iscsi_prep_ecdb_ahs(struct iscsi_task *task)
0194 {
0195     struct scsi_cmnd *cmd = task->sc;
0196     unsigned rlen, pad_len;
0197     unsigned short ahslength;
0198     struct iscsi_ecdb_ahdr *ecdb_ahdr;
0199     int rc;
0200
0201     ecdb_ahdr = iscsi_next_hdr(task);
0202     rlen = cmd->cmd_len - ISCSI_CDB_SIZE;
0203
0204     BUG_ON(rlen > sizeof(ecdb_ahdr->ecdb));
0205     ahslength = rlen + sizeof(ecdb_ahdr->reserved);
0206
0207     pad_len = iscsi_padding(rlen);
0208
0209     rc = iscsi_add_hdr(task, sizeof(ecdb_ahdr->ahslength) +
0210                        sizeof(ecdb_ahdr->ahstype) + ahslength + pad_len);
0211     if (rc)
0212         return rc;
0213
0214     if (pad_len)
0215         memset(&ecdb_ahdr->ecdb[rlen], 0, pad_len);
0216
0217     ecdb_ahdr->ahslength = cpu_to_be16(ahslength);
0218     ecdb_ahdr->ahstype = ISCSI_AHSTYPE_CDB;
0219     ecdb_ahdr->reserved = 0;
0220     memcpy(ecdb_ahdr->ecdb, cmd->cmnd + ISCSI_CDB_SIZE, rlen);
0221
0222     ISCSI_DBG_SESSION(task->conn->session,
0223               "iscsi_prep_ecdb_ahs: varlen_cdb_len %d "
0224                   "rlen %d pad_len %d ahs_length %d iscsi_headers_size "
0225                   "%u\n", cmd->cmd_len, rlen, pad_len, ahslength,
0226                   task->hdr_len);
0227     return 0;
0228 }
0229
0230 /**
0231  * iscsi_check_tmf_restrictions - check if a task is affected by TMF
0232  * @task: iscsi task
0233  * @opcode: opcode to check for
0234  *
0235  * During TMF a task has to be checked if it's affected.
0236  * All unrelated I/O can be passed through, but I/O to the
0237  * affected LUN should be restricted.
0238  * If 'fast_abort' is set we won't be sending any I/O to the
0239  * affected LUN.
0240  * Otherwise the target is waiting for all TTTs to be completed,
0241  * so we have to send all outstanding Data-Out PDUs to the target.
0242  */
0243 static int iscsi_check_tmf_restrictions(struct iscsi_task *task, int opcode)
0244 {
0245     struct iscsi_session *session = task->conn->session;
0246     struct iscsi_tm *tmf = &session->tmhdr;
0247     u64 hdr_lun;
0248
0249     if (session->tmf_state == TMF_INITIAL)
0250         return 0;
0251
0252     if ((tmf->opcode & ISCSI_OPCODE_MASK) != ISCSI_OP_SCSI_TMFUNC)
0253         return 0;
0254
0255     switch (ISCSI_TM_FUNC_VALUE(tmf)) {
0256     case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET:
0257         /*
0258          * Allow PDUs for unrelated LUNs
0259          */
0260         hdr_lun = scsilun_to_int(&tmf->lun);
0261         if (hdr_lun != task->sc->device->lun)
0262             return 0;
0263         fallthrough;
0264     case ISCSI_TM_FUNC_TARGET_WARM_RESET:
0265         /*
0266          * Fail all SCSI cmd PDUs
0267          */
0268         if (opcode != ISCSI_OP_SCSI_DATA_OUT) {
0269             iscsi_session_printk(KERN_INFO, session,
0270                          "task [op %x itt 0x%x/0x%x] rejected.\n",
0271                          opcode, task->itt, task->hdr_itt);
0272             return -EACCES;
0273         }
0274         /*
0275          * And also all data-out PDUs in response to R2T
0276          * if fast_abort is set.
0277          */
0278         if (session->fast_abort) {
0279             iscsi_session_printk(KERN_INFO, session,
0280                          "task [op %x itt 0x%x/0x%x] fast abort.\n",
0281                          opcode, task->itt, task->hdr_itt);
0282             return -EACCES;
0283         }
0284         break;
0285     case ISCSI_TM_FUNC_ABORT_TASK:
0286         /*
0287          * the caller has already checked if the task
0288          * they want to abort was in the pending queue so if
0289          * we are here the cmd pdu has gone out already, and
0290          * we will only hit this for data-outs
0291          */
0292         if (opcode == ISCSI_OP_SCSI_DATA_OUT &&
0293             task->hdr_itt == tmf->rtt) {
0294             ISCSI_DBG_SESSION(session,
0295                       "Preventing task %x/%x from sending "
0296                       "data-out due to abort task in "
0297                       "progress\n", task->itt,
0298                       task->hdr_itt);
0299             return -EACCES;
0300         }
0301         break;
0302     }
0303
0304     return 0;
0305 }
0306
0307 /**
0308  * iscsi_prep_scsi_cmd_pdu - prep iscsi scsi cmd pdu
0309  * @task: iscsi task
0310  *
0311  * Prep basic iSCSI PDU fields for a scsi cmd pdu. The LLD should set
0312  * fields like dlength or final based on how much data it sends
0313  */
0314 static int iscsi_prep_scsi_cmd_pdu(struct iscsi_task *task)
0315 {
0316     struct iscsi_conn *conn = task->conn;
0317     struct iscsi_session *session = conn->session;
0318     struct scsi_cmnd *sc = task->sc;
0319     struct iscsi_scsi_req *hdr;
0320     unsigned hdrlength, cmd_len, transfer_length;
0321     itt_t itt;
0322     int rc;
0323
0324     rc = iscsi_check_tmf_restrictions(task, ISCSI_OP_SCSI_CMD);
0325     if (rc)
0326         return rc;
0327
0328     if (conn->session->tt->alloc_pdu) {
0329         rc = conn->session->tt->alloc_pdu(task, ISCSI_OP_SCSI_CMD);
0330         if (rc)
0331             return rc;
0332     }
0333     hdr = (struct iscsi_scsi_req *)task->hdr;
0334     itt = hdr->itt;
0335     memset(hdr, 0, sizeof(*hdr));
0336
0337     if (session->tt->parse_pdu_itt)
0338         hdr->itt = task->hdr_itt = itt;
0339     else
0340         hdr->itt = task->hdr_itt = build_itt(task->itt,
0341                              task->conn->session->age);
0342     task->hdr_len = 0;
0343     rc = iscsi_add_hdr(task, sizeof(*hdr));
0344     if (rc)
0345         return rc;
0346     hdr->opcode = ISCSI_OP_SCSI_CMD;
0347     hdr->flags = ISCSI_ATTR_SIMPLE;
0348     int_to_scsilun(sc->device->lun, &hdr->lun);
0349     task->lun = hdr->lun;
0350     hdr->exp_statsn = cpu_to_be32(conn->exp_statsn);
0351     cmd_len = sc->cmd_len;
0352     if (cmd_len < ISCSI_CDB_SIZE)
0353         memset(&hdr->cdb[cmd_len], 0, ISCSI_CDB_SIZE - cmd_len);
0354     else if (cmd_len > ISCSI_CDB_SIZE) {
0355         rc = iscsi_prep_ecdb_ahs(task);
0356         if (rc)
0357             return rc;
0358         cmd_len = ISCSI_CDB_SIZE;
0359     }
0360     memcpy(hdr->cdb, sc->cmnd, cmd_len);
0361
0362     task->imm_count = 0;
0363     if (scsi_get_prot_op(sc) != SCSI_PROT_NORMAL)
0364         task->protected = true;
0365
0366     transfer_length = scsi_transfer_length(sc);
0367     hdr->data_length = cpu_to_be32(transfer_length);
0368     if (sc->sc_data_direction == DMA_TO_DEVICE) {
0369         struct iscsi_r2t_info *r2t = &task->unsol_r2t;
0370
0371         hdr->flags |= ISCSI_FLAG_CMD_WRITE;
0372         /*
0373          * Write counters:
0374          *
0375          *  imm_count   bytes to be sent right after
0376          *          SCSI PDU Header
0377          *
0378          *  unsol_count bytes(as Data-Out) to be sent
0379          *          without R2T ack right after
0380          *          immediate data
0381          *
0382          *  r2t data_length bytes to be sent via R2T ack's
0383          *
0384          *      pad_count       bytes to be sent as zero-padding
0385          */
0386         memset(r2t, 0, sizeof(*r2t));
0387
0388         if (session->imm_data_en) {
0389             if (transfer_length >= session->first_burst)
0390                 task->imm_count = min(session->first_burst,
0391                             conn->max_xmit_dlength);
0392             else
0393                 task->imm_count = min(transfer_length,
0394                               conn->max_xmit_dlength);
0395             hton24(hdr->dlength, task->imm_count);
0396         } else
0397             zero_data(hdr->dlength);
0398
0399         if (!session->initial_r2t_en) {
0400             r2t->data_length = min(session->first_burst,
0401                            transfer_length) -
0402                            task->imm_count;
0403             r2t->data_offset = task->imm_count;
0404             r2t->ttt = cpu_to_be32(ISCSI_RESERVED_TAG);
0405             r2t->exp_statsn = cpu_to_be32(conn->exp_statsn);
0406         }
0407
0408         if (!task->unsol_r2t.data_length)
0409             /* No unsolicit Data-Out's */
0410             hdr->flags |= ISCSI_FLAG_CMD_FINAL;
0411     } else {
0412         hdr->flags |= ISCSI_FLAG_CMD_FINAL;
0413         zero_data(hdr->dlength);
0414
0415         if (sc->sc_data_direction == DMA_FROM_DEVICE)
0416             hdr->flags |= ISCSI_FLAG_CMD_READ;
0417     }
0418
0419     /* calculate size of additional header segments (AHSs) */
0420     hdrlength = task->hdr_len - sizeof(*hdr);
0421
0422     WARN_ON(hdrlength & (ISCSI_PAD_LEN-1));
0423     hdrlength /= ISCSI_PAD_LEN;
0424
0425     WARN_ON(hdrlength >= 256);
0426     hdr->hlength = hdrlength & 0xFF;
0427     hdr->cmdsn = task->cmdsn = cpu_to_be32(session->cmdsn);
0428
0429     if (session->tt->init_task && session->tt->init_task(task))
0430         return -EIO;
0431
0432     task->state = ISCSI_TASK_RUNNING;
0433     session->cmdsn++;
0434
0435     conn->scsicmd_pdus_cnt++;
0436     ISCSI_DBG_SESSION(session, "iscsi prep [%s cid %d sc %p cdb 0x%x "
0437               "itt 0x%x len %d cmdsn %d win %d]\n",
0438               sc->sc_data_direction == DMA_TO_DEVICE ?
0439               "write" : "read", conn->id, sc, sc->cmnd[0],
0440               task->itt, transfer_length,
0441               session->cmdsn,
0442               session->max_cmdsn - session->exp_cmdsn + 1);
0443     return 0;
0444 }
0445
0446 /**
0447  * iscsi_free_task - free a task
0448  * @task: iscsi cmd task
0449  *
0450  * Must be called with session back_lock.
0451  * This function returns the scsi command to scsi-ml or cleans
0452  * up mgmt tasks then returns the task to the pool.
0453  */
0454 static void iscsi_free_task(struct iscsi_task *task)
0455 {
0456     struct iscsi_conn *conn = task->conn;
0457     struct iscsi_session *session = conn->session;
0458     struct scsi_cmnd *sc = task->sc;
0459     int oldstate = task->state;
0460
0461     ISCSI_DBG_SESSION(session, "freeing task itt 0x%x state %d sc %p\n",
0462               task->itt, task->state, task->sc);
0463
0464     session->tt->cleanup_task(task);
0465     task->state = ISCSI_TASK_FREE;
0466     task->sc = NULL;
0467     /*
0468      * login task is preallocated so do not free
0469      */
0470     if (conn->login_task == task)
0471         return;
0472
0473     kfifo_in(&session->cmdpool.queue, (void*)&task, sizeof(void*));
0474
0475     if (sc) {
0476         /* SCSI eh reuses commands to verify us */
0477         iscsi_cmd(sc)->task = NULL;
0478         /*
0479          * queue command may call this to free the task, so
0480          * it will decide how to return sc to scsi-ml.
0481          */
0482         if (oldstate != ISCSI_TASK_REQUEUE_SCSIQ)
0483             scsi_done(sc);
0484     }
0485 }
0486
0487 bool iscsi_get_task(struct iscsi_task *task)
0488 {
0489     return refcount_inc_not_zero(&task->refcount);
0490 }
0491 EXPORT_SYMBOL_GPL(iscsi_get_task);
0492
0493 /**
0494  * __iscsi_put_task - drop the refcount on a task
0495  * @task: iscsi_task to drop the refcount on
0496  *
0497  * The back_lock must be held when calling in case it frees the task.
0498  */
0499 void __iscsi_put_task(struct iscsi_task *task)
0500 {
0501     if (refcount_dec_and_test(&task->refcount))
0502         iscsi_free_task(task);
0503 }
0504 EXPORT_SYMBOL_GPL(__iscsi_put_task);
0505
0506 void iscsi_put_task(struct iscsi_task *task)
0507 {
0508     struct iscsi_session *session = task->conn->session;
0509
0510     if (refcount_dec_and_test(&task->refcount)) {
0511         spin_lock_bh(&session->back_lock);
0512         iscsi_free_task(task);
0513         spin_unlock_bh(&session->back_lock);
0514     }
0515 }
0516 EXPORT_SYMBOL_GPL(iscsi_put_task);
0517
0518 /**
0519  * iscsi_complete_task - finish a task
0520  * @task: iscsi cmd task
0521  * @state: state to complete task with
0522  *
0523  * Must be called with session back_lock.
0524  */
0525 static void iscsi_complete_task(struct iscsi_task *task, int state)
0526 {
0527     struct iscsi_conn *conn = task->conn;
0528
0529     ISCSI_DBG_SESSION(conn->session,
0530               "complete task itt 0x%x state %d sc %p\n",
0531               task->itt, task->state, task->sc);
0532     if (task->state == ISCSI_TASK_COMPLETED ||
0533         task->state == ISCSI_TASK_ABRT_TMF ||
0534         task->state == ISCSI_TASK_ABRT_SESS_RECOV ||
0535         task->state == ISCSI_TASK_REQUEUE_SCSIQ)
0536         return;
0537     WARN_ON_ONCE(task->state == ISCSI_TASK_FREE);
0538     task->state = state;
0539
0540     if (READ_ONCE(conn->ping_task) == task)
0541         WRITE_ONCE(conn->ping_task, NULL);
0542
0543     /* release get from queueing */
0544     __iscsi_put_task(task);
0545 }
0546
0547 /**
0548  * iscsi_complete_scsi_task - finish scsi task normally
0549  * @task: iscsi task for scsi cmd
0550  * @exp_cmdsn: expected cmd sn in cpu format
0551  * @max_cmdsn: max cmd sn in cpu format
0552  *
0553  * This is used when drivers do not need or cannot perform
0554  * lower level pdu processing.
0555  *
0556  * Called with session back_lock
0557  */
0558 void iscsi_complete_scsi_task(struct iscsi_task *task,
0559                   uint32_t exp_cmdsn, uint32_t max_cmdsn)
0560 {
0561     struct iscsi_conn *conn = task->conn;
0562
0563     ISCSI_DBG_SESSION(conn->session, "[itt 0x%x]\n", task->itt);
0564
0565     conn->last_recv = jiffies;
0566     __iscsi_update_cmdsn(conn->session, exp_cmdsn, max_cmdsn);
0567     iscsi_complete_task(task, ISCSI_TASK_COMPLETED);
0568 }
0569 EXPORT_SYMBOL_GPL(iscsi_complete_scsi_task);
0570
0571 /*
0572  * Must be called with back and frwd lock
0573  */
0574 static bool cleanup_queued_task(struct iscsi_task *task)
0575 {
0576     struct iscsi_conn *conn = task->conn;
0577     bool early_complete = false;
0578
0579     /*
0580      * We might have raced where we handled a R2T early and got a response
0581      * but have not yet taken the task off the requeue list, then a TMF or
0582      * recovery happened and so we can still see it here.
0583      */
0584     if (task->state == ISCSI_TASK_COMPLETED)
0585         early_complete = true;
0586
0587     if (!list_empty(&task->running)) {
0588         list_del_init(&task->running);
0589         /*
0590          * If it's on a list but still running this could be cleanup
0591          * from a TMF or session recovery.
0592          */
0593         if (task->state == ISCSI_TASK_RUNNING ||
0594             task->state == ISCSI_TASK_COMPLETED)
0595             __iscsi_put_task(task);
0596     }
0597
0598     if (conn->session->running_aborted_task == task) {
0599         conn->session->running_aborted_task = NULL;
0600         __iscsi_put_task(task);
0601     }
0602
0603     if (conn->task == task) {
0604         conn->task = NULL;
0605         __iscsi_put_task(task);
0606     }
0607
0608     return early_complete;
0609 }
0610
0611 /*
0612  * session back and frwd lock must be held and if not called for a task that
0613  * is still pending or from the xmit thread, then xmit thread must be suspended
0614  */
0615 static void __fail_scsi_task(struct iscsi_task *task, int err)
0616 {
0617     struct iscsi_conn *conn = task->conn;
0618     struct scsi_cmnd *sc;
0619     int state;
0620
0621     if (cleanup_queued_task(task))
0622         return;
0623
0624     if (task->state == ISCSI_TASK_PENDING) {
0625         /*
0626          * cmd never made it to the xmit thread, so we should not count
0627          * the cmd in the sequencing
0628          */
0629         conn->session->queued_cmdsn--;
0630         /* it was never sent so just complete like normal */
0631         state = ISCSI_TASK_COMPLETED;
0632     } else if (err == DID_TRANSPORT_DISRUPTED)
0633         state = ISCSI_TASK_ABRT_SESS_RECOV;
0634     else
0635         state = ISCSI_TASK_ABRT_TMF;
0636
0637     sc = task->sc;
0638     sc->result = err << 16;
0639     scsi_set_resid(sc, scsi_bufflen(sc));
0640     iscsi_complete_task(task, state);
0641 }
0642
0643 static void fail_scsi_task(struct iscsi_task *task, int err)
0644 {
0645     struct iscsi_session *session = task->conn->session;
0646
0647     spin_lock_bh(&session->back_lock);
0648     __fail_scsi_task(task, err);
0649     spin_unlock_bh(&session->back_lock);
0650 }
0651
0652 static int iscsi_prep_mgmt_task(struct iscsi_conn *conn,
0653                 struct iscsi_task *task)
0654 {
0655     struct iscsi_session *session = conn->session;
0656     struct iscsi_hdr *hdr = task->hdr;
0657     struct iscsi_nopout *nop = (struct iscsi_nopout *)hdr;
0658     uint8_t opcode = hdr->opcode & ISCSI_OPCODE_MASK;
0659
0660     if (conn->session->state == ISCSI_STATE_LOGGING_OUT)
0661         return -ENOTCONN;
0662
0663     if (opcode != ISCSI_OP_LOGIN && opcode != ISCSI_OP_TEXT)
0664         nop->exp_statsn = cpu_to_be32(conn->exp_statsn);
0665     /*
0666      * pre-format CmdSN for outgoing PDU.
0667      */
0668     nop->cmdsn = cpu_to_be32(session->cmdsn);
0669     if (hdr->itt != RESERVED_ITT) {
0670         /*
0671          * TODO: We always use immediate for normal session pdus.
0672          * If we start to send tmfs or nops as non-immediate then
0673          * we should start checking the cmdsn numbers for mgmt tasks.
0674          *
0675          * During discovery sessions iscsid sends TEXT as non immediate,
0676          * but we always only send one PDU at a time.
0677          */
0678         if (conn->c_stage == ISCSI_CONN_STARTED &&
0679             !(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
0680             session->queued_cmdsn++;
0681             session->cmdsn++;
0682         }
0683     }
0684
0685     if (session->tt->init_task && session->tt->init_task(task))
0686         return -EIO;
0687
0688     if ((hdr->opcode & ISCSI_OPCODE_MASK) == ISCSI_OP_LOGOUT)
0689         session->state = ISCSI_STATE_LOGGING_OUT;
0690
0691     task->state = ISCSI_TASK_RUNNING;
0692     ISCSI_DBG_SESSION(session, "mgmtpdu [op 0x%x hdr->itt 0x%x "
0693               "datalen %d]\n", hdr->opcode & ISCSI_OPCODE_MASK,
0694               hdr->itt, task->data_count);
0695     return 0;
0696 }
0697
0698 /**
0699  * iscsi_alloc_mgmt_task - allocate and setup a mgmt task.
0700  * @conn: iscsi conn that the task will be sent on.
0701  * @hdr: iscsi pdu that will be sent.
0702  * @data: buffer for data segment if needed.
0703  * @data_size: length of data in bytes.
0704  */
0705 static struct iscsi_task *
0706 iscsi_alloc_mgmt_task(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
0707               char *data, uint32_t data_size)
0708 {
0709     struct iscsi_session *session = conn->session;
0710     uint8_t opcode = hdr->opcode & ISCSI_OPCODE_MASK;
0711     struct iscsi_task *task;
0712     itt_t itt;
0713
0714     if (session->state == ISCSI_STATE_TERMINATE ||
0715         !test_bit(ISCSI_CONN_FLAG_BOUND, &conn->flags))
0716         return NULL;
0717
0718     if (opcode == ISCSI_OP_LOGIN || opcode == ISCSI_OP_TEXT) {
0719         /*
0720          * Login and Text are sent serially, in
0721          * request-followed-by-response sequence.
0722          * Same task can be used. Same ITT must be used.
0723          * Note that login_task is preallocated at conn_create().
0724          */
0725         if (conn->login_task->state != ISCSI_TASK_FREE) {
0726             iscsi_conn_printk(KERN_ERR, conn, "Login/Text in "
0727                       "progress. Cannot start new task.\n");
0728             return NULL;
0729         }
0730
0731         if (data_size > ISCSI_DEF_MAX_RECV_SEG_LEN) {
0732             iscsi_conn_printk(KERN_ERR, conn, "Invalid buffer len of %u for login task. Max len is %u\n", data_size, ISCSI_DEF_MAX_RECV_SEG_LEN);
0733             return NULL;
0734         }
0735
0736         task = conn->login_task;
0737     } else {
0738         if (session->state != ISCSI_STATE_LOGGED_IN)
0739             return NULL;
0740
0741         if (data_size != 0) {
0742             iscsi_conn_printk(KERN_ERR, conn, "Can not send data buffer of len %u for op 0x%x\n", data_size, opcode);
0743             return NULL;
0744         }
0745
0746         BUG_ON(conn->c_stage == ISCSI_CONN_INITIAL_STAGE);
0747         BUG_ON(conn->c_stage == ISCSI_CONN_STOPPED);
0748
0749         if (!kfifo_out(&session->cmdpool.queue,
0750                  (void*)&task, sizeof(void*)))
0751             return NULL;
0752     }
0753     /*
0754      * released in complete pdu for task we expect a response for, and
0755      * released by the lld when it has transmitted the task for
0756      * pdus we do not expect a response for.
0757      */
0758     refcount_set(&task->refcount, 1);
0759     task->conn = conn;
0760     task->sc = NULL;
0761     INIT_LIST_HEAD(&task->running);
0762     task->state = ISCSI_TASK_PENDING;
0763
0764     if (data_size) {
0765         memcpy(task->data, data, data_size);
0766         task->data_count = data_size;
0767     } else
0768         task->data_count = 0;
0769
0770     if (conn->session->tt->alloc_pdu) {
0771         if (conn->session->tt->alloc_pdu(task, hdr->opcode)) {
0772             iscsi_conn_printk(KERN_ERR, conn, "Could not allocate "
0773                      "pdu for mgmt task.\n");
0774             goto free_task;
0775         }
0776     }
0777
0778     itt = task->hdr->itt;
0779     task->hdr_len = sizeof(struct iscsi_hdr);
0780     memcpy(task->hdr, hdr, sizeof(struct iscsi_hdr));
0781
0782     if (hdr->itt != RESERVED_ITT) {
0783         if (session->tt->parse_pdu_itt)
0784             task->hdr->itt = itt;
0785         else
0786             task->hdr->itt = build_itt(task->itt,
0787                            task->conn->session->age);
0788     }
0789
0790     return task;
0791
0792 free_task:
0793     iscsi_put_task(task);
0794     return NULL;
0795 }
0796
0797 /**
0798  * iscsi_send_mgmt_task - Send task created with iscsi_alloc_mgmt_task.
0799  * @task: iscsi task to send.
0800  *
0801  * On failure this returns a non-zero error code, and the driver must free
0802  * the task with iscsi_put_task;
0803  */
0804 static int iscsi_send_mgmt_task(struct iscsi_task *task)
0805 {
0806     struct iscsi_conn *conn = task->conn;
0807     struct iscsi_session *session = conn->session;
0808     struct iscsi_host *ihost = shost_priv(conn->session->host);
0809     int rc = 0;
0810
0811     if (!ihost->workq) {
0812         rc = iscsi_prep_mgmt_task(conn, task);
0813         if (rc)
0814             return rc;
0815
0816         rc = session->tt->xmit_task(task);
0817         if (rc)
0818             return rc;
0819     } else {
0820         list_add_tail(&task->running, &conn->mgmtqueue);
0821         iscsi_conn_queue_xmit(conn);
0822     }
0823
0824     return 0;
0825 }
0826
0827 static int __iscsi_conn_send_pdu(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
0828                  char *data, uint32_t data_size)
0829 {
0830     struct iscsi_task *task;
0831     int rc;
0832
0833     task = iscsi_alloc_mgmt_task(conn, hdr, data, data_size);
0834     if (!task)
0835         return -ENOMEM;
0836
0837     rc = iscsi_send_mgmt_task(task);
0838     if (rc)
0839         iscsi_put_task(task);
0840     return rc;
0841 }
0842
0843 int iscsi_conn_send_pdu(struct iscsi_cls_conn *cls_conn, struct iscsi_hdr *hdr,
0844             char *data, uint32_t data_size)
0845 {
0846     struct iscsi_conn *conn = cls_conn->dd_data;
0847     struct iscsi_session *session = conn->session;
0848     int err = 0;
0849
0850     spin_lock_bh(&session->frwd_lock);
0851     if (__iscsi_conn_send_pdu(conn, hdr, data, data_size))
0852         err = -EPERM;
0853     spin_unlock_bh(&session->frwd_lock);
0854     return err;
0855 }
0856 EXPORT_SYMBOL_GPL(iscsi_conn_send_pdu);
0857
0858 /**
0859  * iscsi_scsi_cmd_rsp - SCSI Command Response processing
0860  * @conn: iscsi connection
0861  * @hdr: iscsi header
0862  * @task: scsi command task
0863  * @data: cmd data buffer
0864  * @datalen: len of buffer
0865  *
0866  * iscsi_cmd_rsp sets up the scsi_cmnd fields based on the PDU and
0867  * then completes the command and task. called under back_lock
0868  **/
0869 static void iscsi_scsi_cmd_rsp(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
0870                    struct iscsi_task *task, char *data,
0871                    int datalen)
0872 {
0873     struct iscsi_scsi_rsp *rhdr = (struct iscsi_scsi_rsp *)hdr;
0874     struct iscsi_session *session = conn->session;
0875     struct scsi_cmnd *sc = task->sc;
0876
0877     iscsi_update_cmdsn(session, (struct iscsi_nopin*)rhdr);
0878     conn->exp_statsn = be32_to_cpu(rhdr->statsn) + 1;
0879
0880     sc->result = (DID_OK << 16) | rhdr->cmd_status;
0881
0882     if (task->protected) {
0883         sector_t sector;
0884         u8 ascq;
0885
0886         /**
0887          * Transports that didn't implement check_protection
0888          * callback but still published T10-PI support to scsi-mid
0889          * deserve this BUG_ON.
0890          **/
0891         BUG_ON(!session->tt->check_protection);
0892
0893         ascq = session->tt->check_protection(task, &sector);
0894         if (ascq) {
0895             scsi_build_sense(sc, 1, ILLEGAL_REQUEST, 0x10, ascq);
0896             scsi_set_sense_information(sc->sense_buffer,
0897                            SCSI_SENSE_BUFFERSIZE,
0898                            sector);
0899             goto out;
0900         }
0901     }
0902
0903     if (rhdr->response != ISCSI_STATUS_CMD_COMPLETED) {
0904         sc->result = DID_ERROR << 16;
0905         goto out;
0906     }
0907
0908     if (rhdr->cmd_status == SAM_STAT_CHECK_CONDITION) {
0909         uint16_t senselen;
0910
0911         if (datalen < 2) {
0912 invalid_datalen:
0913             iscsi_conn_printk(KERN_ERR,  conn,
0914                      "Got CHECK_CONDITION but invalid data "
0915                      "buffer size of %d\n", datalen);
0916             sc->result = DID_BAD_TARGET << 16;
0917             goto out;
0918         }
0919
0920         senselen = get_unaligned_be16(data);
0921         if (datalen < senselen)
0922             goto invalid_datalen;
0923
0924         memcpy(sc->sense_buffer, data + 2,
0925                min_t(uint16_t, senselen, SCSI_SENSE_BUFFERSIZE));
0926         ISCSI_DBG_SESSION(session, "copied %d bytes of sense\n",
0927                   min_t(uint16_t, senselen,
0928                   SCSI_SENSE_BUFFERSIZE));
0929     }
0930
0931     if (rhdr->flags & (ISCSI_FLAG_CMD_BIDI_UNDERFLOW |
0932                ISCSI_FLAG_CMD_BIDI_OVERFLOW)) {
0933         sc->result = (DID_BAD_TARGET << 16) | rhdr->cmd_status;
0934     }
0935
0936     if (rhdr->flags & (ISCSI_FLAG_CMD_UNDERFLOW |
0937                        ISCSI_FLAG_CMD_OVERFLOW)) {
0938         int res_count = be32_to_cpu(rhdr->residual_count);
0939
0940         if (res_count > 0 &&
0941             (rhdr->flags & ISCSI_FLAG_CMD_OVERFLOW ||
0942              res_count <= scsi_bufflen(sc)))
0943             /* write side for bidi or uni-io set_resid */
0944             scsi_set_resid(sc, res_count);
0945         else
0946             sc->result = (DID_BAD_TARGET << 16) | rhdr->cmd_status;
0947     }
0948 out:
0949     ISCSI_DBG_SESSION(session, "cmd rsp done [sc %p res %d itt 0x%x]\n",
0950               sc, sc->result, task->itt);
0951     conn->scsirsp_pdus_cnt++;
0952     iscsi_complete_task(task, ISCSI_TASK_COMPLETED);
0953 }
0954
0955 /**
0956  * iscsi_data_in_rsp - SCSI Data-In Response processing
0957  * @conn: iscsi connection
0958  * @hdr:  iscsi pdu
0959  * @task: scsi command task
0960  *
0961  * iscsi_data_in_rsp sets up the scsi_cmnd fields based on the data received
0962  * then completes the command and task. called under back_lock
0963  **/
0964 static void
0965 iscsi_data_in_rsp(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
0966           struct iscsi_task *task)
0967 {
0968     struct iscsi_data_rsp *rhdr = (struct iscsi_data_rsp *)hdr;
0969     struct scsi_cmnd *sc = task->sc;
0970
0971     if (!(rhdr->flags & ISCSI_FLAG_DATA_STATUS))
0972         return;
0973
0974     iscsi_update_cmdsn(conn->session, (struct iscsi_nopin *)hdr);
0975     sc->result = (DID_OK << 16) | rhdr->cmd_status;
0976     conn->exp_statsn = be32_to_cpu(rhdr->statsn) + 1;
0977     if (rhdr->flags & (ISCSI_FLAG_DATA_UNDERFLOW |
0978                        ISCSI_FLAG_DATA_OVERFLOW)) {
0979         int res_count = be32_to_cpu(rhdr->residual_count);
0980
0981         if (res_count > 0 &&
0982             (rhdr->flags & ISCSI_FLAG_CMD_OVERFLOW ||
0983              res_count <= sc->sdb.length))
0984             scsi_set_resid(sc, res_count);
0985         else
0986             sc->result = (DID_BAD_TARGET << 16) | rhdr->cmd_status;
0987     }
0988
0989     ISCSI_DBG_SESSION(conn->session, "data in with status done "
0990               "[sc %p res %d itt 0x%x]\n",
0991               sc, sc->result, task->itt);
0992     conn->scsirsp_pdus_cnt++;
0993     iscsi_complete_task(task, ISCSI_TASK_COMPLETED);
0994 }
0995
0996 static void iscsi_tmf_rsp(struct iscsi_conn *conn, struct iscsi_hdr *hdr)
0997 {
0998     struct iscsi_tm_rsp *tmf = (struct iscsi_tm_rsp *)hdr;
0999     struct iscsi_session *session = conn->session;
1000
1001     conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
1002     conn->tmfrsp_pdus_cnt++;
1003
1004     if (session->tmf_state != TMF_QUEUED)
1005         return;
1006
1007     if (tmf->response == ISCSI_TMF_RSP_COMPLETE)
1008         session->tmf_state = TMF_SUCCESS;
1009     else if (tmf->response == ISCSI_TMF_RSP_NO_TASK)
1010         session->tmf_state = TMF_NOT_FOUND;
1011     else
1012         session->tmf_state = TMF_FAILED;
1013     wake_up(&session->ehwait);
1014 }
1015
1016 static int iscsi_send_nopout(struct iscsi_conn *conn, struct iscsi_nopin *rhdr)
1017 {
1018         struct iscsi_nopout hdr;
1019     struct iscsi_task *task;
1020
1021     if (!rhdr) {
1022         if (READ_ONCE(conn->ping_task))
1023             return -EINVAL;
1024     }
1025
1026     memset(&hdr, 0, sizeof(struct iscsi_nopout));
1027     hdr.opcode = ISCSI_OP_NOOP_OUT | ISCSI_OP_IMMEDIATE;
1028     hdr.flags = ISCSI_FLAG_CMD_FINAL;
1029
1030     if (rhdr) {
1031         hdr.lun = rhdr->lun;
1032         hdr.ttt = rhdr->ttt;
1033         hdr.itt = RESERVED_ITT;
1034     } else
1035         hdr.ttt = RESERVED_ITT;
1036
1037     task = iscsi_alloc_mgmt_task(conn, (struct iscsi_hdr *)&hdr, NULL, 0);
1038     if (!task)
1039         return -ENOMEM;
1040
1041     if (!rhdr)
1042         WRITE_ONCE(conn->ping_task, task);
1043
1044     if (iscsi_send_mgmt_task(task)) {
1045         if (!rhdr)
1046             WRITE_ONCE(conn->ping_task, NULL);
1047         iscsi_put_task(task);
1048
1049         iscsi_conn_printk(KERN_ERR, conn, "Could not send nopout\n");
1050         return -EIO;
1051     } else if (!rhdr) {
1052         /* only track our nops */
1053         conn->last_ping = jiffies;
1054     }
1055
1056     return 0;
1057 }
1058
1059 /**
1060  * iscsi_nop_out_rsp - SCSI NOP Response processing
1061  * @task: scsi command task
1062  * @nop: the nop structure
1063  * @data: where to put the data
1064  * @datalen: length of data
1065  *
1066  * iscsi_nop_out_rsp handles nop response from use or
1067  * from user space. called under back_lock
1068  **/
1069 static int iscsi_nop_out_rsp(struct iscsi_task *task,
1070                  struct iscsi_nopin *nop, char *data, int datalen)
1071 {
1072     struct iscsi_conn *conn = task->conn;
1073     int rc = 0;
1074
1075     if (READ_ONCE(conn->ping_task) != task) {
1076         /*
1077          * If this is not in response to one of our
1078          * nops then it must be from userspace.
1079          */
1080         if (iscsi_recv_pdu(conn->cls_conn, (struct iscsi_hdr *)nop,
1081                    data, datalen))
1082             rc = ISCSI_ERR_CONN_FAILED;
1083     } else
1084         mod_timer(&conn->transport_timer, jiffies + conn->recv_timeout);
1085     iscsi_complete_task(task, ISCSI_TASK_COMPLETED);
1086     return rc;
1087 }
1088
1089 static int iscsi_handle_reject(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
1090                    char *data, int datalen)
1091 {
1092     struct iscsi_reject *reject = (struct iscsi_reject *)hdr;
1093     struct iscsi_hdr rejected_pdu;
1094     int opcode, rc = 0;
1095
1096     conn->exp_statsn = be32_to_cpu(reject->statsn) + 1;
1097
1098     if (ntoh24(reject->dlength) > datalen ||
1099         ntoh24(reject->dlength) < sizeof(struct iscsi_hdr)) {
1100         iscsi_conn_printk(KERN_ERR, conn, "Cannot handle rejected "
1101                   "pdu. Invalid data length (pdu dlength "
1102                   "%u, datalen %d\n", ntoh24(reject->dlength),
1103                   datalen);
1104         return ISCSI_ERR_PROTO;
1105     }
1106     memcpy(&rejected_pdu, data, sizeof(struct iscsi_hdr));
1107     opcode = rejected_pdu.opcode & ISCSI_OPCODE_MASK;
1108
1109     switch (reject->reason) {
1110     case ISCSI_REASON_DATA_DIGEST_ERROR:
1111         iscsi_conn_printk(KERN_ERR, conn,
1112                   "pdu (op 0x%x itt 0x%x) rejected "
1113                   "due to DataDigest error.\n",
1114                   opcode, rejected_pdu.itt);
1115         break;
1116     case ISCSI_REASON_IMM_CMD_REJECT:
1117         iscsi_conn_printk(KERN_ERR, conn,
1118                   "pdu (op 0x%x itt 0x%x) rejected. Too many "
1119                   "immediate commands.\n",
1120                   opcode, rejected_pdu.itt);
1121         /*
1122          * We only send one TMF at a time so if the target could not
1123          * handle it, then it should get fixed (RFC mandates that
1124          * a target can handle one immediate TMF per conn).
1125          *
1126          * For nops-outs, we could have sent more than one if
1127          * the target is sending us lots of nop-ins
1128          */
1129         if (opcode != ISCSI_OP_NOOP_OUT)
1130             return 0;
1131
1132         if (rejected_pdu.itt == cpu_to_be32(ISCSI_RESERVED_TAG)) {
1133             /*
1134              * nop-out in response to target's nop-out rejected.
1135              * Just resend.
1136              */
1137             /* In RX path we are under back lock */
1138             spin_unlock(&conn->session->back_lock);
1139             spin_lock(&conn->session->frwd_lock);
1140             iscsi_send_nopout(conn,
1141                       (struct iscsi_nopin*)&rejected_pdu);
1142             spin_unlock(&conn->session->frwd_lock);
1143             spin_lock(&conn->session->back_lock);
1144         } else {
1145             struct iscsi_task *task;
1146             /*
1147              * Our nop as ping got dropped. We know the target
1148              * and transport are ok so just clean up
1149              */
1150             task = iscsi_itt_to_task(conn, rejected_pdu.itt);
1151             if (!task) {
1152                 iscsi_conn_printk(KERN_ERR, conn,
1153                          "Invalid pdu reject. Could "
1154                          "not lookup rejected task.\n");
1155                 rc = ISCSI_ERR_BAD_ITT;
1156             } else
1157                 rc = iscsi_nop_out_rsp(task,
1158                     (struct iscsi_nopin*)&rejected_pdu,
1159                     NULL, 0);
1160         }
1161         break;
1162     default:
1163         iscsi_conn_printk(KERN_ERR, conn,
1164                   "pdu (op 0x%x itt 0x%x) rejected. Reason "
1165                   "code 0x%x\n", rejected_pdu.opcode,
1166                   rejected_pdu.itt, reject->reason);
1167         break;
1168     }
1169     return rc;
1170 }
1171
1172 /**
1173  * iscsi_itt_to_task - look up task by itt
1174  * @conn: iscsi connection
1175  * @itt: itt
1176  *
1177  * This should be used for mgmt tasks like login and nops, or if
1178  * the LDD's itt space does not include the session age.
1179  *
1180  * The session back_lock must be held.
1181  */
1182 struct iscsi_task *iscsi_itt_to_task(struct iscsi_conn *conn, itt_t itt)
1183 {
1184     struct iscsi_session *session = conn->session;
1185     int i;
1186
1187     if (itt == RESERVED_ITT)
1188         return NULL;
1189
1190     if (session->tt->parse_pdu_itt)
1191         session->tt->parse_pdu_itt(conn, itt, &i, NULL);
1192     else
1193         i = get_itt(itt);
1194     if (i >= session->cmds_max)
1195         return NULL;
1196
1197     return session->cmds[i];
1198 }
1199 EXPORT_SYMBOL_GPL(iscsi_itt_to_task);
1200
1201 /**
1202  * __iscsi_complete_pdu - complete pdu
1203  * @conn: iscsi conn
1204  * @hdr: iscsi header
1205  * @data: data buffer
1206  * @datalen: len of data buffer
1207  *
1208  * Completes pdu processing by freeing any resources allocated at
1209  * queuecommand or send generic. session back_lock must be held and verify
1210  * itt must have been called.
1211  */
1212 int __iscsi_complete_pdu(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
1213              char *data, int datalen)
1214 {
1215     struct iscsi_session *session = conn->session;
1216     int opcode = hdr->opcode & ISCSI_OPCODE_MASK, rc = 0;
1217     struct iscsi_task *task;
1218     uint32_t itt;
1219
1220     conn->last_recv = jiffies;
1221     rc = iscsi_verify_itt(conn, hdr->itt);
1222     if (rc)
1223         return rc;
1224
1225     if (hdr->itt != RESERVED_ITT)
1226         itt = get_itt(hdr->itt);
1227     else
1228         itt = ~0U;
1229
1230     ISCSI_DBG_SESSION(session, "[op 0x%x cid %d itt 0x%x len %d]\n",
1231               opcode, conn->id, itt, datalen);
1232
1233     if (itt == ~0U) {
1234         iscsi_update_cmdsn(session, (struct iscsi_nopin*)hdr);
1235
1236         switch(opcode) {
1237         case ISCSI_OP_NOOP_IN:
1238             if (datalen) {
1239                 rc = ISCSI_ERR_PROTO;
1240                 break;
1241             }
1242
1243             if (hdr->ttt == cpu_to_be32(ISCSI_RESERVED_TAG))
1244                 break;
1245
1246             /* In RX path we are under back lock */
1247             spin_unlock(&session->back_lock);
1248             spin_lock(&session->frwd_lock);
1249             iscsi_send_nopout(conn, (struct iscsi_nopin*)hdr);
1250             spin_unlock(&session->frwd_lock);
1251             spin_lock(&session->back_lock);
1252             break;
1253         case ISCSI_OP_REJECT:
1254             rc = iscsi_handle_reject(conn, hdr, data, datalen);
1255             break;
1256         case ISCSI_OP_ASYNC_EVENT:
1257             conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
1258             if (iscsi_recv_pdu(conn->cls_conn, hdr, data, datalen))
1259                 rc = ISCSI_ERR_CONN_FAILED;
1260             break;
1261         default:
1262             rc = ISCSI_ERR_BAD_OPCODE;
1263             break;
1264         }
1265         goto out;
1266     }
1267
1268     switch(opcode) {
1269     case ISCSI_OP_SCSI_CMD_RSP:
1270     case ISCSI_OP_SCSI_DATA_IN:
1271         task = iscsi_itt_to_ctask(conn, hdr->itt);
1272         if (!task)
1273             return ISCSI_ERR_BAD_ITT;
1274         task->last_xfer = jiffies;
1275         break;
1276     case ISCSI_OP_R2T:
1277         /*
1278          * LLD handles R2Ts if they need to.
1279          */
1280         return 0;
1281     case ISCSI_OP_LOGOUT_RSP:
1282     case ISCSI_OP_LOGIN_RSP:
1283     case ISCSI_OP_TEXT_RSP:
1284     case ISCSI_OP_SCSI_TMFUNC_RSP:
1285     case ISCSI_OP_NOOP_IN:
1286         task = iscsi_itt_to_task(conn, hdr->itt);
1287         if (!task)
1288             return ISCSI_ERR_BAD_ITT;
1289         break;
1290     default:
1291         return ISCSI_ERR_BAD_OPCODE;
1292     }
1293
1294     switch(opcode) {
1295     case ISCSI_OP_SCSI_CMD_RSP:
1296         iscsi_scsi_cmd_rsp(conn, hdr, task, data, datalen);
1297         break;
1298     case ISCSI_OP_SCSI_DATA_IN:
1299         iscsi_data_in_rsp(conn, hdr, task);
1300         break;
1301     case ISCSI_OP_LOGOUT_RSP:
1302         iscsi_update_cmdsn(session, (struct iscsi_nopin*)hdr);
1303         if (datalen) {
1304             rc = ISCSI_ERR_PROTO;
1305             break;
1306         }
1307         conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
1308         goto recv_pdu;
1309     case ISCSI_OP_LOGIN_RSP:
1310     case ISCSI_OP_TEXT_RSP:
1311         iscsi_update_cmdsn(session, (struct iscsi_nopin*)hdr);
1312         /*
1313          * login related PDU's exp_statsn is handled in
1314          * userspace
1315          */
1316         goto recv_pdu;
1317     case ISCSI_OP_SCSI_TMFUNC_RSP:
1318         iscsi_update_cmdsn(session, (struct iscsi_nopin*)hdr);
1319         if (datalen) {
1320             rc = ISCSI_ERR_PROTO;
1321             break;
1322         }
1323
1324         iscsi_tmf_rsp(conn, hdr);
1325         iscsi_complete_task(task, ISCSI_TASK_COMPLETED);
1326         break;
1327     case ISCSI_OP_NOOP_IN:
1328         iscsi_update_cmdsn(session, (struct iscsi_nopin*)hdr);
1329         if (hdr->ttt != cpu_to_be32(ISCSI_RESERVED_TAG) || datalen) {
1330             rc = ISCSI_ERR_PROTO;
1331             break;
1332         }
1333         conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
1334
1335         rc = iscsi_nop_out_rsp(task, (struct iscsi_nopin*)hdr,
1336                        data, datalen);
1337         break;
1338     default:
1339         rc = ISCSI_ERR_BAD_OPCODE;
1340         break;
1341     }
1342
1343 out:
1344     return rc;
1345 recv_pdu:
1346     if (iscsi_recv_pdu(conn->cls_conn, hdr, data, datalen))
1347         rc = ISCSI_ERR_CONN_FAILED;
1348     iscsi_complete_task(task, ISCSI_TASK_COMPLETED);
1349     return rc;
1350 }
1351 EXPORT_SYMBOL_GPL(__iscsi_complete_pdu);
1352
1353 int iscsi_complete_pdu(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
1354                char *data, int datalen)
1355 {
1356     int rc;
1357
1358     spin_lock(&conn->session->back_lock);
1359     rc = __iscsi_complete_pdu(conn, hdr, data, datalen);
1360     spin_unlock(&conn->session->back_lock);
1361     return rc;
1362 }
1363 EXPORT_SYMBOL_GPL(iscsi_complete_pdu);
1364
1365 int iscsi_verify_itt(struct iscsi_conn *conn, itt_t itt)
1366 {
1367     struct iscsi_session *session = conn->session;
1368     int age = 0, i = 0;
1369
1370     if (itt == RESERVED_ITT)
1371         return 0;
1372
1373     if (session->tt->parse_pdu_itt)
1374         session->tt->parse_pdu_itt(conn, itt, &i, &age);
1375     else {
1376         i = get_itt(itt);
1377         age = ((__force u32)itt >> ISCSI_AGE_SHIFT) & ISCSI_AGE_MASK;
1378     }
1379
1380     if (age != session->age) {
1381         iscsi_conn_printk(KERN_ERR, conn,
1382                   "received itt %x expected session age (%x)\n",
1383                   (__force u32)itt, session->age);
1384         return ISCSI_ERR_BAD_ITT;
1385     }
1386
1387     if (i >= session->cmds_max) {
1388         iscsi_conn_printk(KERN_ERR, conn,
1389                   "received invalid itt index %u (max cmds "
1390                    "%u.\n", i, session->cmds_max);
1391         return ISCSI_ERR_BAD_ITT;
1392     }
1393     return 0;
1394 }
1395 EXPORT_SYMBOL_GPL(iscsi_verify_itt);
1396
1397 /**
1398  * iscsi_itt_to_ctask - look up ctask by itt
1399  * @conn: iscsi connection
1400  * @itt: itt
1401  *
1402  * This should be used for cmd tasks.
1403  *
1404  * The session back_lock must be held.
1405  */
1406 struct iscsi_task *iscsi_itt_to_ctask(struct iscsi_conn *conn, itt_t itt)
1407 {
1408     struct iscsi_task *task;
1409
1410     if (iscsi_verify_itt(conn, itt))
1411         return NULL;
1412
1413     task = iscsi_itt_to_task(conn, itt);
1414     if (!task || !task->sc)
1415         return NULL;
1416
1417     if (iscsi_cmd(task->sc)->age != conn->session->age) {
1418         iscsi_session_printk(KERN_ERR, conn->session,
1419                   "task's session age %d, expected %d\n",
1420                   iscsi_cmd(task->sc)->age, conn->session->age);
1421         return NULL;
1422     }
1423
1424     return task;
1425 }
1426 EXPORT_SYMBOL_GPL(iscsi_itt_to_ctask);
1427
1428 void iscsi_session_failure(struct iscsi_session *session,
1429                enum iscsi_err err)
1430 {
1431     struct iscsi_conn *conn;
1432
1433     spin_lock_bh(&session->frwd_lock);
1434     conn = session->leadconn;
1435     if (session->state == ISCSI_STATE_TERMINATE || !conn) {
1436         spin_unlock_bh(&session->frwd_lock);
1437         return;
1438     }
1439
1440     iscsi_get_conn(conn->cls_conn);
1441     spin_unlock_bh(&session->frwd_lock);
1442     /*
1443      * if the host is being removed bypass the connection
1444      * recovery initialization because we are going to kill
1445      * the session.
1446      */
1447     if (err == ISCSI_ERR_INVALID_HOST)
1448         iscsi_conn_error_event(conn->cls_conn, err);
1449     else
1450         iscsi_conn_failure(conn, err);
1451     iscsi_put_conn(conn->cls_conn);
1452 }
1453 EXPORT_SYMBOL_GPL(iscsi_session_failure);
1454
1455 static bool iscsi_set_conn_failed(struct iscsi_conn *conn)
1456 {
1457     struct iscsi_session *session = conn->session;
1458
1459     if (session->state == ISCSI_STATE_FAILED)
1460         return false;
1461
1462     if (conn->stop_stage == 0)
1463         session->state = ISCSI_STATE_FAILED;
1464
1465     set_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags);
1466     set_bit(ISCSI_CONN_FLAG_SUSPEND_RX, &conn->flags);
1467     return true;
1468 }
1469
1470 void iscsi_conn_failure(struct iscsi_conn *conn, enum iscsi_err err)
1471 {
1472     struct iscsi_session *session = conn->session;
1473     bool needs_evt;
1474
1475     spin_lock_bh(&session->frwd_lock);
1476     needs_evt = iscsi_set_conn_failed(conn);
1477     spin_unlock_bh(&session->frwd_lock);
1478
1479     if (needs_evt)
1480         iscsi_conn_error_event(conn->cls_conn, err);
1481 }
1482 EXPORT_SYMBOL_GPL(iscsi_conn_failure);
1483
1484 static int iscsi_check_cmdsn_window_closed(struct iscsi_conn *conn)
1485 {
1486     struct iscsi_session *session = conn->session;
1487
1488     /*
1489      * Check for iSCSI window and take care of CmdSN wrap-around
1490      */
1491     if (!iscsi_sna_lte(session->queued_cmdsn, session->max_cmdsn)) {
1492         ISCSI_DBG_SESSION(session, "iSCSI CmdSN closed. ExpCmdSn "
1493                   "%u MaxCmdSN %u CmdSN %u/%u\n",
1494                   session->exp_cmdsn, session->max_cmdsn,
1495                   session->cmdsn, session->queued_cmdsn);
1496         return -ENOSPC;
1497     }
1498     return 0;
1499 }
1500
1501 static int iscsi_xmit_task(struct iscsi_conn *conn, struct iscsi_task *task,
1502                bool was_requeue)
1503 {
1504     int rc;
1505
1506     if (!conn->task) {
1507         /*
1508          * Take a ref so we can access it after xmit_task().
1509          *
1510          * This should never fail because the failure paths will have
1511          * stopped the xmit thread.
1512          */
1513         if (!iscsi_get_task(task)) {
1514             WARN_ON_ONCE(1);
1515             return 0;
1516         }
1517     } else {
1518         /* Already have a ref from when we failed to send it last call */
1519         conn->task = NULL;
1520     }
1521
1522     /*
1523      * If this was a requeue for a R2T we have an extra ref on the task in
1524      * case a bad target sends a cmd rsp before we have handled the task.
1525      */
1526     if (was_requeue)
1527         iscsi_put_task(task);
1528
1529     /*
1530      * Do this after dropping the extra ref because if this was a requeue
1531      * it's removed from that list and cleanup_queued_task would miss it.
1532      */
1533     if (test_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags)) {
1534         /*
1535          * Save the task and ref in case we weren't cleaning up this
1536          * task and get woken up again.
1537          */
1538         conn->task = task;
1539         return -ENODATA;
1540     }
1541
1542     spin_unlock_bh(&conn->session->frwd_lock);
1543     rc = conn->session->tt->xmit_task(task);
1544     spin_lock_bh(&conn->session->frwd_lock);
1545     if (!rc) {
1546         /* done with this task */
1547         task->last_xfer = jiffies;
1548     } else {
1549         /*
1550          * get an extra ref that is released next time we access it
1551          * as conn->task above.
1552          */
1553         iscsi_get_task(task);
1554         conn->task = task;
1555     }
1556
1557     iscsi_put_task(task);
1558     return rc;
1559 }
1560
1561 /**
1562  * iscsi_requeue_task - requeue task to run from session workqueue
1563  * @task: task to requeue
1564  *
1565  * Callers must have taken a ref to the task that is going to be requeued.
1566  */
1567 void iscsi_requeue_task(struct iscsi_task *task)
1568 {
1569     struct iscsi_conn *conn = task->conn;
1570
1571     /*
1572      * this may be on the requeue list already if the xmit_task callout
1573      * is handling the r2ts while we are adding new ones
1574      */
1575     spin_lock_bh(&conn->session->frwd_lock);
1576     if (list_empty(&task->running)) {
1577         list_add_tail(&task->running, &conn->requeue);
1578     } else {
1579         /*
1580          * Don't need the extra ref since it's already requeued and
1581          * has a ref.
1582          */
1583         iscsi_put_task(task);
1584     }
1585     iscsi_conn_queue_xmit(conn);
1586     spin_unlock_bh(&conn->session->frwd_lock);
1587 }
1588 EXPORT_SYMBOL_GPL(iscsi_requeue_task);
1589
1590 /**
1591  * iscsi_data_xmit - xmit any command into the scheduled connection
1592  * @conn: iscsi connection
1593  *
1594  * Notes:
1595  *  The function can return -EAGAIN in which case the caller must
1596  *  re-schedule it again later or recover. '0' return code means
1597  *  successful xmit.
1598  **/
1599 static int iscsi_data_xmit(struct iscsi_conn *conn)
1600 {
1601     struct iscsi_task *task;
1602     int rc = 0;
1603
1604     spin_lock_bh(&conn->session->frwd_lock);
1605     if (test_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags)) {
1606         ISCSI_DBG_SESSION(conn->session, "Tx suspended!\n");
1607         spin_unlock_bh(&conn->session->frwd_lock);
1608         return -ENODATA;
1609     }
1610
1611     if (conn->task) {
1612         rc = iscsi_xmit_task(conn, conn->task, false);
1613             if (rc)
1614                 goto done;
1615     }
1616
1617     /*
1618      * process mgmt pdus like nops before commands since we should
1619      * only have one nop-out as a ping from us and targets should not
1620      * overflow us with nop-ins
1621      */
1622 check_mgmt:
1623     while (!list_empty(&conn->mgmtqueue)) {
1624         task = list_entry(conn->mgmtqueue.next, struct iscsi_task,
1625                   running);
1626         list_del_init(&task->running);
1627         if (iscsi_prep_mgmt_task(conn, task)) {
1628             /* regular RX path uses back_lock */
1629             spin_lock_bh(&conn->session->back_lock);
1630             __iscsi_put_task(task);
1631             spin_unlock_bh(&conn->session->back_lock);
1632             continue;
1633         }
1634         rc = iscsi_xmit_task(conn, task, false);
1635         if (rc)
1636             goto done;
1637     }
1638
1639 check_requeue:
1640     while (!list_empty(&conn->requeue)) {
1641         /*
1642          * we always do fastlogout - conn stop code will clean up.
1643          */
1644         if (conn->session->state == ISCSI_STATE_LOGGING_OUT)
1645             break;
1646
1647         task = list_entry(conn->requeue.next, struct iscsi_task,
1648                   running);
1649
1650         if (iscsi_check_tmf_restrictions(task, ISCSI_OP_SCSI_DATA_OUT))
1651             break;
1652
1653         list_del_init(&task->running);
1654         rc = iscsi_xmit_task(conn, task, true);
1655         if (rc)
1656             goto done;
1657         if (!list_empty(&conn->mgmtqueue))
1658             goto check_mgmt;
1659     }
1660
1661     /* process pending command queue */
1662     while (!list_empty(&conn->cmdqueue)) {
1663         task = list_entry(conn->cmdqueue.next, struct iscsi_task,
1664                   running);
1665         list_del_init(&task->running);
1666         if (conn->session->state == ISCSI_STATE_LOGGING_OUT) {
1667             fail_scsi_task(task, DID_IMM_RETRY);
1668             continue;
1669         }
1670         rc = iscsi_prep_scsi_cmd_pdu(task);
1671         if (rc) {
1672             if (rc == -ENOMEM || rc == -EACCES)
1673                 fail_scsi_task(task, DID_IMM_RETRY);
1674             else
1675                 fail_scsi_task(task, DID_ABORT);
1676             continue;
1677         }
1678         rc = iscsi_xmit_task(conn, task, false);
1679         if (rc)
1680             goto done;
1681         /*
1682          * we could continuously get new task requests so
1683          * we need to check the mgmt queue for nops that need to
1684          * be sent to aviod starvation
1685          */
1686         if (!list_empty(&conn->mgmtqueue))
1687             goto check_mgmt;
1688         if (!list_empty(&conn->requeue))
1689             goto check_requeue;
1690     }
1691
1692     spin_unlock_bh(&conn->session->frwd_lock);
1693     return -ENODATA;
1694
1695 done:
1696     spin_unlock_bh(&conn->session->frwd_lock);
1697     return rc;
1698 }
1699
1700 static void iscsi_xmitworker(struct work_struct *work)
1701 {
1702     struct iscsi_conn *conn =
1703         container_of(work, struct iscsi_conn, xmitwork);
1704     int rc;
1705     /*
1706      * serialize Xmit worker on a per-connection basis.
1707      */
1708     do {
1709         rc = iscsi_data_xmit(conn);
1710     } while (rc >= 0 || rc == -EAGAIN);
1711 }
1712
1713 static inline struct iscsi_task *iscsi_alloc_task(struct iscsi_conn *conn,
1714                           struct scsi_cmnd *sc)
1715 {
1716     struct iscsi_task *task;
1717
1718     if (!kfifo_out(&conn->session->cmdpool.queue,
1719              (void *) &task, sizeof(void *)))
1720         return NULL;
1721
1722     iscsi_cmd(sc)->age = conn->session->age;
1723     iscsi_cmd(sc)->task = task;
1724
1725     refcount_set(&task->refcount, 1);
1726     task->state = ISCSI_TASK_PENDING;
1727     task->conn = conn;
1728     task->sc = sc;
1729     task->have_checked_conn = false;
1730     task->last_timeout = jiffies;
1731     task->last_xfer = jiffies;
1732     task->protected = false;
1733     INIT_LIST_HEAD(&task->running);
1734     return task;
1735 }
1736
1737 enum {
1738     FAILURE_BAD_HOST = 1,
1739     FAILURE_SESSION_FAILED,
1740     FAILURE_SESSION_FREED,
1741     FAILURE_WINDOW_CLOSED,
1742     FAILURE_OOM,
1743     FAILURE_SESSION_TERMINATE,
1744     FAILURE_SESSION_IN_RECOVERY,
1745     FAILURE_SESSION_RECOVERY_TIMEOUT,
1746     FAILURE_SESSION_LOGGING_OUT,
1747     FAILURE_SESSION_NOT_READY,
1748 };
1749
1750 int iscsi_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *sc)
1751 {
1752     struct iscsi_cls_session *cls_session;
1753     struct iscsi_host *ihost;
1754     int reason = 0;
1755     struct iscsi_session *session;
1756     struct iscsi_conn *conn;
1757     struct iscsi_task *task = NULL;
1758
1759     sc->result = 0;
1760     iscsi_cmd(sc)->task = NULL;
1761
1762     ihost = shost_priv(host);
1763
1764     cls_session = starget_to_session(scsi_target(sc->device));
1765     session = cls_session->dd_data;
1766     spin_lock_bh(&session->frwd_lock);
1767
1768     reason = iscsi_session_chkready(cls_session);
1769     if (reason) {
1770         sc->result = reason;
1771         goto fault;
1772     }
1773
1774     if (session->state != ISCSI_STATE_LOGGED_IN) {
1775         /*
1776          * to handle the race between when we set the recovery state
1777          * and block the session we requeue here (commands could
1778          * be entering our queuecommand while a block is starting
1779          * up because the block code is not locked)
1780          */
1781         switch (session->state) {
1782         case ISCSI_STATE_FAILED:
1783             /*
1784              * cmds should fail during shutdown, if the session
1785              * state is bad, allowing completion to happen
1786              */
1787             if (unlikely(system_state != SYSTEM_RUNNING)) {
1788                 reason = FAILURE_SESSION_FAILED;
1789                 sc->result = DID_NO_CONNECT << 16;
1790                 break;
1791             }
1792             fallthrough;
1793         case ISCSI_STATE_IN_RECOVERY:
1794             reason = FAILURE_SESSION_IN_RECOVERY;
1795             sc->result = DID_IMM_RETRY << 16;
1796             break;
1797         case ISCSI_STATE_LOGGING_OUT:
1798             reason = FAILURE_SESSION_LOGGING_OUT;
1799             sc->result = DID_IMM_RETRY << 16;
1800             break;
1801         case ISCSI_STATE_RECOVERY_FAILED:
1802             reason = FAILURE_SESSION_RECOVERY_TIMEOUT;
1803             sc->result = DID_TRANSPORT_FAILFAST << 16;
1804             break;
1805         case ISCSI_STATE_TERMINATE:
1806             reason = FAILURE_SESSION_TERMINATE;
1807             sc->result = DID_NO_CONNECT << 16;
1808             break;
1809         default:
1810             reason = FAILURE_SESSION_FREED;
1811             sc->result = DID_NO_CONNECT << 16;
1812         }
1813         goto fault;
1814     }
1815
1816     conn = session->leadconn;
1817     if (!conn) {
1818         reason = FAILURE_SESSION_FREED;
1819         sc->result = DID_NO_CONNECT << 16;
1820         goto fault;
1821     }
1822
1823     if (test_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags)) {
1824         reason = FAILURE_SESSION_IN_RECOVERY;
1825         sc->result = DID_REQUEUE << 16;
1826         goto fault;
1827     }
1828
1829     if (iscsi_check_cmdsn_window_closed(conn)) {
1830         reason = FAILURE_WINDOW_CLOSED;
1831         goto reject;
1832     }
1833
1834     task = iscsi_alloc_task(conn, sc);
1835     if (!task) {
1836         reason = FAILURE_OOM;
1837         goto reject;
1838     }
1839
1840     if (!ihost->workq) {
1841         reason = iscsi_prep_scsi_cmd_pdu(task);
1842         if (reason) {
1843             if (reason == -ENOMEM ||  reason == -EACCES) {
1844                 reason = FAILURE_OOM;
1845                 goto prepd_reject;
1846             } else {
1847                 sc->result = DID_ABORT << 16;
1848                 goto prepd_fault;
1849             }
1850         }
1851         if (session->tt->xmit_task(task)) {
1852             session->cmdsn--;
1853             reason = FAILURE_SESSION_NOT_READY;
1854             goto prepd_reject;
1855         }
1856     } else {
1857         list_add_tail(&task->running, &conn->cmdqueue);
1858         iscsi_conn_queue_xmit(conn);
1859     }
1860
1861     session->queued_cmdsn++;
1862     spin_unlock_bh(&session->frwd_lock);
1863     return 0;
1864
1865 prepd_reject:
1866     spin_lock_bh(&session->back_lock);
1867     iscsi_complete_task(task, ISCSI_TASK_REQUEUE_SCSIQ);
1868     spin_unlock_bh(&session->back_lock);
1869 reject:
1870     spin_unlock_bh(&session->frwd_lock);
1871     ISCSI_DBG_SESSION(session, "cmd 0x%x rejected (%d)\n",
1872               sc->cmnd[0], reason);
1873     return SCSI_MLQUEUE_TARGET_BUSY;
1874
1875 prepd_fault:
1876     spin_lock_bh(&session->back_lock);
1877     iscsi_complete_task(task, ISCSI_TASK_REQUEUE_SCSIQ);
1878     spin_unlock_bh(&session->back_lock);
1879 fault:
1880     spin_unlock_bh(&session->frwd_lock);
1881     ISCSI_DBG_SESSION(session, "iscsi: cmd 0x%x is not queued (%d)\n",
1882               sc->cmnd[0], reason);
1883     scsi_set_resid(sc, scsi_bufflen(sc));
1884     scsi_done(sc);
1885     return 0;
1886 }
1887 EXPORT_SYMBOL_GPL(iscsi_queuecommand);
1888
1889 int iscsi_target_alloc(struct scsi_target *starget)
1890 {
1891     struct iscsi_cls_session *cls_session = starget_to_session(starget);
1892     struct iscsi_session *session = cls_session->dd_data;
1893
1894     starget->can_queue = session->scsi_cmds_max;
1895     return 0;
1896 }
1897 EXPORT_SYMBOL_GPL(iscsi_target_alloc);
1898
1899 static void iscsi_tmf_timedout(struct timer_list *t)
1900 {
1901     struct iscsi_session *session = from_timer(session, t, tmf_timer);
1902
1903     spin_lock(&session->frwd_lock);
1904     if (session->tmf_state == TMF_QUEUED) {
1905         session->tmf_state = TMF_TIMEDOUT;
1906         ISCSI_DBG_EH(session, "tmf timedout\n");
1907         /* unblock eh_abort() */
1908         wake_up(&session->ehwait);
1909     }
1910     spin_unlock(&session->frwd_lock);
1911 }
1912
1913 static int iscsi_exec_task_mgmt_fn(struct iscsi_conn *conn,
1914                    struct iscsi_tm *hdr, int age,
1915                    int timeout)
1916     __must_hold(&session->frwd_lock)
1917 {
1918     struct iscsi_session *session = conn->session;
1919
1920     if (__iscsi_conn_send_pdu(conn, (struct iscsi_hdr *)hdr, NULL, 0)) {
1921         spin_unlock_bh(&session->frwd_lock);
1922         iscsi_conn_printk(KERN_ERR, conn, "Could not send TMF.\n");
1923         iscsi_conn_failure(conn, ISCSI_ERR_CONN_FAILED);
1924         spin_lock_bh(&session->frwd_lock);
1925         return -EPERM;
1926     }
1927     conn->tmfcmd_pdus_cnt++;
1928     session->tmf_timer.expires = timeout * HZ + jiffies;
1929     add_timer(&session->tmf_timer);
1930     ISCSI_DBG_EH(session, "tmf set timeout\n");
1931
1932     spin_unlock_bh(&session->frwd_lock);
1933     mutex_unlock(&session->eh_mutex);
1934
1935     /*
1936      * block eh thread until:
1937      *
1938      * 1) tmf response
1939      * 2) tmf timeout
1940      * 3) session is terminated or restarted or userspace has
1941      * given up on recovery
1942      */
1943     wait_event_interruptible(session->ehwait, age != session->age ||
1944                  session->state != ISCSI_STATE_LOGGED_IN ||
1945                  session->tmf_state != TMF_QUEUED);
1946     if (signal_pending(current))
1947         flush_signals(current);
1948     del_timer_sync(&session->tmf_timer);
1949
1950     mutex_lock(&session->eh_mutex);
1951     spin_lock_bh(&session->frwd_lock);
1952     /* if the session drops it will clean up the task */
1953     if (age != session->age ||
1954         session->state != ISCSI_STATE_LOGGED_IN)
1955         return -ENOTCONN;
1956     return 0;
1957 }
1958
1959 /*
1960  * Fail commands. session frwd lock held and xmit thread flushed.
1961  */
1962 static void fail_scsi_tasks(struct iscsi_conn *conn, u64 lun, int error)
1963 {
1964     struct iscsi_session *session = conn->session;
1965     struct iscsi_task *task;
1966     int i;
1967
1968 restart_cmd_loop:
1969     spin_lock_bh(&session->back_lock);
1970     for (i = 0; i < session->cmds_max; i++) {
1971         task = session->cmds[i];
1972         if (!task->sc || task->state == ISCSI_TASK_FREE)
1973             continue;
1974
1975         if (lun != -1 && lun != task->sc->device->lun)
1976             continue;
1977         /*
1978          * The cmd is completing but if this is called from an eh
1979          * callout path then when we return scsi-ml owns the cmd. Wait
1980          * for the completion path to finish freeing the cmd.
1981          */
1982         if (!iscsi_get_task(task)) {
1983             spin_unlock_bh(&session->back_lock);
1984             spin_unlock_bh(&session->frwd_lock);
1985             udelay(ISCSI_CMD_COMPL_WAIT);
1986             spin_lock_bh(&session->frwd_lock);
1987             goto restart_cmd_loop;
1988         }
1989
1990         ISCSI_DBG_SESSION(session,
1991                   "failing sc %p itt 0x%x state %d\n",
1992                   task->sc, task->itt, task->state);
1993         __fail_scsi_task(task, error);
1994         __iscsi_put_task(task);
1995     }
1996     spin_unlock_bh(&session->back_lock);
1997 }
1998
1999 /**
2000  * iscsi_suspend_queue - suspend iscsi_queuecommand
2001  * @conn: iscsi conn to stop queueing IO on
2002  *
2003  * This grabs the session frwd_lock to make sure no one is in
2004  * xmit_task/queuecommand, and then sets suspend to prevent
2005  * new commands from being queued. This only needs to be called
2006  * by offload drivers that need to sync a path like ep disconnect
2007  * with the iscsi_queuecommand/xmit_task. To start IO again libiscsi
2008  * will call iscsi_start_tx and iscsi_unblock_session when in FFP.
2009  */
2010 void iscsi_suspend_queue(struct iscsi_conn *conn)
2011 {
2012     spin_lock_bh(&conn->session->frwd_lock);
2013     set_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags);
2014     spin_unlock_bh(&conn->session->frwd_lock);
2015 }
2016 EXPORT_SYMBOL_GPL(iscsi_suspend_queue);
2017
2018 /**
2019  * iscsi_suspend_tx - suspend iscsi_data_xmit
2020  * @conn: iscsi conn to stop processing IO on.
2021  *
2022  * This function sets the suspend bit to prevent iscsi_data_xmit
2023  * from sending new IO, and if work is queued on the xmit thread
2024  * it will wait for it to be completed.
2025  */
2026 void iscsi_suspend_tx(struct iscsi_conn *conn)
2027 {
2028     struct Scsi_Host *shost = conn->session->host;
2029     struct iscsi_host *ihost = shost_priv(shost);
2030
2031     set_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags);
2032     if (ihost->workq)
2033         flush_work(&conn->xmitwork);
2034 }
2035 EXPORT_SYMBOL_GPL(iscsi_suspend_tx);
2036
2037 static void iscsi_start_tx(struct iscsi_conn *conn)
2038 {
2039     clear_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags);
2040     iscsi_conn_queue_xmit(conn);
2041 }
2042
2043 /**
2044  * iscsi_suspend_rx - Prevent recvwork from running again.
2045  * @conn: iscsi conn to stop.
2046  */
2047 void iscsi_suspend_rx(struct iscsi_conn *conn)
2048 {
2049     struct Scsi_Host *shost = conn->session->host;
2050     struct iscsi_host *ihost = shost_priv(shost);
2051
2052     set_bit(ISCSI_CONN_FLAG_SUSPEND_RX, &conn->flags);
2053     if (ihost->workq)
2054         flush_work(&conn->recvwork);
2055 }
2056 EXPORT_SYMBOL_GPL(iscsi_suspend_rx);
2057
2058 /*
2059  * We want to make sure a ping is in flight. It has timed out.
2060  * And we are not busy processing a pdu that is making
2061  * progress but got started before the ping and is taking a while
2062  * to complete so the ping is just stuck behind it in a queue.
2063  */
2064 static int iscsi_has_ping_timed_out(struct iscsi_conn *conn)
2065 {
2066     if (READ_ONCE(conn->ping_task) &&
2067         time_before_eq(conn->last_recv + (conn->recv_timeout * HZ) +
2068                (conn->ping_timeout * HZ), jiffies))
2069         return 1;
2070     else
2071         return 0;
2072 }
2073
2074 enum blk_eh_timer_return iscsi_eh_cmd_timed_out(struct scsi_cmnd *sc)
2075 {
2076     enum blk_eh_timer_return rc = BLK_EH_DONE;
2077     struct iscsi_task *task = NULL, *running_task;
2078     struct iscsi_cls_session *cls_session;
2079     struct iscsi_session *session;
2080     struct iscsi_conn *conn;
2081     int i;
2082
2083     cls_session = starget_to_session(scsi_target(sc->device));
2084     session = cls_session->dd_data;
2085
2086     ISCSI_DBG_EH(session, "scsi cmd %p timedout\n", sc);
2087
2088     spin_lock_bh(&session->frwd_lock);
2089     spin_lock(&session->back_lock);
2090     task = iscsi_cmd(sc)->task;
2091     if (!task) {
2092         /*
2093          * Raced with completion. Blk layer has taken ownership
2094          * so let timeout code complete it now.
2095          */
2096         rc = BLK_EH_DONE;
2097         spin_unlock(&session->back_lock);
2098         goto done;
2099     }
2100     if (!iscsi_get_task(task)) {
2101         /*
2102          * Racing with the completion path right now, so give it more
2103          * time so that path can complete it like normal.
2104          */
2105         rc = BLK_EH_RESET_TIMER;
2106         task = NULL;
2107         spin_unlock(&session->back_lock);
2108         goto done;
2109     }
2110     spin_unlock(&session->back_lock);
2111
2112     if (session->state != ISCSI_STATE_LOGGED_IN) {
2113         /*
2114          * During shutdown, if session is prematurely disconnected,
2115          * recovery won't happen and there will be hung cmds. Not
2116          * handling cmds would trigger EH, also bad in this case.
2117          * Instead, handle cmd, allow completion to happen and let
2118          * upper layer to deal with the result.
2119          */
2120         if (unlikely(system_state != SYSTEM_RUNNING)) {
2121             sc->result = DID_NO_CONNECT << 16;
2122             ISCSI_DBG_EH(session, "sc on shutdown, handled\n");
2123             rc = BLK_EH_DONE;
2124             goto done;
2125         }
2126         /*
2127          * We are probably in the middle of iscsi recovery so let
2128          * that complete and handle the error.
2129          */
2130         rc = BLK_EH_RESET_TIMER;
2131         goto done;
2132     }
2133
2134     conn = session->leadconn;
2135     if (!conn) {
2136         /* In the middle of shuting down */
2137         rc = BLK_EH_RESET_TIMER;
2138         goto done;
2139     }
2140
2141     /*
2142      * If we have sent (at least queued to the network layer) a pdu or
2143      * recvd one for the task since the last timeout ask for
2144      * more time. If on the next timeout we have not made progress
2145      * we can check if it is the task or connection when we send the
2146      * nop as a ping.
2147      */
2148     if (time_after(task->last_xfer, task->last_timeout)) {
2149         ISCSI_DBG_EH(session, "Command making progress. Asking "
2150                  "scsi-ml for more time to complete. "
2151                  "Last data xfer at %lu. Last timeout was at "
2152                  "%lu\n.", task->last_xfer, task->last_timeout);
2153         task->have_checked_conn = false;
2154         rc = BLK_EH_RESET_TIMER;
2155         goto done;
2156     }
2157
2158     if (!conn->recv_timeout && !conn->ping_timeout)
2159         goto done;
2160     /*
2161      * if the ping timedout then we are in the middle of cleaning up
2162      * and can let the iscsi eh handle it
2163      */
2164     if (iscsi_has_ping_timed_out(conn)) {
2165         rc = BLK_EH_RESET_TIMER;
2166         goto done;
2167     }
2168
2169     spin_lock(&session->back_lock);
2170     for (i = 0; i < conn->session->cmds_max; i++) {
2171         running_task = conn->session->cmds[i];
2172         if (!running_task->sc || running_task == task ||
2173              running_task->state != ISCSI_TASK_RUNNING)
2174             continue;
2175
2176         /*
2177          * Only check if cmds started before this one have made
2178          * progress, or this could never fail
2179          */
2180         if (time_after(running_task->sc->jiffies_at_alloc,
2181                    task->sc->jiffies_at_alloc))
2182             continue;
2183
2184         if (time_after(running_task->last_xfer, task->last_timeout)) {
2185             /*
2186              * This task has not made progress, but a task
2187              * started before us has transferred data since
2188              * we started/last-checked. We could be queueing
2189              * too many tasks or the LU is bad.
2190              *
2191              * If the device is bad the cmds ahead of us on
2192              * other devs will complete, and this loop will
2193              * eventually fail starting the scsi eh.
2194              */
2195             ISCSI_DBG_EH(session, "Command has not made progress "
2196                      "but commands ahead of it have. "
2197                      "Asking scsi-ml for more time to "
2198                      "complete. Our last xfer vs running task "
2199                      "last xfer %lu/%lu. Last check %lu.\n",
2200                      task->last_xfer, running_task->last_xfer,
2201                      task->last_timeout);
2202             spin_unlock(&session->back_lock);
2203             rc = BLK_EH_RESET_TIMER;
2204             goto done;
2205         }
2206     }
2207     spin_unlock(&session->back_lock);
2208
2209     /* Assumes nop timeout is shorter than scsi cmd timeout */
2210     if (task->have_checked_conn)
2211         goto done;
2212
2213     /*
2214      * Checking the transport already or nop from a cmd timeout still
2215      * running
2216      */
2217     if (READ_ONCE(conn->ping_task)) {
2218         task->have_checked_conn = true;
2219         rc = BLK_EH_RESET_TIMER;
2220         goto done;
2221     }
2222
2223     /* Make sure there is a transport check done */
2224     iscsi_send_nopout(conn, NULL);
2225     task->have_checked_conn = true;
2226     rc = BLK_EH_RESET_TIMER;
2227
2228 done:
2229     spin_unlock_bh(&session->frwd_lock);
2230
2231     if (task) {
2232         task->last_timeout = jiffies;
2233         iscsi_put_task(task);
2234     }
2235     ISCSI_DBG_EH(session, "return %s\n", rc == BLK_EH_RESET_TIMER ?
2236              "timer reset" : "shutdown or nh");
2237     return rc;
2238 }
2239 EXPORT_SYMBOL_GPL(iscsi_eh_cmd_timed_out);
2240
2241 static void iscsi_check_transport_timeouts(struct timer_list *t)
2242 {
2243     struct iscsi_conn *conn = from_timer(conn, t, transport_timer);
2244     struct iscsi_session *session = conn->session;
2245     unsigned long recv_timeout, next_timeout = 0, last_recv;
2246
2247     spin_lock(&session->frwd_lock);
2248     if (session->state != ISCSI_STATE_LOGGED_IN)
2249         goto done;
2250
2251     recv_timeout = conn->recv_timeout;
2252     if (!recv_timeout)
2253         goto done;
2254
2255     recv_timeout *= HZ;
2256     last_recv = conn->last_recv;
2257
2258     if (iscsi_has_ping_timed_out(conn)) {
2259         iscsi_conn_printk(KERN_ERR, conn, "ping timeout of %d secs "
2260                   "expired, recv timeout %d, last rx %lu, "
2261                   "last ping %lu, now %lu\n",
2262                   conn->ping_timeout, conn->recv_timeout,
2263                   last_recv, conn->last_ping, jiffies);
2264         spin_unlock(&session->frwd_lock);
2265         iscsi_conn_failure(conn, ISCSI_ERR_NOP_TIMEDOUT);
2266         return;
2267     }
2268
2269     if (time_before_eq(last_recv + recv_timeout, jiffies)) {
2270         /* send a ping to try to provoke some traffic */
2271         ISCSI_DBG_CONN(conn, "Sending nopout as ping\n");
2272         if (iscsi_send_nopout(conn, NULL))
2273             next_timeout = jiffies + (1 * HZ);
2274         else
2275             next_timeout = conn->last_ping + (conn->ping_timeout * HZ);
2276     } else
2277         next_timeout = last_recv + recv_timeout;
2278
2279     ISCSI_DBG_CONN(conn, "Setting next tmo %lu\n", next_timeout);
2280     mod_timer(&conn->transport_timer, next_timeout);
2281 done:
2282     spin_unlock(&session->frwd_lock);
2283 }
2284
2285 /**
2286  * iscsi_conn_unbind - prevent queueing to conn.
2287  * @cls_conn: iscsi conn ep is bound to.
2288  * @is_active: is the conn in use for boot or is this for EH/termination
2289  *
2290  * This must be called by drivers implementing the ep_disconnect callout.
2291  * It disables queueing to the connection from libiscsi in preparation for
2292  * an ep_disconnect call.
2293  */
2294 void iscsi_conn_unbind(struct iscsi_cls_conn *cls_conn, bool is_active)
2295 {
2296     struct iscsi_session *session;
2297     struct iscsi_conn *conn;
2298
2299     if (!cls_conn)
2300         return;
2301
2302     conn = cls_conn->dd_data;
2303     session = conn->session;
2304     /*
2305      * Wait for iscsi_eh calls to exit. We don't wait for the tmf to
2306      * complete or timeout. The caller just wants to know what's running
2307      * is everything that needs to be cleaned up, and no cmds will be
2308      * queued.
2309      */
2310     mutex_lock(&session->eh_mutex);
2311
2312     iscsi_suspend_queue(conn);
2313     iscsi_suspend_tx(conn);
2314
2315     spin_lock_bh(&session->frwd_lock);
2316     clear_bit(ISCSI_CONN_FLAG_BOUND, &conn->flags);
2317
2318     if (!is_active) {
2319         /*
2320          * if logout timed out before userspace could even send a PDU
2321          * the state might still be in ISCSI_STATE_LOGGED_IN and
2322          * allowing new cmds and TMFs.
2323          */
2324         if (session->state == ISCSI_STATE_LOGGED_IN)
2325             iscsi_set_conn_failed(conn);
2326     }
2327     spin_unlock_bh(&session->frwd_lock);
2328     mutex_unlock(&session->eh_mutex);
2329 }
2330 EXPORT_SYMBOL_GPL(iscsi_conn_unbind);
2331
2332 static void iscsi_prep_abort_task_pdu(struct iscsi_task *task,
2333                       struct iscsi_tm *hdr)
2334 {
2335     memset(hdr, 0, sizeof(*hdr));
2336     hdr->opcode = ISCSI_OP_SCSI_TMFUNC | ISCSI_OP_IMMEDIATE;
2337     hdr->flags = ISCSI_TM_FUNC_ABORT_TASK & ISCSI_FLAG_TM_FUNC_MASK;
2338     hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2339     hdr->lun = task->lun;
2340     hdr->rtt = task->hdr_itt;
2341     hdr->refcmdsn = task->cmdsn;
2342 }
2343
2344 int iscsi_eh_abort(struct scsi_cmnd *sc)
2345 {
2346     struct iscsi_cls_session *cls_session;
2347     struct iscsi_session *session;
2348     struct iscsi_conn *conn;
2349     struct iscsi_task *task;
2350     struct iscsi_tm *hdr;
2351     int age;
2352
2353     cls_session = starget_to_session(scsi_target(sc->device));
2354     session = cls_session->dd_data;
2355
2356     ISCSI_DBG_EH(session, "aborting sc %p\n", sc);
2357
2358 completion_check:
2359     mutex_lock(&session->eh_mutex);
2360     spin_lock_bh(&session->frwd_lock);
2361     /*
2362      * if session was ISCSI_STATE_IN_RECOVERY then we may not have
2363      * got the command.
2364      */
2365     if (!iscsi_cmd(sc)->task) {
2366         ISCSI_DBG_EH(session, "sc never reached iscsi layer or "
2367                       "it completed.\n");
2368         spin_unlock_bh(&session->frwd_lock);
2369         mutex_unlock(&session->eh_mutex);
2370         return SUCCESS;
2371     }
2372
2373     /*
2374      * If we are not logged in or we have started a new session
2375      * then let the host reset code handle this
2376      */
2377     if (!session->leadconn || session->state != ISCSI_STATE_LOGGED_IN ||
2378         iscsi_cmd(sc)->age != session->age) {
2379         spin_unlock_bh(&session->frwd_lock);
2380         mutex_unlock(&session->eh_mutex);
2381         ISCSI_DBG_EH(session, "failing abort due to dropped "
2382                   "session.\n");
2383         return FAILED;
2384     }
2385
2386     spin_lock(&session->back_lock);
2387     task = iscsi_cmd(sc)->task;
2388     if (!task || !task->sc) {
2389         /* task completed before time out */
2390         ISCSI_DBG_EH(session, "sc completed while abort in progress\n");
2391
2392         spin_unlock(&session->back_lock);
2393         spin_unlock_bh(&session->frwd_lock);
2394         mutex_unlock(&session->eh_mutex);
2395         return SUCCESS;
2396     }
2397
2398     if (!iscsi_get_task(task)) {
2399         spin_unlock(&session->back_lock);
2400         spin_unlock_bh(&session->frwd_lock);
2401         mutex_unlock(&session->eh_mutex);
2402         /* We are just about to call iscsi_free_task so wait for it. */
2403         udelay(ISCSI_CMD_COMPL_WAIT);
2404         goto completion_check;
2405     }
2406
2407     ISCSI_DBG_EH(session, "aborting [sc %p itt 0x%x]\n", sc, task->itt);
2408     conn = session->leadconn;
2409     iscsi_get_conn(conn->cls_conn);
2410     conn->eh_abort_cnt++;
2411     age = session->age;
2412     spin_unlock(&session->back_lock);
2413
2414     if (task->state == ISCSI_TASK_PENDING) {
2415         fail_scsi_task(task, DID_ABORT);
2416         goto success;
2417     }
2418
2419     /* only have one tmf outstanding at a time */
2420     if (session->tmf_state != TMF_INITIAL)
2421         goto failed;
2422     session->tmf_state = TMF_QUEUED;
2423
2424     hdr = &session->tmhdr;
2425     iscsi_prep_abort_task_pdu(task, hdr);
2426
2427     if (iscsi_exec_task_mgmt_fn(conn, hdr, age, session->abort_timeout))
2428         goto failed;
2429
2430     switch (session->tmf_state) {
2431     case TMF_SUCCESS:
2432         spin_unlock_bh(&session->frwd_lock);
2433         /*
2434          * stop tx side incase the target had sent a abort rsp but
2435          * the initiator was still writing out data.
2436          */
2437         iscsi_suspend_tx(conn);
2438         /*
2439          * we do not stop the recv side because targets have been
2440          * good and have never sent us a successful tmf response
2441          * then sent more data for the cmd.
2442          */
2443         spin_lock_bh(&session->frwd_lock);
2444         fail_scsi_task(task, DID_ABORT);
2445         session->tmf_state = TMF_INITIAL;
2446         memset(hdr, 0, sizeof(*hdr));
2447         spin_unlock_bh(&session->frwd_lock);
2448         iscsi_start_tx(conn);
2449         goto success_unlocked;
2450     case TMF_TIMEDOUT:
2451         session->running_aborted_task = task;
2452         spin_unlock_bh(&session->frwd_lock);
2453         iscsi_conn_failure(conn, ISCSI_ERR_SCSI_EH_SESSION_RST);
2454         goto failed_unlocked;
2455     case TMF_NOT_FOUND:
2456         if (iscsi_task_is_completed(task)) {
2457             session->tmf_state = TMF_INITIAL;
2458             memset(hdr, 0, sizeof(*hdr));
2459             /* task completed before tmf abort response */
2460             ISCSI_DBG_EH(session, "sc completed while abort in "
2461                           "progress\n");
2462             goto success;
2463         }
2464         fallthrough;
2465     default:
2466         session->tmf_state = TMF_INITIAL;
2467         goto failed;
2468     }
2469
2470 success:
2471     spin_unlock_bh(&session->frwd_lock);
2472 success_unlocked:
2473     ISCSI_DBG_EH(session, "abort success [sc %p itt 0x%x]\n",
2474              sc, task->itt);
2475     iscsi_put_task(task);
2476     iscsi_put_conn(conn->cls_conn);
2477     mutex_unlock(&session->eh_mutex);
2478     return SUCCESS;
2479
2480 failed:
2481     spin_unlock_bh(&session->frwd_lock);
2482 failed_unlocked:
2483     ISCSI_DBG_EH(session, "abort failed [sc %p itt 0x%x]\n", sc,
2484              task ? task->itt : 0);
2485     /*
2486      * The driver might be accessing the task so hold the ref. The conn
2487      * stop cleanup will drop the ref after ep_disconnect so we know the
2488      * driver's no longer touching the task.
2489      */
2490     if (!session->running_aborted_task)
2491         iscsi_put_task(task);
2492
2493     iscsi_put_conn(conn->cls_conn);
2494     mutex_unlock(&session->eh_mutex);
2495     return FAILED;
2496 }
2497 EXPORT_SYMBOL_GPL(iscsi_eh_abort);
2498
2499 static void iscsi_prep_lun_reset_pdu(struct scsi_cmnd *sc, struct iscsi_tm *hdr)
2500 {
2501     memset(hdr, 0, sizeof(*hdr));
2502     hdr->opcode = ISCSI_OP_SCSI_TMFUNC | ISCSI_OP_IMMEDIATE;
2503     hdr->flags = ISCSI_TM_FUNC_LOGICAL_UNIT_RESET & ISCSI_FLAG_TM_FUNC_MASK;
2504     hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2505     int_to_scsilun(sc->device->lun, &hdr->lun);
2506     hdr->rtt = RESERVED_ITT;
2507 }
2508
2509 int iscsi_eh_device_reset(struct scsi_cmnd *sc)
2510 {
2511     struct iscsi_cls_session *cls_session;
2512     struct iscsi_session *session;
2513     struct iscsi_conn *conn;
2514     struct iscsi_tm *hdr;
2515     int rc = FAILED;
2516
2517     cls_session = starget_to_session(scsi_target(sc->device));
2518     session = cls_session->dd_data;
2519
2520     ISCSI_DBG_EH(session, "LU Reset [sc %p lun %llu]\n", sc,
2521              sc->device->lun);
2522
2523     mutex_lock(&session->eh_mutex);
2524     spin_lock_bh(&session->frwd_lock);
2525     /*
2526      * Just check if we are not logged in. We cannot check for
2527      * the phase because the reset could come from a ioctl.
2528      */
2529     if (!session->leadconn || session->state != ISCSI_STATE_LOGGED_IN)
2530         goto unlock;
2531     conn = session->leadconn;
2532
2533     /* only have one tmf outstanding at a time */
2534     if (session->tmf_state != TMF_INITIAL)
2535         goto unlock;
2536     session->tmf_state = TMF_QUEUED;
2537
2538     hdr = &session->tmhdr;
2539     iscsi_prep_lun_reset_pdu(sc, hdr);
2540
2541     if (iscsi_exec_task_mgmt_fn(conn, hdr, session->age,
2542                     session->lu_reset_timeout)) {
2543         rc = FAILED;
2544         goto unlock;
2545     }
2546
2547     switch (session->tmf_state) {
2548     case TMF_SUCCESS:
2549         break;
2550     case TMF_TIMEDOUT:
2551         spin_unlock_bh(&session->frwd_lock);
2552         iscsi_conn_failure(conn, ISCSI_ERR_SCSI_EH_SESSION_RST);
2553         goto done;
2554     default:
2555         session->tmf_state = TMF_INITIAL;
2556         goto unlock;
2557     }
2558
2559     rc = SUCCESS;
2560     spin_unlock_bh(&session->frwd_lock);
2561
2562     iscsi_suspend_tx(conn);
2563
2564     spin_lock_bh(&session->frwd_lock);
2565     memset(hdr, 0, sizeof(*hdr));
2566     fail_scsi_tasks(conn, sc->device->lun, DID_ERROR);
2567     session->tmf_state = TMF_INITIAL;
2568     spin_unlock_bh(&session->frwd_lock);
2569
2570     iscsi_start_tx(conn);
2571     goto done;
2572
2573 unlock:
2574     spin_unlock_bh(&session->frwd_lock);
2575 done:
2576     ISCSI_DBG_EH(session, "dev reset result = %s\n",
2577              rc == SUCCESS ? "SUCCESS" : "FAILED");
2578     mutex_unlock(&session->eh_mutex);
2579     return rc;
2580 }
2581 EXPORT_SYMBOL_GPL(iscsi_eh_device_reset);
2582
2583 void iscsi_session_recovery_timedout(struct iscsi_cls_session *cls_session)
2584 {
2585     struct iscsi_session *session = cls_session->dd_data;
2586
2587     spin_lock_bh(&session->frwd_lock);
2588     if (session->state != ISCSI_STATE_LOGGED_IN) {
2589         session->state = ISCSI_STATE_RECOVERY_FAILED;
2590         wake_up(&session->ehwait);
2591     }
2592     spin_unlock_bh(&session->frwd_lock);
2593 }
2594 EXPORT_SYMBOL_GPL(iscsi_session_recovery_timedout);
2595
2596 /**
2597  * iscsi_eh_session_reset - drop session and attempt relogin
2598  * @sc: scsi command
2599  *
2600  * This function will wait for a relogin, session termination from
2601  * userspace, or a recovery/replacement timeout.
2602  */
2603 int iscsi_eh_session_reset(struct scsi_cmnd *sc)
2604 {
2605     struct iscsi_cls_session *cls_session;
2606     struct iscsi_session *session;
2607     struct iscsi_conn *conn;
2608
2609     cls_session = starget_to_session(scsi_target(sc->device));
2610     session = cls_session->dd_data;
2611
2612     mutex_lock(&session->eh_mutex);
2613     spin_lock_bh(&session->frwd_lock);
2614     if (session->state == ISCSI_STATE_TERMINATE) {
2615 failed:
2616         ISCSI_DBG_EH(session,
2617                  "failing session reset: Could not log back into "
2618                  "%s [age %d]\n", session->targetname,
2619                  session->age);
2620         spin_unlock_bh(&session->frwd_lock);
2621         mutex_unlock(&session->eh_mutex);
2622         return FAILED;
2623     }
2624
2625     conn = session->leadconn;
2626     iscsi_get_conn(conn->cls_conn);
2627
2628     spin_unlock_bh(&session->frwd_lock);
2629     mutex_unlock(&session->eh_mutex);
2630
2631     iscsi_conn_failure(conn, ISCSI_ERR_SCSI_EH_SESSION_RST);
2632     iscsi_put_conn(conn->cls_conn);
2633
2634     ISCSI_DBG_EH(session, "wait for relogin\n");
2635     wait_event_interruptible(session->ehwait,
2636                  session->state == ISCSI_STATE_TERMINATE ||
2637                  session->state == ISCSI_STATE_LOGGED_IN ||
2638                  session->state == ISCSI_STATE_RECOVERY_FAILED);
2639     if (signal_pending(current))
2640         flush_signals(current);
2641
2642     mutex_lock(&session->eh_mutex);
2643     spin_lock_bh(&session->frwd_lock);
2644     if (session->state == ISCSI_STATE_LOGGED_IN) {
2645         ISCSI_DBG_EH(session,
2646                  "session reset succeeded for %s,%s\n",
2647                  session->targetname, conn->persistent_address);
2648     } else
2649         goto failed;
2650     spin_unlock_bh(&session->frwd_lock);
2651     mutex_unlock(&session->eh_mutex);
2652     return SUCCESS;
2653 }
2654 EXPORT_SYMBOL_GPL(iscsi_eh_session_reset);
2655
2656 static void iscsi_prep_tgt_reset_pdu(struct scsi_cmnd *sc, struct iscsi_tm *hdr)
2657 {
2658     memset(hdr, 0, sizeof(*hdr));
2659     hdr->opcode = ISCSI_OP_SCSI_TMFUNC | ISCSI_OP_IMMEDIATE;
2660     hdr->flags = ISCSI_TM_FUNC_TARGET_WARM_RESET & ISCSI_FLAG_TM_FUNC_MASK;
2661     hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2662     hdr->rtt = RESERVED_ITT;
2663 }
2664
2665 /**
2666  * iscsi_eh_target_reset - reset target
2667  * @sc: scsi command
2668  *
2669  * This will attempt to send a warm target reset.
2670  */
2671 static int iscsi_eh_target_reset(struct scsi_cmnd *sc)
2672 {
2673     struct iscsi_cls_session *cls_session;
2674     struct iscsi_session *session;
2675     struct iscsi_conn *conn;
2676     struct iscsi_tm *hdr;
2677     int rc = FAILED;
2678
2679     cls_session = starget_to_session(scsi_target(sc->device));
2680     session = cls_session->dd_data;
2681
2682     ISCSI_DBG_EH(session, "tgt Reset [sc %p tgt %s]\n", sc,
2683              session->targetname);
2684
2685     mutex_lock(&session->eh_mutex);
2686     spin_lock_bh(&session->frwd_lock);
2687     /*
2688      * Just check if we are not logged in. We cannot check for
2689      * the phase because the reset could come from a ioctl.
2690      */
2691     if (!session->leadconn || session->state != ISCSI_STATE_LOGGED_IN)
2692         goto unlock;
2693     conn = session->leadconn;
2694
2695     /* only have one tmf outstanding at a time */
2696     if (session->tmf_state != TMF_INITIAL)
2697         goto unlock;
2698     session->tmf_state = TMF_QUEUED;
2699
2700     hdr = &session->tmhdr;
2701     iscsi_prep_tgt_reset_pdu(sc, hdr);
2702
2703     if (iscsi_exec_task_mgmt_fn(conn, hdr, session->age,
2704                     session->tgt_reset_timeout)) {
2705         rc = FAILED;
2706         goto unlock;
2707     }
2708
2709     switch (session->tmf_state) {
2710     case TMF_SUCCESS:
2711         break;
2712     case TMF_TIMEDOUT:
2713         spin_unlock_bh(&session->frwd_lock);
2714         iscsi_conn_failure(conn, ISCSI_ERR_SCSI_EH_SESSION_RST);
2715         goto done;
2716     default:
2717         session->tmf_state = TMF_INITIAL;
2718         goto unlock;
2719     }
2720
2721     rc = SUCCESS;
2722     spin_unlock_bh(&session->frwd_lock);
2723
2724     iscsi_suspend_tx(conn);
2725
2726     spin_lock_bh(&session->frwd_lock);
2727     memset(hdr, 0, sizeof(*hdr));
2728     fail_scsi_tasks(conn, -1, DID_ERROR);
2729     session->tmf_state = TMF_INITIAL;
2730     spin_unlock_bh(&session->frwd_lock);
2731
2732     iscsi_start_tx(conn);
2733     goto done;
2734
2735 unlock:
2736     spin_unlock_bh(&session->frwd_lock);
2737 done:
2738     ISCSI_DBG_EH(session, "tgt %s reset result = %s\n", session->targetname,
2739              rc == SUCCESS ? "SUCCESS" : "FAILED");
2740     mutex_unlock(&session->eh_mutex);
2741     return rc;
2742 }
2743
2744 /**
2745  * iscsi_eh_recover_target - reset target and possibly the session
2746  * @sc: scsi command
2747  *
2748  * This will attempt to send a warm target reset. If that fails,
2749  * we will escalate to ERL0 session recovery.
2750  */
2751 int iscsi_eh_recover_target(struct scsi_cmnd *sc)
2752 {
2753     int rc;
2754
2755     rc = iscsi_eh_target_reset(sc);
2756     if (rc == FAILED)
2757         rc = iscsi_eh_session_reset(sc);
2758     return rc;
2759 }
2760 EXPORT_SYMBOL_GPL(iscsi_eh_recover_target);
2761
2762 /*
2763  * Pre-allocate a pool of @max items of @item_size. By default, the pool
2764  * should be accessed via kfifo_{get,put} on q->queue.
2765  * Optionally, the caller can obtain the array of object pointers
2766  * by passing in a non-NULL @items pointer
2767  */
2768 int
2769 iscsi_pool_init(struct iscsi_pool *q, int max, void ***items, int item_size)
2770 {
2771     int i, num_arrays = 1;
2772
2773     memset(q, 0, sizeof(*q));
2774
2775     q->max = max;
2776
2777     /* If the user passed an items pointer, he wants a copy of
2778      * the array. */
2779     if (items)
2780         num_arrays++;
2781     q->pool = kvcalloc(num_arrays * max, sizeof(void *), GFP_KERNEL);
2782     if (q->pool == NULL)
2783         return -ENOMEM;
2784
2785     kfifo_init(&q->queue, (void*)q->pool, max * sizeof(void*));
2786
2787     for (i = 0; i < max; i++) {
2788         q->pool[i] = kzalloc(item_size, GFP_KERNEL);
2789         if (q->pool[i] == NULL) {
2790             q->max = i;
2791             goto enomem;
2792         }
2793         kfifo_in(&q->queue, (void*)&q->pool[i], sizeof(void*));
2794     }
2795
2796     if (items) {
2797         *items = q->pool + max;
2798         memcpy(*items, q->pool, max * sizeof(void *));
2799     }
2800
2801     return 0;
2802
2803 enomem:
2804     iscsi_pool_free(q);
2805     return -ENOMEM;
2806 }
2807 EXPORT_SYMBOL_GPL(iscsi_pool_init);
2808
2809 void iscsi_pool_free(struct iscsi_pool *q)
2810 {
2811     int i;
2812
2813     for (i = 0; i < q->max; i++)
2814         kfree(q->pool[i]);
2815     kvfree(q->pool);
2816 }
2817 EXPORT_SYMBOL_GPL(iscsi_pool_free);
2818
2819 int iscsi_host_get_max_scsi_cmds(struct Scsi_Host *shost,
2820                  uint16_t requested_cmds_max)
2821 {
2822     int scsi_cmds, total_cmds = requested_cmds_max;
2823
2824 check:
2825     if (!total_cmds)
2826         total_cmds = ISCSI_DEF_XMIT_CMDS_MAX;
2827     /*
2828      * The iscsi layer needs some tasks for nop handling and tmfs,
2829      * so the cmds_max must at least be greater than ISCSI_MGMT_CMDS_MAX
2830      * + 1 command for scsi IO.
2831      */
2832     if (total_cmds < ISCSI_TOTAL_CMDS_MIN) {
2833         printk(KERN_ERR "iscsi: invalid max cmds of %d. Must be a power of two that is at least %d.\n",
2834                total_cmds, ISCSI_TOTAL_CMDS_MIN);
2835         return -EINVAL;
2836     }
2837
2838     if (total_cmds > ISCSI_TOTAL_CMDS_MAX) {
2839         printk(KERN_INFO "iscsi: invalid max cmds of %d. Must be a power of 2 less than or equal to %d. Using %d.\n",
2840                requested_cmds_max, ISCSI_TOTAL_CMDS_MAX,
2841                ISCSI_TOTAL_CMDS_MAX);
2842         total_cmds = ISCSI_TOTAL_CMDS_MAX;
2843     }
2844
2845     if (!is_power_of_2(total_cmds)) {
2846         total_cmds = rounddown_pow_of_two(total_cmds);
2847         if (total_cmds < ISCSI_TOTAL_CMDS_MIN) {
2848             printk(KERN_ERR "iscsi: invalid max cmds of %d. Must be a power of 2 greater than %d.\n", requested_cmds_max, ISCSI_TOTAL_CMDS_MIN);
2849             return -EINVAL;
2850         }
2851
2852         printk(KERN_INFO "iscsi: invalid max cmds %d. Must be a power of 2. Rounding max cmds down to %d.\n",
2853                requested_cmds_max, total_cmds);
2854     }
2855
2856     scsi_cmds = total_cmds - ISCSI_MGMT_CMDS_MAX;
2857     if (shost->can_queue && scsi_cmds > shost->can_queue) {
2858         total_cmds = shost->can_queue;
2859
2860         printk(KERN_INFO "iscsi: requested max cmds %u is higher than driver limit. Using driver limit %u\n",
2861                requested_cmds_max, shost->can_queue);
2862         goto check;
2863     }
2864
2865     return scsi_cmds;
2866 }
2867 EXPORT_SYMBOL_GPL(iscsi_host_get_max_scsi_cmds);
2868
2869 /**
2870  * iscsi_host_add - add host to system
2871  * @shost: scsi host
2872  * @pdev: parent device
2873  *
2874  * This should be called by partial offload and software iscsi drivers
2875  * to add a host to the system.
2876  */
2877 int iscsi_host_add(struct Scsi_Host *shost, struct device *pdev)
2878 {
2879     if (!shost->can_queue)
2880         shost->can_queue = ISCSI_DEF_XMIT_CMDS_MAX;
2881
2882     if (!shost->cmd_per_lun)
2883         shost->cmd_per_lun = ISCSI_DEF_CMD_PER_LUN;
2884
2885     return scsi_add_host(shost, pdev);
2886 }
2887 EXPORT_SYMBOL_GPL(iscsi_host_add);
2888
2889 /**
2890  * iscsi_host_alloc - allocate a host and driver data
2891  * @sht: scsi host template
2892  * @dd_data_size: driver host data size
2893  * @xmit_can_sleep: bool indicating if LLD will queue IO from a work queue
2894  *
2895  * This should be called by partial offload and software iscsi drivers.
2896  * To access the driver specific memory use the iscsi_host_priv() macro.
2897  */
2898 struct Scsi_Host *iscsi_host_alloc(struct scsi_host_template *sht,
2899                    int dd_data_size, bool xmit_can_sleep)
2900 {
2901     struct Scsi_Host *shost;
2902     struct iscsi_host *ihost;
2903
2904     shost = scsi_host_alloc(sht, sizeof(struct iscsi_host) + dd_data_size);
2905     if (!shost)
2906         return NULL;
2907     ihost = shost_priv(shost);
2908
2909     if (xmit_can_sleep) {
2910         ihost->workq = alloc_workqueue("iscsi_q_%d",
2911             WQ_SYSFS | __WQ_LEGACY | WQ_MEM_RECLAIM | WQ_UNBOUND,
2912             1, shost->host_no);
2913         if (!ihost->workq)
2914             goto free_host;
2915     }
2916
2917     spin_lock_init(&ihost->lock);
2918     ihost->state = ISCSI_HOST_SETUP;
2919     ihost->num_sessions = 0;
2920     init_waitqueue_head(&ihost->session_removal_wq);
2921     return shost;
2922
2923 free_host:
2924     scsi_host_put(shost);
2925     return NULL;
2926 }
2927 EXPORT_SYMBOL_GPL(iscsi_host_alloc);
2928
2929 static void iscsi_notify_host_removed(struct iscsi_cls_session *cls_session)
2930 {
2931     iscsi_session_failure(cls_session->dd_data, ISCSI_ERR_INVALID_HOST);
2932 }
2933
2934 /**
2935  * iscsi_host_remove - remove host and sessions
2936  * @shost: scsi host
2937  * @is_shutdown: true if called from a driver shutdown callout
2938  *
2939  * If there are any sessions left, this will initiate the removal and wait
2940  * for the completion.
2941  */
2942 void iscsi_host_remove(struct Scsi_Host *shost, bool is_shutdown)
2943 {
2944     struct iscsi_host *ihost = shost_priv(shost);
2945     unsigned long flags;
2946
2947     spin_lock_irqsave(&ihost->lock, flags);
2948     ihost->state = ISCSI_HOST_REMOVED;
2949     spin_unlock_irqrestore(&ihost->lock, flags);
2950
2951     if (!is_shutdown)
2952         iscsi_host_for_each_session(shost, iscsi_notify_host_removed);
2953     else
2954         iscsi_host_for_each_session(shost, iscsi_force_destroy_session);
2955
2956     wait_event_interruptible(ihost->session_removal_wq,
2957                  ihost->num_sessions == 0);
2958     if (signal_pending(current))
2959         flush_signals(current);
2960
2961     scsi_remove_host(shost);
2962 }
2963 EXPORT_SYMBOL_GPL(iscsi_host_remove);
2964
2965 void iscsi_host_free(struct Scsi_Host *shost)
2966 {
2967     struct iscsi_host *ihost = shost_priv(shost);
2968
2969     if (ihost->workq)
2970         destroy_workqueue(ihost->workq);
2971
2972     kfree(ihost->netdev);
2973     kfree(ihost->hwaddress);
2974     kfree(ihost->initiatorname);
2975     scsi_host_put(shost);
2976 }
2977 EXPORT_SYMBOL_GPL(iscsi_host_free);
2978
2979 static void iscsi_host_dec_session_cnt(struct Scsi_Host *shost)
2980 {
2981     struct iscsi_host *ihost = shost_priv(shost);
2982     unsigned long flags;
2983
2984     shost = scsi_host_get(shost);
2985     if (!shost) {
2986         printk(KERN_ERR "Invalid state. Cannot notify host removal "
2987               "of session teardown event because host already "
2988               "removed.\n");
2989         return;
2990     }
2991
2992     spin_lock_irqsave(&ihost->lock, flags);
2993     ihost->num_sessions--;
2994     if (ihost->num_sessions == 0)
2995         wake_up(&ihost->session_removal_wq);
2996     spin_unlock_irqrestore(&ihost->lock, flags);
2997     scsi_host_put(shost);
2998 }
2999
3000 /**
3001  * iscsi_session_setup - create iscsi cls session and host and session
3002  * @iscsit: iscsi transport template
3003  * @shost: scsi host
3004  * @cmds_max: session can queue
3005  * @dd_size: private driver data size, added to session allocation size
3006  * @cmd_task_size: LLD task private data size
3007  * @initial_cmdsn: initial CmdSN
3008  * @id: target ID to add to this session
3009  *
3010  * This can be used by software iscsi_transports that allocate
3011  * a session per scsi host.
3012  *
3013  * Callers should set cmds_max to the largest total numer (mgmt + scsi) of
3014  * tasks they support. The iscsi layer reserves ISCSI_MGMT_CMDS_MAX tasks
3015  * for nop handling and login/logout requests.
3016  */
3017 struct iscsi_cls_session *
3018 iscsi_session_setup(struct iscsi_transport *iscsit, struct Scsi_Host *shost,
3019             uint16_t cmds_max, int dd_size, int cmd_task_size,
3020             uint32_t initial_cmdsn, unsigned int id)
3021 {
3022     struct iscsi_host *ihost = shost_priv(shost);
3023     struct iscsi_session *session;
3024     struct iscsi_cls_session *cls_session;
3025     int cmd_i, scsi_cmds;
3026     unsigned long flags;
3027
3028     spin_lock_irqsave(&ihost->lock, flags);
3029     if (ihost->state == ISCSI_HOST_REMOVED) {
3030         spin_unlock_irqrestore(&ihost->lock, flags);
3031         return NULL;
3032     }
3033     ihost->num_sessions++;
3034     spin_unlock_irqrestore(&ihost->lock, flags);
3035
3036     scsi_cmds = iscsi_host_get_max_scsi_cmds(shost, cmds_max);
3037     if (scsi_cmds < 0)
3038         goto dec_session_count;
3039
3040     cls_session = iscsi_alloc_session(shost, iscsit,
3041                       sizeof(struct iscsi_session) +
3042                       dd_size);
3043     if (!cls_session)
3044         goto dec_session_count;
3045     session = cls_session->dd_data;
3046     session->cls_session = cls_session;
3047     session->host = shost;
3048     session->state = ISCSI_STATE_FREE;
3049     session->fast_abort = 1;
3050     session->tgt_reset_timeout = 30;
3051     session->lu_reset_timeout = 15;
3052     session->abort_timeout = 10;
3053     session->scsi_cmds_max = scsi_cmds;
3054     session->cmds_max = scsi_cmds + ISCSI_MGMT_CMDS_MAX;
3055     session->queued_cmdsn = session->cmdsn = initial_cmdsn;
3056     session->exp_cmdsn = initial_cmdsn + 1;
3057     session->max_cmdsn = initial_cmdsn + 1;
3058     session->max_r2t = 1;
3059     session->tt = iscsit;
3060     session->dd_data = cls_session->dd_data + sizeof(*session);
3061
3062     session->tmf_state = TMF_INITIAL;
3063     timer_setup(&session->tmf_timer, iscsi_tmf_timedout, 0);
3064     mutex_init(&session->eh_mutex);
3065     init_waitqueue_head(&session->ehwait);
3066
3067     spin_lock_init(&session->frwd_lock);
3068     spin_lock_init(&session->back_lock);
3069
3070     /* initialize SCSI PDU commands pool */
3071     if (iscsi_pool_init(&session->cmdpool, session->cmds_max,
3072                 (void***)&session->cmds,
3073                 cmd_task_size + sizeof(struct iscsi_task)))
3074         goto cmdpool_alloc_fail;
3075
3076     /* pre-format cmds pool with ITT */
3077     for (cmd_i = 0; cmd_i < session->cmds_max; cmd_i++) {
3078         struct iscsi_task *task = session->cmds[cmd_i];
3079
3080         if (cmd_task_size)
3081             task->dd_data = &task[1];
3082         task->itt = cmd_i;
3083         task->state = ISCSI_TASK_FREE;
3084         INIT_LIST_HEAD(&task->running);
3085     }
3086
3087     if (!try_module_get(iscsit->owner))
3088         goto module_get_fail;
3089
3090     if (iscsi_add_session(cls_session, id))
3091         goto cls_session_fail;
3092
3093     return cls_session;
3094
3095 cls_session_fail:
3096     module_put(iscsit->owner);
3097 module_get_fail:
3098     iscsi_pool_free(&session->cmdpool);
3099 cmdpool_alloc_fail:
3100     iscsi_free_session(cls_session);
3101 dec_session_count:
3102     iscsi_host_dec_session_cnt(shost);
3103     return NULL;
3104 }
3105 EXPORT_SYMBOL_GPL(iscsi_session_setup);
3106
3107 /**
3108  * iscsi_session_teardown - destroy session, host, and cls_session
3109  * @cls_session: iscsi session
3110  */
3111 void iscsi_session_teardown(struct iscsi_cls_session *cls_session)
3112 {
3113     struct iscsi_session *session = cls_session->dd_data;
3114     struct module *owner = cls_session->transport->owner;
3115     struct Scsi_Host *shost = session->host;
3116
3117     iscsi_remove_session(cls_session);
3118
3119     iscsi_pool_free(&session->cmdpool);
3120     kfree(session->password);
3121     kfree(session->password_in);
3122     kfree(session->username);
3123     kfree(session->username_in);
3124     kfree(session->targetname);
3125     kfree(session->targetalias);
3126     kfree(session->initiatorname);
3127     kfree(session->boot_root);
3128     kfree(session->boot_nic);
3129     kfree(session->boot_target);
3130     kfree(session->ifacename);
3131     kfree(session->portal_type);
3132     kfree(session->discovery_parent_type);
3133
3134     iscsi_free_session(cls_session);
3135
3136     iscsi_host_dec_session_cnt(shost);
3137     module_put(owner);
3138 }
3139 EXPORT_SYMBOL_GPL(iscsi_session_teardown);
3140
3141 /**
3142  * iscsi_conn_setup - create iscsi_cls_conn and iscsi_conn
3143  * @cls_session: iscsi_cls_session
3144  * @dd_size: private driver data size
3145  * @conn_idx: cid
3146  */
3147 struct iscsi_cls_conn *
3148 iscsi_conn_setup(struct iscsi_cls_session *cls_session, int dd_size,
3149          uint32_t conn_idx)
3150 {
3151     struct iscsi_session *session = cls_session->dd_data;
3152     struct iscsi_conn *conn;
3153     struct iscsi_cls_conn *cls_conn;
3154     char *data;
3155     int err;
3156
3157     cls_conn = iscsi_alloc_conn(cls_session, sizeof(*conn) + dd_size,
3158                      conn_idx);
3159     if (!cls_conn)
3160         return NULL;
3161     conn = cls_conn->dd_data;
3162
3163     conn->dd_data = cls_conn->dd_data + sizeof(*conn);
3164     conn->session = session;
3165     conn->cls_conn = cls_conn;
3166     conn->c_stage = ISCSI_CONN_INITIAL_STAGE;
3167     conn->id = conn_idx;
3168     conn->exp_statsn = 0;
3169
3170     timer_setup(&conn->transport_timer, iscsi_check_transport_timeouts, 0);
3171
3172     INIT_LIST_HEAD(&conn->mgmtqueue);
3173     INIT_LIST_HEAD(&conn->cmdqueue);
3174     INIT_LIST_HEAD(&conn->requeue);
3175     INIT_WORK(&conn->xmitwork, iscsi_xmitworker);
3176
3177     /* allocate login_task used for the login/text sequences */
3178     spin_lock_bh(&session->frwd_lock);
3179     if (!kfifo_out(&session->cmdpool.queue,
3180                          (void*)&conn->login_task,
3181              sizeof(void*))) {
3182         spin_unlock_bh(&session->frwd_lock);
3183         goto login_task_alloc_fail;
3184     }
3185     spin_unlock_bh(&session->frwd_lock);
3186
3187     data = (char *) __get_free_pages(GFP_KERNEL,
3188                      get_order(ISCSI_DEF_MAX_RECV_SEG_LEN));
3189     if (!data)
3190         goto login_task_data_alloc_fail;
3191     conn->login_task->data = conn->data = data;
3192
3193     err = iscsi_add_conn(cls_conn);
3194     if (err)
3195         goto login_task_add_dev_fail;
3196
3197     return cls_conn;
3198
3199 login_task_add_dev_fail:
3200     free_pages((unsigned long) conn->data,
3201            get_order(ISCSI_DEF_MAX_RECV_SEG_LEN));
3202
3203 login_task_data_alloc_fail:
3204     kfifo_in(&session->cmdpool.queue, (void*)&conn->login_task,
3205             sizeof(void*));
3206 login_task_alloc_fail:
3207     iscsi_put_conn(cls_conn);
3208     return NULL;
3209 }
3210 EXPORT_SYMBOL_GPL(iscsi_conn_setup);
3211
3212 /**
3213  * iscsi_conn_teardown - teardown iscsi connection
3214  * @cls_conn: iscsi class connection
3215  *
3216  * TODO: we may need to make this into a two step process
3217  * like scsi-mls remove + put host
3218  */
3219 void iscsi_conn_teardown(struct iscsi_cls_conn *cls_conn)
3220 {
3221     struct iscsi_conn *conn = cls_conn->dd_data;
3222     struct iscsi_session *session = conn->session;
3223
3224     iscsi_remove_conn(cls_conn);
3225
3226     del_timer_sync(&conn->transport_timer);
3227
3228     mutex_lock(&session->eh_mutex);
3229     spin_lock_bh(&session->frwd_lock);
3230     conn->c_stage = ISCSI_CONN_CLEANUP_WAIT;
3231     if (session->leadconn == conn) {
3232         /*
3233          * leading connection? then give up on recovery.
3234          */
3235         session->state = ISCSI_STATE_TERMINATE;
3236         wake_up(&session->ehwait);
3237     }
3238     spin_unlock_bh(&session->frwd_lock);
3239
3240     /* flush queued up work because we free the connection below */
3241     iscsi_suspend_tx(conn);
3242
3243     spin_lock_bh(&session->frwd_lock);
3244     free_pages((unsigned long) conn->data,
3245            get_order(ISCSI_DEF_MAX_RECV_SEG_LEN));
3246     kfree(conn->persistent_address);
3247     kfree(conn->local_ipaddr);
3248     /* regular RX path uses back_lock */
3249     spin_lock_bh(&session->back_lock);
3250     kfifo_in(&session->cmdpool.queue, (void*)&conn->login_task,
3251             sizeof(void*));
3252     spin_unlock_bh(&session->back_lock);
3253     if (session->leadconn == conn)
3254         session->leadconn = NULL;
3255     spin_unlock_bh(&session->frwd_lock);
3256     mutex_unlock(&session->eh_mutex);
3257
3258     iscsi_put_conn(cls_conn);
3259 }
3260 EXPORT_SYMBOL_GPL(iscsi_conn_teardown);
3261
3262 int iscsi_conn_start(struct iscsi_cls_conn *cls_conn)
3263 {
3264     struct iscsi_conn *conn = cls_conn->dd_data;
3265     struct iscsi_session *session = conn->session;
3266
3267     if (!session) {
3268         iscsi_conn_printk(KERN_ERR, conn,
3269                   "can't start unbound connection\n");
3270         return -EPERM;
3271     }
3272
3273     if ((session->imm_data_en || !session->initial_r2t_en) &&
3274          session->first_burst > session->max_burst) {
3275         iscsi_conn_printk(KERN_INFO, conn, "invalid burst lengths: "
3276                   "first_burst %d max_burst %d\n",
3277                   session->first_burst, session->max_burst);
3278         return -EINVAL;
3279     }
3280
3281     if (conn->ping_timeout && !conn->recv_timeout) {
3282         iscsi_conn_printk(KERN_ERR, conn, "invalid recv timeout of "
3283                   "zero. Using 5 seconds\n.");
3284         conn->recv_timeout = 5;
3285     }
3286
3287     if (conn->recv_timeout && !conn->ping_timeout) {
3288         iscsi_conn_printk(KERN_ERR, conn, "invalid ping timeout of "
3289                   "zero. Using 5 seconds.\n");
3290         conn->ping_timeout = 5;
3291     }
3292
3293     spin_lock_bh(&session->frwd_lock);
3294     conn->c_stage = ISCSI_CONN_STARTED;
3295     session->state = ISCSI_STATE_LOGGED_IN;
3296     session->queued_cmdsn = session->cmdsn;
3297
3298     conn->last_recv = jiffies;
3299     conn->last_ping = jiffies;
3300     if (conn->recv_timeout && conn->ping_timeout)
3301         mod_timer(&conn->transport_timer,
3302               jiffies + (conn->recv_timeout * HZ));
3303
3304     switch(conn->stop_stage) {
3305     case STOP_CONN_RECOVER:
3306         /*
3307          * unblock eh_abort() if it is blocked. re-try all
3308          * commands after successful recovery
3309          */
3310         conn->stop_stage = 0;
3311         session->tmf_state = TMF_INITIAL;
3312         session->age++;
3313         if (session->age == 16)
3314             session->age = 0;
3315         break;
3316     case STOP_CONN_TERM:
3317         conn->stop_stage = 0;
3318         break;
3319     default:
3320         break;
3321     }
3322     spin_unlock_bh(&session->frwd_lock);
3323
3324     iscsi_unblock_session(session->cls_session);
3325     wake_up(&session->ehwait);
3326     return 0;
3327 }
3328 EXPORT_SYMBOL_GPL(iscsi_conn_start);
3329
3330 static void
3331 fail_mgmt_tasks(struct iscsi_session *session, struct iscsi_conn *conn)
3332 {
3333     struct iscsi_task *task;
3334     int i, state;
3335
3336     for (i = 0; i < conn->session->cmds_max; i++) {
3337         task = conn->session->cmds[i];
3338         if (task->sc)
3339             continue;
3340
3341         if (task->state == ISCSI_TASK_FREE)
3342             continue;
3343
3344         ISCSI_DBG_SESSION(conn->session,
3345                   "failing mgmt itt 0x%x state %d\n",
3346                   task->itt, task->state);
3347
3348         spin_lock_bh(&session->back_lock);
3349         if (cleanup_queued_task(task)) {
3350             spin_unlock_bh(&session->back_lock);
3351             continue;
3352         }
3353
3354         state = ISCSI_TASK_ABRT_SESS_RECOV;
3355         if (task->state == ISCSI_TASK_PENDING)
3356             state = ISCSI_TASK_COMPLETED;
3357         iscsi_complete_task(task, state);
3358         spin_unlock_bh(&session->back_lock);
3359     }
3360 }
3361
3362 void iscsi_conn_stop(struct iscsi_cls_conn *cls_conn, int flag)
3363 {
3364     struct iscsi_conn *conn = cls_conn->dd_data;
3365     struct iscsi_session *session = conn->session;
3366     int old_stop_stage;
3367
3368     mutex_lock(&session->eh_mutex);
3369     spin_lock_bh(&session->frwd_lock);
3370     if (conn->stop_stage == STOP_CONN_TERM) {
3371         spin_unlock_bh(&session->frwd_lock);
3372         mutex_unlock(&session->eh_mutex);
3373         return;
3374     }
3375
3376     /*
3377      * When this is called for the in_login state, we only want to clean
3378      * up the login task and connection. We do not need to block and set
3379      * the recovery state again
3380      */
3381     if (flag == STOP_CONN_TERM)
3382         session->state = ISCSI_STATE_TERMINATE;
3383     else if (conn->stop_stage != STOP_CONN_RECOVER)
3384         session->state = ISCSI_STATE_IN_RECOVERY;
3385
3386     old_stop_stage = conn->stop_stage;
3387     conn->stop_stage = flag;
3388     spin_unlock_bh(&session->frwd_lock);
3389
3390     del_timer_sync(&conn->transport_timer);
3391     iscsi_suspend_tx(conn);
3392
3393     spin_lock_bh(&session->frwd_lock);
3394     conn->c_stage = ISCSI_CONN_STOPPED;
3395     spin_unlock_bh(&session->frwd_lock);
3396
3397     /*
3398      * for connection level recovery we should not calculate
3399      * header digest. conn->hdr_size used for optimization
3400      * in hdr_extract() and will be re-negotiated at
3401      * set_param() time.
3402      */
3403     if (flag == STOP_CONN_RECOVER) {
3404         conn->hdrdgst_en = 0;
3405         conn->datadgst_en = 0;
3406         if (session->state == ISCSI_STATE_IN_RECOVERY &&
3407             old_stop_stage != STOP_CONN_RECOVER) {
3408             ISCSI_DBG_SESSION(session, "blocking session\n");
3409             iscsi_block_session(session->cls_session);
3410         }
3411     }
3412
3413     /*
3414      * flush queues.
3415      */
3416     spin_lock_bh(&session->frwd_lock);
3417     fail_scsi_tasks(conn, -1, DID_TRANSPORT_DISRUPTED);
3418     fail_mgmt_tasks(session, conn);
3419     memset(&session->tmhdr, 0, sizeof(session->tmhdr));
3420     spin_unlock_bh(&session->frwd_lock);
3421     mutex_unlock(&session->eh_mutex);
3422 }
3423 EXPORT_SYMBOL_GPL(iscsi_conn_stop);
3424
3425 int iscsi_conn_bind(struct iscsi_cls_session *cls_session,
3426             struct iscsi_cls_conn *cls_conn, int is_leading)
3427 {
3428     struct iscsi_session *session = cls_session->dd_data;
3429     struct iscsi_conn *conn = cls_conn->dd_data;
3430
3431     spin_lock_bh(&session->frwd_lock);
3432     if (is_leading)
3433         session->leadconn = conn;
3434
3435     set_bit(ISCSI_CONN_FLAG_BOUND, &conn->flags);
3436     spin_unlock_bh(&session->frwd_lock);
3437
3438     /*
3439      * The target could have reduced it's window size between logins, so
3440      * we have to reset max/exp cmdsn so we can see the new values.
3441      */
3442     spin_lock_bh(&session->back_lock);
3443     session->max_cmdsn = session->exp_cmdsn = session->cmdsn + 1;
3444     spin_unlock_bh(&session->back_lock);
3445     /*
3446      * Unblock xmitworker(), Login Phase will pass through.
3447      */
3448     clear_bit(ISCSI_CONN_FLAG_SUSPEND_RX, &conn->flags);
3449     clear_bit(ISCSI_CONN_FLAG_SUSPEND_TX, &conn->flags);
3450     return 0;
3451 }
3452 EXPORT_SYMBOL_GPL(iscsi_conn_bind);
3453
3454 int iscsi_switch_str_param(char **param, char *new_val_buf)
3455 {
3456     char *new_val;
3457
3458     if (*param) {
3459         if (!strcmp(*param, new_val_buf))
3460             return 0;
3461     }
3462
3463     new_val = kstrdup(new_val_buf, GFP_NOIO);
3464     if (!new_val)
3465         return -ENOMEM;
3466
3467     kfree(*param);
3468     *param = new_val;
3469     return 0;
3470 }
3471 EXPORT_SYMBOL_GPL(iscsi_switch_str_param);
3472
3473 int iscsi_set_param(struct iscsi_cls_conn *cls_conn,
3474             enum iscsi_param param, char *buf, int buflen)
3475 {
3476     struct iscsi_conn *conn = cls_conn->dd_data;
3477     struct iscsi_session *session = conn->session;
3478     int val;
3479
3480     switch(param) {
3481     case ISCSI_PARAM_FAST_ABORT:
3482         sscanf(buf, "%d", &session->fast_abort);
3483         break;
3484     case ISCSI_PARAM_ABORT_TMO:
3485         sscanf(buf, "%d", &session->abort_timeout);
3486         break;
3487     case ISCSI_PARAM_LU_RESET_TMO:
3488         sscanf(buf, "%d", &session->lu_reset_timeout);
3489         break;
3490     case ISCSI_PARAM_TGT_RESET_TMO:
3491         sscanf(buf, "%d", &session->tgt_reset_timeout);
3492         break;
3493     case ISCSI_PARAM_PING_TMO:
3494         sscanf(buf, "%d", &conn->ping_timeout);
3495         break;
3496     case ISCSI_PARAM_RECV_TMO:
3497         sscanf(buf, "%d", &conn->recv_timeout);
3498         break;
3499     case ISCSI_PARAM_MAX_RECV_DLENGTH:
3500         sscanf(buf, "%d", &conn->max_recv_dlength);
3501         break;
3502     case ISCSI_PARAM_MAX_XMIT_DLENGTH:
3503         sscanf(buf, "%d", &conn->max_xmit_dlength);
3504         break;
3505     case ISCSI_PARAM_HDRDGST_EN:
3506         sscanf(buf, "%d", &conn->hdrdgst_en);
3507         break;
3508     case ISCSI_PARAM_DATADGST_EN:
3509         sscanf(buf, "%d", &conn->datadgst_en);
3510         break;
3511     case ISCSI_PARAM_INITIAL_R2T_EN:
3512         sscanf(buf, "%d", &session->initial_r2t_en);
3513         break;
3514     case ISCSI_PARAM_MAX_R2T:
3515         sscanf(buf, "%hu", &session->max_r2t);
3516         break;
3517     case ISCSI_PARAM_IMM_DATA_EN:
3518         sscanf(buf, "%d", &session->imm_data_en);
3519         break;
3520     case ISCSI_PARAM_FIRST_BURST:
3521         sscanf(buf, "%d", &session->first_burst);
3522         break;
3523     case ISCSI_PARAM_MAX_BURST:
3524         sscanf(buf, "%d", &session->max_burst);
3525         break;
3526     case ISCSI_PARAM_PDU_INORDER_EN:
3527         sscanf(buf, "%d", &session->pdu_inorder_en);
3528         break;
3529     case ISCSI_PARAM_DATASEQ_INORDER_EN:
3530         sscanf(buf, "%d", &session->dataseq_inorder_en);
3531         break;
3532     case ISCSI_PARAM_ERL:
3533         sscanf(buf, "%d", &session->erl);
3534         break;
3535     case ISCSI_PARAM_EXP_STATSN:
3536         sscanf(buf, "%u", &conn->exp_statsn);
3537         break;
3538     case ISCSI_PARAM_USERNAME:
3539         return iscsi_switch_str_param(&session->username, buf);
3540     case ISCSI_PARAM_USERNAME_IN:
3541         return iscsi_switch_str_param(&session->username_in, buf);
3542     case ISCSI_PARAM_PASSWORD:
3543         return iscsi_switch_str_param(&session->password, buf);
3544     case ISCSI_PARAM_PASSWORD_IN:
3545         return iscsi_switch_str_param(&session->password_in, buf);
3546     case ISCSI_PARAM_TARGET_NAME:
3547         return iscsi_switch_str_param(&session->targetname, buf);
3548     case ISCSI_PARAM_TARGET_ALIAS:
3549         return iscsi_switch_str_param(&session->targetalias, buf);
3550     case ISCSI_PARAM_TPGT:
3551         sscanf(buf, "%d", &session->tpgt);
3552         break;
3553     case ISCSI_PARAM_PERSISTENT_PORT:
3554         sscanf(buf, "%d", &conn->persistent_port);
3555         break;
3556     case ISCSI_PARAM_PERSISTENT_ADDRESS:
3557         return iscsi_switch_str_param(&conn->persistent_address, buf);
3558     case ISCSI_PARAM_IFACE_NAME:
3559         return iscsi_switch_str_param(&session->ifacename, buf);
3560     case ISCSI_PARAM_INITIATOR_NAME:
3561         return iscsi_switch_str_param(&session->initiatorname, buf);
3562     case ISCSI_PARAM_BOOT_ROOT:
3563         return iscsi_switch_str_param(&session->boot_root, buf);
3564     case ISCSI_PARAM_BOOT_NIC:
3565         return iscsi_switch_str_param(&session->boot_nic, buf);
3566     case ISCSI_PARAM_BOOT_TARGET:
3567         return iscsi_switch_str_param(&session->boot_target, buf);
3568     case ISCSI_PARAM_PORTAL_TYPE:
3569         return iscsi_switch_str_param(&session->portal_type, buf);
3570     case ISCSI_PARAM_DISCOVERY_PARENT_TYPE:
3571         return iscsi_switch_str_param(&session->discovery_parent_type,
3572                           buf);
3573     case ISCSI_PARAM_DISCOVERY_SESS:
3574         sscanf(buf, "%d", &val);
3575         session->discovery_sess = !!val;
3576         break;
3577     case ISCSI_PARAM_LOCAL_IPADDR:
3578         return iscsi_switch_str_param(&conn->local_ipaddr, buf);
3579     default:
3580         return -ENOSYS;
3581     }
3582
3583     return 0;
3584 }
3585 EXPORT_SYMBOL_GPL(iscsi_set_param);
3586
3587 int iscsi_session_get_param(struct iscsi_cls_session *cls_session,
3588                 enum iscsi_param param, char *buf)
3589 {
3590     struct iscsi_session *session = cls_session->dd_data;
3591     int len;
3592
3593     switch(param) {
3594     case ISCSI_PARAM_FAST_ABORT:
3595         len = sysfs_emit(buf, "%d\n", session->fast_abort);
3596         break;
3597     case ISCSI_PARAM_ABORT_TMO:
3598         len = sysfs_emit(buf, "%d\n", session->abort_timeout);
3599         break;
3600     case ISCSI_PARAM_LU_RESET_TMO:
3601         len = sysfs_emit(buf, "%d\n", session->lu_reset_timeout);
3602         break;
3603     case ISCSI_PARAM_TGT_RESET_TMO:
3604         len = sysfs_emit(buf, "%d\n", session->tgt_reset_timeout);
3605         break;
3606     case ISCSI_PARAM_INITIAL_R2T_EN:
3607         len = sysfs_emit(buf, "%d\n", session->initial_r2t_en);
3608         break;
3609     case ISCSI_PARAM_MAX_R2T:
3610         len = sysfs_emit(buf, "%hu\n", session->max_r2t);
3611         break;
3612     case ISCSI_PARAM_IMM_DATA_EN:
3613         len = sysfs_emit(buf, "%d\n", session->imm_data_en);
3614         break;
3615     case ISCSI_PARAM_FIRST_BURST:
3616         len = sysfs_emit(buf, "%u\n", session->first_burst);
3617         break;
3618     case ISCSI_PARAM_MAX_BURST:
3619         len = sysfs_emit(buf, "%u\n", session->max_burst);
3620         break;
3621     case ISCSI_PARAM_PDU_INORDER_EN:
3622         len = sysfs_emit(buf, "%d\n", session->pdu_inorder_en);
3623         break;
3624     case ISCSI_PARAM_DATASEQ_INORDER_EN:
3625         len = sysfs_emit(buf, "%d\n", session->dataseq_inorder_en);
3626         break;
3627     case ISCSI_PARAM_DEF_TASKMGMT_TMO:
3628         len = sysfs_emit(buf, "%d\n", session->def_taskmgmt_tmo);
3629         break;
3630     case ISCSI_PARAM_ERL:
3631         len = sysfs_emit(buf, "%d\n", session->erl);
3632         break;
3633     case ISCSI_PARAM_TARGET_NAME:
3634         len = sysfs_emit(buf, "%s\n", session->targetname);
3635         break;
3636     case ISCSI_PARAM_TARGET_ALIAS:
3637         len = sysfs_emit(buf, "%s\n", session->targetalias);
3638         break;
3639     case ISCSI_PARAM_TPGT:
3640         len = sysfs_emit(buf, "%d\n", session->tpgt);
3641         break;
3642     case ISCSI_PARAM_USERNAME:
3643         len = sysfs_emit(buf, "%s\n", session->username);
3644         break;
3645     case ISCSI_PARAM_USERNAME_IN:
3646         len = sysfs_emit(buf, "%s\n", session->username_in);
3647         break;
3648     case ISCSI_PARAM_PASSWORD:
3649         len = sysfs_emit(buf, "%s\n", session->password);
3650         break;
3651     case ISCSI_PARAM_PASSWORD_IN:
3652         len = sysfs_emit(buf, "%s\n", session->password_in);
3653         break;
3654     case ISCSI_PARAM_IFACE_NAME:
3655         len = sysfs_emit(buf, "%s\n", session->ifacename);
3656         break;
3657     case ISCSI_PARAM_INITIATOR_NAME:
3658         len = sysfs_emit(buf, "%s\n", session->initiatorname);
3659         break;
3660     case ISCSI_PARAM_BOOT_ROOT:
3661         len = sysfs_emit(buf, "%s\n", session->boot_root);
3662         break;
3663     case ISCSI_PARAM_BOOT_NIC:
3664         len = sysfs_emit(buf, "%s\n", session->boot_nic);
3665         break;
3666     case ISCSI_PARAM_BOOT_TARGET:
3667         len = sysfs_emit(buf, "%s\n", session->boot_target);
3668         break;
3669     case ISCSI_PARAM_AUTO_SND_TGT_DISABLE:
3670         len = sysfs_emit(buf, "%u\n", session->auto_snd_tgt_disable);
3671         break;
3672     case ISCSI_PARAM_DISCOVERY_SESS:
3673         len = sysfs_emit(buf, "%u\n", session->discovery_sess);
3674         break;
3675     case ISCSI_PARAM_PORTAL_TYPE:
3676         len = sysfs_emit(buf, "%s\n", session->portal_type);
3677         break;
3678     case ISCSI_PARAM_CHAP_AUTH_EN:
3679         len = sysfs_emit(buf, "%u\n", session->chap_auth_en);
3680         break;
3681     case ISCSI_PARAM_DISCOVERY_LOGOUT_EN:
3682         len = sysfs_emit(buf, "%u\n", session->discovery_logout_en);
3683         break;
3684     case ISCSI_PARAM_BIDI_CHAP_EN:
3685         len = sysfs_emit(buf, "%u\n", session->bidi_chap_en);
3686         break;
3687     case ISCSI_PARAM_DISCOVERY_AUTH_OPTIONAL:
3688         len = sysfs_emit(buf, "%u\n", session->discovery_auth_optional);
3689         break;
3690     case ISCSI_PARAM_DEF_TIME2WAIT:
3691         len = sysfs_emit(buf, "%d\n", session->time2wait);
3692         break;
3693     case ISCSI_PARAM_DEF_TIME2RETAIN:
3694         len = sysfs_emit(buf, "%d\n", session->time2retain);
3695         break;
3696     case ISCSI_PARAM_TSID:
3697         len = sysfs_emit(buf, "%u\n", session->tsid);
3698         break;
3699     case ISCSI_PARAM_ISID:
3700         len = sysfs_emit(buf, "%02x%02x%02x%02x%02x%02x\n",
3701                   session->isid[0], session->isid[1],
3702                   session->isid[2], session->isid[3],
3703                   session->isid[4], session->isid[5]);
3704         break;
3705     case ISCSI_PARAM_DISCOVERY_PARENT_IDX:
3706         len = sysfs_emit(buf, "%u\n", session->discovery_parent_idx);
3707         break;
3708     case ISCSI_PARAM_DISCOVERY_PARENT_TYPE:
3709         if (session->discovery_parent_type)
3710             len = sysfs_emit(buf, "%s\n",
3711                       session->discovery_parent_type);
3712         else
3713             len = sysfs_emit(buf, "\n");
3714         break;
3715     default:
3716         return -ENOSYS;
3717     }
3718
3719     return len;
3720 }
3721 EXPORT_SYMBOL_GPL(iscsi_session_get_param);
3722
3723 int iscsi_conn_get_addr_param(struct sockaddr_storage *addr,
3724                   enum iscsi_param param, char *buf)
3725 {
3726     struct sockaddr_in6 *sin6 = NULL;
3727     struct sockaddr_in *sin = NULL;
3728     int len;
3729
3730     switch (addr->ss_family) {
3731     case AF_INET:
3732         sin = (struct sockaddr_in *)addr;
3733         break;
3734     case AF_INET6:
3735         sin6 = (struct sockaddr_in6 *)addr;
3736         break;
3737     default:
3738         return -EINVAL;
3739     }
3740
3741     switch (param) {
3742     case ISCSI_PARAM_CONN_ADDRESS:
3743     case ISCSI_HOST_PARAM_IPADDRESS:
3744         if (sin)
3745             len = sysfs_emit(buf, "%pI4\n", &sin->sin_addr.s_addr);
3746         else
3747             len = sysfs_emit(buf, "%pI6\n", &sin6->sin6_addr);
3748         break;
3749     case ISCSI_PARAM_CONN_PORT:
3750     case ISCSI_PARAM_LOCAL_PORT:
3751         if (sin)
3752             len = sysfs_emit(buf, "%hu\n", be16_to_cpu(sin->sin_port));
3753         else
3754             len = sysfs_emit(buf, "%hu\n",
3755                       be16_to_cpu(sin6->sin6_port));
3756         break;
3757     default:
3758         return -EINVAL;
3759     }
3760
3761     return len;
3762 }
3763 EXPORT_SYMBOL_GPL(iscsi_conn_get_addr_param);
3764
3765 int iscsi_conn_get_param(struct iscsi_cls_conn *cls_conn,
3766              enum iscsi_param param, char *buf)
3767 {
3768     struct iscsi_conn *conn = cls_conn->dd_data;
3769     int len;
3770
3771     switch(param) {
3772     case ISCSI_PARAM_PING_TMO:
3773         len = sysfs_emit(buf, "%u\n", conn->ping_timeout);
3774         break;
3775     case ISCSI_PARAM_RECV_TMO:
3776         len = sysfs_emit(buf, "%u\n", conn->recv_timeout);
3777         break;
3778     case ISCSI_PARAM_MAX_RECV_DLENGTH:
3779         len = sysfs_emit(buf, "%u\n", conn->max_recv_dlength);
3780         break;
3781     case ISCSI_PARAM_MAX_XMIT_DLENGTH:
3782         len = sysfs_emit(buf, "%u\n", conn->max_xmit_dlength);
3783         break;
3784     case ISCSI_PARAM_HDRDGST_EN:
3785         len = sysfs_emit(buf, "%d\n", conn->hdrdgst_en);
3786         break;
3787     case ISCSI_PARAM_DATADGST_EN:
3788         len = sysfs_emit(buf, "%d\n", conn->datadgst_en);
3789         break;
3790     case ISCSI_PARAM_IFMARKER_EN:
3791         len = sysfs_emit(buf, "%d\n", conn->ifmarker_en);
3792         break;
3793     case ISCSI_PARAM_OFMARKER_EN:
3794         len = sysfs_emit(buf, "%d\n", conn->ofmarker_en);
3795         break;
3796     case ISCSI_PARAM_EXP_STATSN:
3797         len = sysfs_emit(buf, "%u\n", conn->exp_statsn);
3798         break;
3799     case ISCSI_PARAM_PERSISTENT_PORT:
3800         len = sysfs_emit(buf, "%d\n", conn->persistent_port);
3801         break;
3802     case ISCSI_PARAM_PERSISTENT_ADDRESS:
3803         len = sysfs_emit(buf, "%s\n", conn->persistent_address);
3804         break;
3805     case ISCSI_PARAM_STATSN:
3806         len = sysfs_emit(buf, "%u\n", conn->statsn);
3807         break;
3808     case ISCSI_PARAM_MAX_SEGMENT_SIZE:
3809         len = sysfs_emit(buf, "%u\n", conn->max_segment_size);
3810         break;
3811     case ISCSI_PARAM_KEEPALIVE_TMO:
3812         len = sysfs_emit(buf, "%u\n", conn->keepalive_tmo);
3813         break;
3814     case ISCSI_PARAM_LOCAL_PORT:
3815         len = sysfs_emit(buf, "%u\n", conn->local_port);
3816         break;
3817     case ISCSI_PARAM_TCP_TIMESTAMP_STAT:
3818         len = sysfs_emit(buf, "%u\n", conn->tcp_timestamp_stat);
3819         break;
3820     case ISCSI_PARAM_TCP_NAGLE_DISABLE:
3821         len = sysfs_emit(buf, "%u\n", conn->tcp_nagle_disable);
3822         break;
3823     case ISCSI_PARAM_TCP_WSF_DISABLE:
3824         len = sysfs_emit(buf, "%u\n", conn->tcp_wsf_disable);
3825         break;
3826     case ISCSI_PARAM_TCP_TIMER_SCALE:
3827         len = sysfs_emit(buf, "%u\n", conn->tcp_timer_scale);
3828         break;
3829     case ISCSI_PARAM_TCP_TIMESTAMP_EN:
3830         len = sysfs_emit(buf, "%u\n", conn->tcp_timestamp_en);
3831         break;
3832     case ISCSI_PARAM_IP_FRAGMENT_DISABLE:
3833         len = sysfs_emit(buf, "%u\n", conn->fragment_disable);
3834         break;
3835     case ISCSI_PARAM_IPV4_TOS:
3836         len = sysfs_emit(buf, "%u\n", conn->ipv4_tos);
3837         break;
3838     case ISCSI_PARAM_IPV6_TC:
3839         len = sysfs_emit(buf, "%u\n", conn->ipv6_traffic_class);
3840         break;
3841     case ISCSI_PARAM_IPV6_FLOW_LABEL:
3842         len = sysfs_emit(buf, "%u\n", conn->ipv6_flow_label);
3843         break;
3844     case ISCSI_PARAM_IS_FW_ASSIGNED_IPV6:
3845         len = sysfs_emit(buf, "%u\n", conn->is_fw_assigned_ipv6);
3846         break;
3847     case ISCSI_PARAM_TCP_XMIT_WSF:
3848         len = sysfs_emit(buf, "%u\n", conn->tcp_xmit_wsf);
3849         break;
3850     case ISCSI_PARAM_TCP_RECV_WSF:
3851         len = sysfs_emit(buf, "%u\n", conn->tcp_recv_wsf);
3852         break;
3853     case ISCSI_PARAM_LOCAL_IPADDR:
3854         len = sysfs_emit(buf, "%s\n", conn->local_ipaddr);
3855         break;
3856     default:
3857         return -ENOSYS;
3858     }
3859
3860     return len;
3861 }
3862 EXPORT_SYMBOL_GPL(iscsi_conn_get_param);
3863
3864 int iscsi_host_get_param(struct Scsi_Host *shost, enum iscsi_host_param param,
3865              char *buf)
3866 {
3867     struct iscsi_host *ihost = shost_priv(shost);
3868     int len;
3869
3870     switch (param) {
3871     case ISCSI_HOST_PARAM_NETDEV_NAME:
3872         len = sysfs_emit(buf, "%s\n", ihost->netdev);
3873         break;
3874     case ISCSI_HOST_PARAM_HWADDRESS:
3875         len = sysfs_emit(buf, "%s\n", ihost->hwaddress);
3876         break;
3877     case ISCSI_HOST_PARAM_INITIATOR_NAME:
3878         len = sysfs_emit(buf, "%s\n", ihost->initiatorname);
3879         break;
3880     default:
3881         return -ENOSYS;
3882     }
3883
3884     return len;
3885 }
3886 EXPORT_SYMBOL_GPL(iscsi_host_get_param);
3887
3888 int iscsi_host_set_param(struct Scsi_Host *shost, enum iscsi_host_param param,
3889              char *buf, int buflen)
3890 {
3891     struct iscsi_host *ihost = shost_priv(shost);
3892
3893     switch (param) {
3894     case ISCSI_HOST_PARAM_NETDEV_NAME:
3895         return iscsi_switch_str_param(&ihost->netdev, buf);
3896     case ISCSI_HOST_PARAM_HWADDRESS:
3897         return iscsi_switch_str_param(&ihost->hwaddress, buf);
3898     case ISCSI_HOST_PARAM_INITIATOR_NAME:
3899         return iscsi_switch_str_param(&ihost->initiatorname, buf);
3900     default:
3901         return -ENOSYS;
3902     }
3903
3904     return 0;
3905 }
3906 EXPORT_SYMBOL_GPL(iscsi_host_set_param);
3907
3908 MODULE_AUTHOR("Mike Christie");
3909 MODULE_DESCRIPTION("iSCSI library functions");
3910 MODULE_LICENSE("GPL");