drivers/target/iscsi/iscsi_target_nego.c

   1 // SPDX-License-Identifier: GPL-2.0-or-later
   2 /*******************************************************************************
   3  * This file contains main functions related to iSCSI Parameter negotiation.
   4  *
   5  * (c) Copyright 2007-2013 Datera, Inc.
   6  *
   7  * Author: Nicholas A. Bellinger <nab@linux-iscsi.org>
   8  *
   9  ******************************************************************************/
  10
  11 #include <linux/ctype.h>
  12 #include <linux/kthread.h>
  13 #include <linux/slab.h>
  14 #include <linux/sched/signal.h>
  15 #include <net/sock.h>
  16 #include <scsi/iscsi_proto.h>
  17 #include <target/target_core_base.h>
  18 #include <target/target_core_fabric.h>
  19 #include <target/iscsi/iscsi_transport.h>
  20
  21 #include <target/iscsi/iscsi_target_core.h>
  22 #include "iscsi_target_parameters.h"
  23 #include "iscsi_target_login.h"
  24 #include "iscsi_target_nego.h"
  25 #include "iscsi_target_tpg.h"
  26 #include "iscsi_target_util.h"
  27 #include "iscsi_target.h"
  28 #include "iscsi_target_auth.h"
  29
  30 #define MAX_LOGIN_PDUS  7
  31
  32 void convert_null_to_semi(char *buf, int len)
  33 {
  34         int i;
  35
  36         for (i = 0; i < len; i++)
  37                 if (buf[i] == '\0')
  38                         buf[i] = ';';
  39 }
  40
  41 static int strlen_semi(char *buf)
  42 {
  43         int i = 0;
  44
  45         while (buf[i] != '\0') {
  46                 if (buf[i] == ';')
  47                         return i;
  48                 i++;
  49         }
  50
  51         return -1;
  52 }
  53
  54 int extract_param(
  55         const char *in_buf,
  56         const char *pattern,
  57         unsigned int max_length,
  58         char *out_buf,
  59         unsigned char *type)
  60 {
  61         char *ptr;
  62         int len;
  63
  64         if (!in_buf || !pattern || !out_buf || !type)
  65                 return -EINVAL;
  66
  67         ptr = strstr(in_buf, pattern);
  68         if (!ptr)
  69                 return -ENOENT;
  70
  71         ptr = strstr(ptr, "=");
  72         if (!ptr)
  73                 return -EINVAL;
  74
  75         ptr += 1;
  76         if (*ptr == '0' && (*(ptr+1) == 'x' || *(ptr+1) == 'X')) {
  77                 ptr += 2; /* skip 0x */
  78                 *type = HEX;
  79         } else if (*ptr == '0' && (*(ptr+1) == 'b' || *(ptr+1) == 'B')) {
  80                 ptr += 2; /* skip 0b */
  81                 *type = BASE64;
  82         } else
  83                 *type = DECIMAL;
  84
  85         len = strlen_semi(ptr);
  86         if (len < 0)
  87                 return -EINVAL;
  88
  89         if (len >= max_length) {
  90                 pr_err("Length of input: %d exceeds max_length:"
  91                         " %d\n", len, max_length);
  92                 return -EINVAL;
  93         }
  94         memcpy(out_buf, ptr, len);
  95         out_buf[len] = '\0';
  96
  97         return 0;
  98 }
  99
 100 static struct iscsi_node_auth *iscsi_get_node_auth(struct iscsit_conn *conn)
 101 {
 102         struct iscsi_portal_group *tpg;
 103         struct iscsi_node_acl *nacl;
 104         struct se_node_acl *se_nacl;
 105
 106         if (conn->sess->sess_ops->SessionType)
 107                 return &iscsit_global->discovery_acl.node_auth;
 108
 109         se_nacl = conn->sess->se_sess->se_node_acl;
 110         if (!se_nacl) {
 111                 pr_err("Unable to locate struct se_node_acl for CHAP auth\n");
 112                 return NULL;
 113         }
 114
 115         if (se_nacl->dynamic_node_acl) {
 116                 tpg = to_iscsi_tpg(se_nacl->se_tpg);
 117                 return &tpg->tpg_demo_auth;
 118         }
 119
 120         nacl = to_iscsi_nacl(se_nacl);
 121
 122         return &nacl->node_auth;
 123 }
 124
 125 static u32 iscsi_handle_authentication(
 126         struct iscsit_conn *conn,
 127         char *in_buf,
 128         char *out_buf,
 129         int in_length,
 130         int *out_length,
 131         unsigned char *authtype)
 132 {
 133         struct iscsi_node_auth *auth;
 134
 135         auth = iscsi_get_node_auth(conn);
 136         if (!auth)
 137                 return -1;
 138
 139         if (strstr("CHAP", authtype))
 140                 strcpy(conn->sess->auth_type, "CHAP");
 141         else
 142                 strcpy(conn->sess->auth_type, NONE);
 143
 144         if (strstr("None", authtype))
 145                 return 1;
 146         else if (strstr("CHAP", authtype))
 147                 return chap_main_loop(conn, auth, in_buf, out_buf,
 148                                 &in_length, out_length);
 149         /* SRP, SPKM1, SPKM2 and KRB5 are unsupported */
 150         return 2;
 151 }
 152
 153 static void iscsi_remove_failed_auth_entry(struct iscsit_conn *conn)
 154 {
 155         kfree(conn->auth_protocol);
 156 }
 157
 158 int iscsi_target_check_login_request(
 159         struct iscsit_conn *conn,
 160         struct iscsi_login *login)
 161 {
 162         int req_csg, req_nsg;
 163         u32 payload_length;
 164         struct iscsi_login_req *login_req;
 165
 166         login_req = (struct iscsi_login_req *) login->req;
 167         payload_length = ntoh24(login_req->dlength);
 168
 169         switch (login_req->opcode & ISCSI_OPCODE_MASK) {
 170         case ISCSI_OP_LOGIN:
 171                 break;
 172         default:
 173                 pr_err("Received unknown opcode 0x%02x.\n",
 174                                 login_req->opcode & ISCSI_OPCODE_MASK);
 175                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 176                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 177                 return -1;
 178         }
 179
 180         if ((login_req->flags & ISCSI_FLAG_LOGIN_CONTINUE) &&
 181             (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) {
 182                 pr_err("Login request has both ISCSI_FLAG_LOGIN_CONTINUE"
 183                         " and ISCSI_FLAG_LOGIN_TRANSIT set, protocol error.\n");
 184                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 185                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 186                 return -1;
 187         }
 188
 189         req_csg = ISCSI_LOGIN_CURRENT_STAGE(login_req->flags);
 190         req_nsg = ISCSI_LOGIN_NEXT_STAGE(login_req->flags);
 191
 192         if (req_csg != login->current_stage) {
 193                 pr_err("Initiator unexpectedly changed login stage"
 194                         " from %d to %d, login failed.\n", login->current_stage,
 195                         req_csg);
 196                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 197                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 198                 return -1;
 199         }
 200
 201         if ((req_nsg == 2) || (req_csg >= 2) ||
 202            ((login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT) &&
 203             (req_nsg <= req_csg))) {
 204                 pr_err("Illegal login_req->flags Combination, CSG: %d,"
 205                         " NSG: %d, ISCSI_FLAG_LOGIN_TRANSIT: %d.\n", req_csg,
 206                         req_nsg, (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT));
 207                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 208                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 209                 return -1;
 210         }
 211
 212         if ((login_req->max_version != login->version_max) ||
 213             (login_req->min_version != login->version_min)) {
 214                 pr_err("Login request changed Version Max/Nin"
 215                         " unexpectedly to 0x%02x/0x%02x, protocol error\n",
 216                         login_req->max_version, login_req->min_version);
 217                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 218                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 219                 return -1;
 220         }
 221
 222         if (memcmp(login_req->isid, login->isid, 6) != 0) {
 223                 pr_err("Login request changed ISID unexpectedly,"
 224                                 " protocol error.\n");
 225                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 226                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 227                 return -1;
 228         }
 229
 230         if (login_req->itt != login->init_task_tag) {
 231                 pr_err("Login request changed ITT unexpectedly to"
 232                         " 0x%08x, protocol error.\n", login_req->itt);
 233                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 234                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 235                 return -1;
 236         }
 237
 238         if (payload_length > MAX_KEY_VALUE_PAIRS) {
 239                 pr_err("Login request payload exceeds default"
 240                         " MaxRecvDataSegmentLength: %u, protocol error.\n",
 241                                 MAX_KEY_VALUE_PAIRS);
 242                 return -1;
 243         }
 244
 245         return 0;
 246 }
 247 EXPORT_SYMBOL(iscsi_target_check_login_request);
 248
 249 static int iscsi_target_check_first_request(
 250         struct iscsit_conn *conn,
 251         struct iscsi_login *login)
 252 {
 253         struct iscsi_param *param = NULL;
 254         struct se_node_acl *se_nacl;
 255
 256         login->first_request = 0;
 257
 258         list_for_each_entry(param, &conn->param_list->param_list, p_list) {
 259                 if (!strncmp(param->name, SESSIONTYPE, 11)) {
 260                         if (!IS_PSTATE_ACCEPTOR(param)) {
 261                                 pr_err("SessionType key not received"
 262                                         " in first login request.\n");
 263                                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 264                                         ISCSI_LOGIN_STATUS_MISSING_FIELDS);
 265                                 return -1;
 266                         }
 267                         if (!strncmp(param->value, DISCOVERY, 9))
 268                                 return 0;
 269                 }
 270
 271                 if (!strncmp(param->name, INITIATORNAME, 13)) {
 272                         if (!IS_PSTATE_ACCEPTOR(param)) {
 273                                 if (!login->leading_connection)
 274                                         continue;
 275
 276                                 pr_err("InitiatorName key not received"
 277                                         " in first login request.\n");
 278                                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 279                                         ISCSI_LOGIN_STATUS_MISSING_FIELDS);
 280                                 return -1;
 281                         }
 282
 283                         /*
 284                          * For non-leading connections, double check that the
 285                          * received InitiatorName matches the existing session's
 286                          * struct iscsi_node_acl.
 287                          */
 288                         if (!login->leading_connection) {
 289                                 se_nacl = conn->sess->se_sess->se_node_acl;
 290                                 if (!se_nacl) {
 291                                         pr_err("Unable to locate"
 292                                                 " struct se_node_acl\n");
 293                                         iscsit_tx_login_rsp(conn,
 294                                                         ISCSI_STATUS_CLS_INITIATOR_ERR,
 295                                                         ISCSI_LOGIN_STATUS_TGT_NOT_FOUND);
 296                                         return -1;
 297                                 }
 298
 299                                 if (strcmp(param->value,
 300                                                 se_nacl->initiatorname)) {
 301                                         pr_err("Incorrect"
 302                                                 " InitiatorName: %s for this"
 303                                                 " iSCSI Initiator Node.\n",
 304                                                 param->value);
 305                                         iscsit_tx_login_rsp(conn,
 306                                                         ISCSI_STATUS_CLS_INITIATOR_ERR,
 307                                                         ISCSI_LOGIN_STATUS_TGT_NOT_FOUND);
 308                                         return -1;
 309                                 }
 310                         }
 311                 }
 312         }
 313
 314         return 0;
 315 }
 316
 317 static int iscsi_target_do_tx_login_io(struct iscsit_conn *conn, struct iscsi_login *login)
 318 {
 319         u32 padding = 0;
 320         struct iscsi_login_rsp *login_rsp;
 321
 322         login_rsp = (struct iscsi_login_rsp *) login->rsp;
 323
 324         login_rsp->opcode               = ISCSI_OP_LOGIN_RSP;
 325         hton24(login_rsp->dlength, login->rsp_length);
 326         memcpy(login_rsp->isid, login->isid, 6);
 327         login_rsp->tsih                 = cpu_to_be16(login->tsih);
 328         login_rsp->itt                  = login->init_task_tag;
 329         login_rsp->statsn               = cpu_to_be32(conn->stat_sn++);
 330         login_rsp->exp_cmdsn            = cpu_to_be32(conn->sess->exp_cmd_sn);
 331         login_rsp->max_cmdsn            = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
 332
 333         pr_debug("Sending Login Response, Flags: 0x%02x, ITT: 0x%08x,"
 334                 " ExpCmdSN; 0x%08x, MaxCmdSN: 0x%08x, StatSN: 0x%08x, Length:"
 335                 " %u\n", login_rsp->flags, (__force u32)login_rsp->itt,
 336                 ntohl(login_rsp->exp_cmdsn), ntohl(login_rsp->max_cmdsn),
 337                 ntohl(login_rsp->statsn), login->rsp_length);
 338
 339         padding = ((-login->rsp_length) & 3);
 340         /*
 341          * Before sending the last login response containing the transition
 342          * bit for full-feature-phase, go ahead and start up TX/RX threads
 343          * now to avoid potential resource allocation failures after the
 344          * final login response has been sent.
 345          */
 346         if (login->login_complete) {
 347                 int rc = iscsit_start_kthreads(conn);
 348                 if (rc) {
 349                         iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
 350                                             ISCSI_LOGIN_STATUS_NO_RESOURCES);
 351                         return -1;
 352                 }
 353         }
 354
 355         if (conn->conn_transport->iscsit_put_login_tx(conn, login,
 356                                         login->rsp_length + padding) < 0)
 357                 goto err;
 358
 359         login->rsp_length               = 0;
 360
 361         return 0;
 362
 363 err:
 364         if (login->login_complete) {
 365                 if (conn->rx_thread && conn->rx_thread_active) {
 366                         send_sig(SIGINT, conn->rx_thread, 1);
 367                         complete(&conn->rx_login_comp);
 368                         kthread_stop(conn->rx_thread);
 369                 }
 370                 if (conn->tx_thread && conn->tx_thread_active) {
 371                         send_sig(SIGINT, conn->tx_thread, 1);
 372                         kthread_stop(conn->tx_thread);
 373                 }
 374                 spin_lock(&iscsit_global->ts_bitmap_lock);
 375                 bitmap_release_region(iscsit_global->ts_bitmap, conn->bitmap_id,
 376                                       get_order(1));
 377                 spin_unlock(&iscsit_global->ts_bitmap_lock);
 378         }
 379         return -1;
 380 }
 381
 382 static void iscsi_target_sk_data_ready(struct sock *sk)
 383 {
 384         struct iscsit_conn *conn = sk->sk_user_data;
 385         bool rc;
 386
 387         pr_debug("Entering iscsi_target_sk_data_ready: conn: %p\n", conn);
 388
 389         write_lock_bh(&sk->sk_callback_lock);
 390         if (!sk->sk_user_data) {
 391                 write_unlock_bh(&sk->sk_callback_lock);
 392                 return;
 393         }
 394         if (!test_bit(LOGIN_FLAGS_READY, &conn->login_flags)) {
 395                 write_unlock_bh(&sk->sk_callback_lock);
 396                 pr_debug("Got LOGIN_FLAGS_READY=0, conn: %p >>>>\n", conn);
 397                 return;
 398         }
 399         if (test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags)) {
 400                 write_unlock_bh(&sk->sk_callback_lock);
 401                 pr_debug("Got LOGIN_FLAGS_CLOSED=1, conn: %p >>>>\n", conn);
 402                 return;
 403         }
 404         if (test_and_set_bit(LOGIN_FLAGS_READ_ACTIVE, &conn->login_flags)) {
 405                 write_unlock_bh(&sk->sk_callback_lock);
 406                 pr_debug("Got LOGIN_FLAGS_READ_ACTIVE=1, conn: %p >>>>\n", conn);
 407                 if (iscsi_target_sk_data_ready == conn->orig_data_ready)
 408                         return;
 409                 conn->orig_data_ready(sk);
 410                 return;
 411         }
 412
 413         rc = schedule_delayed_work(&conn->login_work, 0);
 414         if (!rc) {
 415                 pr_debug("iscsi_target_sk_data_ready, schedule_delayed_work"
 416                          " got false\n");
 417         }
 418         write_unlock_bh(&sk->sk_callback_lock);
 419 }
 420
 421 static void iscsi_target_sk_state_change(struct sock *);
 422
 423 static void iscsi_target_set_sock_callbacks(struct iscsit_conn *conn)
 424 {
 425         struct sock *sk;
 426
 427         if (!conn->sock)
 428                 return;
 429
 430         sk = conn->sock->sk;
 431         pr_debug("Entering iscsi_target_set_sock_callbacks: conn: %p\n", conn);
 432
 433         write_lock_bh(&sk->sk_callback_lock);
 434         sk->sk_user_data = conn;
 435         conn->orig_data_ready = sk->sk_data_ready;
 436         conn->orig_state_change = sk->sk_state_change;
 437         sk->sk_data_ready = iscsi_target_sk_data_ready;
 438         sk->sk_state_change = iscsi_target_sk_state_change;
 439         write_unlock_bh(&sk->sk_callback_lock);
 440
 441         sk->sk_sndtimeo = TA_LOGIN_TIMEOUT * HZ;
 442         sk->sk_rcvtimeo = TA_LOGIN_TIMEOUT * HZ;
 443 }
 444
 445 static void iscsi_target_restore_sock_callbacks(struct iscsit_conn *conn)
 446 {
 447         struct sock *sk;
 448
 449         if (!conn->sock)
 450                 return;
 451
 452         sk = conn->sock->sk;
 453         pr_debug("Entering iscsi_target_restore_sock_callbacks: conn: %p\n", conn);
 454
 455         write_lock_bh(&sk->sk_callback_lock);
 456         if (!sk->sk_user_data) {
 457                 write_unlock_bh(&sk->sk_callback_lock);
 458                 return;
 459         }
 460         sk->sk_user_data = NULL;
 461         sk->sk_data_ready = conn->orig_data_ready;
 462         sk->sk_state_change = conn->orig_state_change;
 463         write_unlock_bh(&sk->sk_callback_lock);
 464
 465         sk->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
 466         sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
 467 }
 468
 469 static int iscsi_target_do_login(struct iscsit_conn *, struct iscsi_login *);
 470
 471 static bool __iscsi_target_sk_check_close(struct sock *sk)
 472 {
 473         if (sk->sk_state == TCP_CLOSE_WAIT || sk->sk_state == TCP_CLOSE) {
 474                 pr_debug("__iscsi_target_sk_check_close: TCP_CLOSE_WAIT|TCP_CLOSE,"
 475                         "returning TRUE\n");
 476                 return true;
 477         }
 478         return false;
 479 }
 480
 481 static bool iscsi_target_sk_check_close(struct iscsit_conn *conn)
 482 {
 483         bool state = false;
 484
 485         if (conn->sock) {
 486                 struct sock *sk = conn->sock->sk;
 487
 488                 read_lock_bh(&sk->sk_callback_lock);
 489                 state = (__iscsi_target_sk_check_close(sk) ||
 490                          test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags));
 491                 read_unlock_bh(&sk->sk_callback_lock);
 492         }
 493         return state;
 494 }
 495
 496 static bool iscsi_target_sk_check_flag(struct iscsit_conn *conn, unsigned int flag)
 497 {
 498         bool state = false;
 499
 500         if (conn->sock) {
 501                 struct sock *sk = conn->sock->sk;
 502
 503                 read_lock_bh(&sk->sk_callback_lock);
 504                 state = test_bit(flag, &conn->login_flags);
 505                 read_unlock_bh(&sk->sk_callback_lock);
 506         }
 507         return state;
 508 }
 509
 510 static bool iscsi_target_sk_check_and_clear(struct iscsit_conn *conn, unsigned int flag)
 511 {
 512         bool state = false;
 513
 514         if (conn->sock) {
 515                 struct sock *sk = conn->sock->sk;
 516
 517                 write_lock_bh(&sk->sk_callback_lock);
 518                 state = (__iscsi_target_sk_check_close(sk) ||
 519                          test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags));
 520                 if (!state)
 521                         clear_bit(flag, &conn->login_flags);
 522                 write_unlock_bh(&sk->sk_callback_lock);
 523         }
 524         return state;
 525 }
 526
 527 static void iscsi_target_login_drop(struct iscsit_conn *conn, struct iscsi_login *login)
 528 {
 529         bool zero_tsih = login->zero_tsih;
 530
 531         iscsi_remove_failed_auth_entry(conn);
 532         iscsi_target_nego_release(conn);
 533         iscsi_target_login_sess_out(conn, zero_tsih, true);
 534 }
 535
 536 struct conn_timeout {
 537         struct timer_list timer;
 538         struct iscsit_conn *conn;
 539 };
 540
 541 static void iscsi_target_login_timeout(struct timer_list *t)
 542 {
 543         struct conn_timeout *timeout = from_timer(timeout, t, timer);
 544         struct iscsit_conn *conn = timeout->conn;
 545
 546         pr_debug("Entering iscsi_target_login_timeout >>>>>>>>>>>>>>>>>>>\n");
 547
 548         if (conn->login_kworker) {
 549                 pr_debug("Sending SIGINT to conn->login_kworker %s/%d\n",
 550                          conn->login_kworker->comm, conn->login_kworker->pid);
 551                 send_sig(SIGINT, conn->login_kworker, 1);
 552         }
 553 }
 554
 555 static void iscsi_target_do_login_rx(struct work_struct *work)
 556 {
 557         struct iscsit_conn *conn = container_of(work,
 558                                 struct iscsit_conn, login_work.work);
 559         struct iscsi_login *login = conn->login;
 560         struct iscsi_np *np = login->np;
 561         struct iscsi_portal_group *tpg = conn->tpg;
 562         struct iscsi_tpg_np *tpg_np = conn->tpg_np;
 563         struct conn_timeout timeout;
 564         int rc, zero_tsih = login->zero_tsih;
 565         bool state;
 566
 567         pr_debug("entering iscsi_target_do_login_rx, conn: %p, %s:%d\n",
 568                         conn, current->comm, current->pid);
 569         /*
 570          * If iscsi_target_do_login_rx() has been invoked by ->sk_data_ready()
 571          * before initial PDU processing in iscsi_target_start_negotiation()
 572          * has completed, go ahead and retry until it's cleared.
 573          *
 574          * Otherwise if the TCP connection drops while this is occuring,
 575          * iscsi_target_start_negotiation() will detect the failure, call
 576          * cancel_delayed_work_sync(&conn->login_work), and cleanup the
 577          * remaining iscsi connection resources from iscsi_np process context.
 578          */
 579         if (iscsi_target_sk_check_flag(conn, LOGIN_FLAGS_INITIAL_PDU)) {
 580                 schedule_delayed_work(&conn->login_work, msecs_to_jiffies(10));
 581                 return;
 582         }
 583
 584         spin_lock(&tpg->tpg_state_lock);
 585         state = (tpg->tpg_state == TPG_STATE_ACTIVE);
 586         spin_unlock(&tpg->tpg_state_lock);
 587
 588         if (!state) {
 589                 pr_debug("iscsi_target_do_login_rx: tpg_state != TPG_STATE_ACTIVE\n");
 590                 goto err;
 591         }
 592
 593         if (iscsi_target_sk_check_close(conn)) {
 594                 pr_debug("iscsi_target_do_login_rx, TCP state CLOSE\n");
 595                 goto err;
 596         }
 597
 598         conn->login_kworker = current;
 599         allow_signal(SIGINT);
 600
 601         timeout.conn = conn;
 602         timer_setup_on_stack(&timeout.timer, iscsi_target_login_timeout, 0);
 603         mod_timer(&timeout.timer, jiffies + TA_LOGIN_TIMEOUT * HZ);
 604         pr_debug("Starting login timer for %s/%d\n", current->comm, current->pid);
 605
 606         rc = conn->conn_transport->iscsit_get_login_rx(conn, login);
 607         del_timer_sync(&timeout.timer);
 608         destroy_timer_on_stack(&timeout.timer);
 609         flush_signals(current);
 610         conn->login_kworker = NULL;
 611
 612         if (rc < 0)
 613                 goto err;
 614
 615         pr_debug("iscsi_target_do_login_rx after rx_login_io, %p, %s:%d\n",
 616                         conn, current->comm, current->pid);
 617
 618         /*
 619          * LOGIN_FLAGS_READ_ACTIVE is cleared so that sk_data_ready
 620          * could be triggered again after this.
 621          *
 622          * LOGIN_FLAGS_WRITE_ACTIVE is cleared after we successfully
 623          * process a login PDU, so that sk_state_chage can do login
 624          * cleanup as needed if the socket is closed. If a delayed work is
 625          * ongoing (LOGIN_FLAGS_WRITE_ACTIVE or LOGIN_FLAGS_READ_ACTIVE),
 626          * sk_state_change will leave the cleanup to the delayed work or
 627          * it will schedule a delayed work to do cleanup.
 628          */
 629         if (conn->sock) {
 630                 struct sock *sk = conn->sock->sk;
 631
 632                 write_lock_bh(&sk->sk_callback_lock);
 633                 if (!test_bit(LOGIN_FLAGS_INITIAL_PDU, &conn->login_flags)) {
 634                         clear_bit(LOGIN_FLAGS_READ_ACTIVE, &conn->login_flags);
 635                         set_bit(LOGIN_FLAGS_WRITE_ACTIVE, &conn->login_flags);
 636                 }
 637                 write_unlock_bh(&sk->sk_callback_lock);
 638         }
 639
 640         rc = iscsi_target_do_login(conn, login);
 641         if (rc < 0) {
 642                 goto err;
 643         } else if (!rc) {
 644                 if (iscsi_target_sk_check_and_clear(conn,
 645                                                     LOGIN_FLAGS_WRITE_ACTIVE))
 646                         goto err;
 647         } else if (rc == 1) {
 648                 cancel_delayed_work(&conn->login_work);
 649                 iscsi_target_nego_release(conn);
 650                 iscsi_post_login_handler(np, conn, zero_tsih);
 651                 iscsit_deaccess_np(np, tpg, tpg_np);
 652         }
 653         return;
 654
 655 err:
 656         iscsi_target_restore_sock_callbacks(conn);
 657         cancel_delayed_work(&conn->login_work);
 658         iscsi_target_login_drop(conn, login);
 659         iscsit_deaccess_np(np, tpg, tpg_np);
 660 }
 661
 662 static void iscsi_target_sk_state_change(struct sock *sk)
 663 {
 664         struct iscsit_conn *conn;
 665         void (*orig_state_change)(struct sock *);
 666         bool state;
 667
 668         pr_debug("Entering iscsi_target_sk_state_change\n");
 669
 670         write_lock_bh(&sk->sk_callback_lock);
 671         conn = sk->sk_user_data;
 672         if (!conn) {
 673                 write_unlock_bh(&sk->sk_callback_lock);
 674                 return;
 675         }
 676         orig_state_change = conn->orig_state_change;
 677
 678         if (!test_bit(LOGIN_FLAGS_READY, &conn->login_flags)) {
 679                 pr_debug("Got LOGIN_FLAGS_READY=0 sk_state_change conn: %p\n",
 680                          conn);
 681                 write_unlock_bh(&sk->sk_callback_lock);
 682                 orig_state_change(sk);
 683                 return;
 684         }
 685         state = __iscsi_target_sk_check_close(sk);
 686         pr_debug("__iscsi_target_sk_close_change: state: %d\n", state);
 687
 688         if (test_bit(LOGIN_FLAGS_READ_ACTIVE, &conn->login_flags) ||
 689             test_bit(LOGIN_FLAGS_WRITE_ACTIVE, &conn->login_flags)) {
 690                 pr_debug("Got LOGIN_FLAGS_{READ|WRITE}_ACTIVE=1"
 691                          " sk_state_change conn: %p\n", conn);
 692                 if (state)
 693                         set_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags);
 694                 write_unlock_bh(&sk->sk_callback_lock);
 695                 orig_state_change(sk);
 696                 return;
 697         }
 698         if (test_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags)) {
 699                 pr_debug("Got LOGIN_FLAGS_CLOSED=1 sk_state_change conn: %p\n",
 700                          conn);
 701                 write_unlock_bh(&sk->sk_callback_lock);
 702                 orig_state_change(sk);
 703                 return;
 704         }
 705         /*
 706          * If the TCP connection has dropped, go ahead and set LOGIN_FLAGS_CLOSED,
 707          * but only queue conn->login_work -> iscsi_target_do_login_rx()
 708          * processing if LOGIN_FLAGS_INITIAL_PDU has already been cleared.
 709          *
 710          * When iscsi_target_do_login_rx() runs, iscsi_target_sk_check_close()
 711          * will detect the dropped TCP connection from delayed workqueue context.
 712          *
 713          * If LOGIN_FLAGS_INITIAL_PDU is still set, which means the initial
 714          * iscsi_target_start_negotiation() is running, iscsi_target_do_login()
 715          * via iscsi_target_sk_check_close() or iscsi_target_start_negotiation()
 716          * via iscsi_target_sk_check_and_clear() is responsible for detecting the
 717          * dropped TCP connection in iscsi_np process context, and cleaning up
 718          * the remaining iscsi connection resources.
 719          */
 720         if (state) {
 721                 pr_debug("iscsi_target_sk_state_change got failed state\n");
 722                 set_bit(LOGIN_FLAGS_CLOSED, &conn->login_flags);
 723                 state = test_bit(LOGIN_FLAGS_INITIAL_PDU, &conn->login_flags);
 724                 write_unlock_bh(&sk->sk_callback_lock);
 725
 726                 orig_state_change(sk);
 727
 728                 if (!state)
 729                         schedule_delayed_work(&conn->login_work, 0);
 730                 return;
 731         }
 732         write_unlock_bh(&sk->sk_callback_lock);
 733
 734         orig_state_change(sk);
 735 }
 736
 737 /*
 738  *      NOTE: We check for existing sessions or connections AFTER the initiator
 739  *      has been successfully authenticated in order to protect against faked
 740  *      ISID/TSIH combinations.
 741  */
 742 static int iscsi_target_check_for_existing_instances(
 743         struct iscsit_conn *conn,
 744         struct iscsi_login *login)
 745 {
 746         if (login->checked_for_existing)
 747                 return 0;
 748
 749         login->checked_for_existing = 1;
 750
 751         if (!login->tsih)
 752                 return iscsi_check_for_session_reinstatement(conn);
 753         else
 754                 return iscsi_login_post_auth_non_zero_tsih(conn, login->cid,
 755                                 login->initial_exp_statsn);
 756 }
 757
 758 static int iscsi_target_do_authentication(
 759         struct iscsit_conn *conn,
 760         struct iscsi_login *login)
 761 {
 762         int authret;
 763         u32 payload_length;
 764         struct iscsi_param *param;
 765         struct iscsi_login_req *login_req;
 766         struct iscsi_login_rsp *login_rsp;
 767
 768         login_req = (struct iscsi_login_req *) login->req;
 769         login_rsp = (struct iscsi_login_rsp *) login->rsp;
 770         payload_length = ntoh24(login_req->dlength);
 771
 772         param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list);
 773         if (!param)
 774                 return -1;
 775
 776         authret = iscsi_handle_authentication(
 777                         conn,
 778                         login->req_buf,
 779                         login->rsp_buf,
 780                         payload_length,
 781                         &login->rsp_length,
 782                         param->value);
 783         switch (authret) {
 784         case 0:
 785                 pr_debug("Received OK response"
 786                 " from LIO Authentication, continuing.\n");
 787                 break;
 788         case 1:
 789                 pr_debug("iSCSI security negotiation"
 790                         " completed successfully.\n");
 791                 login->auth_complete = 1;
 792                 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE1) &&
 793                     (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) {
 794                         login_rsp->flags |= (ISCSI_FLAG_LOGIN_NEXT_STAGE1 |
 795                                              ISCSI_FLAG_LOGIN_TRANSIT);
 796                         login->current_stage = 1;
 797                 }
 798                 return iscsi_target_check_for_existing_instances(
 799                                 conn, login);
 800         case 2:
 801                 pr_err("Security negotiation"
 802                         " failed.\n");
 803                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 804                                 ISCSI_LOGIN_STATUS_AUTH_FAILED);
 805                 return -1;
 806         default:
 807                 pr_err("Received unknown error %d from LIO"
 808                                 " Authentication\n", authret);
 809                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
 810                                 ISCSI_LOGIN_STATUS_TARGET_ERROR);
 811                 return -1;
 812         }
 813
 814         return 0;
 815 }
 816
 817 bool iscsi_conn_auth_required(struct iscsit_conn *conn)
 818 {
 819         struct iscsi_node_acl *nacl;
 820         struct se_node_acl *se_nacl;
 821
 822         if (conn->sess->sess_ops->SessionType) {
 823                 /*
 824                  * For SessionType=Discovery
 825                  */
 826                 return conn->tpg->tpg_attrib.authentication;
 827         }
 828         /*
 829          * For SessionType=Normal
 830          */
 831         se_nacl = conn->sess->se_sess->se_node_acl;
 832         if (!se_nacl) {
 833                 pr_debug("Unknown ACL is trying to connect\n");
 834                 return true;
 835         }
 836
 837         if (se_nacl->dynamic_node_acl) {
 838                 pr_debug("Dynamic ACL %s is trying to connect\n",
 839                          se_nacl->initiatorname);
 840                 return conn->tpg->tpg_attrib.authentication;
 841         }
 842
 843         pr_debug("Known ACL %s is trying to connect\n",
 844                  se_nacl->initiatorname);
 845
 846         nacl = to_iscsi_nacl(se_nacl);
 847         if (nacl->node_attrib.authentication == NA_AUTHENTICATION_INHERITED)
 848                 return conn->tpg->tpg_attrib.authentication;
 849
 850         return nacl->node_attrib.authentication;
 851 }
 852
 853 static int iscsi_target_handle_csg_zero(
 854         struct iscsit_conn *conn,
 855         struct iscsi_login *login)
 856 {
 857         int ret;
 858         u32 payload_length;
 859         struct iscsi_param *param;
 860         struct iscsi_login_req *login_req;
 861         struct iscsi_login_rsp *login_rsp;
 862
 863         login_req = (struct iscsi_login_req *) login->req;
 864         login_rsp = (struct iscsi_login_rsp *) login->rsp;
 865         payload_length = ntoh24(login_req->dlength);
 866
 867         param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list);
 868         if (!param)
 869                 return -1;
 870
 871         ret = iscsi_decode_text_input(
 872                         PHASE_SECURITY|PHASE_DECLARATIVE,
 873                         SENDER_INITIATOR|SENDER_RECEIVER,
 874                         login->req_buf,
 875                         payload_length,
 876                         conn);
 877         if (ret < 0)
 878                 return -1;
 879
 880         if (ret > 0) {
 881                 if (login->auth_complete) {
 882                         pr_err("Initiator has already been"
 883                                 " successfully authenticated, but is still"
 884                                 " sending %s keys.\n", param->value);
 885                         iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 886                                         ISCSI_LOGIN_STATUS_INIT_ERR);
 887                         return -1;
 888                 }
 889
 890                 goto do_auth;
 891         } else if (!payload_length) {
 892                 pr_err("Initiator sent zero length security payload,"
 893                        " login failed\n");
 894                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 895                                     ISCSI_LOGIN_STATUS_AUTH_FAILED);
 896                 return -1;
 897         }
 898
 899         if (login->first_request)
 900                 if (iscsi_target_check_first_request(conn, login) < 0)
 901                         return -1;
 902
 903         ret = iscsi_encode_text_output(
 904                         PHASE_SECURITY|PHASE_DECLARATIVE,
 905                         SENDER_TARGET,
 906                         login->rsp_buf,
 907                         &login->rsp_length,
 908                         conn->param_list,
 909                         conn->tpg->tpg_attrib.login_keys_workaround);
 910         if (ret < 0)
 911                 return -1;
 912
 913         if (!iscsi_check_negotiated_keys(conn->param_list)) {
 914                 bool auth_required = iscsi_conn_auth_required(conn);
 915
 916                 if (auth_required) {
 917                         if (!strncmp(param->value, NONE, 4)) {
 918                                 pr_err("Initiator sent AuthMethod=None but"
 919                                        " Target is enforcing iSCSI Authentication,"
 920                                        " login failed.\n");
 921                                 iscsit_tx_login_rsp(conn,
 922                                                 ISCSI_STATUS_CLS_INITIATOR_ERR,
 923                                                 ISCSI_LOGIN_STATUS_AUTH_FAILED);
 924                                 return -1;
 925                         }
 926
 927                         if (!login->auth_complete)
 928                                 return 0;
 929
 930                         if (strncmp(param->value, NONE, 4) &&
 931                             !login->auth_complete)
 932                                 return 0;
 933                 }
 934
 935                 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE1) &&
 936                     (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) {
 937                         login_rsp->flags |= ISCSI_FLAG_LOGIN_NEXT_STAGE1 |
 938                                             ISCSI_FLAG_LOGIN_TRANSIT;
 939                         login->current_stage = 1;
 940                 }
 941         }
 942
 943         return 0;
 944 do_auth:
 945         return iscsi_target_do_authentication(conn, login);
 946 }
 947
 948 static bool iscsi_conn_authenticated(struct iscsit_conn *conn,
 949                                      struct iscsi_login *login)
 950 {
 951         if (!iscsi_conn_auth_required(conn))
 952                 return true;
 953
 954         if (login->auth_complete)
 955                 return true;
 956
 957         return false;
 958 }
 959
 960 static int iscsi_target_handle_csg_one(struct iscsit_conn *conn, struct iscsi_login *login)
 961 {
 962         int ret;
 963         u32 payload_length;
 964         struct iscsi_login_req *login_req;
 965         struct iscsi_login_rsp *login_rsp;
 966
 967         login_req = (struct iscsi_login_req *) login->req;
 968         login_rsp = (struct iscsi_login_rsp *) login->rsp;
 969         payload_length = ntoh24(login_req->dlength);
 970
 971         ret = iscsi_decode_text_input(
 972                         PHASE_OPERATIONAL|PHASE_DECLARATIVE,
 973                         SENDER_INITIATOR|SENDER_RECEIVER,
 974                         login->req_buf,
 975                         payload_length,
 976                         conn);
 977         if (ret < 0) {
 978                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 979                                 ISCSI_LOGIN_STATUS_INIT_ERR);
 980                 return -1;
 981         }
 982
 983         if (login->first_request)
 984                 if (iscsi_target_check_first_request(conn, login) < 0)
 985                         return -1;
 986
 987         if (iscsi_target_check_for_existing_instances(conn, login) < 0)
 988                 return -1;
 989
 990         ret = iscsi_encode_text_output(
 991                         PHASE_OPERATIONAL|PHASE_DECLARATIVE,
 992                         SENDER_TARGET,
 993                         login->rsp_buf,
 994                         &login->rsp_length,
 995                         conn->param_list,
 996                         conn->tpg->tpg_attrib.login_keys_workaround);
 997         if (ret < 0) {
 998                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
 999                                 ISCSI_LOGIN_STATUS_INIT_ERR);
1000                 return -1;
1001         }
1002
1003         if (!iscsi_conn_authenticated(conn, login)) {
1004                 pr_err("Initiator is requesting CSG: 1, has not been"
1005                        " successfully authenticated, and the Target is"
1006                        " enforcing iSCSI Authentication, login failed.\n");
1007                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
1008                                 ISCSI_LOGIN_STATUS_AUTH_FAILED);
1009                 return -1;
1010         }
1011
1012         if (!iscsi_check_negotiated_keys(conn->param_list))
1013                 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE3) &&
1014                     (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT))
1015                         login_rsp->flags |= ISCSI_FLAG_LOGIN_NEXT_STAGE3 |
1016                                             ISCSI_FLAG_LOGIN_TRANSIT;
1017
1018         return 0;
1019 }
1020
1021 /*
1022  * RETURN VALUE:
1023  *
1024  *  1 = Login successful
1025  * -1 = Login failed
1026  *  0 = More PDU exchanges required
1027  */
1028 static int iscsi_target_do_login(struct iscsit_conn *conn, struct iscsi_login *login)
1029 {
1030         int pdu_count = 0;
1031         struct iscsi_login_req *login_req;
1032         struct iscsi_login_rsp *login_rsp;
1033
1034         login_req = (struct iscsi_login_req *) login->req;
1035         login_rsp = (struct iscsi_login_rsp *) login->rsp;
1036
1037         while (1) {
1038                 if (++pdu_count > MAX_LOGIN_PDUS) {
1039                         pr_err("MAX_LOGIN_PDUS count reached.\n");
1040                         iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1041                                         ISCSI_LOGIN_STATUS_TARGET_ERROR);
1042                         return -1;
1043                 }
1044
1045                 switch (ISCSI_LOGIN_CURRENT_STAGE(login_req->flags)) {
1046                 case 0:
1047                         login_rsp->flags &= ~ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK;
1048                         if (iscsi_target_handle_csg_zero(conn, login) < 0)
1049                                 return -1;
1050                         break;
1051                 case 1:
1052                         login_rsp->flags |= ISCSI_FLAG_LOGIN_CURRENT_STAGE1;
1053                         if (iscsi_target_handle_csg_one(conn, login) < 0)
1054                                 return -1;
1055                         if (login_rsp->flags & ISCSI_FLAG_LOGIN_TRANSIT) {
1056                                 /*
1057                                  * Check to make sure the TCP connection has not
1058                                  * dropped asynchronously while session reinstatement
1059                                  * was occuring in this kthread context, before
1060                                  * transitioning to full feature phase operation.
1061                                  */
1062                                 if (iscsi_target_sk_check_close(conn))
1063                                         return -1;
1064
1065                                 login->tsih = conn->sess->tsih;
1066                                 login->login_complete = 1;
1067                                 iscsi_target_restore_sock_callbacks(conn);
1068                                 if (iscsi_target_do_tx_login_io(conn,
1069                                                 login) < 0)
1070                                         return -1;
1071                                 return 1;
1072                         }
1073                         break;
1074                 default:
1075                         pr_err("Illegal CSG: %d received from"
1076                                 " Initiator, protocol error.\n",
1077                                 ISCSI_LOGIN_CURRENT_STAGE(login_req->flags));
1078                         break;
1079                 }
1080
1081                 if (iscsi_target_do_tx_login_io(conn, login) < 0)
1082                         return -1;
1083
1084                 if (login_rsp->flags & ISCSI_FLAG_LOGIN_TRANSIT) {
1085                         login_rsp->flags &= ~ISCSI_FLAG_LOGIN_TRANSIT;
1086                         login_rsp->flags &= ~ISCSI_FLAG_LOGIN_NEXT_STAGE_MASK;
1087                 }
1088                 break;
1089         }
1090
1091         return 0;
1092 }
1093
1094 static void iscsi_initiatorname_tolower(
1095         char *param_buf)
1096 {
1097         char *c;
1098         u32 iqn_size = strlen(param_buf), i;
1099
1100         for (i = 0; i < iqn_size; i++) {
1101                 c = &param_buf[i];
1102                 if (!isupper(*c))
1103                         continue;
1104
1105                 *c = tolower(*c);
1106         }
1107 }
1108
1109 /*
1110  * Processes the first Login Request..
1111  */
1112 int iscsi_target_locate_portal(
1113         struct iscsi_np *np,
1114         struct iscsit_conn *conn,
1115         struct iscsi_login *login)
1116 {
1117         char *i_buf = NULL, *s_buf = NULL, *t_buf = NULL;
1118         char *tmpbuf, *start = NULL, *end = NULL, *key, *value;
1119         struct iscsit_session *sess = conn->sess;
1120         struct iscsi_tiqn *tiqn;
1121         struct iscsi_tpg_np *tpg_np = NULL;
1122         struct iscsi_login_req *login_req;
1123         struct se_node_acl *se_nacl;
1124         u32 payload_length, queue_depth = 0;
1125         int sessiontype = 0, ret = 0, tag_num, tag_size;
1126
1127         INIT_DELAYED_WORK(&conn->login_work, iscsi_target_do_login_rx);
1128         iscsi_target_set_sock_callbacks(conn);
1129
1130         login->np = np;
1131
1132         login_req = (struct iscsi_login_req *) login->req;
1133         payload_length = ntoh24(login_req->dlength);
1134
1135         tmpbuf = kmemdup_nul(login->req_buf, payload_length, GFP_KERNEL);
1136         if (!tmpbuf) {
1137                 pr_err("Unable to allocate memory for tmpbuf.\n");
1138                 return -1;
1139         }
1140
1141         start = tmpbuf;
1142         end = (start + payload_length);
1143
1144         /*
1145          * Locate the initial keys expected from the Initiator node in
1146          * the first login request in order to progress with the login phase.
1147          */
1148         while (start < end) {
1149                 if (iscsi_extract_key_value(start, &key, &value) < 0) {
1150                         ret = -1;
1151                         goto out;
1152                 }
1153
1154                 if (!strncmp(key, "InitiatorName", 13))
1155                         i_buf = value;
1156                 else if (!strncmp(key, "SessionType", 11))
1157                         s_buf = value;
1158                 else if (!strncmp(key, "TargetName", 10))
1159                         t_buf = value;
1160
1161                 start += strlen(key) + strlen(value) + 2;
1162         }
1163         /*
1164          * See 5.3.  Login Phase.
1165          */
1166         if (!i_buf) {
1167                 pr_err("InitiatorName key not received"
1168                         " in first login request.\n");
1169                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
1170                         ISCSI_LOGIN_STATUS_MISSING_FIELDS);
1171                 ret = -1;
1172                 goto out;
1173         }
1174         /*
1175          * Convert the incoming InitiatorName to lowercase following
1176          * RFC-3720 3.2.6.1. section c) that says that iSCSI IQNs
1177          * are NOT case sensitive.
1178          */
1179         iscsi_initiatorname_tolower(i_buf);
1180
1181         if (!s_buf) {
1182                 if (!login->leading_connection)
1183                         goto get_target;
1184
1185                 pr_err("SessionType key not received"
1186                         " in first login request.\n");
1187                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
1188                         ISCSI_LOGIN_STATUS_MISSING_FIELDS);
1189                 ret = -1;
1190                 goto out;
1191         }
1192
1193         /*
1194          * Use default portal group for discovery sessions.
1195          */
1196         sessiontype = strncmp(s_buf, DISCOVERY, 9);
1197         if (!sessiontype) {
1198                 conn->tpg = iscsit_global->discovery_tpg;
1199                 if (!login->leading_connection)
1200                         goto get_target;
1201
1202                 sess->sess_ops->SessionType = 1;
1203                 /*
1204                  * Setup crc32c modules from libcrypto
1205                  */
1206                 if (iscsi_login_setup_crypto(conn) < 0) {
1207                         pr_err("iscsi_login_setup_crypto() failed\n");
1208                         ret = -1;
1209                         goto out;
1210                 }
1211                 /*
1212                  * Serialize access across the discovery struct iscsi_portal_group to
1213                  * process login attempt.
1214                  */
1215                 if (iscsit_access_np(np, conn->tpg) < 0) {
1216                         iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1217                                 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
1218                         ret = -1;
1219                         goto out;
1220                 }
1221                 ret = 0;
1222                 goto alloc_tags;
1223         }
1224
1225 get_target:
1226         if (!t_buf) {
1227                 pr_err("TargetName key not received"
1228                         " in first login request while"
1229                         " SessionType=Normal.\n");
1230                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
1231                         ISCSI_LOGIN_STATUS_MISSING_FIELDS);
1232                 ret = -1;
1233                 goto out;
1234         }
1235
1236         /*
1237          * Locate Target IQN from Storage Node.
1238          */
1239         tiqn = iscsit_get_tiqn_for_login(t_buf);
1240         if (!tiqn) {
1241                 pr_err("Unable to locate Target IQN: %s in"
1242                         " Storage Node\n", t_buf);
1243                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1244                                 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
1245                 ret = -1;
1246                 goto out;
1247         }
1248         pr_debug("Located Storage Object: %s\n", tiqn->tiqn);
1249
1250         /*
1251          * Locate Target Portal Group from Storage Node.
1252          */
1253         conn->tpg = iscsit_get_tpg_from_np(tiqn, np, &tpg_np);
1254         if (!conn->tpg) {
1255                 pr_err("Unable to locate Target Portal Group"
1256                                 " on %s\n", tiqn->tiqn);
1257                 iscsit_put_tiqn_for_login(tiqn);
1258                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1259                                 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
1260                 ret = -1;
1261                 goto out;
1262         }
1263         conn->tpg_np = tpg_np;
1264         pr_debug("Located Portal Group Object: %hu\n", conn->tpg->tpgt);
1265         /*
1266          * Setup crc32c modules from libcrypto
1267          */
1268         if (iscsi_login_setup_crypto(conn) < 0) {
1269                 pr_err("iscsi_login_setup_crypto() failed\n");
1270                 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put);
1271                 iscsit_put_tiqn_for_login(tiqn);
1272                 conn->tpg = NULL;
1273                 ret = -1;
1274                 goto out;
1275         }
1276         /*
1277          * Serialize access across the struct iscsi_portal_group to
1278          * process login attempt.
1279          */
1280         if (iscsit_access_np(np, conn->tpg) < 0) {
1281                 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put);
1282                 iscsit_put_tiqn_for_login(tiqn);
1283                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1284                                 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
1285                 conn->tpg = NULL;
1286                 ret = -1;
1287                 goto out;
1288         }
1289
1290         /*
1291          * conn->sess->node_acl will be set when the referenced
1292          * struct iscsit_session is located from received ISID+TSIH in
1293          * iscsi_login_non_zero_tsih_s2().
1294          */
1295         if (!login->leading_connection) {
1296                 ret = 0;
1297                 goto out;
1298         }
1299
1300         /*
1301          * This value is required in iscsi_login_zero_tsih_s2()
1302          */
1303         sess->sess_ops->SessionType = 0;
1304
1305         /*
1306          * Locate incoming Initiator IQN reference from Storage Node.
1307          */
1308         sess->se_sess->se_node_acl = core_tpg_check_initiator_node_acl(
1309                         &conn->tpg->tpg_se_tpg, i_buf);
1310         if (!sess->se_sess->se_node_acl) {
1311                 pr_err("iSCSI Initiator Node: %s is not authorized to"
1312                         " access iSCSI target portal group: %hu.\n",
1313                                 i_buf, conn->tpg->tpgt);
1314                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
1315                                 ISCSI_LOGIN_STATUS_TGT_FORBIDDEN);
1316                 ret = -1;
1317                 goto out;
1318         }
1319         se_nacl = sess->se_sess->se_node_acl;
1320         queue_depth = se_nacl->queue_depth;
1321         /*
1322          * Setup pre-allocated tags based upon allowed per NodeACL CmdSN
1323          * depth for non immediate commands, plus extra tags for immediate
1324          * commands.
1325          *
1326          * Also enforce a ISCSIT_MIN_TAGS to prevent unnecessary contention
1327          * in per-cpu-ida tag allocation logic + small queue_depth.
1328          */
1329 alloc_tags:
1330         tag_num = max_t(u32, ISCSIT_MIN_TAGS, queue_depth);
1331         tag_num = (tag_num * 2) + ISCSIT_EXTRA_TAGS;
1332         tag_size = sizeof(struct iscsit_cmd) + conn->conn_transport->priv_size;
1333
1334         ret = transport_alloc_session_tags(sess->se_sess, tag_num, tag_size);
1335         if (ret < 0) {
1336                 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1337                                     ISCSI_LOGIN_STATUS_NO_RESOURCES);
1338                 ret = -1;
1339         }
1340 out:
1341         kfree(tmpbuf);
1342         return ret;
1343 }
1344
1345 int iscsi_target_start_negotiation(
1346         struct iscsi_login *login,
1347         struct iscsit_conn *conn)
1348 {
1349         int ret;
1350
1351         if (conn->sock) {
1352                 struct sock *sk = conn->sock->sk;
1353
1354                 write_lock_bh(&sk->sk_callback_lock);
1355                 set_bit(LOGIN_FLAGS_READY, &conn->login_flags);
1356                 set_bit(LOGIN_FLAGS_INITIAL_PDU, &conn->login_flags);
1357                 write_unlock_bh(&sk->sk_callback_lock);
1358         }
1359         /*
1360          * If iscsi_target_do_login returns zero to signal more PDU
1361          * exchanges are required to complete the login, go ahead and
1362          * clear LOGIN_FLAGS_INITIAL_PDU but only if the TCP connection
1363          * is still active.
1364          *
1365          * Otherwise if TCP connection dropped asynchronously, go ahead
1366          * and perform connection cleanup now.
1367          */
1368         ret = iscsi_target_do_login(conn, login);
1369         if (!ret && iscsi_target_sk_check_and_clear(conn, LOGIN_FLAGS_INITIAL_PDU))
1370                 ret = -1;
1371
1372         if (ret < 0) {
1373                 iscsi_target_restore_sock_callbacks(conn);
1374                 iscsi_remove_failed_auth_entry(conn);
1375         }
1376         if (ret != 0) {
1377                 cancel_delayed_work_sync(&conn->login_work);
1378                 iscsi_target_nego_release(conn);
1379         }
1380
1381         return ret;
1382 }
1383
1384 void iscsi_target_nego_release(struct iscsit_conn *conn)
1385 {
1386         struct iscsi_login *login = conn->conn_login;
1387
1388         if (!login)
1389                 return;
1390
1391         kfree(login->req_buf);
1392         kfree(login->rsp_buf);
1393         kfree(login);
1394
1395         conn->conn_login = NULL;
1396 }