1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2005-2010 Daniel Braniss <danny@cs.huji.ac.il>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 *
28 */
29 /*
30 | $Id: iscsi_subr.c 743 2009-08-08 10:54:53Z danny $
31 */
32
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
35
36 #include "opt_iscsi_initiator.h"
37
38 #include <sys/param.h>
39 #include <sys/kernel.h>
40 #include <sys/callout.h>
41 #include <sys/malloc.h>
42 #include <sys/mbuf.h>
43 #include <sys/kthread.h>
44 #include <sys/lock.h>
45 #include <sys/mutex.h>
46 #include <sys/uio.h>
47 #include <sys/sysctl.h>
48 #include <sys/sx.h>
49 #include <vm/uma.h>
50
51 #include <cam/cam.h>
52 #include <cam/cam_ccb.h>
53 #include <cam/cam_sim.h>
54 #include <cam/cam_xpt_sim.h>
55 #include <cam/cam_periph.h>
56 #include <cam/scsi/scsi_message.h>
57 #include <sys/eventhandler.h>
58
59 #include <dev/iscsi_initiator/iscsi.h>
60 #include <dev/iscsi_initiator/iscsivar.h>
61
62 /*
63 | Interface to the SCSI layer
64 */
65 void
66 iscsi_r2t(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
67 {
68 union ccb *ccb = opq->ccb;
69 struct ccb_scsiio *csio = &ccb->csio;
70 pdu_t *opp = &opq->pdu;
71 bhs_t *bhp = &opp->ipdu.bhs;
72 r2t_t *r2t = &pq->pdu.ipdu.r2t;
73 pduq_t *wpq;
74 int error;
75
76 debug_called(8);
77 sdebug(4, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt),
78 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W);
79
80 switch(bhp->opcode) {
81 case ISCSI_SCSI_CMD:
82 if(opp->ipdu.scsi_req.W) {
83 data_out_t *cmd;
84 u_int ddtl = ntohl(r2t->ddtl);
85 u_int edtl = ntohl(opp->ipdu.scsi_req.edtlen);
86 u_int bleft, bs, dsn, bo;
87 caddr_t bp = csio->data_ptr;
88
89 bo = ntohl(r2t->bo);
90 bp += MIN(bo, edtl - ddtl);
91 bleft = ddtl;
92
93 if(sp->opt.maxXmitDataSegmentLength > 0) // danny's RFC
94 bs = MIN(sp->opt.maxXmitDataSegmentLength, ddtl);
95 else
96 bs = ddtl;
97 dsn = 0;
98 sdebug(4, "edtl=%x ddtl=%x bo=%x dsn=%x bs=%x maxX=%x",
99 edtl, ddtl, bo, dsn, bs, sp->opt.maxXmitDataSegmentLength);
100 while(bleft > 0) {
101 wpq = pdu_alloc(sp->isc, M_NOWAIT); // testing ...
102 if(wpq == NULL) {
103 sdebug(3, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt),
104 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W);
105 sdebug(1, "npdu_max=%d npdu_alloc=%d", sp->isc->npdu_max, sp->isc->npdu_alloc);
106
107 while((wpq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) {
108 sdebug(2, "waiting...");
109 pause("isc_r2t", 5*hz);
110 }
111 }
112 cmd = &wpq->pdu.ipdu.data_out;
113 cmd->opcode = ISCSI_WRITE_DATA;
114 cmd->lun[0] = r2t->lun[0];
115 cmd->lun[1] = r2t->lun[1];
116 cmd->ttt = r2t->ttt;
117 cmd->itt = r2t->itt;
118
119 cmd->dsn = htonl(dsn);
120 cmd->bo = htonl(bo);
121
122 cmd->F = (bs < bleft)? 0: 1; // is this the last one?
123 bs = MIN(bs, bleft);
124
125 wpq->pdu.ds_len = bs;
126 wpq->pdu.ds_addr = bp;
127
128 error = isc_qout(sp, wpq);
129 sdebug(6, "bs=%x bo=%x bp=%p dsn=%x error=%d", bs, bo, bp, dsn, error);
130 if(error)
131 break;
132 bo += bs;
133 bp += bs;
134 bleft -= bs;
135 dsn++;
136 }
137 }
138 break;
139
140 default:
141 // XXX: should not happen ...
142 xdebug("huh? opcode=0x%x", bhp->opcode);
143 }
144 }
145
146 static int
147 getSenseData(u_int status, union ccb *ccb, pduq_t *pq)
148 {
149 pdu_t *pp = &pq->pdu;
150 struct ccb_scsiio *scsi = (struct ccb_scsiio *)ccb;
151 struct scsi_sense_data *sense = &scsi->sense_data;
152 struct mbuf *m = pq->mp;
153 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp;
154 caddr_t bp;
155 int sense_len, mustfree = 0;
156 int error_code, sense_key, asc, ascq;
157
158 bp = mtod(pq->mp, caddr_t);
159 if((sense_len = scsi_2btoul(bp)) == 0)
160 return 0;
161 debug(4, "sense_len=%d", sense_len);
162 /*
163 | according to the specs, the sense data cannot
164 | be larger than 252 ...
165 */
166 if(sense_len > m->m_len) {
167 bp = malloc(sense_len, M_ISCSI, M_WAITOK);
168 debug(3, "calling i_mbufcopy(len=%d)", sense_len);
169 i_mbufcopy(pq->mp, bp, sense_len);
170 mustfree++;
171 }
172 scsi->scsi_status = status;
173
174 bcopy(bp+2, sense, min(sense_len, scsi->sense_len));
175 scsi->sense_resid = 0;
176 if(cmd->flag & (BIT(1)|BIT(2)))
177 scsi->sense_resid = ntohl(pp->ipdu.scsi_rsp.rcnt);
178 scsi_extract_sense_len(sense, scsi->sense_len - scsi->sense_resid,
179 &error_code, &sense_key, &asc, &ascq, /*show_errors*/ 1);
180
181 debug(3, "sense_len=%d rcnt=%d sense_resid=%d dsl=%d error_code=%x flags=%x",
182 sense_len,
183 ntohl(pp->ipdu.scsi_rsp.rcnt), scsi->sense_resid,
184 pp->ds_len, error_code, sense_key);
185
186 if(mustfree)
187 free(bp, M_ISCSI);
188
189 return 1;
190 }
191
192 /*
193 | Some information is from SAM draft.
194 */
195 static void
196 _scsi_done(isc_session_t *sp, u_int response, u_int status, union ccb *ccb, pduq_t *pq)
197 {
198 struct ccb_hdr *ccb_h = &ccb->ccb_h;
199
200 debug_called(8);
201
202 if(status || response) {
203 sdebug(3, "response=%x status=%x ccb=%p pq=%p", response, status, ccb, pq);
204 if(pq != NULL)
205 sdebug(3, "mp=%p buf=%p len=%d", pq->mp, pq->buf, pq->len);
206 }
207 ccb_h->status = 0;
208 switch(response) {
209 case 0: // Command Completed at Target
210 switch(status) {
211 case 0: // Good, all is ok
212 ccb_h->status = CAM_REQ_CMP;
213 break;
214
215 case 0x02: // Check Condition
216 if((pq != NULL) && (pq->mp != NULL) && getSenseData(status, ccb, pq))
217 ccb_h->status |= CAM_AUTOSNS_VALID;
218
219 case 0x14: // Intermediate-Condition Met
220 case 0x10: // Intermediate
221 case 0x04: // Condition Met
222 ccb_h->status |= CAM_SCSI_STATUS_ERROR;
223 break;
224
225 case 0x08:
226 ccb_h->status = CAM_BUSY;
227 break;
228
229 case 0x18: // Reservation Conflict
230 case 0x28: // Task Set Full
231 ccb_h->status = CAM_REQUEUE_REQ;
232 break;
233 default:
234 //case 0x22: // Command Terminated
235 //case 0x30: // ACA Active
236 //case 0x40: // Task Aborted
237 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED;
238 }
239 break;
240
241 default:
242 if((response >= 0x80) && (response <= 0xFF)) {
243 // Vendor specific ...
244 }
245 case 1: // target failure
246 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED;
247 break;
248 }
249 sdebug(5, "ccb_h->status=%x", ccb_h->status);
250
251 xpt_done(ccb);
252 }
253
254 /*
255 | returns the lowest cmdseq that was not acked
256 */
257 int
258 iscsi_requeue(isc_session_t *sp)
259 {
260 pduq_t *pq;
261 u_int i, n, last;
262
263 debug_called(8);
264 i = last = 0;
265 sp->flags |= ISC_HOLD;
266 while((pq = i_dqueue_hld(sp)) != NULL) {
267 i++;
268 if(pq->ccb != NULL) {
269 _scsi_done(sp, 0, 0x28, pq->ccb, NULL);
270 n = ntohl(pq->pdu.ipdu.bhs.CmdSN);
271 if(last==0 || (last > n))
272 last = n;
273 sdebug(2, "last=%x n=%x", last, n);
274 }
275 pdu_free(sp->isc, pq);
276 }
277 sp->flags &= ~ISC_HOLD;
278 return i? last: sp->sn.cmd;
279 }
280
281 int
282 i_pdu_flush(isc_session_t *sp)
283 {
284 int n = 0;
285 pduq_t *pq;
286
287 debug_called(8);
288 while((pq = i_dqueue_rsp(sp)) != NULL) {
289 pdu_free(sp->isc, pq);
290 n++;
291 }
292 while((pq = i_dqueue_rsv(sp)) != NULL) {
293 pdu_free(sp->isc, pq);
294 n++;
295 }
296 while((pq = i_dqueue_snd(sp, -1)) != NULL) {
297 pdu_free(sp->isc, pq);
298 n++;
299 }
300 while((pq = i_dqueue_hld(sp)) != NULL) {
301 pdu_free(sp->isc, pq);
302 n++;
303 }
304 while((pq = i_dqueue_wsnd(sp)) != NULL) {
305 pdu_free(sp->isc, pq);
306 n++;
307 }
308 if(n != 0)
309 xdebug("%d pdus recovered, should have been ZERO!", n);
310 return n;
311 }
312 /*
313 | called from ism_destroy.
314 */
315 void
316 iscsi_cleanup(isc_session_t *sp)
317 {
318 pduq_t *pq, *pqtmp;
319
320 debug_called(8);
321
322 TAILQ_FOREACH_SAFE(pq, &sp->hld, pq_link, pqtmp) {
323 sdebug(3, "hld pq=%p", pq);
324 if(pq->ccb)
325 _scsi_done(sp, 1, 0x40, pq->ccb, NULL);
326 TAILQ_REMOVE(&sp->hld, pq, pq_link);
327 if(pq->buf) {
328 free(pq->buf, M_ISCSIBUF);
329 pq->buf = NULL;
330 }
331 pdu_free(sp->isc, pq);
332 }
333 while((pq = i_dqueue_snd(sp, BIT(0)|BIT(1)|BIT(2))) != NULL) {
334 sdebug(3, "pq=%p", pq);
335 if(pq->ccb)
336 _scsi_done(sp, 1, 0x40, pq->ccb, NULL);
337 if(pq->buf) {
338 free(pq->buf, M_ISCSIBUF);
339 pq->buf = NULL;
340 }
341 pdu_free(sp->isc, pq);
342 }
343
344 wakeup(&sp->rsp);
345 }
346
347 void
348 iscsi_done(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
349 {
350 pdu_t *pp = &pq->pdu;
351 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp;
352
353 debug_called(8);
354
355 _scsi_done(sp, cmd->response, cmd->status, opq->ccb, pq);
356
357 pdu_free(sp->isc, opq);
358 }
359
360 // see RFC 3720, 10.9.1 page 146
361 /*
362 | NOTE:
363 | the call to isc_stop_receiver is a kludge,
364 | instead, it should be handled by the userland controller,
365 | but that means that there should be a better way, other than
366 | sending a signal. Somehow, this packet should be supplied to
367 | the userland via read.
368 */
369 void
370 iscsi_async(isc_session_t *sp, pduq_t *pq)
371 {
372 pdu_t *pp = &pq->pdu;
373 async_t *cmd = &pp->ipdu.async;
374
375 debug_called(8);
376
377 sdebug(3, "asyncevent=0x%x asyncVCode=0x%0x", cmd->asyncEvent, cmd->asyncVCode);
378 switch(cmd->asyncEvent) {
379 case 0: // check status ...
380 break;
381
382 case 1: // target request logout
383 isc_stop_receiver(sp); // XXX: temporary solution
384 break;
385
386 case 2: // target indicates it wants to drop connection
387 isc_stop_receiver(sp); // XXX: temporary solution
388 break;
389
390 case 3: // target indicates it will drop all connections.
391 isc_stop_receiver(sp); // XXX: temporary solution
392 break;
393
394 case 4: // target request parameter negotiation
395 break;
396
397 default:
398 break;
399 }
400 }
401
402 void
403 iscsi_reject(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
404 {
405 union ccb *ccb = opq->ccb;
406 //reject_t *reject = &pq->pdu.ipdu.reject;
407
408 debug_called(8);
409 //XXX: check RFC 10.17.1 (page 176)
410 ccb->ccb_h.status = CAM_REQ_ABORTED;
411 xpt_done(ccb);
412
413 pdu_free(sp->isc, opq);
414 }
415
416 /*
417 | deal with lun
418 */
419 static int
420 dwl(isc_session_t *sp, int lun, u_char *lp)
421 {
422 debug_called(8);
423 sdebug(4, "lun=%d", lun);
424 /*
425 | mapping LUN to iSCSI LUN
426 | check the SAM-2 specs
427 | hint: maxLUNS is a small number, cam's LUN is 32bits
428 | iSCSI is 64bits, scsi is ?
429 */
430 // XXX: check if this will pass the endian test
431 if(lun < 256) {
432 lp[0] = 0;
433 lp[1] = lun;
434 } else
435 if(lun < 16384) {
436 lp[0] = (1 << 5) | ((lun >> 8) & 0x3f);
437 lp[1] = lun & 0xff;
438 }
439 else {
440 xdebug("lun %d: is unsupported!", lun);
441 return -1;
442 }
443
444 return 0;
445 }
446
447 /*
448 | encapsulate the scsi command and
449 */
450 int
451 scsi_encap(struct cam_sim *sim, union ccb *ccb)
452 {
453 isc_session_t *sp = cam_sim_softc(sim);
454 struct ccb_scsiio *csio = &ccb->csio;
455 struct ccb_hdr *ccb_h = &ccb->ccb_h;
456 pduq_t *pq;
457 scsi_req_t *cmd;
458
459 debug_called(8);
460
461 debug(4, "ccb->sp=%p", ccb_h->spriv_ptr0);
462 sp = ccb_h->spriv_ptr0;
463
464 if((pq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) {
465 debug(2, "ccb->sp=%p", ccb_h->spriv_ptr0);
466 sdebug(1, "pdu_alloc failed sc->npdu_max=%d npdu_alloc=%d",
467 sp->isc->npdu_max, sp->isc->npdu_alloc);
468 while((pq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) {
469 sdebug(2, "waiting...");
470 pause("isc_encap", 5*hz);
471 }
472 }
473 cmd = &pq->pdu.ipdu.scsi_req;
474 cmd->opcode = ISCSI_SCSI_CMD;
475 cmd->F = 1;
476 #if 0
477 // this breaks at least Isilon's iscsi target.
478 /*
479 | map tag option, default is UNTAGGED
480 */
481 switch(csio->tag_action) {
482 case MSG_SIMPLE_Q_TAG: cmd->attr = iSCSI_TASK_SIMPLE; break;
483 case MSG_HEAD_OF_Q_TAG: cmd->attr = iSCSI_TASK_HOFQ; break;
484 case MSG_ORDERED_Q_TAG: cmd->attr = iSCSI_TASK_ORDER; break;
485 case MSG_ACA_TASK: cmd->attr = iSCSI_TASK_ACA; break;
486 }
487 #else
488 cmd->attr = iSCSI_TASK_SIMPLE;
489 #endif
490
491 dwl(sp, ccb_h->target_lun, (u_char *)&cmd->lun);
492
493 if((ccb_h->flags & CAM_CDB_POINTER) != 0) {
494 if((ccb_h->flags & CAM_CDB_PHYS) == 0) {
495 if(csio->cdb_len > 16) {
496 sdebug(3, "oversize cdb %d > 16", csio->cdb_len);
497 goto invalid;
498 }
499 }
500 else {
501 sdebug(3, "not phys");
502 goto invalid;
503 }
504 }
505
506 if(csio->cdb_len > sizeof(cmd->cdb))
507 xdebug("guevalt! %d > %ld", csio->cdb_len, (long)sizeof(cmd->cdb));
508
509 memcpy(cmd->cdb,
510 ccb_h->flags & CAM_CDB_POINTER? csio->cdb_io.cdb_ptr: csio->cdb_io.cdb_bytes,
511 csio->cdb_len);
512
513 cmd->W = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT;
514 cmd->R = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN;
515 cmd->edtlen = htonl(csio->dxfer_len);
516
517 pq->ccb = ccb;
518 /*
519 | place it in the out queue
520 */
521 if(isc_qout(sp, pq) == 0)
522 return 1;
523 invalid:
524 ccb->ccb_h.status = CAM_REQ_INVALID;
525 pdu_free(sp->isc, pq);
526
527 return 0;
528 }
529
530 int
531 scsi_decap(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
532 {
533 union ccb *ccb = opq->ccb;
534 struct ccb_scsiio *csio = &ccb->csio;
535 pdu_t *opp = &opq->pdu;
536 bhs_t *bhp = &opp->ipdu.bhs;
537
538 debug_called(8);
539 sdebug(6, "pq=%p opq=%p bhp->opcode=0x%x len=%d",
540 pq, opq, bhp->opcode, pq->pdu.ds_len);
541 if(ccb == NULL) {
542 sdebug(1, "itt=0x%x pq=%p opq=%p bhp->opcode=0x%x len=%d",
543 ntohl(pq->pdu.ipdu.bhs.itt),
544 pq, opq, bhp->opcode, pq->pdu.ds_len);
545 xdebug("%d] ccb == NULL!", sp->sid);
546 return 0;
547 }
548 if(pq->pdu.ds_len != 0) {
549 switch(bhp->opcode) {
550 case ISCSI_SCSI_CMD: {
551 scsi_req_t *cmd = &opp->ipdu.scsi_req;
552 sdebug(5, "itt=0x%x opcode=%x R=%d",
553 ntohl(pq->pdu.ipdu.bhs.itt),
554 pq->pdu.ipdu.bhs.opcode, cmd->R);
555
556 switch(pq->pdu.ipdu.bhs.opcode) {
557 case ISCSI_READ_DATA: // SCSI Data in
558 {
559 caddr_t bp = NULL; // = mtod(pq->mp, caddr_t);
560 data_in_t *rcmd = &pq->pdu.ipdu.data_in;
561
562 if(cmd->R) {
563 sdebug(5, "copy to=%p from=%p l1=%d l2=%d mp@%p",
564 csio->data_ptr, bp? mtod(pq->mp, caddr_t): 0,
565 ntohl(cmd->edtlen), pq->pdu.ds_len, pq->mp);
566 if(ntohl(cmd->edtlen) >= pq->pdu.ds_len) {
567 int offset, len = pq->pdu.ds_len;
568
569 if(pq->mp != NULL) {
570 caddr_t dp;
571
572 offset = ntohl(rcmd->bo);
573 dp = csio->data_ptr + offset;
574 i_mbufcopy(pq->mp, dp, len);
575 }
576 }
577 else {
578 xdebug("edtlen=%d < ds_len=%d",
579 ntohl(cmd->edtlen), pq->pdu.ds_len);
580 }
581 }
582 if(rcmd->S) {
583 /*
584 | contains also the SCSI Status
585 */
586 _scsi_done(sp, 0, rcmd->status, opq->ccb, NULL);
587 return 0;
588 } else
589 return 1;
590 }
591 break;
592 }
593 }
594 default:
595 sdebug(3, "opcode=%02x", bhp->opcode);
596 break;
597 }
598 }
599 /*
600 | XXX: error ...
601 */
602 return 1;
603 }
Cache object: 2d8924c01e542e22ee6fab33d93179de
|