diff options
Diffstat (limited to 'drivers/target')
-rw-r--r-- | drivers/target/iscsi/cxgbit/cxgbit_cm.c | 3 | ||||
-rw-r--r-- | drivers/target/iscsi/cxgbit/cxgbit_ddp.c | 3 | ||||
-rw-r--r-- | drivers/target/iscsi/cxgbit/cxgbit_main.c | 2 | ||||
-rw-r--r-- | drivers/target/iscsi/cxgbit/cxgbit_target.c | 13 | ||||
-rw-r--r-- | drivers/target/iscsi/iscsi_target.c | 30 | ||||
-rw-r--r-- | drivers/target/iscsi/iscsi_target_auth.c | 232 | ||||
-rw-r--r-- | drivers/target/iscsi/iscsi_target_auth.h | 17 | ||||
-rw-r--r-- | drivers/target/iscsi/iscsi_target_parameters.h | 3 | ||||
-rw-r--r-- | drivers/target/target_core_device.c | 21 | ||||
-rw-r--r-- | drivers/target/target_core_fabric_lib.c | 2 | ||||
-rw-r--r-- | drivers/target/target_core_iblock.c | 4 | ||||
-rw-r--r-- | drivers/target/target_core_tpg.c | 12 | ||||
-rw-r--r-- | drivers/target/target_core_transport.c | 28 | ||||
-rw-r--r-- | drivers/target/target_core_user.c | 35 | ||||
-rw-r--r-- | drivers/target/target_core_xcopy.c | 1 | ||||
-rw-r--r-- | drivers/target/tcm_fc/tfc_io.c | 4 |
16 files changed, 251 insertions, 159 deletions
diff --git a/drivers/target/iscsi/cxgbit/cxgbit_cm.c b/drivers/target/iscsi/cxgbit/cxgbit_cm.c index c70caf4ea490..a2b5c796bbc4 100644 --- a/drivers/target/iscsi/cxgbit/cxgbit_cm.c +++ b/drivers/target/iscsi/cxgbit/cxgbit_cm.c @@ -1831,7 +1831,7 @@ static void cxgbit_fw4_ack(struct cxgbit_sock *csk, struct sk_buff *skb) while (credits) { struct sk_buff *p = cxgbit_sock_peek_wr(csk); - const u32 csum = (__force u32)p->csum; + u32 csum; if (unlikely(!p)) { pr_err("csk 0x%p,%u, cr %u,%u+%u, empty.\n", @@ -1840,6 +1840,7 @@ static void cxgbit_fw4_ack(struct cxgbit_sock *csk, struct sk_buff *skb) break; } + csum = (__force u32)p->csum; if (unlikely(credits < csum)) { pr_warn("csk 0x%p,%u, cr %u,%u+%u, < %u.\n", csk, csk->tid, diff --git a/drivers/target/iscsi/cxgbit/cxgbit_ddp.c b/drivers/target/iscsi/cxgbit/cxgbit_ddp.c index 54bb1ebd8eb5..af35251232eb 100644 --- a/drivers/target/iscsi/cxgbit/cxgbit_ddp.c +++ b/drivers/target/iscsi/cxgbit/cxgbit_ddp.c @@ -297,7 +297,6 @@ int cxgbit_ddp_init(struct cxgbit_device *cdev) struct cxgb4_lld_info *lldi = &cdev->lldi; struct net_device *ndev = cdev->lldi.ports[0]; struct cxgbi_tag_format tformat; - unsigned int ppmax; int ret, i; if (!lldi->vr->iscsi.size) { @@ -305,8 +304,6 @@ int cxgbit_ddp_init(struct cxgbit_device *cdev) return -EACCES; } - ppmax = lldi->vr->iscsi.size >> PPOD_SIZE_SHIFT; - memset(&tformat, 0, sizeof(struct cxgbi_tag_format)); for (i = 0; i < 4; i++) tformat.pgsz_order[i] = (lldi->iscsi_pgsz_order >> (i << 3)) diff --git a/drivers/target/iscsi/cxgbit/cxgbit_main.c b/drivers/target/iscsi/cxgbit/cxgbit_main.c index e877b917c15f..30ea37e1a3f5 100644 --- a/drivers/target/iscsi/cxgbit/cxgbit_main.c +++ b/drivers/target/iscsi/cxgbit/cxgbit_main.c @@ -708,7 +708,7 @@ static int __init cxgbit_init(void) pr_info("%s dcb enabled.\n", DRV_NAME); register_dcbevent_notifier(&cxgbit_dcbevent_nb); #endif - BUILD_BUG_ON(FIELD_SIZEOF(struct sk_buff, cb) < + BUILD_BUG_ON(sizeof_field(struct sk_buff, cb) < sizeof(union cxgbit_skb_cb)); return 0; } diff --git a/drivers/target/iscsi/cxgbit/cxgbit_target.c b/drivers/target/iscsi/cxgbit/cxgbit_target.c index 24309d937d8c..fcdc4211e3c2 100644 --- a/drivers/target/iscsi/cxgbit/cxgbit_target.c +++ b/drivers/target/iscsi/cxgbit/cxgbit_target.c @@ -899,9 +899,9 @@ cxgbit_handle_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr, skb_frag_t *dfrag = &ssi->frags[pdu_cb->dfrag_idx]; sg_init_table(&ccmd->sg, 1); - sg_set_page(&ccmd->sg, dfrag->page.p, skb_frag_size(dfrag), - dfrag->page_offset); - get_page(dfrag->page.p); + sg_set_page(&ccmd->sg, skb_frag_page(dfrag), + skb_frag_size(dfrag), skb_frag_off(dfrag)); + get_page(skb_frag_page(dfrag)); cmd->se_cmd.t_data_sg = &ccmd->sg; cmd->se_cmd.t_data_nents = 1; @@ -1403,7 +1403,8 @@ static void cxgbit_lro_skb_dump(struct sk_buff *skb) pdu_cb->ddigest, pdu_cb->frags); for (i = 0; i < ssi->nr_frags; i++) pr_info("skb 0x%p, frag %d, off %u, sz %u.\n", - skb, i, ssi->frags[i].page_offset, ssi->frags[i].size); + skb, i, skb_frag_off(&ssi->frags[i]), + skb_frag_size(&ssi->frags[i])); } static void cxgbit_lro_hskb_reset(struct cxgbit_sock *csk) @@ -1447,7 +1448,7 @@ cxgbit_lro_skb_merge(struct cxgbit_sock *csk, struct sk_buff *skb, u8 pdu_idx) hpdu_cb->frags++; hpdu_cb->hfrag_idx = hfrag_idx; - len = hssi->frags[hfrag_idx].size; + len = skb_frag_size(&hssi->frags[hfrag_idx]); hskb->len += len; hskb->data_len += len; hskb->truesize += len; @@ -1467,7 +1468,7 @@ cxgbit_lro_skb_merge(struct cxgbit_sock *csk, struct sk_buff *skb, u8 pdu_idx) get_page(skb_frag_page(&hssi->frags[dfrag_idx])); - len += hssi->frags[dfrag_idx].size; + len += skb_frag_size(&hssi->frags[dfrag_idx]); hssi->nr_frags++; hpdu_cb->frags++; diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c index d19e051f2bc2..b94ed4e30770 100644 --- a/drivers/target/iscsi/iscsi_target.c +++ b/drivers/target/iscsi/iscsi_target.c @@ -1165,7 +1165,9 @@ int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length, conn->cid); - target_get_sess_cmd(&cmd->se_cmd, true); + if (target_get_sess_cmd(&cmd->se_cmd, true) < 0) + return iscsit_add_reject_cmd(cmd, + ISCSI_REASON_WAITING_FOR_LOGOUT, buf); cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd, scsilun_to_int(&hdr->lun)); @@ -2002,7 +2004,9 @@ iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, conn->sess->se_sess, 0, DMA_NONE, TCM_SIMPLE_TAG, cmd->sense_buffer + 2); - target_get_sess_cmd(&cmd->se_cmd, true); + if (target_get_sess_cmd(&cmd->se_cmd, true) < 0) + return iscsit_add_reject_cmd(cmd, + ISCSI_REASON_WAITING_FOR_LOGOUT, buf); /* * TASK_REASSIGN for ERL=2 / connection stays inside of @@ -2189,24 +2193,22 @@ iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, } goto empty_sendtargets; } - if (strncmp("SendTargets", text_in, 11) != 0) { + if (strncmp("SendTargets=", text_in, 12) != 0) { pr_err("Received Text Data that is not" " SendTargets, cannot continue.\n"); goto reject; } + /* '=' confirmed in strncmp */ text_ptr = strchr(text_in, '='); - if (!text_ptr) { - pr_err("No \"=\" separator found in Text Data," - " cannot continue.\n"); - goto reject; - } - if (!strncmp("=All", text_ptr, 4)) { + BUG_ON(!text_ptr); + if (!strncmp("=All", text_ptr, 5)) { cmd->cmd_flags |= ICF_SENDTARGETS_ALL; } else if (!strncmp("=iqn.", text_ptr, 5) || !strncmp("=eui.", text_ptr, 5)) { cmd->cmd_flags |= ICF_SENDTARGETS_SINGLE; } else { - pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr); + pr_err("Unable to locate valid SendTargets%s value\n", + text_ptr); goto reject; } @@ -4147,9 +4149,6 @@ int iscsit_close_connection( iscsit_stop_nopin_response_timer(conn); iscsit_stop_nopin_timer(conn); - if (conn->conn_transport->iscsit_wait_conn) - conn->conn_transport->iscsit_wait_conn(conn); - /* * During Connection recovery drop unacknowledged out of order * commands for this connection, and prepare the other commands @@ -4232,6 +4231,11 @@ int iscsit_close_connection( * must wait until they have completed. */ iscsit_check_conn_usage_count(conn); + target_sess_cmd_list_set_waiting(sess->se_sess); + target_wait_for_sess_cmds(sess->se_sess); + + if (conn->conn_transport->iscsit_wait_conn) + conn->conn_transport->iscsit_wait_conn(conn); ahash_request_free(conn->conn_tx_hash); if (conn->conn_rx_hash) { diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c index 51ddca2033e0..0e54627d9aa8 100644 --- a/drivers/target/iscsi/iscsi_target_auth.c +++ b/drivers/target/iscsi/iscsi_target_auth.c @@ -18,6 +18,22 @@ #include "iscsi_target_nego.h" #include "iscsi_target_auth.h" +static char *chap_get_digest_name(const int digest_type) +{ + switch (digest_type) { + case CHAP_DIGEST_MD5: + return "md5"; + case CHAP_DIGEST_SHA1: + return "sha1"; + case CHAP_DIGEST_SHA256: + return "sha256"; + case CHAP_DIGEST_SHA3_256: + return "sha3-256"; + default: + return NULL; + } +} + static int chap_gen_challenge( struct iscsi_conn *conn, int caller, @@ -25,16 +41,21 @@ static int chap_gen_challenge( unsigned int *c_len) { int ret; - unsigned char challenge_asciihex[CHAP_CHALLENGE_LENGTH * 2 + 1]; + unsigned char *challenge_asciihex; struct iscsi_chap *chap = conn->auth_protocol; - memset(challenge_asciihex, 0, CHAP_CHALLENGE_LENGTH * 2 + 1); + challenge_asciihex = kzalloc(chap->challenge_len * 2 + 1, GFP_KERNEL); + if (!challenge_asciihex) + return -ENOMEM; - ret = get_random_bytes_wait(chap->challenge, CHAP_CHALLENGE_LENGTH); + memset(chap->challenge, 0, MAX_CHAP_CHALLENGE_LEN); + + ret = get_random_bytes_wait(chap->challenge, chap->challenge_len); if (unlikely(ret)) - return ret; + goto out; + bin2hex(challenge_asciihex, chap->challenge, - CHAP_CHALLENGE_LENGTH); + chap->challenge_len); /* * Set CHAP_C, and copy the generated challenge into c_str. */ @@ -43,12 +64,29 @@ static int chap_gen_challenge( pr_debug("[%s] Sending CHAP_C=0x%s\n\n", (caller) ? "server" : "client", challenge_asciihex); + +out: + kfree(challenge_asciihex); + return ret; +} + +static int chap_test_algorithm(const char *name) +{ + struct crypto_shash *tfm; + + tfm = crypto_alloc_shash(name, 0, 0); + if (IS_ERR(tfm)) + return -1; + + crypto_free_shash(tfm); return 0; } static int chap_check_algorithm(const char *a_str) { - char *tmp, *orig, *token; + char *tmp, *orig, *token, *digest_name; + long digest_type; + int r = CHAP_DIGEST_UNKNOWN; tmp = kstrdup(a_str, GFP_KERNEL); if (!tmp) { @@ -70,15 +108,24 @@ static int chap_check_algorithm(const char *a_str) if (!token) goto out; - if (!strncmp(token, "5", 1)) { - pr_debug("Selected MD5 Algorithm\n"); - kfree(orig); - return CHAP_DIGEST_MD5; + if (kstrtol(token, 10, &digest_type)) + continue; + + digest_name = chap_get_digest_name(digest_type); + if (!digest_name) + continue; + + pr_debug("Selected %s Algorithm\n", digest_name); + if (chap_test_algorithm(digest_name) < 0) { + pr_err("failed to allocate %s algo\n", digest_name); + } else { + r = digest_type; + goto out; } } out: kfree(orig); - return CHAP_DIGEST_UNKNOWN; + return r; } static void chap_close(struct iscsi_conn *conn) @@ -94,7 +141,7 @@ static struct iscsi_chap *chap_server_open( char *aic_str, unsigned int *aic_len) { - int ret; + int digest_type; struct iscsi_chap *chap; if (!(auth->naf_flags & NAF_USERID_SET) || @@ -109,17 +156,19 @@ static struct iscsi_chap *chap_server_open( return NULL; chap = conn->auth_protocol; - ret = chap_check_algorithm(a_str); - switch (ret) { + digest_type = chap_check_algorithm(a_str); + switch (digest_type) { case CHAP_DIGEST_MD5: - pr_debug("[server] Got CHAP_A=5\n"); - /* - * Send back CHAP_A set to MD5. - */ - *aic_len = sprintf(aic_str, "CHAP_A=5"); - *aic_len += 1; - chap->digest_type = CHAP_DIGEST_MD5; - pr_debug("[server] Sending CHAP_A=%d\n", chap->digest_type); + chap->digest_size = MD5_SIGNATURE_SIZE; + break; + case CHAP_DIGEST_SHA1: + chap->digest_size = SHA1_SIGNATURE_SIZE; + break; + case CHAP_DIGEST_SHA256: + chap->digest_size = SHA256_SIGNATURE_SIZE; + break; + case CHAP_DIGEST_SHA3_256: + chap->digest_size = SHA3_256_SIGNATURE_SIZE; break; case CHAP_DIGEST_UNKNOWN: default: @@ -128,6 +177,16 @@ static struct iscsi_chap *chap_server_open( return NULL; } + chap->digest_name = chap_get_digest_name(digest_type); + + /* Tie the challenge length to the digest size */ + chap->challenge_len = chap->digest_size; + + pr_debug("[server] Got CHAP_A=%d\n", digest_type); + *aic_len = sprintf(aic_str, "CHAP_A=%d", digest_type); + *aic_len += 1; + pr_debug("[server] Sending CHAP_A=%d\n", digest_type); + /* * Set Identifier. */ @@ -146,7 +205,7 @@ static struct iscsi_chap *chap_server_open( return chap; } -static int chap_server_compute_md5( +static int chap_server_compute_hash( struct iscsi_conn *conn, struct iscsi_node_auth *auth, char *nr_in_ptr, @@ -155,36 +214,57 @@ static int chap_server_compute_md5( { unsigned long id; unsigned char id_as_uchar; - unsigned char digest[MD5_SIGNATURE_SIZE]; - unsigned char type, response[MD5_SIGNATURE_SIZE * 2 + 2]; - unsigned char identifier[10], *challenge = NULL; - unsigned char *challenge_binhex = NULL; - unsigned char client_digest[MD5_SIGNATURE_SIZE]; - unsigned char server_digest[MD5_SIGNATURE_SIZE]; + unsigned char type; + unsigned char identifier[10], *initiatorchg = NULL; + unsigned char *initiatorchg_binhex = NULL; + unsigned char *digest = NULL; + unsigned char *response = NULL; + unsigned char *client_digest = NULL; + unsigned char *server_digest = NULL; unsigned char chap_n[MAX_CHAP_N_SIZE], chap_r[MAX_RESPONSE_LENGTH]; size_t compare_len; struct iscsi_chap *chap = conn->auth_protocol; struct crypto_shash *tfm = NULL; struct shash_desc *desc = NULL; - int auth_ret = -1, ret, challenge_len; + int auth_ret = -1, ret, initiatorchg_len; + + digest = kzalloc(chap->digest_size, GFP_KERNEL); + if (!digest) { + pr_err("Unable to allocate the digest buffer\n"); + goto out; + } + + response = kzalloc(chap->digest_size * 2 + 2, GFP_KERNEL); + if (!response) { + pr_err("Unable to allocate the response buffer\n"); + goto out; + } + + client_digest = kzalloc(chap->digest_size, GFP_KERNEL); + if (!client_digest) { + pr_err("Unable to allocate the client_digest buffer\n"); + goto out; + } + + server_digest = kzalloc(chap->digest_size, GFP_KERNEL); + if (!server_digest) { + pr_err("Unable to allocate the server_digest buffer\n"); + goto out; + } memset(identifier, 0, 10); memset(chap_n, 0, MAX_CHAP_N_SIZE); memset(chap_r, 0, MAX_RESPONSE_LENGTH); - memset(digest, 0, MD5_SIGNATURE_SIZE); - memset(response, 0, MD5_SIGNATURE_SIZE * 2 + 2); - memset(client_digest, 0, MD5_SIGNATURE_SIZE); - memset(server_digest, 0, MD5_SIGNATURE_SIZE); - challenge = kzalloc(CHAP_CHALLENGE_STR_LEN, GFP_KERNEL); - if (!challenge) { + initiatorchg = kzalloc(CHAP_CHALLENGE_STR_LEN, GFP_KERNEL); + if (!initiatorchg) { pr_err("Unable to allocate challenge buffer\n"); goto out; } - challenge_binhex = kzalloc(CHAP_CHALLENGE_STR_LEN, GFP_KERNEL); - if (!challenge_binhex) { - pr_err("Unable to allocate challenge_binhex buffer\n"); + initiatorchg_binhex = kzalloc(CHAP_CHALLENGE_STR_LEN, GFP_KERNEL); + if (!initiatorchg_binhex) { + pr_err("Unable to allocate initiatorchg_binhex buffer\n"); goto out; } /* @@ -219,18 +299,18 @@ static int chap_server_compute_md5( pr_err("Could not find CHAP_R.\n"); goto out; } - if (strlen(chap_r) != MD5_SIGNATURE_SIZE * 2) { + if (strlen(chap_r) != chap->digest_size * 2) { pr_err("Malformed CHAP_R\n"); goto out; } - if (hex2bin(client_digest, chap_r, MD5_SIGNATURE_SIZE) < 0) { + if (hex2bin(client_digest, chap_r, chap->digest_size) < 0) { pr_err("Malformed CHAP_R\n"); goto out; } pr_debug("[server] Got CHAP_R=%s\n", chap_r); - tfm = crypto_alloc_shash("md5", 0, 0); + tfm = crypto_alloc_shash(chap->digest_name, 0, 0); if (IS_ERR(tfm)) { tfm = NULL; pr_err("Unable to allocate struct crypto_shash\n"); @@ -265,21 +345,23 @@ static int chap_server_compute_md5( } ret = crypto_shash_finup(desc, chap->challenge, - CHAP_CHALLENGE_LENGTH, server_digest); + chap->challenge_len, server_digest); if (ret < 0) { pr_err("crypto_shash_finup() failed for challenge\n"); goto out; } - bin2hex(response, server_digest, MD5_SIGNATURE_SIZE); - pr_debug("[server] MD5 Server Digest: %s\n", response); + bin2hex(response, server_digest, chap->digest_size); + pr_debug("[server] %s Server Digest: %s\n", + chap->digest_name, response); - if (memcmp(server_digest, client_digest, MD5_SIGNATURE_SIZE) != 0) { - pr_debug("[server] MD5 Digests do not match!\n\n"); + if (memcmp(server_digest, client_digest, chap->digest_size) != 0) { + pr_debug("[server] %s Digests do not match!\n\n", + chap->digest_name); goto out; } else - pr_debug("[server] MD5 Digests match, CHAP connection" - " successful.\n\n"); + pr_debug("[server] %s Digests match, CHAP connection" + " successful.\n\n", chap->digest_name); /* * One way authentication has succeeded, return now if mutual * authentication is not enabled. @@ -317,7 +399,7 @@ static int chap_server_compute_md5( * Get CHAP_C. */ if (extract_param(nr_in_ptr, "CHAP_C", CHAP_CHALLENGE_STR_LEN, - challenge, &type) < 0) { + initiatorchg, &type) < 0) { pr_err("Could not find CHAP_C.\n"); goto out; } @@ -326,26 +408,28 @@ static int chap_server_compute_md5( pr_err("Could not find CHAP_C.\n"); goto out; } - challenge_len = DIV_ROUND_UP(strlen(challenge), 2); - if (!challenge_len) { + initiatorchg_len = DIV_ROUND_UP(strlen(initiatorchg), 2); + if (!initiatorchg_len) { pr_err("Unable to convert incoming challenge\n"); goto out; } - if (challenge_len > 1024) { + if (initiatorchg_len > 1024) { pr_err("CHAP_C exceeds maximum binary size of 1024 bytes\n"); goto out; } - if (hex2bin(challenge_binhex, challenge, challenge_len) < 0) { + if (hex2bin(initiatorchg_binhex, initiatorchg, initiatorchg_len) < 0) { pr_err("Malformed CHAP_C\n"); goto out; } - pr_debug("[server] Got CHAP_C=%s\n", challenge); + pr_debug("[server] Got CHAP_C=%s\n", initiatorchg); /* * During mutual authentication, the CHAP_C generated by the * initiator must not match the original CHAP_C generated by * the target. */ - if (!memcmp(challenge_binhex, chap->challenge, CHAP_CHALLENGE_LENGTH)) { + if (initiatorchg_len == chap->challenge_len && + !memcmp(initiatorchg_binhex, chap->challenge, + initiatorchg_len)) { pr_err("initiator CHAP_C matches target CHAP_C, failing" " login attempt\n"); goto out; @@ -377,7 +461,7 @@ static int chap_server_compute_md5( /* * Convert received challenge to binary hex. */ - ret = crypto_shash_finup(desc, challenge_binhex, challenge_len, + ret = crypto_shash_finup(desc, initiatorchg_binhex, initiatorchg_len, digest); if (ret < 0) { pr_err("crypto_shash_finup() failed for ma challenge\n"); @@ -393,7 +477,7 @@ static int chap_server_compute_md5( /* * Convert response from binary hex to ascii hext. */ - bin2hex(response, digest, MD5_SIGNATURE_SIZE); + bin2hex(response, digest, chap->digest_size); *nr_out_len += sprintf(nr_out_ptr + *nr_out_len, "CHAP_R=0x%s", response); *nr_out_len += 1; @@ -403,33 +487,15 @@ out: kzfree(desc); if (tfm) crypto_free_shash(tfm); - kfree(challenge); - kfree(challenge_binhex); + kfree(initiatorchg); + kfree(initiatorchg_binhex); + kfree(digest); + kfree(response); + kfree(server_digest); + kfree(client_digest); return auth_ret; } -static int chap_got_response( - struct iscsi_conn *conn, - struct iscsi_node_auth *auth, - char *nr_in_ptr, - char *nr_out_ptr, - unsigned int *nr_out_len) -{ - struct iscsi_chap *chap = conn->auth_protocol; - - switch (chap->digest_type) { - case CHAP_DIGEST_MD5: - if (chap_server_compute_md5(conn, auth, nr_in_ptr, - nr_out_ptr, nr_out_len) < 0) - return -1; - return 0; - default: - pr_err("Unknown CHAP digest type %d!\n", - chap->digest_type); - return -1; - } -} - u32 chap_main_loop( struct iscsi_conn *conn, struct iscsi_node_auth *auth, @@ -448,7 +514,7 @@ u32 chap_main_loop( return 0; } else if (chap->chap_state == CHAP_STAGE_SERVER_AIC) { convert_null_to_semi(in_text, *in_len); - if (chap_got_response(conn, auth, in_text, out_text, + if (chap_server_compute_hash(conn, auth, in_text, out_text, out_len) < 0) { chap_close(conn); return 2; diff --git a/drivers/target/iscsi/iscsi_target_auth.h b/drivers/target/iscsi/iscsi_target_auth.h index d5600ac30b53..fc75c1c20e23 100644 --- a/drivers/target/iscsi/iscsi_target_auth.h +++ b/drivers/target/iscsi/iscsi_target_auth.h @@ -6,14 +6,19 @@ #define CHAP_DIGEST_UNKNOWN 0 #define CHAP_DIGEST_MD5 5 -#define CHAP_DIGEST_SHA 6 +#define CHAP_DIGEST_SHA1 6 +#define CHAP_DIGEST_SHA256 7 +#define CHAP_DIGEST_SHA3_256 8 -#define CHAP_CHALLENGE_LENGTH 16 +#define MAX_CHAP_CHALLENGE_LEN 32 #define CHAP_CHALLENGE_STR_LEN 4096 -#define MAX_RESPONSE_LENGTH 64 /* sufficient for MD5 */ +#define MAX_RESPONSE_LENGTH 128 /* sufficient for SHA3 256 */ #define MAX_CHAP_N_SIZE 512 #define MD5_SIGNATURE_SIZE 16 /* 16 bytes in a MD5 message digest */ +#define SHA1_SIGNATURE_SIZE 20 /* 20 bytes in a SHA1 message digest */ +#define SHA256_SIGNATURE_SIZE 32 /* 32 bytes in a SHA256 message digest */ +#define SHA3_256_SIGNATURE_SIZE 32 /* 32 bytes in a SHA3 256 message digest */ #define CHAP_STAGE_CLIENT_A 1 #define CHAP_STAGE_SERVER_AIC 2 @@ -28,9 +33,11 @@ extern u32 chap_main_loop(struct iscsi_conn *, struct iscsi_node_auth *, char *, int *, int *); struct iscsi_chap { - unsigned char digest_type; unsigned char id; - unsigned char challenge[CHAP_CHALLENGE_LENGTH]; + unsigned char challenge[MAX_CHAP_CHALLENGE_LEN]; + unsigned int challenge_len; + unsigned char *digest_name; + unsigned int digest_size; unsigned int authenticate_target; unsigned int chap_state; } ____cacheline_aligned; diff --git a/drivers/target/iscsi/iscsi_target_parameters.h b/drivers/target/iscsi/iscsi_target_parameters.h index daf47f38e081..240c4c4344f6 100644 --- a/drivers/target/iscsi/iscsi_target_parameters.h +++ b/drivers/target/iscsi/iscsi_target_parameters.h @@ -93,9 +93,6 @@ extern void iscsi_set_session_parameters(struct iscsi_sess_ops *, #define OFMARKER "OFMarker" #define IFMARKINT "IFMarkInt" #define OFMARKINT "OFMarkInt" -#define X_EXTENSIONKEY "X-com.sbei.version" -#define X_EXTENSIONKEY_CISCO_NEW "X-com.cisco.protocol" -#define X_EXTENSIONKEY_CISCO_OLD "X-com.cisco.iscsi.draft" /* * Parameter names of iSCSI Extentions for RDMA (iSER). See RFC-5046 diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c index 04bf2acd3800..2d19f0e332b0 100644 --- a/drivers/target/target_core_device.c +++ b/drivers/target/target_core_device.c @@ -1075,27 +1075,6 @@ passthrough_parse_cdb(struct se_cmd *cmd, unsigned int size; /* - * Clear a lun set in the cdb if the initiator talking to use spoke - * and old standards version, as we can't assume the underlying device - * won't choke up on it. - */ - switch (cdb[0]) { - case READ_10: /* SBC - RDProtect */ - case READ_12: /* SBC - RDProtect */ - case READ_16: /* SBC - RDProtect */ - case SEND_DIAGNOSTIC: /* SPC - SELF-TEST Code */ - case VERIFY: /* SBC - VRProtect */ - case VERIFY_16: /* SBC - VRProtect */ - case WRITE_VERIFY: /* SBC - VRProtect */ - case WRITE_VERIFY_12: /* SBC - VRProtect */ - case MAINTENANCE_IN: /* SPC - Parameter Data Format for SA RTPG */ - break; - default: - cdb[1] &= 0x1f; /* clear logical unit number */ - break; - } - - /* * For REPORT LUNS we always need to emulate the response, for everything * else, pass it up. */ diff --git a/drivers/target/target_core_fabric_lib.c b/drivers/target/target_core_fabric_lib.c index 3c79411c4cd0..6b4b354c88aa 100644 --- a/drivers/target/target_core_fabric_lib.c +++ b/drivers/target/target_core_fabric_lib.c @@ -118,7 +118,7 @@ static int srp_get_pr_transport_id( memset(buf + 8, 0, leading_zero_bytes); rc = hex2bin(buf + 8 + leading_zero_bytes, p, count); if (rc < 0) { - pr_debug("hex2bin failed for %s: %d\n", __func__, rc); + pr_debug("hex2bin failed for %s: %d\n", p, rc); return rc; } diff --git a/drivers/target/target_core_iblock.c b/drivers/target/target_core_iblock.c index 6949ea8bc387..51ffd5c002de 100644 --- a/drivers/target/target_core_iblock.c +++ b/drivers/target/target_core_iblock.c @@ -646,7 +646,9 @@ iblock_alloc_bip(struct se_cmd *cmd, struct bio *bio, } bip->bip_iter.bi_size = bio_integrity_bytes(bi, bio_sectors(bio)); - bip_set_seed(bip, bio->bi_iter.bi_sector); + /* virtual start sector must be in integrity interval units */ + bip_set_seed(bip, bio->bi_iter.bi_sector >> + (bi->interval_exp - SECTOR_SHIFT)); pr_debug("IBLOCK BIP Size: %u Sector: %llu\n", bip->bip_iter.bi_size, (unsigned long long)bip->bip_iter.bi_sector); diff --git a/drivers/target/target_core_tpg.c b/drivers/target/target_core_tpg.c index e5a71addbb06..d24e0a3ba3ff 100644 --- a/drivers/target/target_core_tpg.c +++ b/drivers/target/target_core_tpg.c @@ -32,9 +32,6 @@ extern struct se_device *g_lun0_dev; -static DEFINE_SPINLOCK(tpg_lock); -static LIST_HEAD(tpg_list); - /* __core_tpg_get_initiator_node_acl(): * * mutex_lock(&tpg->acl_node_mutex); must be held when calling @@ -475,7 +472,6 @@ int core_tpg_register( se_tpg->se_tpg_wwn = se_wwn; atomic_set(&se_tpg->tpg_pr_ref_count, 0); INIT_LIST_HEAD(&se_tpg->acl_node_list); - INIT_LIST_HEAD(&se_tpg->se_tpg_node); INIT_LIST_HEAD(&se_tpg->tpg_sess_list); spin_lock_init(&se_tpg->session_lock); mutex_init(&se_tpg->tpg_lun_mutex); @@ -494,10 +490,6 @@ int core_tpg_register( } } - spin_lock_bh(&tpg_lock); - list_add_tail(&se_tpg->se_tpg_node, &tpg_list); - spin_unlock_bh(&tpg_lock); - pr_debug("TARGET_CORE[%s]: Allocated portal_group for endpoint: %s, " "Proto: %d, Portal Tag: %u\n", se_tpg->se_tpg_tfo->fabric_name, se_tpg->se_tpg_tfo->tpg_get_wwn(se_tpg) ? @@ -519,10 +511,6 @@ int core_tpg_deregister(struct se_portal_group *se_tpg) tfo->tpg_get_wwn(se_tpg) ? tfo->tpg_get_wwn(se_tpg) : NULL, se_tpg->proto_id, tfo->tpg_get_tag(se_tpg)); - spin_lock_bh(&tpg_lock); - list_del(&se_tpg->se_tpg_node); - spin_unlock_bh(&tpg_lock); - while (atomic_read(&se_tpg->tpg_pr_ref_count) != 0) cpu_relax(); diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c index 7f06a62f8661..ea482d4b1f00 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c @@ -584,6 +584,15 @@ void transport_free_session(struct se_session *se_sess) } EXPORT_SYMBOL(transport_free_session); +static int target_release_res(struct se_device *dev, void *data) +{ + struct se_session *sess = data; + + if (dev->reservation_holder == sess) + target_release_reservation(dev); + return 0; +} + void transport_deregister_session(struct se_session *se_sess) { struct se_portal_group *se_tpg = se_sess->se_tpg; @@ -600,6 +609,12 @@ void transport_deregister_session(struct se_session *se_sess) se_sess->fabric_sess_ptr = NULL; spin_unlock_irqrestore(&se_tpg->session_lock, flags); + /* + * Since the session is being removed, release SPC-2 + * reservations held by the session that is disappearing. + */ + target_for_each_device(target_release_res, se_sess); + pr_debug("TARGET_CORE[%s]: Deregistered fabric_sess\n", se_tpg->se_tpg_tfo->fabric_name); /* @@ -1243,6 +1258,19 @@ target_check_max_data_sg_nents(struct se_cmd *cmd, struct se_device *dev, return TCM_NO_SENSE; } +/** + * target_cmd_size_check - Check whether there will be a residual. + * @cmd: SCSI command. + * @size: Data buffer size derived from CDB. The data buffer size provided by + * the SCSI transport driver is available in @cmd->data_length. + * + * Compare the data buffer size from the CDB with the data buffer limit from the transport + * header. Set @cmd->residual_count and SCF_OVERFLOW_BIT or SCF_UNDERFLOW_BIT if necessary. + * + * Note: target drivers set @cmd->data_length by calling transport_init_se_cmd(). + * + * Return: TCM_NO_SENSE + */ sense_reason_t target_cmd_size_check(struct se_cmd *cmd, unsigned int size) { diff --git a/drivers/target/target_core_user.c b/drivers/target/target_core_user.c index 04eda111920e..0b9dfa6b17bc 100644 --- a/drivers/target/target_core_user.c +++ b/drivers/target/target_core_user.c @@ -499,7 +499,7 @@ static inline bool tcmu_get_empty_block(struct tcmu_dev *udev, schedule_delayed_work(&tcmu_unmap_work, 0); /* try to get new page from the mm */ - page = alloc_page(GFP_KERNEL); + page = alloc_page(GFP_NOIO); if (!page) goto err_alloc; @@ -573,7 +573,7 @@ static struct tcmu_cmd *tcmu_alloc_cmd(struct se_cmd *se_cmd) struct tcmu_dev *udev = TCMU_DEV(se_dev); struct tcmu_cmd *tcmu_cmd; - tcmu_cmd = kmem_cache_zalloc(tcmu_cmd_cache, GFP_KERNEL); + tcmu_cmd = kmem_cache_zalloc(tcmu_cmd_cache, GFP_NOIO); if (!tcmu_cmd) return NULL; @@ -584,7 +584,7 @@ static struct tcmu_cmd *tcmu_alloc_cmd(struct se_cmd *se_cmd) tcmu_cmd_reset_dbi_cur(tcmu_cmd); tcmu_cmd->dbi_cnt = tcmu_cmd_get_block_cnt(tcmu_cmd); tcmu_cmd->dbi = kcalloc(tcmu_cmd->dbi_cnt, sizeof(uint32_t), - GFP_KERNEL); + GFP_NOIO); if (!tcmu_cmd->dbi) { kmem_cache_free(tcmu_cmd_cache, tcmu_cmd); return NULL; @@ -1132,14 +1132,16 @@ static void tcmu_handle_completion(struct tcmu_cmd *cmd, struct tcmu_cmd_entry * struct se_cmd *se_cmd = cmd->se_cmd; struct tcmu_dev *udev = cmd->tcmu_dev; bool read_len_valid = false; - uint32_t read_len = se_cmd->data_length; + uint32_t read_len; /* * cmd has been completed already from timeout, just reclaim * data area space and free cmd */ - if (test_bit(TCMU_CMD_BIT_EXPIRED, &cmd->flags)) + if (test_bit(TCMU_CMD_BIT_EXPIRED, &cmd->flags)) { + WARN_ON_ONCE(se_cmd); goto out; + } list_del_init(&cmd->queue_entry); @@ -1152,6 +1154,7 @@ static void tcmu_handle_completion(struct tcmu_cmd *cmd, struct tcmu_cmd_entry * goto done; } + read_len = se_cmd->data_length; if (se_cmd->data_direction == DMA_FROM_DEVICE && (entry->hdr.uflags & TCMU_UFLAG_READ_LEN) && entry->rsp.read_len) { read_len_valid = true; @@ -1307,6 +1310,7 @@ static int tcmu_check_expired_cmd(int id, void *p, void *data) */ scsi_status = SAM_STAT_CHECK_CONDITION; list_del_init(&cmd->queue_entry); + cmd->se_cmd = NULL; } else { list_del_init(&cmd->queue_entry); idr_remove(&udev->commands, id); @@ -1708,6 +1712,24 @@ static int tcmu_init_genl_cmd_reply(struct tcmu_dev *udev, int cmd) return 0; } +static void tcmu_destroy_genl_cmd_reply(struct tcmu_dev *udev) +{ + struct tcmu_nl_cmd *nl_cmd = &udev->curr_nl_cmd; + + if (!tcmu_kern_cmd_reply_supported) + return; + + if (udev->nl_reply_supported <= 0) + return; + + mutex_lock(&tcmu_nl_cmd_mutex); + + list_del(&nl_cmd->nl_list); + memset(nl_cmd, 0, sizeof(*nl_cmd)); + + mutex_unlock(&tcmu_nl_cmd_mutex); +} + static int tcmu_wait_genl_cmd_reply(struct tcmu_dev *udev) { struct tcmu_nl_cmd *nl_cmd = &udev->curr_nl_cmd; @@ -1788,6 +1810,8 @@ static int tcmu_netlink_event_send(struct tcmu_dev *udev, if (ret == 0 || (ret == -ESRCH && cmd == TCMU_CMD_ADDED_DEVICE)) return tcmu_wait_genl_cmd_reply(udev); + else + tcmu_destroy_genl_cmd_reply(udev); return ret; } @@ -2022,6 +2046,7 @@ static void tcmu_reset_ring(struct tcmu_dev *udev, u8 err_level) idr_remove(&udev->commands, i); if (!test_bit(TCMU_CMD_BIT_EXPIRED, &cmd->flags)) { + WARN_ON(!cmd->se_cmd); list_del_init(&cmd->queue_entry); if (err_level == 1) { /* diff --git a/drivers/target/target_core_xcopy.c b/drivers/target/target_core_xcopy.c index b9b1e92c6f8d..425c1070de08 100644 --- a/drivers/target/target_core_xcopy.c +++ b/drivers/target/target_core_xcopy.c @@ -467,7 +467,6 @@ int target_xcopy_setup_pt(void) } memset(&xcopy_pt_tpg, 0, sizeof(struct se_portal_group)); - INIT_LIST_HEAD(&xcopy_pt_tpg.se_tpg_node); INIT_LIST_HEAD(&xcopy_pt_tpg.acl_node_list); INIT_LIST_HEAD(&xcopy_pt_tpg.tpg_sess_list); diff --git a/drivers/target/tcm_fc/tfc_io.c b/drivers/target/tcm_fc/tfc_io.c index a254792d882c..6a38ff936389 100644 --- a/drivers/target/tcm_fc/tfc_io.c +++ b/drivers/target/tcm_fc/tfc_io.c @@ -136,8 +136,7 @@ int ft_queue_data_in(struct se_cmd *se_cmd) page, off_in_page, tlen); fr_len(fp) += tlen; fp_skb(fp)->data_len += tlen; - fp_skb(fp)->truesize += - PAGE_SIZE << compound_order(page); + fp_skb(fp)->truesize += page_size(page); } else { BUG_ON(!page); from = kmap_atomic(page + (mem_off >> PAGE_SHIFT)); @@ -222,7 +221,6 @@ void ft_recv_write_data(struct ft_cmd *cmd, struct fc_frame *fp) ep = fc_seq_exch(seq); lport = ep->lp; if (cmd->was_ddp_setup) { - BUG_ON(!ep); BUG_ON(!lport); /* * Since DDP (Large Rx offload) was setup for this request, |