[SCSI] audit drivers for incorrect max_id use
[linux-2.6] / drivers / scsi / libiscsi.c
1 /*
2  * iSCSI lib functions
3  *
4  * Copyright (C) 2006 Red Hat, Inc.  All rights reserved.
5  * Copyright (C) 2004 - 2006 Mike Christie
6  * Copyright (C) 2004 - 2005 Dmitry Yusupov
7  * Copyright (C) 2004 - 2005 Alex Aizman
8  * maintained by open-iscsi@googlegroups.com
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation; either version 2 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23  */
24 #include <linux/types.h>
25 #include <linux/mutex.h>
26 #include <linux/kfifo.h>
27 #include <linux/delay.h>
28 #include <net/tcp.h>
29 #include <scsi/scsi_cmnd.h>
30 #include <scsi/scsi_device.h>
31 #include <scsi/scsi_eh.h>
32 #include <scsi/scsi_tcq.h>
33 #include <scsi/scsi_host.h>
34 #include <scsi/scsi.h>
35 #include <scsi/iscsi_proto.h>
36 #include <scsi/scsi_transport.h>
37 #include <scsi/scsi_transport_iscsi.h>
38 #include <scsi/libiscsi.h>
39
40 struct iscsi_session *
41 class_to_transport_session(struct iscsi_cls_session *cls_session)
42 {
43         struct Scsi_Host *shost = iscsi_session_to_shost(cls_session);
44         return iscsi_hostdata(shost->hostdata);
45 }
46 EXPORT_SYMBOL_GPL(class_to_transport_session);
47
48 #define INVALID_SN_DELTA        0xffff
49
50 int
51 iscsi_check_assign_cmdsn(struct iscsi_session *session, struct iscsi_nopin *hdr)
52 {
53         uint32_t max_cmdsn = be32_to_cpu(hdr->max_cmdsn);
54         uint32_t exp_cmdsn = be32_to_cpu(hdr->exp_cmdsn);
55
56         if (max_cmdsn < exp_cmdsn -1 &&
57             max_cmdsn > exp_cmdsn - INVALID_SN_DELTA)
58                 return ISCSI_ERR_MAX_CMDSN;
59         if (max_cmdsn > session->max_cmdsn ||
60             max_cmdsn < session->max_cmdsn - INVALID_SN_DELTA)
61                 session->max_cmdsn = max_cmdsn;
62         if (exp_cmdsn > session->exp_cmdsn ||
63             exp_cmdsn < session->exp_cmdsn - INVALID_SN_DELTA)
64                 session->exp_cmdsn = exp_cmdsn;
65
66         return 0;
67 }
68 EXPORT_SYMBOL_GPL(iscsi_check_assign_cmdsn);
69
70 void iscsi_prep_unsolicit_data_pdu(struct iscsi_cmd_task *ctask,
71                                    struct iscsi_data *hdr,
72                                    int transport_data_cnt)
73 {
74         struct iscsi_conn *conn = ctask->conn;
75
76         memset(hdr, 0, sizeof(struct iscsi_data));
77         hdr->ttt = cpu_to_be32(ISCSI_RESERVED_TAG);
78         hdr->datasn = cpu_to_be32(ctask->unsol_datasn);
79         ctask->unsol_datasn++;
80         hdr->opcode = ISCSI_OP_SCSI_DATA_OUT;
81         memcpy(hdr->lun, ctask->hdr->lun, sizeof(hdr->lun));
82
83         hdr->itt = ctask->hdr->itt;
84         hdr->exp_statsn = cpu_to_be32(conn->exp_statsn);
85
86         hdr->offset = cpu_to_be32(ctask->total_length -
87                                   transport_data_cnt -
88                                   ctask->unsol_count);
89
90         if (ctask->unsol_count > conn->max_xmit_dlength) {
91                 hton24(hdr->dlength, conn->max_xmit_dlength);
92                 ctask->data_count = conn->max_xmit_dlength;
93                 hdr->flags = 0;
94         } else {
95                 hton24(hdr->dlength, ctask->unsol_count);
96                 ctask->data_count = ctask->unsol_count;
97                 hdr->flags = ISCSI_FLAG_CMD_FINAL;
98         }
99 }
100 EXPORT_SYMBOL_GPL(iscsi_prep_unsolicit_data_pdu);
101
102 /**
103  * iscsi_prep_scsi_cmd_pdu - prep iscsi scsi cmd pdu
104  * @ctask: iscsi cmd task
105  *
106  * Prep basic iSCSI PDU fields for a scsi cmd pdu. The LLD should set
107  * fields like dlength or final based on how much data it sends
108  */
109 static void iscsi_prep_scsi_cmd_pdu(struct iscsi_cmd_task *ctask)
110 {
111         struct iscsi_conn *conn = ctask->conn;
112         struct iscsi_session *session = conn->session;
113         struct iscsi_cmd *hdr = ctask->hdr;
114         struct scsi_cmnd *sc = ctask->sc;
115
116         hdr->opcode = ISCSI_OP_SCSI_CMD;
117         hdr->flags = ISCSI_ATTR_SIMPLE;
118         int_to_scsilun(sc->device->lun, (struct scsi_lun *)hdr->lun);
119         hdr->itt = ctask->itt | (conn->id << ISCSI_CID_SHIFT) |
120                          (session->age << ISCSI_AGE_SHIFT);
121         hdr->data_length = cpu_to_be32(sc->request_bufflen);
122         hdr->cmdsn = cpu_to_be32(session->cmdsn);
123         session->cmdsn++;
124         hdr->exp_statsn = cpu_to_be32(conn->exp_statsn);
125         memcpy(hdr->cdb, sc->cmnd, sc->cmd_len);
126         memset(&hdr->cdb[sc->cmd_len], 0, MAX_COMMAND_SIZE - sc->cmd_len);
127
128         if (sc->sc_data_direction == DMA_TO_DEVICE) {
129                 hdr->flags |= ISCSI_FLAG_CMD_WRITE;
130                 /*
131                  * Write counters:
132                  *
133                  *      imm_count       bytes to be sent right after
134                  *                      SCSI PDU Header
135                  *
136                  *      unsol_count     bytes(as Data-Out) to be sent
137                  *                      without R2T ack right after
138                  *                      immediate data
139                  *
140                  *      r2t_data_count  bytes to be sent via R2T ack's
141                  *
142                  *      pad_count       bytes to be sent as zero-padding
143                  */
144                 ctask->imm_count = 0;
145                 ctask->unsol_count = 0;
146                 ctask->unsol_datasn = 0;
147
148                 if (session->imm_data_en) {
149                         if (ctask->total_length >= session->first_burst)
150                                 ctask->imm_count = min(session->first_burst,
151                                                         conn->max_xmit_dlength);
152                         else
153                                 ctask->imm_count = min(ctask->total_length,
154                                                         conn->max_xmit_dlength);
155                         hton24(ctask->hdr->dlength, ctask->imm_count);
156                 } else
157                         zero_data(ctask->hdr->dlength);
158
159                 if (!session->initial_r2t_en)
160                         ctask->unsol_count = min(session->first_burst,
161                                 ctask->total_length) - ctask->imm_count;
162                 if (!ctask->unsol_count)
163                         /* No unsolicit Data-Out's */
164                         ctask->hdr->flags |= ISCSI_FLAG_CMD_FINAL;
165         } else {
166                 ctask->datasn = 0;
167                 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
168                 zero_data(hdr->dlength);
169
170                 if (sc->sc_data_direction == DMA_FROM_DEVICE)
171                         hdr->flags |= ISCSI_FLAG_CMD_READ;
172         }
173
174         conn->scsicmd_pdus_cnt++;
175 }
176 EXPORT_SYMBOL_GPL(iscsi_prep_scsi_cmd_pdu);
177
178 /**
179  * iscsi_complete_command - return command back to scsi-ml
180  * @session: iscsi session
181  * @ctask: iscsi cmd task
182  *
183  * Must be called with session lock.
184  * This function returns the scsi command to scsi-ml and returns
185  * the cmd task to the pool of available cmd tasks.
186  */
187 static void iscsi_complete_command(struct iscsi_session *session,
188                                    struct iscsi_cmd_task *ctask)
189 {
190         struct scsi_cmnd *sc = ctask->sc;
191
192         ctask->sc = NULL;
193         list_del_init(&ctask->running);
194         __kfifo_put(session->cmdpool.queue, (void*)&ctask, sizeof(void*));
195         sc->scsi_done(sc);
196 }
197
198 /**
199  * iscsi_cmd_rsp - SCSI Command Response processing
200  * @conn: iscsi connection
201  * @hdr: iscsi header
202  * @ctask: scsi command task
203  * @data: cmd data buffer
204  * @datalen: len of buffer
205  *
206  * iscsi_cmd_rsp sets up the scsi_cmnd fields based on the PDU and
207  * then completes the command and task.
208  **/
209 static int iscsi_scsi_cmd_rsp(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
210                               struct iscsi_cmd_task *ctask, char *data,
211                               int datalen)
212 {
213         int rc;
214         struct iscsi_cmd_rsp *rhdr = (struct iscsi_cmd_rsp *)hdr;
215         struct iscsi_session *session = conn->session;
216         struct scsi_cmnd *sc = ctask->sc;
217
218         rc = iscsi_check_assign_cmdsn(session, (struct iscsi_nopin*)rhdr);
219         if (rc) {
220                 sc->result = DID_ERROR << 16;
221                 goto out;
222         }
223
224         conn->exp_statsn = be32_to_cpu(rhdr->statsn) + 1;
225
226         sc->result = (DID_OK << 16) | rhdr->cmd_status;
227
228         if (rhdr->response != ISCSI_STATUS_CMD_COMPLETED) {
229                 sc->result = DID_ERROR << 16;
230                 goto out;
231         }
232
233         if (rhdr->cmd_status == SAM_STAT_CHECK_CONDITION) {
234                 int senselen;
235
236                 if (datalen < 2) {
237 invalid_datalen:
238                         printk(KERN_ERR "iscsi: Got CHECK_CONDITION but "
239                                "invalid data buffer size of %d\n", datalen);
240                         sc->result = DID_BAD_TARGET << 16;
241                         goto out;
242                 }
243
244                 senselen = (data[0] << 8) | data[1];
245                 if (datalen < senselen)
246                         goto invalid_datalen;
247
248                 memcpy(sc->sense_buffer, data + 2,
249                        min(senselen, SCSI_SENSE_BUFFERSIZE));
250                 debug_scsi("copied %d bytes of sense\n",
251                            min(senselen, SCSI_SENSE_BUFFERSIZE));
252         }
253
254         if (sc->sc_data_direction == DMA_TO_DEVICE)
255                 goto out;
256
257         if (rhdr->flags & ISCSI_FLAG_CMD_UNDERFLOW) {
258                 int res_count = be32_to_cpu(rhdr->residual_count);
259
260                 if (res_count > 0 && res_count <= sc->request_bufflen)
261                         sc->resid = res_count;
262                 else
263                         sc->result = (DID_BAD_TARGET << 16) | rhdr->cmd_status;
264         } else if (rhdr->flags & ISCSI_FLAG_CMD_BIDI_UNDERFLOW)
265                 sc->result = (DID_BAD_TARGET << 16) | rhdr->cmd_status;
266         else if (rhdr->flags & ISCSI_FLAG_CMD_OVERFLOW)
267                 sc->resid = be32_to_cpu(rhdr->residual_count);
268
269 out:
270         debug_scsi("done [sc %lx res %d itt 0x%x]\n",
271                    (long)sc, sc->result, ctask->itt);
272         conn->scsirsp_pdus_cnt++;
273
274         iscsi_complete_command(conn->session, ctask);
275         return rc;
276 }
277
278 /**
279  * __iscsi_complete_pdu - complete pdu
280  * @conn: iscsi conn
281  * @hdr: iscsi header
282  * @data: data buffer
283  * @datalen: len of data buffer
284  *
285  * Completes pdu processing by freeing any resources allocated at
286  * queuecommand or send generic. session lock must be held and verify
287  * itt must have been called.
288  */
289 int __iscsi_complete_pdu(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
290                          char *data, int datalen)
291 {
292         struct iscsi_session *session = conn->session;
293         int opcode = hdr->opcode & ISCSI_OPCODE_MASK, rc = 0;
294         struct iscsi_cmd_task *ctask;
295         struct iscsi_mgmt_task *mtask;
296         uint32_t itt;
297
298         if (hdr->itt != cpu_to_be32(ISCSI_RESERVED_TAG))
299                 itt = hdr->itt & ISCSI_ITT_MASK;
300         else
301                 itt = hdr->itt;
302
303         if (itt < session->cmds_max) {
304                 ctask = session->cmds[itt];
305
306                 debug_scsi("cmdrsp [op 0x%x cid %d itt 0x%x len %d]\n",
307                            opcode, conn->id, ctask->itt, datalen);
308
309                 switch(opcode) {
310                 case ISCSI_OP_SCSI_CMD_RSP:
311                         BUG_ON((void*)ctask != ctask->sc->SCp.ptr);
312                         rc = iscsi_scsi_cmd_rsp(conn, hdr, ctask, data,
313                                                 datalen);
314                         break;
315                 case ISCSI_OP_SCSI_DATA_IN:
316                         BUG_ON((void*)ctask != ctask->sc->SCp.ptr);
317                         if (hdr->flags & ISCSI_FLAG_DATA_STATUS) {
318                                 conn->scsirsp_pdus_cnt++;
319                                 iscsi_complete_command(session, ctask);
320                         }
321                         break;
322                 case ISCSI_OP_R2T:
323                         /* LLD handles this for now */
324                         break;
325                 default:
326                         rc = ISCSI_ERR_BAD_OPCODE;
327                         break;
328                 }
329         } else if (itt >= ISCSI_MGMT_ITT_OFFSET &&
330                    itt < ISCSI_MGMT_ITT_OFFSET + session->mgmtpool_max) {
331                 mtask = session->mgmt_cmds[itt - ISCSI_MGMT_ITT_OFFSET];
332
333                 debug_scsi("immrsp [op 0x%x cid %d itt 0x%x len %d]\n",
334                            opcode, conn->id, mtask->itt, datalen);
335
336                 rc = iscsi_check_assign_cmdsn(session,
337                                               (struct iscsi_nopin*)hdr);
338                 if (rc)
339                         goto done;
340
341                 switch(opcode) {
342                 case ISCSI_OP_LOGOUT_RSP:
343                         conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
344                         /* fall through */
345                 case ISCSI_OP_LOGIN_RSP:
346                 case ISCSI_OP_TEXT_RSP:
347                         /*
348                          * login related PDU's exp_statsn is handled in
349                          * userspace
350                          */
351                         rc = iscsi_recv_pdu(conn->cls_conn, hdr, data, datalen);
352                         list_del(&mtask->running);
353                         if (conn->login_mtask != mtask)
354                                 __kfifo_put(session->mgmtpool.queue,
355                                             (void*)&mtask, sizeof(void*));
356                         break;
357                 case ISCSI_OP_SCSI_TMFUNC_RSP:
358                         if (datalen) {
359                                 rc = ISCSI_ERR_PROTO;
360                                 break;
361                         }
362
363                         conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
364                         conn->tmfrsp_pdus_cnt++;
365                         if (conn->tmabort_state == TMABORT_INITIAL) {
366                                 conn->tmabort_state =
367                                         ((struct iscsi_tm_rsp *)hdr)->
368                                         response == ISCSI_TMF_RSP_COMPLETE ?
369                                                 TMABORT_SUCCESS:TMABORT_FAILED;
370                                 /* unblock eh_abort() */
371                                 wake_up(&conn->ehwait);
372                         }
373                         break;
374                 case ISCSI_OP_NOOP_IN:
375                         if (hdr->ttt != ISCSI_RESERVED_TAG) {
376                                 rc = ISCSI_ERR_PROTO;
377                                 break;
378                         }
379                         conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
380
381                         rc = iscsi_recv_pdu(conn->cls_conn, hdr, data, datalen);
382                         list_del(&mtask->running);
383                         if (conn->login_mtask != mtask)
384                                 __kfifo_put(session->mgmtpool.queue,
385                                             (void*)&mtask, sizeof(void*));
386                         break;
387                 default:
388                         rc = ISCSI_ERR_BAD_OPCODE;
389                         break;
390                 }
391         } else if (itt == ISCSI_RESERVED_TAG) {
392                 switch(opcode) {
393                 case ISCSI_OP_NOOP_IN:
394                         if (!datalen) {
395                                 rc = iscsi_check_assign_cmdsn(session,
396                                                  (struct iscsi_nopin*)hdr);
397                                 if (!rc && hdr->ttt != ISCSI_RESERVED_TAG)
398                                         rc = iscsi_recv_pdu(conn->cls_conn,
399                                                             hdr, NULL, 0);
400                         } else
401                                 rc = ISCSI_ERR_PROTO;
402                         break;
403                 case ISCSI_OP_REJECT:
404                         /* we need sth like iscsi_reject_rsp()*/
405                 case ISCSI_OP_ASYNC_EVENT:
406                         conn->exp_statsn = be32_to_cpu(hdr->statsn) + 1;
407                         /* we need sth like iscsi_async_event_rsp() */
408                         rc = ISCSI_ERR_BAD_OPCODE;
409                         break;
410                 default:
411                         rc = ISCSI_ERR_BAD_OPCODE;
412                         break;
413                 }
414         } else
415                 rc = ISCSI_ERR_BAD_ITT;
416
417 done:
418         return rc;
419 }
420 EXPORT_SYMBOL_GPL(__iscsi_complete_pdu);
421
422 int iscsi_complete_pdu(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
423                        char *data, int datalen)
424 {
425         int rc;
426
427         spin_lock(&conn->session->lock);
428         rc = __iscsi_complete_pdu(conn, hdr, data, datalen);
429         spin_unlock(&conn->session->lock);
430         return rc;
431 }
432 EXPORT_SYMBOL_GPL(iscsi_complete_pdu);
433
434 /* verify itt (itt encoding: age+cid+itt) */
435 int iscsi_verify_itt(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
436                      uint32_t *ret_itt)
437 {
438         struct iscsi_session *session = conn->session;
439         struct iscsi_cmd_task *ctask;
440         uint32_t itt;
441
442         if (hdr->itt != cpu_to_be32(ISCSI_RESERVED_TAG)) {
443                 if ((hdr->itt & ISCSI_AGE_MASK) !=
444                     (session->age << ISCSI_AGE_SHIFT)) {
445                         printk(KERN_ERR "iscsi: received itt %x expected "
446                                 "session age (%x)\n", hdr->itt,
447                                 session->age & ISCSI_AGE_MASK);
448                         return ISCSI_ERR_BAD_ITT;
449                 }
450
451                 if ((hdr->itt & ISCSI_CID_MASK) !=
452                     (conn->id << ISCSI_CID_SHIFT)) {
453                         printk(KERN_ERR "iscsi: received itt %x, expected "
454                                 "CID (%x)\n", hdr->itt, conn->id);
455                         return ISCSI_ERR_BAD_ITT;
456                 }
457                 itt = hdr->itt & ISCSI_ITT_MASK;
458         } else
459                 itt = hdr->itt;
460
461         if (itt < session->cmds_max) {
462                 ctask = session->cmds[itt];
463
464                 if (!ctask->sc) {
465                         printk(KERN_INFO "iscsi: dropping ctask with "
466                                "itt 0x%x\n", ctask->itt);
467                         /* force drop */
468                         return ISCSI_ERR_NO_SCSI_CMD;
469                 }
470
471                 if (ctask->sc->SCp.phase != session->age) {
472                         printk(KERN_ERR "iscsi: ctask's session age %d, "
473                                 "expected %d\n", ctask->sc->SCp.phase,
474                                 session->age);
475                         return ISCSI_ERR_SESSION_FAILED;
476                 }
477         }
478
479         *ret_itt = itt;
480         return 0;
481 }
482 EXPORT_SYMBOL_GPL(iscsi_verify_itt);
483
484 void iscsi_conn_failure(struct iscsi_conn *conn, enum iscsi_err err)
485 {
486         struct iscsi_session *session = conn->session;
487         unsigned long flags;
488
489         spin_lock_irqsave(&session->lock, flags);
490         if (session->state == ISCSI_STATE_FAILED) {
491                 spin_unlock_irqrestore(&session->lock, flags);
492                 return;
493         }
494
495         if (session->conn_cnt == 1 || session->leadconn == conn)
496                 session->state = ISCSI_STATE_FAILED;
497         spin_unlock_irqrestore(&session->lock, flags);
498         set_bit(ISCSI_SUSPEND_BIT, &conn->suspend_tx);
499         set_bit(ISCSI_SUSPEND_BIT, &conn->suspend_rx);
500         iscsi_conn_error(conn->cls_conn, err);
501 }
502 EXPORT_SYMBOL_GPL(iscsi_conn_failure);
503
504 /**
505  * iscsi_data_xmit - xmit any command into the scheduled connection
506  * @conn: iscsi connection
507  *
508  * Notes:
509  *      The function can return -EAGAIN in which case the caller must
510  *      re-schedule it again later or recover. '0' return code means
511  *      successful xmit.
512  **/
513 static int iscsi_data_xmit(struct iscsi_conn *conn)
514 {
515         struct iscsi_transport *tt;
516
517         if (unlikely(conn->suspend_tx)) {
518                 debug_scsi("conn %d Tx suspended!\n", conn->id);
519                 return 0;
520         }
521         tt = conn->session->tt;
522
523         /*
524          * Transmit in the following order:
525          *
526          * 1) un-finished xmit (ctask or mtask)
527          * 2) immediate control PDUs
528          * 3) write data
529          * 4) SCSI commands
530          * 5) non-immediate control PDUs
531          *
532          * No need to lock around __kfifo_get as long as
533          * there's one producer and one consumer.
534          */
535
536         BUG_ON(conn->ctask && conn->mtask);
537
538         if (conn->ctask) {
539                 if (tt->xmit_cmd_task(conn, conn->ctask))
540                         goto again;
541                 /* done with this in-progress ctask */
542                 conn->ctask = NULL;
543         }
544         if (conn->mtask) {
545                 if (tt->xmit_mgmt_task(conn, conn->mtask))
546                         goto again;
547                 /* done with this in-progress mtask */
548                 conn->mtask = NULL;
549         }
550
551         /* process immediate first */
552         if (unlikely(__kfifo_len(conn->immqueue))) {
553                 while (__kfifo_get(conn->immqueue, (void*)&conn->mtask,
554                                    sizeof(void*))) {
555                         list_add_tail(&conn->mtask->running,
556                                       &conn->mgmt_run_list);
557                         if (tt->xmit_mgmt_task(conn, conn->mtask))
558                                 goto again;
559                 }
560                 /* done with this mtask */
561                 conn->mtask = NULL;
562         }
563
564         /* process command queue */
565         while (__kfifo_get(conn->xmitqueue, (void*)&conn->ctask,
566                            sizeof(void*))) {
567                 /*
568                  * iscsi tcp may readd the task to the xmitqueue to send
569                  * write data
570                  */
571                 if (list_empty(&conn->ctask->running))
572                         list_add_tail(&conn->ctask->running, &conn->run_list);
573                 if (tt->xmit_cmd_task(conn, conn->ctask))
574                         goto again;
575         }
576         /* done with this ctask */
577         conn->ctask = NULL;
578
579         /* process the rest control plane PDUs, if any */
580         if (unlikely(__kfifo_len(conn->mgmtqueue))) {
581                 while (__kfifo_get(conn->mgmtqueue, (void*)&conn->mtask,
582                                    sizeof(void*))) {
583                         list_add_tail(&conn->mtask->running,
584                                       &conn->mgmt_run_list);
585                         if (tt->xmit_mgmt_task(conn, conn->mtask))
586                                 goto again;
587                 }
588                 /* done with this mtask */
589                 conn->mtask = NULL;
590         }
591
592         return 0;
593
594 again:
595         if (unlikely(conn->suspend_tx))
596                 return 0;
597
598         return -EAGAIN;
599 }
600
601 static void iscsi_xmitworker(void *data)
602 {
603         struct iscsi_conn *conn = data;
604
605         /*
606          * serialize Xmit worker on a per-connection basis.
607          */
608         mutex_lock(&conn->xmitmutex);
609         if (iscsi_data_xmit(conn))
610                 scsi_queue_work(conn->session->host, &conn->xmitwork);
611         mutex_unlock(&conn->xmitmutex);
612 }
613
614 enum {
615         FAILURE_BAD_HOST = 1,
616         FAILURE_SESSION_FAILED,
617         FAILURE_SESSION_FREED,
618         FAILURE_WINDOW_CLOSED,
619         FAILURE_SESSION_TERMINATE,
620         FAILURE_SESSION_IN_RECOVERY,
621         FAILURE_SESSION_RECOVERY_TIMEOUT,
622 };
623
624 int iscsi_queuecommand(struct scsi_cmnd *sc, void (*done)(struct scsi_cmnd *))
625 {
626         struct Scsi_Host *host;
627         int reason = 0;
628         struct iscsi_session *session;
629         struct iscsi_conn *conn;
630         struct iscsi_cmd_task *ctask = NULL;
631
632         sc->scsi_done = done;
633         sc->result = 0;
634
635         host = sc->device->host;
636         session = iscsi_hostdata(host->hostdata);
637
638         spin_lock(&session->lock);
639
640         /*
641          * ISCSI_STATE_FAILED is a temp. state. The recovery
642          * code will decide what is best to do with command queued
643          * during this time
644          */
645         if (session->state != ISCSI_STATE_LOGGED_IN &&
646             session->state != ISCSI_STATE_FAILED) {
647                 /*
648                  * to handle the race between when we set the recovery state
649                  * and block the session we requeue here (commands could
650                  * be entering our queuecommand while a block is starting
651                  * up because the block code is not locked)
652                  */
653                 if (session->state == ISCSI_STATE_IN_RECOVERY) {
654                         reason = FAILURE_SESSION_IN_RECOVERY;
655                         goto fault;
656                 }
657
658                 if (session->state == ISCSI_STATE_RECOVERY_FAILED)
659                         reason = FAILURE_SESSION_RECOVERY_TIMEOUT;
660                 else if (session->state == ISCSI_STATE_TERMINATE)
661                         reason = FAILURE_SESSION_TERMINATE;
662                 else
663                         reason = FAILURE_SESSION_FREED;
664                 goto fault;
665         }
666
667         /*
668          * Check for iSCSI window and take care of CmdSN wrap-around
669          */
670         if ((int)(session->max_cmdsn - session->cmdsn) < 0) {
671                 reason = FAILURE_WINDOW_CLOSED;
672                 goto reject;
673         }
674
675         conn = session->leadconn;
676
677         __kfifo_get(session->cmdpool.queue, (void*)&ctask, sizeof(void*));
678         sc->SCp.phase = session->age;
679         sc->SCp.ptr = (char *)ctask;
680
681         ctask->mtask = NULL;
682         ctask->conn = conn;
683         ctask->sc = sc;
684         INIT_LIST_HEAD(&ctask->running);
685         ctask->total_length = sc->request_bufflen;
686         iscsi_prep_scsi_cmd_pdu(ctask);
687
688         session->tt->init_cmd_task(ctask);
689
690         __kfifo_put(conn->xmitqueue, (void*)&ctask, sizeof(void*));
691         debug_scsi(
692                "ctask enq [%s cid %d sc %lx itt 0x%x len %d cmdsn %d win %d]\n",
693                 sc->sc_data_direction == DMA_TO_DEVICE ? "write" : "read",
694                 conn->id, (long)sc, ctask->itt, sc->request_bufflen,
695                 session->cmdsn, session->max_cmdsn - session->exp_cmdsn + 1);
696         spin_unlock(&session->lock);
697
698         scsi_queue_work(host, &conn->xmitwork);
699         return 0;
700
701 reject:
702         spin_unlock(&session->lock);
703         debug_scsi("cmd 0x%x rejected (%d)\n", sc->cmnd[0], reason);
704         return SCSI_MLQUEUE_HOST_BUSY;
705
706 fault:
707         spin_unlock(&session->lock);
708         printk(KERN_ERR "iscsi: cmd 0x%x is not queued (%d)\n",
709                sc->cmnd[0], reason);
710         sc->result = (DID_NO_CONNECT << 16);
711         sc->resid = sc->request_bufflen;
712         sc->scsi_done(sc);
713         return 0;
714 }
715 EXPORT_SYMBOL_GPL(iscsi_queuecommand);
716
717 int iscsi_change_queue_depth(struct scsi_device *sdev, int depth)
718 {
719         if (depth > ISCSI_MAX_CMD_PER_LUN)
720                 depth = ISCSI_MAX_CMD_PER_LUN;
721         scsi_adjust_queue_depth(sdev, scsi_get_tag_type(sdev), depth);
722         return sdev->queue_depth;
723 }
724 EXPORT_SYMBOL_GPL(iscsi_change_queue_depth);
725
726 static int
727 iscsi_conn_send_generic(struct iscsi_conn *conn, struct iscsi_hdr *hdr,
728                         char *data, uint32_t data_size)
729 {
730         struct iscsi_session *session = conn->session;
731         struct iscsi_nopout *nop = (struct iscsi_nopout *)hdr;
732         struct iscsi_mgmt_task *mtask;
733
734         spin_lock_bh(&session->lock);
735         if (session->state == ISCSI_STATE_TERMINATE) {
736                 spin_unlock_bh(&session->lock);
737                 return -EPERM;
738         }
739         if (hdr->opcode == (ISCSI_OP_LOGIN | ISCSI_OP_IMMEDIATE) ||
740             hdr->opcode == (ISCSI_OP_TEXT | ISCSI_OP_IMMEDIATE))
741                 /*
742                  * Login and Text are sent serially, in
743                  * request-followed-by-response sequence.
744                  * Same mtask can be used. Same ITT must be used.
745                  * Note that login_mtask is preallocated at conn_create().
746                  */
747                 mtask = conn->login_mtask;
748         else {
749                 BUG_ON(conn->c_stage == ISCSI_CONN_INITIAL_STAGE);
750                 BUG_ON(conn->c_stage == ISCSI_CONN_STOPPED);
751
752                 nop->exp_statsn = cpu_to_be32(conn->exp_statsn);
753                 if (!__kfifo_get(session->mgmtpool.queue,
754                                  (void*)&mtask, sizeof(void*))) {
755                         spin_unlock_bh(&session->lock);
756                         return -ENOSPC;
757                 }
758         }
759
760         /*
761          * pre-format CmdSN for outgoing PDU.
762          */
763         if (hdr->itt != cpu_to_be32(ISCSI_RESERVED_TAG)) {
764                 hdr->itt = mtask->itt | (conn->id << ISCSI_CID_SHIFT) |
765                            (session->age << ISCSI_AGE_SHIFT);
766                 nop->cmdsn = cpu_to_be32(session->cmdsn);
767                 if (conn->c_stage == ISCSI_CONN_STARTED &&
768                     !(hdr->opcode & ISCSI_OP_IMMEDIATE))
769                         session->cmdsn++;
770         } else
771                 /* do not advance CmdSN */
772                 nop->cmdsn = cpu_to_be32(session->cmdsn);
773
774         if (data_size) {
775                 memcpy(mtask->data, data, data_size);
776                 mtask->data_count = data_size;
777         } else
778                 mtask->data_count = 0;
779
780         INIT_LIST_HEAD(&mtask->running);
781         memcpy(mtask->hdr, hdr, sizeof(struct iscsi_hdr));
782         if (session->tt->init_mgmt_task)
783                 session->tt->init_mgmt_task(conn, mtask, data, data_size);
784         spin_unlock_bh(&session->lock);
785
786         debug_scsi("mgmtpdu [op 0x%x hdr->itt 0x%x datalen %d]\n",
787                    hdr->opcode, hdr->itt, data_size);
788
789         /*
790          * since send_pdu() could be called at least from two contexts,
791          * we need to serialize __kfifo_put, so we don't have to take
792          * additional lock on fast data-path
793          */
794         if (hdr->opcode & ISCSI_OP_IMMEDIATE)
795                 __kfifo_put(conn->immqueue, (void*)&mtask, sizeof(void*));
796         else
797                 __kfifo_put(conn->mgmtqueue, (void*)&mtask, sizeof(void*));
798
799         scsi_queue_work(session->host, &conn->xmitwork);
800         return 0;
801 }
802
803 int iscsi_conn_send_pdu(struct iscsi_cls_conn *cls_conn, struct iscsi_hdr *hdr,
804                         char *data, uint32_t data_size)
805 {
806         struct iscsi_conn *conn = cls_conn->dd_data;
807         int rc;
808
809         mutex_lock(&conn->xmitmutex);
810         rc = iscsi_conn_send_generic(conn, hdr, data, data_size);
811         mutex_unlock(&conn->xmitmutex);
812
813         return rc;
814 }
815 EXPORT_SYMBOL_GPL(iscsi_conn_send_pdu);
816
817 void iscsi_session_recovery_timedout(struct iscsi_cls_session *cls_session)
818 {
819         struct iscsi_session *session = class_to_transport_session(cls_session);
820         struct iscsi_conn *conn = session->leadconn;
821
822         spin_lock_bh(&session->lock);
823         if (session->state != ISCSI_STATE_LOGGED_IN) {
824                 session->state = ISCSI_STATE_RECOVERY_FAILED;
825                 if (conn)
826                         wake_up(&conn->ehwait);
827         }
828         spin_unlock_bh(&session->lock);
829 }
830 EXPORT_SYMBOL_GPL(iscsi_session_recovery_timedout);
831
832 int iscsi_eh_host_reset(struct scsi_cmnd *sc)
833 {
834         struct Scsi_Host *host = sc->device->host;
835         struct iscsi_session *session = iscsi_hostdata(host->hostdata);
836         struct iscsi_conn *conn = session->leadconn;
837         int fail_session = 0;
838
839         spin_lock_bh(&session->lock);
840         if (session->state == ISCSI_STATE_TERMINATE) {
841 failed:
842                 debug_scsi("failing host reset: session terminated "
843                            "[CID %d age %d]", conn->id, session->age);
844                 spin_unlock_bh(&session->lock);
845                 return FAILED;
846         }
847
848         if (sc->SCp.phase == session->age) {
849                 debug_scsi("failing connection CID %d due to SCSI host reset",
850                            conn->id);
851                 fail_session = 1;
852         }
853         spin_unlock_bh(&session->lock);
854
855         /*
856          * we drop the lock here but the leadconn cannot be destoyed while
857          * we are in the scsi eh
858          */
859         if (fail_session)
860                 iscsi_conn_failure(conn, ISCSI_ERR_CONN_FAILED);
861
862         debug_scsi("iscsi_eh_host_reset wait for relogin\n");
863         wait_event_interruptible(conn->ehwait,
864                                  session->state == ISCSI_STATE_TERMINATE ||
865                                  session->state == ISCSI_STATE_LOGGED_IN ||
866                                  session->state == ISCSI_STATE_RECOVERY_FAILED);
867         if (signal_pending(current))
868                 flush_signals(current);
869
870         spin_lock_bh(&session->lock);
871         if (session->state == ISCSI_STATE_LOGGED_IN)
872                 printk(KERN_INFO "iscsi: host reset succeeded\n");
873         else
874                 goto failed;
875         spin_unlock_bh(&session->lock);
876
877         return SUCCESS;
878 }
879 EXPORT_SYMBOL_GPL(iscsi_eh_host_reset);
880
881 static void iscsi_tmabort_timedout(unsigned long data)
882 {
883         struct iscsi_cmd_task *ctask = (struct iscsi_cmd_task *)data;
884         struct iscsi_conn *conn = ctask->conn;
885         struct iscsi_session *session = conn->session;
886
887         spin_lock(&session->lock);
888         if (conn->tmabort_state == TMABORT_INITIAL) {
889                 conn->tmabort_state = TMABORT_TIMEDOUT;
890                 debug_scsi("tmabort timedout [sc %p itt 0x%x]\n",
891                         ctask->sc, ctask->itt);
892                 /* unblock eh_abort() */
893                 wake_up(&conn->ehwait);
894         }
895         spin_unlock(&session->lock);
896 }
897
898 /* must be called with the mutex lock */
899 static int iscsi_exec_abort_task(struct scsi_cmnd *sc,
900                                  struct iscsi_cmd_task *ctask)
901 {
902         struct iscsi_conn *conn = ctask->conn;
903         struct iscsi_session *session = conn->session;
904         struct iscsi_tm *hdr = &conn->tmhdr;
905         int rc;
906
907         /*
908          * ctask timed out but session is OK requests must be serialized.
909          */
910         memset(hdr, 0, sizeof(struct iscsi_tm));
911         hdr->opcode = ISCSI_OP_SCSI_TMFUNC | ISCSI_OP_IMMEDIATE;
912         hdr->flags = ISCSI_TM_FUNC_ABORT_TASK;
913         hdr->flags |= ISCSI_FLAG_CMD_FINAL;
914         memcpy(hdr->lun, ctask->hdr->lun, sizeof(hdr->lun));
915         hdr->rtt = ctask->hdr->itt;
916         hdr->refcmdsn = ctask->hdr->cmdsn;
917
918         rc = iscsi_conn_send_generic(conn, (struct iscsi_hdr *)hdr,
919                                      NULL, 0);
920         if (rc) {
921                 iscsi_conn_failure(conn, ISCSI_ERR_CONN_FAILED);
922                 debug_scsi("abort sent failure [itt 0x%x] %d", ctask->itt, rc);
923                 return rc;
924         }
925
926         debug_scsi("abort sent [itt 0x%x]\n", ctask->itt);
927
928         spin_lock_bh(&session->lock);
929         ctask->mtask = (struct iscsi_mgmt_task *)
930                         session->mgmt_cmds[(hdr->itt & ISCSI_ITT_MASK) -
931                                         ISCSI_MGMT_ITT_OFFSET];
932
933         if (conn->tmabort_state == TMABORT_INITIAL) {
934                 conn->tmfcmd_pdus_cnt++;
935                 conn->tmabort_timer.expires = 10*HZ + jiffies;
936                 conn->tmabort_timer.function = iscsi_tmabort_timedout;
937                 conn->tmabort_timer.data = (unsigned long)ctask;
938                 add_timer(&conn->tmabort_timer);
939                 debug_scsi("abort set timeout [itt 0x%x]", ctask->itt);
940         }
941         spin_unlock_bh(&session->lock);
942         mutex_unlock(&conn->xmitmutex);
943
944         /*
945          * block eh thread until:
946          *
947          * 1) abort response
948          * 2) abort timeout
949          * 3) session is terminated or restarted or userspace has
950          * given up on recovery
951          */
952         wait_event_interruptible(conn->ehwait,
953                                  sc->SCp.phase != session->age ||
954                                  session->state != ISCSI_STATE_LOGGED_IN ||
955                                  conn->tmabort_state != TMABORT_INITIAL);
956         if (signal_pending(current))
957                 flush_signals(current);
958         del_timer_sync(&conn->tmabort_timer);
959
960         mutex_lock(&conn->xmitmutex);
961         return 0;
962 }
963
964 /*
965  * xmit mutex and session lock must be held
966  */
967 #define iscsi_remove_task(tasktype)                                     \
968 static struct iscsi_##tasktype *                                        \
969 iscsi_remove_##tasktype(struct kfifo *fifo, uint32_t itt)               \
970 {                                                                       \
971         int i, nr_tasks = __kfifo_len(fifo) / sizeof(void*);            \
972         struct iscsi_##tasktype *task;                                  \
973                                                                         \
974         debug_scsi("searching %d tasks\n", nr_tasks);                   \
975                                                                         \
976         for (i = 0; i < nr_tasks; i++) {                                \
977                 __kfifo_get(fifo, (void*)&task, sizeof(void*));         \
978                 debug_scsi("check task %u\n", task->itt);               \
979                                                                         \
980                 if (task->itt == itt) {                                 \
981                         debug_scsi("matched task\n");                   \
982                         break;                                          \
983                 }                                                       \
984                                                                         \
985                 __kfifo_put(fifo, (void*)&task, sizeof(void*));         \
986         }                                                               \
987         return NULL;                                                    \
988 }
989
990 iscsi_remove_task(mgmt_task);
991 iscsi_remove_task(cmd_task);
992
993 static int iscsi_ctask_mtask_cleanup(struct iscsi_cmd_task *ctask)
994 {
995         struct iscsi_conn *conn = ctask->conn;
996         struct iscsi_session *session = conn->session;
997
998         if (!ctask->mtask)
999                 return -EINVAL;
1000
1001         if (!iscsi_remove_mgmt_task(conn->immqueue, ctask->mtask->itt))
1002                 list_del(&ctask->mtask->running);
1003         __kfifo_put(session->mgmtpool.queue, (void*)&ctask->mtask,
1004                     sizeof(void*));
1005         ctask->mtask = NULL;
1006         return 0;
1007 }
1008
1009 /*
1010  * session lock and xmitmutex must be held
1011  */
1012 static void fail_command(struct iscsi_conn *conn, struct iscsi_cmd_task *ctask,
1013                          int err)
1014 {
1015         struct scsi_cmnd *sc;
1016
1017         conn->session->tt->cleanup_cmd_task(conn, ctask);
1018         iscsi_ctask_mtask_cleanup(ctask);
1019
1020         sc = ctask->sc;
1021         if (!sc)
1022                 return;
1023         sc->result = err;
1024         sc->resid = sc->request_bufflen;
1025         iscsi_complete_command(conn->session, ctask);
1026 }
1027
1028 int iscsi_eh_abort(struct scsi_cmnd *sc)
1029 {
1030         struct iscsi_cmd_task *ctask = (struct iscsi_cmd_task *)sc->SCp.ptr;
1031         struct iscsi_conn *conn = ctask->conn;
1032         struct iscsi_session *session = conn->session;
1033         struct iscsi_cmd_task *pending_ctask;
1034         int rc;
1035
1036         conn->eh_abort_cnt++;
1037         debug_scsi("aborting [sc %p itt 0x%x]\n", sc, ctask->itt);
1038
1039         mutex_lock(&conn->xmitmutex);
1040         spin_lock_bh(&session->lock);
1041
1042         /*
1043          * If we are not logged in or we have started a new session
1044          * then let the host reset code handle this
1045          */
1046         if (session->state != ISCSI_STATE_LOGGED_IN ||
1047             sc->SCp.phase != session->age)
1048                 goto failed;
1049
1050         /* ctask completed before time out */
1051         if (!ctask->sc)
1052                 goto success;
1053
1054         /* what should we do here ? */
1055         if (conn->ctask == ctask) {
1056                 printk(KERN_INFO "iscsi: sc %p itt 0x%x partially sent. "
1057                        "Failing abort\n", sc, ctask->itt);
1058                 goto failed;
1059         }
1060
1061         /* check for the easy pending cmd abort */
1062         pending_ctask = iscsi_remove_cmd_task(conn->xmitqueue, ctask->itt);
1063         if (pending_ctask) {
1064                 /* iscsi_tcp queues write transfers on the xmitqueue */
1065                 if (list_empty(&pending_ctask->running)) {
1066                         debug_scsi("found pending task\n");
1067                         goto success;
1068                 } else
1069                         __kfifo_put(conn->xmitqueue, (void*)&pending_ctask,
1070                                     sizeof(void*));
1071         }
1072
1073         conn->tmabort_state = TMABORT_INITIAL;
1074
1075         spin_unlock_bh(&session->lock);
1076         rc = iscsi_exec_abort_task(sc, ctask);
1077         spin_lock_bh(&session->lock);
1078
1079         iscsi_ctask_mtask_cleanup(ctask);
1080         if (rc || sc->SCp.phase != session->age ||
1081             session->state != ISCSI_STATE_LOGGED_IN)
1082                 goto failed;
1083
1084         /* ctask completed before tmf abort response */
1085         if (!ctask->sc) {
1086                 debug_scsi("sc completed while abort in progress\n");
1087                 goto success;
1088         }
1089
1090         if (conn->tmabort_state != TMABORT_SUCCESS) {
1091                 spin_unlock_bh(&session->lock);
1092                 iscsi_conn_failure(conn, ISCSI_ERR_CONN_FAILED);
1093                 spin_lock_bh(&session->lock);
1094                 goto failed;
1095         }
1096
1097 success:
1098         debug_scsi("abort success [sc %lx itt 0x%x]\n", (long)sc, ctask->itt);
1099         spin_unlock_bh(&session->lock);
1100
1101         /*
1102          * clean up task if aborted. we have the xmitmutex so grab
1103          * the recv lock as a writer
1104          */
1105         write_lock_bh(conn->recv_lock);
1106         spin_lock(&session->lock);
1107         fail_command(conn, ctask, DID_ABORT << 16);
1108         spin_unlock(&session->lock);
1109         write_unlock_bh(conn->recv_lock);
1110
1111         mutex_unlock(&conn->xmitmutex);
1112         return SUCCESS;
1113
1114 failed:
1115         spin_unlock_bh(&session->lock);
1116         mutex_unlock(&conn->xmitmutex);
1117
1118         debug_scsi("abort failed [sc %lx itt 0x%x]\n", (long)sc, ctask->itt);
1119         return FAILED;
1120 }
1121 EXPORT_SYMBOL_GPL(iscsi_eh_abort);
1122
1123 int
1124 iscsi_pool_init(struct iscsi_queue *q, int max, void ***items, int item_size)
1125 {
1126         int i;
1127
1128         *items = kmalloc(max * sizeof(void*), GFP_KERNEL);
1129         if (*items == NULL)
1130                 return -ENOMEM;
1131
1132         q->max = max;
1133         q->pool = kmalloc(max * sizeof(void*), GFP_KERNEL);
1134         if (q->pool == NULL) {
1135                 kfree(*items);
1136                 return -ENOMEM;
1137         }
1138
1139         q->queue = kfifo_init((void*)q->pool, max * sizeof(void*),
1140                               GFP_KERNEL, NULL);
1141         if (q->queue == ERR_PTR(-ENOMEM)) {
1142                 kfree(q->pool);
1143                 kfree(*items);
1144                 return -ENOMEM;
1145         }
1146
1147         for (i = 0; i < max; i++) {
1148                 q->pool[i] = kmalloc(item_size, GFP_KERNEL);
1149                 if (q->pool[i] == NULL) {
1150                         int j;
1151
1152                         for (j = 0; j < i; j++)
1153                                 kfree(q->pool[j]);
1154
1155                         kfifo_free(q->queue);
1156                         kfree(q->pool);
1157                         kfree(*items);
1158                         return -ENOMEM;
1159                 }
1160                 memset(q->pool[i], 0, item_size);
1161                 (*items)[i] = q->pool[i];
1162                 __kfifo_put(q->queue, (void*)&q->pool[i], sizeof(void*));
1163         }
1164         return 0;
1165 }
1166 EXPORT_SYMBOL_GPL(iscsi_pool_init);
1167
1168 void iscsi_pool_free(struct iscsi_queue *q, void **items)
1169 {
1170         int i;
1171
1172         for (i = 0; i < q->max; i++)
1173                 kfree(items[i]);
1174         kfree(q->pool);
1175         kfree(items);
1176 }
1177 EXPORT_SYMBOL_GPL(iscsi_pool_free);
1178
1179 /*
1180  * iSCSI Session's hostdata organization:
1181  *
1182  *    *------------------* <== hostdata_session(host->hostdata)
1183  *    | ptr to class sess|
1184  *    |------------------| <== iscsi_hostdata(host->hostdata)
1185  *    | iscsi_session    |
1186  *    *------------------*
1187  */
1188
1189 #define hostdata_privsize(_sz)  (sizeof(unsigned long) + _sz + \
1190                                  _sz % sizeof(unsigned long))
1191
1192 #define hostdata_session(_hostdata) (iscsi_ptr(*(unsigned long *)_hostdata))
1193
1194 /**
1195  * iscsi_session_setup - create iscsi cls session and host and session
1196  * @scsit: scsi transport template
1197  * @iscsit: iscsi transport template
1198  * @initial_cmdsn: initial CmdSN
1199  * @hostno: host no allocated
1200  *
1201  * This can be used by software iscsi_transports that allocate
1202  * a session per scsi host.
1203  **/
1204 struct iscsi_cls_session *
1205 iscsi_session_setup(struct iscsi_transport *iscsit,
1206                     struct scsi_transport_template *scsit,
1207                     int cmd_task_size, int mgmt_task_size,
1208                     uint32_t initial_cmdsn, uint32_t *hostno)
1209 {
1210         struct Scsi_Host *shost;
1211         struct iscsi_session *session;
1212         struct iscsi_cls_session *cls_session;
1213         int cmd_i;
1214
1215         shost = scsi_host_alloc(iscsit->host_template,
1216                                 hostdata_privsize(sizeof(*session)));
1217         if (!shost)
1218                 return NULL;
1219
1220         shost->max_id = 1;
1221         shost->max_channel = 0;
1222         shost->max_lun = iscsit->max_lun;
1223         shost->max_cmd_len = iscsit->max_cmd_len;
1224         shost->transportt = scsit;
1225         shost->transportt->create_work_queue = 1;
1226         *hostno = shost->host_no;
1227
1228         session = iscsi_hostdata(shost->hostdata);
1229         memset(session, 0, sizeof(struct iscsi_session));
1230         session->host = shost;
1231         session->state = ISCSI_STATE_FREE;
1232         session->mgmtpool_max = ISCSI_MGMT_CMDS_MAX;
1233         session->cmds_max = ISCSI_XMIT_CMDS_MAX;
1234         session->cmdsn = initial_cmdsn;
1235         session->exp_cmdsn = initial_cmdsn + 1;
1236         session->max_cmdsn = initial_cmdsn + 1;
1237         session->max_r2t = 1;
1238         session->tt = iscsit;
1239
1240         /* initialize SCSI PDU commands pool */
1241         if (iscsi_pool_init(&session->cmdpool, session->cmds_max,
1242                             (void***)&session->cmds,
1243                             cmd_task_size + sizeof(struct iscsi_cmd_task)))
1244                 goto cmdpool_alloc_fail;
1245
1246         /* pre-format cmds pool with ITT */
1247         for (cmd_i = 0; cmd_i < session->cmds_max; cmd_i++) {
1248                 struct iscsi_cmd_task *ctask = session->cmds[cmd_i];
1249
1250                 if (cmd_task_size)
1251                         ctask->dd_data = &ctask[1];
1252                 ctask->itt = cmd_i;
1253         }
1254
1255         spin_lock_init(&session->lock);
1256         INIT_LIST_HEAD(&session->connections);
1257
1258         /* initialize immediate command pool */
1259         if (iscsi_pool_init(&session->mgmtpool, session->mgmtpool_max,
1260                            (void***)&session->mgmt_cmds,
1261                            mgmt_task_size + sizeof(struct iscsi_mgmt_task)))
1262                 goto mgmtpool_alloc_fail;
1263
1264
1265         /* pre-format immediate cmds pool with ITT */
1266         for (cmd_i = 0; cmd_i < session->mgmtpool_max; cmd_i++) {
1267                 struct iscsi_mgmt_task *mtask = session->mgmt_cmds[cmd_i];
1268
1269                 if (mgmt_task_size)
1270                         mtask->dd_data = &mtask[1];
1271                 mtask->itt = ISCSI_MGMT_ITT_OFFSET + cmd_i;
1272         }
1273
1274         if (scsi_add_host(shost, NULL))
1275                 goto add_host_fail;
1276
1277         cls_session = iscsi_create_session(shost, iscsit, 0);
1278         if (!cls_session)
1279                 goto cls_session_fail;
1280         *(unsigned long*)shost->hostdata = (unsigned long)cls_session;
1281
1282         return cls_session;
1283
1284 cls_session_fail:
1285         scsi_remove_host(shost);
1286 add_host_fail:
1287         iscsi_pool_free(&session->mgmtpool, (void**)session->mgmt_cmds);
1288 mgmtpool_alloc_fail:
1289         iscsi_pool_free(&session->cmdpool, (void**)session->cmds);
1290 cmdpool_alloc_fail:
1291         scsi_host_put(shost);
1292         return NULL;
1293 }
1294 EXPORT_SYMBOL_GPL(iscsi_session_setup);
1295
1296 /**
1297  * iscsi_session_teardown - destroy session, host, and cls_session
1298  * shost: scsi host
1299  *
1300  * This can be used by software iscsi_transports that allocate
1301  * a session per scsi host.
1302  **/
1303 void iscsi_session_teardown(struct iscsi_cls_session *cls_session)
1304 {
1305         struct Scsi_Host *shost = iscsi_session_to_shost(cls_session);
1306         struct iscsi_session *session = iscsi_hostdata(shost->hostdata);
1307
1308         scsi_remove_host(shost);
1309
1310         iscsi_pool_free(&session->mgmtpool, (void**)session->mgmt_cmds);
1311         iscsi_pool_free(&session->cmdpool, (void**)session->cmds);
1312
1313         iscsi_destroy_session(cls_session);
1314         scsi_host_put(shost);
1315 }
1316 EXPORT_SYMBOL_GPL(iscsi_session_teardown);
1317
1318 /**
1319  * iscsi_conn_setup - create iscsi_cls_conn and iscsi_conn
1320  * @cls_session: iscsi_cls_session
1321  * @conn_idx: cid
1322  **/
1323 struct iscsi_cls_conn *
1324 iscsi_conn_setup(struct iscsi_cls_session *cls_session, uint32_t conn_idx)
1325 {
1326         struct iscsi_session *session = class_to_transport_session(cls_session);
1327         struct iscsi_conn *conn;
1328         struct iscsi_cls_conn *cls_conn;
1329         char *data;
1330
1331         cls_conn = iscsi_create_conn(cls_session, conn_idx);
1332         if (!cls_conn)
1333                 return NULL;
1334         conn = cls_conn->dd_data;
1335         memset(conn, 0, sizeof(*conn));
1336
1337         conn->session = session;
1338         conn->cls_conn = cls_conn;
1339         conn->c_stage = ISCSI_CONN_INITIAL_STAGE;
1340         conn->id = conn_idx;
1341         conn->exp_statsn = 0;
1342         conn->tmabort_state = TMABORT_INITIAL;
1343         INIT_LIST_HEAD(&conn->run_list);
1344         INIT_LIST_HEAD(&conn->mgmt_run_list);
1345
1346         /* initialize general xmit PDU commands queue */
1347         conn->xmitqueue = kfifo_alloc(session->cmds_max * sizeof(void*),
1348                                         GFP_KERNEL, NULL);
1349         if (conn->xmitqueue == ERR_PTR(-ENOMEM))
1350                 goto xmitqueue_alloc_fail;
1351
1352         /* initialize general immediate & non-immediate PDU commands queue */
1353         conn->immqueue = kfifo_alloc(session->mgmtpool_max * sizeof(void*),
1354                                         GFP_KERNEL, NULL);
1355         if (conn->immqueue == ERR_PTR(-ENOMEM))
1356                 goto immqueue_alloc_fail;
1357
1358         conn->mgmtqueue = kfifo_alloc(session->mgmtpool_max * sizeof(void*),
1359                                         GFP_KERNEL, NULL);
1360         if (conn->mgmtqueue == ERR_PTR(-ENOMEM))
1361                 goto mgmtqueue_alloc_fail;
1362
1363         INIT_WORK(&conn->xmitwork, iscsi_xmitworker, conn);
1364
1365         /* allocate login_mtask used for the login/text sequences */
1366         spin_lock_bh(&session->lock);
1367         if (!__kfifo_get(session->mgmtpool.queue,
1368                          (void*)&conn->login_mtask,
1369                          sizeof(void*))) {
1370                 spin_unlock_bh(&session->lock);
1371                 goto login_mtask_alloc_fail;
1372         }
1373         spin_unlock_bh(&session->lock);
1374
1375         data = kmalloc(DEFAULT_MAX_RECV_DATA_SEGMENT_LENGTH, GFP_KERNEL);
1376         if (!data)
1377                 goto login_mtask_data_alloc_fail;
1378         conn->login_mtask->data = data;
1379
1380         init_timer(&conn->tmabort_timer);
1381         mutex_init(&conn->xmitmutex);
1382         init_waitqueue_head(&conn->ehwait);
1383
1384         return cls_conn;
1385
1386 login_mtask_data_alloc_fail:
1387         __kfifo_put(session->mgmtpool.queue, (void*)&conn->login_mtask,
1388                     sizeof(void*));
1389 login_mtask_alloc_fail:
1390         kfifo_free(conn->mgmtqueue);
1391 mgmtqueue_alloc_fail:
1392         kfifo_free(conn->immqueue);
1393 immqueue_alloc_fail:
1394         kfifo_free(conn->xmitqueue);
1395 xmitqueue_alloc_fail:
1396         iscsi_destroy_conn(cls_conn);
1397         return NULL;
1398 }
1399 EXPORT_SYMBOL_GPL(iscsi_conn_setup);
1400
1401 /**
1402  * iscsi_conn_teardown - teardown iscsi connection
1403  * cls_conn: iscsi class connection
1404  *
1405  * TODO: we may need to make this into a two step process
1406  * like scsi-mls remove + put host
1407  */
1408 void iscsi_conn_teardown(struct iscsi_cls_conn *cls_conn)
1409 {
1410         struct iscsi_conn *conn = cls_conn->dd_data;
1411         struct iscsi_session *session = conn->session;
1412         unsigned long flags;
1413
1414         mutex_lock(&conn->xmitmutex);
1415         set_bit(ISCSI_SUSPEND_BIT, &conn->suspend_tx);
1416         if (conn->c_stage == ISCSI_CONN_INITIAL_STAGE) {
1417                 if (session->tt->suspend_conn_recv)
1418                         session->tt->suspend_conn_recv(conn);
1419
1420                 session->tt->terminate_conn(conn);
1421         }
1422
1423         spin_lock_bh(&session->lock);
1424         conn->c_stage = ISCSI_CONN_CLEANUP_WAIT;
1425         if (session->leadconn == conn) {
1426                 /*
1427                  * leading connection? then give up on recovery.
1428                  */
1429                 session->state = ISCSI_STATE_TERMINATE;
1430                 wake_up(&conn->ehwait);
1431         }
1432         spin_unlock_bh(&session->lock);
1433
1434         mutex_unlock(&conn->xmitmutex);
1435
1436         /*
1437          * Block until all in-progress commands for this connection
1438          * time out or fail.
1439          */
1440         for (;;) {
1441                 spin_lock_irqsave(session->host->host_lock, flags);
1442                 if (!session->host->host_busy) { /* OK for ERL == 0 */
1443                         spin_unlock_irqrestore(session->host->host_lock, flags);
1444                         break;
1445                 }
1446                 spin_unlock_irqrestore(session->host->host_lock, flags);
1447                 msleep_interruptible(500);
1448                 printk(KERN_INFO "iscsi: scsi conn_destroy(): host_busy %d "
1449                        "host_failed %d\n", session->host->host_busy,
1450                        session->host->host_failed);
1451                 /*
1452                  * force eh_abort() to unblock
1453                  */
1454                 wake_up(&conn->ehwait);
1455         }
1456
1457         spin_lock_bh(&session->lock);
1458         kfree(conn->login_mtask->data);
1459         __kfifo_put(session->mgmtpool.queue, (void*)&conn->login_mtask,
1460                     sizeof(void*));
1461         list_del(&conn->item);
1462         if (list_empty(&session->connections))
1463                 session->leadconn = NULL;
1464         if (session->leadconn && session->leadconn == conn)
1465                 session->leadconn = container_of(session->connections.next,
1466                         struct iscsi_conn, item);
1467
1468         if (session->leadconn == NULL)
1469                 /* no connections exits.. reset sequencing */
1470                 session->cmdsn = session->max_cmdsn = session->exp_cmdsn = 1;
1471         spin_unlock_bh(&session->lock);
1472
1473         kfifo_free(conn->xmitqueue);
1474         kfifo_free(conn->immqueue);
1475         kfifo_free(conn->mgmtqueue);
1476
1477         iscsi_destroy_conn(cls_conn);
1478 }
1479 EXPORT_SYMBOL_GPL(iscsi_conn_teardown);
1480
1481 int iscsi_conn_start(struct iscsi_cls_conn *cls_conn)
1482 {
1483         struct iscsi_conn *conn = cls_conn->dd_data;
1484         struct iscsi_session *session = conn->session;
1485
1486         if (session == NULL) {
1487                 printk(KERN_ERR "iscsi: can't start unbound connection\n");
1488                 return -EPERM;
1489         }
1490
1491         spin_lock_bh(&session->lock);
1492         conn->c_stage = ISCSI_CONN_STARTED;
1493         session->state = ISCSI_STATE_LOGGED_IN;
1494
1495         switch(conn->stop_stage) {
1496         case STOP_CONN_RECOVER:
1497                 /*
1498                  * unblock eh_abort() if it is blocked. re-try all
1499                  * commands after successful recovery
1500                  */
1501                 session->conn_cnt++;
1502                 conn->stop_stage = 0;
1503                 conn->tmabort_state = TMABORT_INITIAL;
1504                 session->age++;
1505                 spin_unlock_bh(&session->lock);
1506
1507                 iscsi_unblock_session(session_to_cls(session));
1508                 wake_up(&conn->ehwait);
1509                 return 0;
1510         case STOP_CONN_TERM:
1511                 session->conn_cnt++;
1512                 conn->stop_stage = 0;
1513                 break;
1514         case STOP_CONN_SUSPEND:
1515                 conn->stop_stage = 0;
1516                 clear_bit(ISCSI_SUSPEND_BIT, &conn->suspend_rx);
1517                 clear_bit(ISCSI_SUSPEND_BIT, &conn->suspend_tx);
1518                 break;
1519         default:
1520                 break;
1521         }
1522         spin_unlock_bh(&session->lock);
1523
1524         return 0;
1525 }
1526 EXPORT_SYMBOL_GPL(iscsi_conn_start);
1527
1528 static void
1529 flush_control_queues(struct iscsi_session *session, struct iscsi_conn *conn)
1530 {
1531         struct iscsi_mgmt_task *mtask, *tmp;
1532
1533         /* handle pending */
1534         while (__kfifo_get(conn->immqueue, (void*)&mtask, sizeof(void*)) ||
1535                __kfifo_get(conn->mgmtqueue, (void*)&mtask, sizeof(void*))) {
1536                 if (mtask == conn->login_mtask)
1537                         continue;
1538                 debug_scsi("flushing pending mgmt task itt 0x%x\n", mtask->itt);
1539                 __kfifo_put(session->mgmtpool.queue, (void*)&mtask,
1540                             sizeof(void*));
1541         }
1542
1543         /* handle running */
1544         list_for_each_entry_safe(mtask, tmp, &conn->mgmt_run_list, running) {
1545                 debug_scsi("flushing running mgmt task itt 0x%x\n", mtask->itt);
1546                 list_del(&mtask->running);
1547
1548                 if (mtask == conn->login_mtask)
1549                         continue;
1550                 __kfifo_put(session->mgmtpool.queue, (void*)&mtask,
1551                            sizeof(void*));
1552         }
1553
1554         conn->mtask = NULL;
1555 }
1556
1557 /* Fail commands. Mutex and session lock held and recv side suspended */
1558 static void fail_all_commands(struct iscsi_conn *conn)
1559 {
1560         struct iscsi_cmd_task *ctask, *tmp;
1561
1562         /* flush pending */
1563         while (__kfifo_get(conn->xmitqueue, (void*)&ctask, sizeof(void*))) {
1564                 debug_scsi("failing pending sc %p itt 0x%x\n", ctask->sc,
1565                            ctask->itt);
1566                 fail_command(conn, ctask, DID_BUS_BUSY << 16);
1567         }
1568
1569         /* fail all other running */
1570         list_for_each_entry_safe(ctask, tmp, &conn->run_list, running) {
1571                 debug_scsi("failing in progress sc %p itt 0x%x\n",
1572                            ctask->sc, ctask->itt);
1573                 fail_command(conn, ctask, DID_BUS_BUSY << 16);
1574         }
1575
1576         conn->ctask = NULL;
1577 }
1578
1579 static void iscsi_start_session_recovery(struct iscsi_session *session,
1580                                          struct iscsi_conn *conn, int flag)
1581 {
1582         int old_stop_stage;
1583
1584         spin_lock_bh(&session->lock);
1585         if (conn->stop_stage == STOP_CONN_TERM) {
1586                 spin_unlock_bh(&session->lock);
1587                 return;
1588         }
1589
1590         /*
1591          * When this is called for the in_login state, we only want to clean
1592          * up the login task and connection.
1593          */
1594         if (conn->stop_stage != STOP_CONN_RECOVER)
1595                 session->conn_cnt--;
1596
1597         old_stop_stage = conn->stop_stage;
1598         conn->stop_stage = flag;
1599         spin_unlock_bh(&session->lock);
1600
1601         if (session->tt->suspend_conn_recv)
1602                 session->tt->suspend_conn_recv(conn);
1603
1604         mutex_lock(&conn->xmitmutex);
1605         spin_lock_bh(&session->lock);
1606         conn->c_stage = ISCSI_CONN_STOPPED;
1607         set_bit(ISCSI_SUSPEND_BIT, &conn->suspend_tx);
1608
1609         if (session->conn_cnt == 0 || session->leadconn == conn)
1610                 session->state = ISCSI_STATE_IN_RECOVERY;
1611
1612         spin_unlock_bh(&session->lock);
1613
1614         /*
1615          * for connection level recovery we should not calculate
1616          * header digest. conn->hdr_size used for optimization
1617          * in hdr_extract() and will be re-negotiated at
1618          * set_param() time.
1619          */
1620         if (flag == STOP_CONN_RECOVER) {
1621                 conn->hdrdgst_en = 0;
1622                 conn->datadgst_en = 0;
1623                 /*
1624                  * if this is called from the eh and and from userspace
1625                  * then we only need to block once.
1626                  */
1627                 if (session->state == ISCSI_STATE_IN_RECOVERY &&
1628                     old_stop_stage != STOP_CONN_RECOVER)
1629                         iscsi_block_session(session_to_cls(session));
1630         }
1631
1632         session->tt->terminate_conn(conn);
1633         /*
1634          * flush queues.
1635          */
1636         spin_lock_bh(&session->lock);
1637         fail_all_commands(conn);
1638         flush_control_queues(session, conn);
1639         spin_unlock_bh(&session->lock);
1640
1641         mutex_unlock(&conn->xmitmutex);
1642 }
1643
1644 void iscsi_conn_stop(struct iscsi_cls_conn *cls_conn, int flag)
1645 {
1646         struct iscsi_conn *conn = cls_conn->dd_data;
1647         struct iscsi_session *session = conn->session;
1648
1649         switch (flag) {
1650         case STOP_CONN_RECOVER:
1651         case STOP_CONN_TERM:
1652                 iscsi_start_session_recovery(session, conn, flag);
1653                 break;
1654         case STOP_CONN_SUSPEND:
1655                 if (session->tt->suspend_conn_recv)
1656                         session->tt->suspend_conn_recv(conn);
1657
1658                 mutex_lock(&conn->xmitmutex);
1659                 spin_lock_bh(&session->lock);
1660
1661                 conn->stop_stage = flag;
1662                 conn->c_stage = ISCSI_CONN_STOPPED;
1663                 set_bit(ISCSI_SUSPEND_BIT, &conn->suspend_tx);
1664
1665                 spin_unlock_bh(&session->lock);
1666                 mutex_unlock(&conn->xmitmutex);
1667                 break;
1668         default:
1669                 printk(KERN_ERR "iscsi: invalid stop flag %d\n", flag);
1670         }
1671 }
1672 EXPORT_SYMBOL_GPL(iscsi_conn_stop);
1673
1674 int iscsi_conn_bind(struct iscsi_cls_session *cls_session,
1675                     struct iscsi_cls_conn *cls_conn, int is_leading)
1676 {
1677         struct iscsi_session *session = class_to_transport_session(cls_session);
1678         struct iscsi_conn *tmp = ERR_PTR(-EEXIST), *conn = cls_conn->dd_data;
1679
1680         /* lookup for existing connection */
1681         spin_lock_bh(&session->lock);
1682         list_for_each_entry(tmp, &session->connections, item) {
1683                 if (tmp == conn) {
1684                         if (conn->c_stage != ISCSI_CONN_STOPPED ||
1685                             conn->stop_stage == STOP_CONN_TERM) {
1686                                 printk(KERN_ERR "iscsi: can't bind "
1687                                        "non-stopped connection (%d:%d)\n",
1688                                        conn->c_stage, conn->stop_stage);
1689                                 spin_unlock_bh(&session->lock);
1690                                 return -EIO;
1691                         }
1692                         break;
1693                 }
1694         }
1695         if (tmp != conn) {
1696                 /* bind new iSCSI connection to session */
1697                 conn->session = session;
1698                 list_add(&conn->item, &session->connections);
1699         }
1700         spin_unlock_bh(&session->lock);
1701
1702         if (is_leading)
1703                 session->leadconn = conn;
1704
1705         /*
1706          * Unblock xmitworker(), Login Phase will pass through.
1707          */
1708         clear_bit(ISCSI_SUSPEND_BIT, &conn->suspend_rx);
1709         clear_bit(ISCSI_SUSPEND_BIT, &conn->suspend_tx);
1710         return 0;
1711 }
1712 EXPORT_SYMBOL_GPL(iscsi_conn_bind);
1713
1714 MODULE_AUTHOR("Mike Christie");
1715 MODULE_DESCRIPTION("iSCSI library functions");
1716 MODULE_LICENSE("GPL");