• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*******************************************************************************
2  * This file contains error recovery level one used by the iSCSI Target driver.
3  *
4  * (c) Copyright 2007-2013 Datera, Inc.
5  *
6  * Author: Nicholas A. Bellinger <nab@linux-iscsi.org>
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  ******************************************************************************/
18 
19 #include <linux/list.h>
20 #include <scsi/iscsi_proto.h>
21 #include <target/target_core_base.h>
22 #include <target/target_core_fabric.h>
23 #include <target/iscsi/iscsi_transport.h>
24 
25 #include <target/iscsi/iscsi_target_core.h>
26 #include "iscsi_target_seq_pdu_list.h"
27 #include "iscsi_target_datain_values.h"
28 #include "iscsi_target_device.h"
29 #include "iscsi_target_tpg.h"
30 #include "iscsi_target_util.h"
31 #include "iscsi_target_erl0.h"
32 #include "iscsi_target_erl1.h"
33 #include "iscsi_target_erl2.h"
34 #include "iscsi_target.h"
35 
36 #define OFFLOAD_BUF_SIZE	32768
37 
38 /*
39  *	Used to dump excess datain payload for certain error recovery
40  *	situations.  Receive in OFFLOAD_BUF_SIZE max of datain per rx_data().
41  *
42  *	dump_padding_digest denotes if padding and data digests need
43  *	to be dumped.
44  */
iscsit_dump_data_payload(struct iscsi_conn * conn,u32 buf_len,int dump_padding_digest)45 int iscsit_dump_data_payload(
46 	struct iscsi_conn *conn,
47 	u32 buf_len,
48 	int dump_padding_digest)
49 {
50 	char *buf, pad_bytes[4];
51 	int ret = DATAOUT_WITHIN_COMMAND_RECOVERY, rx_got;
52 	u32 length, padding, offset = 0, size;
53 	struct kvec iov;
54 
55 	if (conn->sess->sess_ops->RDMAExtensions)
56 		return 0;
57 
58 	length = (buf_len > OFFLOAD_BUF_SIZE) ? OFFLOAD_BUF_SIZE : buf_len;
59 
60 	buf = kzalloc(length, GFP_ATOMIC);
61 	if (!buf) {
62 		pr_err("Unable to allocate %u bytes for offload"
63 				" buffer.\n", length);
64 		return -1;
65 	}
66 	memset(&iov, 0, sizeof(struct kvec));
67 
68 	while (offset < buf_len) {
69 		size = ((offset + length) > buf_len) ?
70 			(buf_len - offset) : length;
71 
72 		iov.iov_len = size;
73 		iov.iov_base = buf;
74 
75 		rx_got = rx_data(conn, &iov, 1, size);
76 		if (rx_got != size) {
77 			ret = DATAOUT_CANNOT_RECOVER;
78 			goto out;
79 		}
80 
81 		offset += size;
82 	}
83 
84 	if (!dump_padding_digest)
85 		goto out;
86 
87 	padding = ((-buf_len) & 3);
88 	if (padding != 0) {
89 		iov.iov_len = padding;
90 		iov.iov_base = pad_bytes;
91 
92 		rx_got = rx_data(conn, &iov, 1, padding);
93 		if (rx_got != padding) {
94 			ret = DATAOUT_CANNOT_RECOVER;
95 			goto out;
96 		}
97 	}
98 
99 	if (conn->conn_ops->DataDigest) {
100 		u32 data_crc;
101 
102 		iov.iov_len = ISCSI_CRC_LEN;
103 		iov.iov_base = &data_crc;
104 
105 		rx_got = rx_data(conn, &iov, 1, ISCSI_CRC_LEN);
106 		if (rx_got != ISCSI_CRC_LEN) {
107 			ret = DATAOUT_CANNOT_RECOVER;
108 			goto out;
109 		}
110 	}
111 
112 out:
113 	kfree(buf);
114 	return ret;
115 }
116 
117 /*
118  *	Used for retransmitting R2Ts from a R2T SNACK request.
119  */
iscsit_send_recovery_r2t_for_snack(struct iscsi_cmd * cmd,struct iscsi_r2t * r2t)120 static int iscsit_send_recovery_r2t_for_snack(
121 	struct iscsi_cmd *cmd,
122 	struct iscsi_r2t *r2t)
123 {
124 	/*
125 	 * If the struct iscsi_r2t has not been sent yet, we can safely
126 	 * ignore retransmission
127 	 * of the R2TSN in question.
128 	 */
129 	spin_lock_bh(&cmd->r2t_lock);
130 	if (!r2t->sent_r2t) {
131 		spin_unlock_bh(&cmd->r2t_lock);
132 		return 0;
133 	}
134 	r2t->sent_r2t = 0;
135 	spin_unlock_bh(&cmd->r2t_lock);
136 
137 	iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, ISTATE_SEND_R2T);
138 
139 	return 0;
140 }
141 
iscsit_handle_r2t_snack(struct iscsi_cmd * cmd,unsigned char * buf,u32 begrun,u32 runlength)142 static int iscsit_handle_r2t_snack(
143 	struct iscsi_cmd *cmd,
144 	unsigned char *buf,
145 	u32 begrun,
146 	u32 runlength)
147 {
148 	u32 last_r2tsn;
149 	struct iscsi_r2t *r2t;
150 
151 	/*
152 	 * Make sure the initiator is not requesting retransmission
153 	 * of R2TSNs already acknowledged by a TMR TASK_REASSIGN.
154 	 */
155 	if ((cmd->cmd_flags & ICF_GOT_DATACK_SNACK) &&
156 	    (begrun <= cmd->acked_data_sn)) {
157 		pr_err("ITT: 0x%08x, R2T SNACK requesting"
158 			" retransmission of R2TSN: 0x%08x to 0x%08x but already"
159 			" acked to  R2TSN: 0x%08x by TMR TASK_REASSIGN,"
160 			" protocol error.\n", cmd->init_task_tag, begrun,
161 			(begrun + runlength), cmd->acked_data_sn);
162 
163 		return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf);
164 	}
165 
166 	if (runlength) {
167 		if ((begrun + runlength) > cmd->r2t_sn) {
168 			pr_err("Command ITT: 0x%08x received R2T SNACK"
169 			" with BegRun: 0x%08x, RunLength: 0x%08x, exceeds"
170 			" current R2TSN: 0x%08x, protocol error.\n",
171 			cmd->init_task_tag, begrun, runlength, cmd->r2t_sn);
172 			return iscsit_reject_cmd(cmd,
173 					ISCSI_REASON_BOOKMARK_INVALID, buf);
174 		}
175 		last_r2tsn = (begrun + runlength);
176 	} else
177 		last_r2tsn = cmd->r2t_sn;
178 
179 	while (begrun < last_r2tsn) {
180 		r2t = iscsit_get_holder_for_r2tsn(cmd, begrun);
181 		if (!r2t)
182 			return -1;
183 		if (iscsit_send_recovery_r2t_for_snack(cmd, r2t) < 0)
184 			return -1;
185 
186 		begrun++;
187 	}
188 
189 	return 0;
190 }
191 
192 /*
193  *	Generates Offsets and NextBurstLength based on Begrun and Runlength
194  *	carried in a Data SNACK or ExpDataSN in TMR TASK_REASSIGN.
195  *
196  *	For DataSequenceInOrder=Yes and DataPDUInOrder=[Yes,No] only.
197  *
198  *	FIXME: How is this handled for a RData SNACK?
199  */
iscsit_create_recovery_datain_values_datasequenceinorder_yes(struct iscsi_cmd * cmd,struct iscsi_datain_req * dr)200 int iscsit_create_recovery_datain_values_datasequenceinorder_yes(
201 	struct iscsi_cmd *cmd,
202 	struct iscsi_datain_req *dr)
203 {
204 	u32 data_sn = 0, data_sn_count = 0;
205 	u32 pdu_start = 0, seq_no = 0;
206 	u32 begrun = dr->begrun;
207 	struct iscsi_conn *conn = cmd->conn;
208 
209 	while (begrun > data_sn++) {
210 		data_sn_count++;
211 		if ((dr->next_burst_len +
212 		     conn->conn_ops->MaxRecvDataSegmentLength) <
213 		     conn->sess->sess_ops->MaxBurstLength) {
214 			dr->read_data_done +=
215 				conn->conn_ops->MaxRecvDataSegmentLength;
216 			dr->next_burst_len +=
217 				conn->conn_ops->MaxRecvDataSegmentLength;
218 		} else {
219 			dr->read_data_done +=
220 				(conn->sess->sess_ops->MaxBurstLength -
221 				 dr->next_burst_len);
222 			dr->next_burst_len = 0;
223 			pdu_start += data_sn_count;
224 			data_sn_count = 0;
225 			seq_no++;
226 		}
227 	}
228 
229 	if (!conn->sess->sess_ops->DataPDUInOrder) {
230 		cmd->seq_no = seq_no;
231 		cmd->pdu_start = pdu_start;
232 		cmd->pdu_send_order = data_sn_count;
233 	}
234 
235 	return 0;
236 }
237 
238 /*
239  *	Generates Offsets and NextBurstLength based on Begrun and Runlength
240  *	carried in a Data SNACK or ExpDataSN in TMR TASK_REASSIGN.
241  *
242  *	For DataSequenceInOrder=No and DataPDUInOrder=[Yes,No] only.
243  *
244  *	FIXME: How is this handled for a RData SNACK?
245  */
iscsit_create_recovery_datain_values_datasequenceinorder_no(struct iscsi_cmd * cmd,struct iscsi_datain_req * dr)246 int iscsit_create_recovery_datain_values_datasequenceinorder_no(
247 	struct iscsi_cmd *cmd,
248 	struct iscsi_datain_req *dr)
249 {
250 	int found_seq = 0, i;
251 	u32 data_sn, read_data_done = 0, seq_send_order = 0;
252 	u32 begrun = dr->begrun;
253 	u32 runlength = dr->runlength;
254 	struct iscsi_conn *conn = cmd->conn;
255 	struct iscsi_seq *first_seq = NULL, *seq = NULL;
256 
257 	if (!cmd->seq_list) {
258 		pr_err("struct iscsi_cmd->seq_list is NULL!\n");
259 		return -1;
260 	}
261 
262 	/*
263 	 * Calculate read_data_done for all sequences containing a
264 	 * first_datasn and last_datasn less than the BegRun.
265 	 *
266 	 * Locate the struct iscsi_seq the BegRun lies within and calculate
267 	 * NextBurstLenghth up to the DataSN based on MaxRecvDataSegmentLength.
268 	 *
269 	 * Also use struct iscsi_seq->seq_send_order to determine where to start.
270 	 */
271 	for (i = 0; i < cmd->seq_count; i++) {
272 		seq = &cmd->seq_list[i];
273 
274 		if (!seq->seq_send_order)
275 			first_seq = seq;
276 
277 		/*
278 		 * No data has been transferred for this DataIN sequence, so the
279 		 * seq->first_datasn and seq->last_datasn have not been set.
280 		 */
281 		if (!seq->sent) {
282 			pr_err("Ignoring non-sent sequence 0x%08x ->"
283 				" 0x%08x\n\n", seq->first_datasn,
284 				seq->last_datasn);
285 			continue;
286 		}
287 
288 		/*
289 		 * This DataIN sequence is precedes the received BegRun, add the
290 		 * total xfer_len of the sequence to read_data_done and reset
291 		 * seq->pdu_send_order.
292 		 */
293 		if ((seq->first_datasn < begrun) &&
294 				(seq->last_datasn < begrun)) {
295 			pr_err("Pre BegRun sequence 0x%08x ->"
296 				" 0x%08x\n", seq->first_datasn,
297 				seq->last_datasn);
298 
299 			read_data_done += cmd->seq_list[i].xfer_len;
300 			seq->next_burst_len = seq->pdu_send_order = 0;
301 			continue;
302 		}
303 
304 		/*
305 		 * The BegRun lies within this DataIN sequence.
306 		 */
307 		if ((seq->first_datasn <= begrun) &&
308 				(seq->last_datasn >= begrun)) {
309 			pr_err("Found sequence begrun: 0x%08x in"
310 				" 0x%08x -> 0x%08x\n", begrun,
311 				seq->first_datasn, seq->last_datasn);
312 
313 			seq_send_order = seq->seq_send_order;
314 			data_sn = seq->first_datasn;
315 			seq->next_burst_len = seq->pdu_send_order = 0;
316 			found_seq = 1;
317 
318 			/*
319 			 * For DataPDUInOrder=Yes, while the first DataSN of
320 			 * the sequence is less than the received BegRun, add
321 			 * the MaxRecvDataSegmentLength to read_data_done and
322 			 * to the sequence's next_burst_len;
323 			 *
324 			 * For DataPDUInOrder=No, while the first DataSN of the
325 			 * sequence is less than the received BegRun, find the
326 			 * struct iscsi_pdu of the DataSN in question and add the
327 			 * MaxRecvDataSegmentLength to read_data_done and to the
328 			 * sequence's next_burst_len;
329 			 */
330 			if (conn->sess->sess_ops->DataPDUInOrder) {
331 				while (data_sn < begrun) {
332 					seq->pdu_send_order++;
333 					read_data_done +=
334 						conn->conn_ops->MaxRecvDataSegmentLength;
335 					seq->next_burst_len +=
336 						conn->conn_ops->MaxRecvDataSegmentLength;
337 					data_sn++;
338 				}
339 			} else {
340 				int j;
341 				struct iscsi_pdu *pdu;
342 
343 				while (data_sn < begrun) {
344 					seq->pdu_send_order++;
345 
346 					for (j = 0; j < seq->pdu_count; j++) {
347 						pdu = &cmd->pdu_list[
348 							seq->pdu_start + j];
349 						if (pdu->data_sn == data_sn) {
350 							read_data_done +=
351 								pdu->length;
352 							seq->next_burst_len +=
353 								pdu->length;
354 						}
355 					}
356 					data_sn++;
357 				}
358 			}
359 			continue;
360 		}
361 
362 		/*
363 		 * This DataIN sequence is larger than the received BegRun,
364 		 * reset seq->pdu_send_order and continue.
365 		 */
366 		if ((seq->first_datasn > begrun) ||
367 				(seq->last_datasn > begrun)) {
368 			pr_err("Post BegRun sequence 0x%08x -> 0x%08x\n",
369 					seq->first_datasn, seq->last_datasn);
370 
371 			seq->next_burst_len = seq->pdu_send_order = 0;
372 			continue;
373 		}
374 	}
375 
376 	if (!found_seq) {
377 		if (!begrun) {
378 			if (!first_seq) {
379 				pr_err("ITT: 0x%08x, Begrun: 0x%08x"
380 					" but first_seq is NULL\n",
381 					cmd->init_task_tag, begrun);
382 				return -1;
383 			}
384 			seq_send_order = first_seq->seq_send_order;
385 			seq->next_burst_len = seq->pdu_send_order = 0;
386 			goto done;
387 		}
388 
389 		pr_err("Unable to locate struct iscsi_seq for ITT: 0x%08x,"
390 			" BegRun: 0x%08x, RunLength: 0x%08x while"
391 			" DataSequenceInOrder=No and DataPDUInOrder=%s.\n",
392 				cmd->init_task_tag, begrun, runlength,
393 			(conn->sess->sess_ops->DataPDUInOrder) ? "Yes" : "No");
394 		return -1;
395 	}
396 
397 done:
398 	dr->read_data_done = read_data_done;
399 	dr->seq_send_order = seq_send_order;
400 
401 	return 0;
402 }
403 
iscsit_handle_recovery_datain(struct iscsi_cmd * cmd,unsigned char * buf,u32 begrun,u32 runlength)404 static int iscsit_handle_recovery_datain(
405 	struct iscsi_cmd *cmd,
406 	unsigned char *buf,
407 	u32 begrun,
408 	u32 runlength)
409 {
410 	struct iscsi_conn *conn = cmd->conn;
411 	struct iscsi_datain_req *dr;
412 	struct se_cmd *se_cmd = &cmd->se_cmd;
413 
414 	if (!(se_cmd->transport_state & CMD_T_COMPLETE)) {
415 		pr_err("Ignoring ITT: 0x%08x Data SNACK\n",
416 				cmd->init_task_tag);
417 		return 0;
418 	}
419 
420 	/*
421 	 * Make sure the initiator is not requesting retransmission
422 	 * of DataSNs already acknowledged by a Data ACK SNACK.
423 	 */
424 	if ((cmd->cmd_flags & ICF_GOT_DATACK_SNACK) &&
425 	    (begrun <= cmd->acked_data_sn)) {
426 		pr_err("ITT: 0x%08x, Data SNACK requesting"
427 			" retransmission of DataSN: 0x%08x to 0x%08x but"
428 			" already acked to DataSN: 0x%08x by Data ACK SNACK,"
429 			" protocol error.\n", cmd->init_task_tag, begrun,
430 			(begrun + runlength), cmd->acked_data_sn);
431 
432 		return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf);
433 	}
434 
435 	/*
436 	 * Make sure BegRun and RunLength in the Data SNACK are sane.
437 	 * Note: (cmd->data_sn - 1) will carry the maximum DataSN sent.
438 	 */
439 	if ((begrun + runlength) > (cmd->data_sn - 1)) {
440 		pr_err("Initiator requesting BegRun: 0x%08x, RunLength"
441 			": 0x%08x greater than maximum DataSN: 0x%08x.\n",
442 				begrun, runlength, (cmd->data_sn - 1));
443 		return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID,
444 					 buf);
445 	}
446 
447 	dr = iscsit_allocate_datain_req();
448 	if (!dr)
449 		return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_NO_RESOURCES,
450 					 buf);
451 
452 	dr->data_sn = dr->begrun = begrun;
453 	dr->runlength = runlength;
454 	dr->generate_recovery_values = 1;
455 	dr->recovery = DATAIN_WITHIN_COMMAND_RECOVERY;
456 
457 	iscsit_attach_datain_req(cmd, dr);
458 
459 	cmd->i_state = ISTATE_SEND_DATAIN;
460 	iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
461 
462 	return 0;
463 }
464 
iscsit_handle_recovery_datain_or_r2t(struct iscsi_conn * conn,unsigned char * buf,itt_t init_task_tag,u32 targ_xfer_tag,u32 begrun,u32 runlength)465 int iscsit_handle_recovery_datain_or_r2t(
466 	struct iscsi_conn *conn,
467 	unsigned char *buf,
468 	itt_t init_task_tag,
469 	u32 targ_xfer_tag,
470 	u32 begrun,
471 	u32 runlength)
472 {
473 	struct iscsi_cmd *cmd;
474 
475 	cmd = iscsit_find_cmd_from_itt(conn, init_task_tag);
476 	if (!cmd)
477 		return 0;
478 
479 	/*
480 	 * FIXME: This will not work for bidi commands.
481 	 */
482 	switch (cmd->data_direction) {
483 	case DMA_TO_DEVICE:
484 		return iscsit_handle_r2t_snack(cmd, buf, begrun, runlength);
485 	case DMA_FROM_DEVICE:
486 		return iscsit_handle_recovery_datain(cmd, buf, begrun,
487 				runlength);
488 	default:
489 		pr_err("Unknown cmd->data_direction: 0x%02x\n",
490 				cmd->data_direction);
491 		return -1;
492 	}
493 
494 	return 0;
495 }
496 
497 /* #warning FIXME: Status SNACK needs to be dependent on OPCODE!!! */
iscsit_handle_status_snack(struct iscsi_conn * conn,itt_t init_task_tag,u32 targ_xfer_tag,u32 begrun,u32 runlength)498 int iscsit_handle_status_snack(
499 	struct iscsi_conn *conn,
500 	itt_t init_task_tag,
501 	u32 targ_xfer_tag,
502 	u32 begrun,
503 	u32 runlength)
504 {
505 	struct iscsi_cmd *cmd = NULL;
506 	u32 last_statsn;
507 	int found_cmd;
508 
509 	if (!begrun) {
510 		begrun = conn->exp_statsn;
511 	} else if (conn->exp_statsn > begrun) {
512 		pr_err("Got Status SNACK Begrun: 0x%08x, RunLength:"
513 			" 0x%08x but already got ExpStatSN: 0x%08x on CID:"
514 			" %hu.\n", begrun, runlength, conn->exp_statsn,
515 			conn->cid);
516 		return 0;
517 	}
518 
519 	last_statsn = (!runlength) ? conn->stat_sn : (begrun + runlength);
520 
521 	while (begrun < last_statsn) {
522 		found_cmd = 0;
523 
524 		spin_lock_bh(&conn->cmd_lock);
525 		list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) {
526 			if (cmd->stat_sn == begrun) {
527 				found_cmd = 1;
528 				break;
529 			}
530 		}
531 		spin_unlock_bh(&conn->cmd_lock);
532 
533 		if (!found_cmd) {
534 			pr_err("Unable to find StatSN: 0x%08x for"
535 				" a Status SNACK, assuming this was a"
536 				" protactic SNACK for an untransmitted"
537 				" StatSN, ignoring.\n", begrun);
538 			begrun++;
539 			continue;
540 		}
541 
542 		spin_lock_bh(&cmd->istate_lock);
543 		if (cmd->i_state == ISTATE_SEND_DATAIN) {
544 			spin_unlock_bh(&cmd->istate_lock);
545 			pr_err("Ignoring Status SNACK for BegRun:"
546 				" 0x%08x, RunLength: 0x%08x, assuming this was"
547 				" a protactic SNACK for an untransmitted"
548 				" StatSN\n", begrun, runlength);
549 			begrun++;
550 			continue;
551 		}
552 		spin_unlock_bh(&cmd->istate_lock);
553 
554 		cmd->i_state = ISTATE_SEND_STATUS_RECOVERY;
555 		iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
556 		begrun++;
557 	}
558 
559 	return 0;
560 }
561 
iscsit_handle_data_ack(struct iscsi_conn * conn,u32 targ_xfer_tag,u32 begrun,u32 runlength)562 int iscsit_handle_data_ack(
563 	struct iscsi_conn *conn,
564 	u32 targ_xfer_tag,
565 	u32 begrun,
566 	u32 runlength)
567 {
568 	struct iscsi_cmd *cmd = NULL;
569 
570 	cmd = iscsit_find_cmd_from_ttt(conn, targ_xfer_tag);
571 	if (!cmd) {
572 		pr_err("Data ACK SNACK for TTT: 0x%08x is"
573 			" invalid.\n", targ_xfer_tag);
574 		return -1;
575 	}
576 
577 	if (begrun <= cmd->acked_data_sn) {
578 		pr_err("ITT: 0x%08x Data ACK SNACK BegRUN: 0x%08x is"
579 			" less than the already acked DataSN: 0x%08x.\n",
580 			cmd->init_task_tag, begrun, cmd->acked_data_sn);
581 		return -1;
582 	}
583 
584 	/*
585 	 * For Data ACK SNACK, BegRun is the next expected DataSN.
586 	 * (see iSCSI v19: 10.16.6)
587 	 */
588 	cmd->cmd_flags |= ICF_GOT_DATACK_SNACK;
589 	cmd->acked_data_sn = (begrun - 1);
590 
591 	pr_debug("Received Data ACK SNACK for ITT: 0x%08x,"
592 		" updated acked DataSN to 0x%08x.\n",
593 			cmd->init_task_tag, cmd->acked_data_sn);
594 
595 	return 0;
596 }
597 
iscsit_send_recovery_r2t(struct iscsi_cmd * cmd,u32 offset,u32 xfer_len)598 static int iscsit_send_recovery_r2t(
599 	struct iscsi_cmd *cmd,
600 	u32 offset,
601 	u32 xfer_len)
602 {
603 	int ret;
604 
605 	spin_lock_bh(&cmd->r2t_lock);
606 	ret = iscsit_add_r2t_to_list(cmd, offset, xfer_len, 1, 0);
607 	spin_unlock_bh(&cmd->r2t_lock);
608 
609 	return ret;
610 }
611 
iscsit_dataout_datapduinorder_no_fbit(struct iscsi_cmd * cmd,struct iscsi_pdu * pdu)612 int iscsit_dataout_datapduinorder_no_fbit(
613 	struct iscsi_cmd *cmd,
614 	struct iscsi_pdu *pdu)
615 {
616 	int i, send_recovery_r2t = 0, recovery = 0;
617 	u32 length = 0, offset = 0, pdu_count = 0, xfer_len = 0;
618 	struct iscsi_conn *conn = cmd->conn;
619 	struct iscsi_pdu *first_pdu = NULL;
620 
621 	/*
622 	 * Get an struct iscsi_pdu pointer to the first PDU, and total PDU count
623 	 * of the DataOUT sequence.
624 	 */
625 	if (conn->sess->sess_ops->DataSequenceInOrder) {
626 		for (i = 0; i < cmd->pdu_count; i++) {
627 			if (cmd->pdu_list[i].seq_no == pdu->seq_no) {
628 				if (!first_pdu)
629 					first_pdu = &cmd->pdu_list[i];
630 				xfer_len += cmd->pdu_list[i].length;
631 				pdu_count++;
632 			} else if (pdu_count)
633 				break;
634 		}
635 	} else {
636 		struct iscsi_seq *seq = cmd->seq_ptr;
637 
638 		first_pdu = &cmd->pdu_list[seq->pdu_start];
639 		pdu_count = seq->pdu_count;
640 	}
641 
642 	if (!first_pdu || !pdu_count)
643 		return DATAOUT_CANNOT_RECOVER;
644 
645 	/*
646 	 * Loop through the ending DataOUT Sequence checking each struct iscsi_pdu.
647 	 * The following ugly logic does batching of not received PDUs.
648 	 */
649 	for (i = 0; i < pdu_count; i++) {
650 		if (first_pdu[i].status == ISCSI_PDU_RECEIVED_OK) {
651 			if (!send_recovery_r2t)
652 				continue;
653 
654 			if (iscsit_send_recovery_r2t(cmd, offset, length) < 0)
655 				return DATAOUT_CANNOT_RECOVER;
656 
657 			send_recovery_r2t = length = offset = 0;
658 			continue;
659 		}
660 		/*
661 		 * Set recovery = 1 for any missing, CRC failed, or timed
662 		 * out PDUs to let the DataOUT logic know that this sequence
663 		 * has not been completed yet.
664 		 *
665 		 * Also, only send a Recovery R2T for ISCSI_PDU_NOT_RECEIVED.
666 		 * We assume if the PDU either failed CRC or timed out
667 		 * that a Recovery R2T has already been sent.
668 		 */
669 		recovery = 1;
670 
671 		if (first_pdu[i].status != ISCSI_PDU_NOT_RECEIVED)
672 			continue;
673 
674 		if (!offset)
675 			offset = first_pdu[i].offset;
676 		length += first_pdu[i].length;
677 
678 		send_recovery_r2t = 1;
679 	}
680 
681 	if (send_recovery_r2t)
682 		if (iscsit_send_recovery_r2t(cmd, offset, length) < 0)
683 			return DATAOUT_CANNOT_RECOVER;
684 
685 	return (!recovery) ? DATAOUT_NORMAL : DATAOUT_WITHIN_COMMAND_RECOVERY;
686 }
687 
iscsit_recalculate_dataout_values(struct iscsi_cmd * cmd,u32 pdu_offset,u32 pdu_length,u32 * r2t_offset,u32 * r2t_length)688 static int iscsit_recalculate_dataout_values(
689 	struct iscsi_cmd *cmd,
690 	u32 pdu_offset,
691 	u32 pdu_length,
692 	u32 *r2t_offset,
693 	u32 *r2t_length)
694 {
695 	int i;
696 	struct iscsi_conn *conn = cmd->conn;
697 	struct iscsi_pdu *pdu = NULL;
698 
699 	if (conn->sess->sess_ops->DataSequenceInOrder) {
700 		cmd->data_sn = 0;
701 
702 		if (conn->sess->sess_ops->DataPDUInOrder) {
703 			*r2t_offset = cmd->write_data_done;
704 			*r2t_length = (cmd->seq_end_offset -
705 					cmd->write_data_done);
706 			return 0;
707 		}
708 
709 		*r2t_offset = cmd->seq_start_offset;
710 		*r2t_length = (cmd->seq_end_offset - cmd->seq_start_offset);
711 
712 		for (i = 0; i < cmd->pdu_count; i++) {
713 			pdu = &cmd->pdu_list[i];
714 
715 			if (pdu->status != ISCSI_PDU_RECEIVED_OK)
716 				continue;
717 
718 			if ((pdu->offset >= cmd->seq_start_offset) &&
719 			   ((pdu->offset + pdu->length) <=
720 			     cmd->seq_end_offset)) {
721 				if (!cmd->unsolicited_data)
722 					cmd->next_burst_len -= pdu->length;
723 				else
724 					cmd->first_burst_len -= pdu->length;
725 
726 				cmd->write_data_done -= pdu->length;
727 				pdu->status = ISCSI_PDU_NOT_RECEIVED;
728 			}
729 		}
730 	} else {
731 		struct iscsi_seq *seq = NULL;
732 
733 		seq = iscsit_get_seq_holder(cmd, pdu_offset, pdu_length);
734 		if (!seq)
735 			return -1;
736 
737 		*r2t_offset = seq->orig_offset;
738 		*r2t_length = seq->xfer_len;
739 
740 		cmd->write_data_done -= (seq->offset - seq->orig_offset);
741 		if (cmd->immediate_data)
742 			cmd->first_burst_len = cmd->write_data_done;
743 
744 		seq->data_sn = 0;
745 		seq->offset = seq->orig_offset;
746 		seq->next_burst_len = 0;
747 		seq->status = DATAOUT_SEQUENCE_WITHIN_COMMAND_RECOVERY;
748 
749 		if (conn->sess->sess_ops->DataPDUInOrder)
750 			return 0;
751 
752 		for (i = 0; i < seq->pdu_count; i++) {
753 			pdu = &cmd->pdu_list[i+seq->pdu_start];
754 
755 			if (pdu->status != ISCSI_PDU_RECEIVED_OK)
756 				continue;
757 
758 			pdu->status = ISCSI_PDU_NOT_RECEIVED;
759 		}
760 	}
761 
762 	return 0;
763 }
764 
iscsit_recover_dataout_sequence(struct iscsi_cmd * cmd,u32 pdu_offset,u32 pdu_length)765 int iscsit_recover_dataout_sequence(
766 	struct iscsi_cmd *cmd,
767 	u32 pdu_offset,
768 	u32 pdu_length)
769 {
770 	u32 r2t_length = 0, r2t_offset = 0;
771 
772 	spin_lock_bh(&cmd->istate_lock);
773 	cmd->cmd_flags |= ICF_WITHIN_COMMAND_RECOVERY;
774 	spin_unlock_bh(&cmd->istate_lock);
775 
776 	if (iscsit_recalculate_dataout_values(cmd, pdu_offset, pdu_length,
777 			&r2t_offset, &r2t_length) < 0)
778 		return DATAOUT_CANNOT_RECOVER;
779 
780 	iscsit_send_recovery_r2t(cmd, r2t_offset, r2t_length);
781 
782 	return DATAOUT_WITHIN_COMMAND_RECOVERY;
783 }
784 
iscsit_allocate_ooo_cmdsn(void)785 static struct iscsi_ooo_cmdsn *iscsit_allocate_ooo_cmdsn(void)
786 {
787 	struct iscsi_ooo_cmdsn *ooo_cmdsn = NULL;
788 
789 	ooo_cmdsn = kmem_cache_zalloc(lio_ooo_cache, GFP_ATOMIC);
790 	if (!ooo_cmdsn) {
791 		pr_err("Unable to allocate memory for"
792 			" struct iscsi_ooo_cmdsn.\n");
793 		return NULL;
794 	}
795 	INIT_LIST_HEAD(&ooo_cmdsn->ooo_list);
796 
797 	return ooo_cmdsn;
798 }
799 
800 /*
801  *	Called with sess->cmdsn_mutex held.
802  */
iscsit_attach_ooo_cmdsn(struct iscsi_session * sess,struct iscsi_ooo_cmdsn * ooo_cmdsn)803 static int iscsit_attach_ooo_cmdsn(
804 	struct iscsi_session *sess,
805 	struct iscsi_ooo_cmdsn *ooo_cmdsn)
806 {
807 	struct iscsi_ooo_cmdsn *ooo_tail, *ooo_tmp;
808 	/*
809 	 * We attach the struct iscsi_ooo_cmdsn entry to the out of order
810 	 * list in increasing CmdSN order.
811 	 * This allows iscsi_execute_ooo_cmdsns() to detect any
812 	 * additional CmdSN holes while performing delayed execution.
813 	 */
814 	if (list_empty(&sess->sess_ooo_cmdsn_list))
815 		list_add_tail(&ooo_cmdsn->ooo_list,
816 				&sess->sess_ooo_cmdsn_list);
817 	else {
818 		ooo_tail = list_entry(sess->sess_ooo_cmdsn_list.prev,
819 				typeof(*ooo_tail), ooo_list);
820 		/*
821 		 * CmdSN is greater than the tail of the list.
822 		 */
823 		if (iscsi_sna_lt(ooo_tail->cmdsn, ooo_cmdsn->cmdsn))
824 			list_add_tail(&ooo_cmdsn->ooo_list,
825 					&sess->sess_ooo_cmdsn_list);
826 		else {
827 			/*
828 			 * CmdSN is either lower than the head,  or somewhere
829 			 * in the middle.
830 			 */
831 			list_for_each_entry(ooo_tmp, &sess->sess_ooo_cmdsn_list,
832 						ooo_list) {
833 				if (iscsi_sna_lt(ooo_tmp->cmdsn, ooo_cmdsn->cmdsn))
834 					continue;
835 
836 				/* Insert before this entry */
837 				list_add(&ooo_cmdsn->ooo_list,
838 					ooo_tmp->ooo_list.prev);
839 				break;
840 			}
841 		}
842 	}
843 
844 	return 0;
845 }
846 
847 /*
848  *	Removes an struct iscsi_ooo_cmdsn from a session's list,
849  *	called with struct iscsi_session->cmdsn_mutex held.
850  */
iscsit_remove_ooo_cmdsn(struct iscsi_session * sess,struct iscsi_ooo_cmdsn * ooo_cmdsn)851 void iscsit_remove_ooo_cmdsn(
852 	struct iscsi_session *sess,
853 	struct iscsi_ooo_cmdsn *ooo_cmdsn)
854 {
855 	list_del(&ooo_cmdsn->ooo_list);
856 	kmem_cache_free(lio_ooo_cache, ooo_cmdsn);
857 }
858 
iscsit_clear_ooo_cmdsns_for_conn(struct iscsi_conn * conn)859 void iscsit_clear_ooo_cmdsns_for_conn(struct iscsi_conn *conn)
860 {
861 	struct iscsi_ooo_cmdsn *ooo_cmdsn;
862 	struct iscsi_session *sess = conn->sess;
863 
864 	mutex_lock(&sess->cmdsn_mutex);
865 	list_for_each_entry(ooo_cmdsn, &sess->sess_ooo_cmdsn_list, ooo_list) {
866 		if (ooo_cmdsn->cid != conn->cid)
867 			continue;
868 
869 		ooo_cmdsn->cmd = NULL;
870 	}
871 	mutex_unlock(&sess->cmdsn_mutex);
872 }
873 
874 /*
875  *	Called with sess->cmdsn_mutex held.
876  */
iscsit_execute_ooo_cmdsns(struct iscsi_session * sess)877 int iscsit_execute_ooo_cmdsns(struct iscsi_session *sess)
878 {
879 	int ooo_count = 0;
880 	struct iscsi_cmd *cmd = NULL;
881 	struct iscsi_ooo_cmdsn *ooo_cmdsn, *ooo_cmdsn_tmp;
882 
883 	list_for_each_entry_safe(ooo_cmdsn, ooo_cmdsn_tmp,
884 				&sess->sess_ooo_cmdsn_list, ooo_list) {
885 		if (ooo_cmdsn->cmdsn != sess->exp_cmd_sn)
886 			continue;
887 
888 		if (!ooo_cmdsn->cmd) {
889 			sess->exp_cmd_sn++;
890 			iscsit_remove_ooo_cmdsn(sess, ooo_cmdsn);
891 			continue;
892 		}
893 
894 		cmd = ooo_cmdsn->cmd;
895 		cmd->i_state = cmd->deferred_i_state;
896 		ooo_count++;
897 		sess->exp_cmd_sn++;
898 		pr_debug("Executing out of order CmdSN: 0x%08x,"
899 			" incremented ExpCmdSN to 0x%08x.\n",
900 			cmd->cmd_sn, sess->exp_cmd_sn);
901 
902 		iscsit_remove_ooo_cmdsn(sess, ooo_cmdsn);
903 
904 		if (iscsit_execute_cmd(cmd, 1) < 0)
905 			return -1;
906 
907 		continue;
908 	}
909 
910 	return ooo_count;
911 }
912 
913 /*
914  *	Called either:
915  *
916  *	1. With sess->cmdsn_mutex held from iscsi_execute_ooo_cmdsns()
917  *	or iscsi_check_received_cmdsn().
918  *	2. With no locks held directly from iscsi_handle_XXX_pdu() functions
919  *	for immediate commands.
920  */
iscsit_execute_cmd(struct iscsi_cmd * cmd,int ooo)921 int iscsit_execute_cmd(struct iscsi_cmd *cmd, int ooo)
922 {
923 	struct se_cmd *se_cmd = &cmd->se_cmd;
924 	struct iscsi_conn *conn = cmd->conn;
925 	int lr = 0;
926 
927 	spin_lock_bh(&cmd->istate_lock);
928 	if (ooo)
929 		cmd->cmd_flags &= ~ICF_OOO_CMDSN;
930 
931 	switch (cmd->iscsi_opcode) {
932 	case ISCSI_OP_SCSI_CMD:
933 		/*
934 		 * Go ahead and send the CHECK_CONDITION status for
935 		 * any SCSI CDB exceptions that may have occurred.
936 		 */
937 		if (cmd->sense_reason) {
938 			if (cmd->sense_reason == TCM_RESERVATION_CONFLICT) {
939 				cmd->i_state = ISTATE_SEND_STATUS;
940 				spin_unlock_bh(&cmd->istate_lock);
941 				iscsit_add_cmd_to_response_queue(cmd, cmd->conn,
942 						cmd->i_state);
943 				return 0;
944 			}
945 			spin_unlock_bh(&cmd->istate_lock);
946 			/*
947 			 * Determine if delayed TASK_ABORTED status for WRITEs
948 			 * should be sent now if no unsolicited data out
949 			 * payloads are expected, or if the delayed status
950 			 * should be sent after unsolicited data out with
951 			 * ISCSI_FLAG_CMD_FINAL set in iscsi_handle_data_out()
952 			 */
953 			if (transport_check_aborted_status(se_cmd,
954 					(cmd->unsolicited_data == 0)) != 0)
955 				return 0;
956 			/*
957 			 * Otherwise send CHECK_CONDITION and sense for
958 			 * exception
959 			 */
960 			return transport_send_check_condition_and_sense(se_cmd,
961 					cmd->sense_reason, 0);
962 		}
963 		/*
964 		 * Special case for delayed CmdSN with Immediate
965 		 * Data and/or Unsolicited Data Out attached.
966 		 */
967 		if (cmd->immediate_data) {
968 			if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) {
969 				spin_unlock_bh(&cmd->istate_lock);
970 				target_execute_cmd(&cmd->se_cmd);
971 				return 0;
972 			}
973 			spin_unlock_bh(&cmd->istate_lock);
974 
975 			if (!(cmd->cmd_flags &
976 					ICF_NON_IMMEDIATE_UNSOLICITED_DATA)) {
977 				/*
978 				 * Send the delayed TASK_ABORTED status for
979 				 * WRITEs if no more unsolicitied data is
980 				 * expected.
981 				 */
982 				if (transport_check_aborted_status(se_cmd, 1)
983 						!= 0)
984 					return 0;
985 
986 				iscsit_set_dataout_sequence_values(cmd);
987 				conn->conn_transport->iscsit_get_dataout(conn, cmd, false);
988 			}
989 			return 0;
990 		}
991 		/*
992 		 * The default handler.
993 		 */
994 		spin_unlock_bh(&cmd->istate_lock);
995 
996 		if ((cmd->data_direction == DMA_TO_DEVICE) &&
997 		    !(cmd->cmd_flags & ICF_NON_IMMEDIATE_UNSOLICITED_DATA)) {
998 			/*
999 			 * Send the delayed TASK_ABORTED status for WRITEs if
1000 			 * no more nsolicitied data is expected.
1001 			 */
1002 			if (transport_check_aborted_status(se_cmd, 1) != 0)
1003 				return 0;
1004 
1005 			iscsit_set_unsoliticed_dataout(cmd);
1006 		}
1007 		return transport_handle_cdb_direct(&cmd->se_cmd);
1008 
1009 	case ISCSI_OP_NOOP_OUT:
1010 	case ISCSI_OP_TEXT:
1011 		spin_unlock_bh(&cmd->istate_lock);
1012 		iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state);
1013 		break;
1014 	case ISCSI_OP_SCSI_TMFUNC:
1015 		if (cmd->se_cmd.se_tmr_req->response) {
1016 			spin_unlock_bh(&cmd->istate_lock);
1017 			iscsit_add_cmd_to_response_queue(cmd, cmd->conn,
1018 					cmd->i_state);
1019 			return 0;
1020 		}
1021 		spin_unlock_bh(&cmd->istate_lock);
1022 
1023 		return transport_generic_handle_tmr(&cmd->se_cmd);
1024 	case ISCSI_OP_LOGOUT:
1025 		spin_unlock_bh(&cmd->istate_lock);
1026 		switch (cmd->logout_reason) {
1027 		case ISCSI_LOGOUT_REASON_CLOSE_SESSION:
1028 			lr = iscsit_logout_closesession(cmd, cmd->conn);
1029 			break;
1030 		case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION:
1031 			lr = iscsit_logout_closeconnection(cmd, cmd->conn);
1032 			break;
1033 		case ISCSI_LOGOUT_REASON_RECOVERY:
1034 			lr = iscsit_logout_removeconnforrecovery(cmd, cmd->conn);
1035 			break;
1036 		default:
1037 			pr_err("Unknown iSCSI Logout Request Code:"
1038 				" 0x%02x\n", cmd->logout_reason);
1039 			return -1;
1040 		}
1041 
1042 		return lr;
1043 	default:
1044 		spin_unlock_bh(&cmd->istate_lock);
1045 		pr_err("Cannot perform out of order execution for"
1046 		" unknown iSCSI Opcode: 0x%02x\n", cmd->iscsi_opcode);
1047 		return -1;
1048 	}
1049 
1050 	return 0;
1051 }
1052 
iscsit_free_all_ooo_cmdsns(struct iscsi_session * sess)1053 void iscsit_free_all_ooo_cmdsns(struct iscsi_session *sess)
1054 {
1055 	struct iscsi_ooo_cmdsn *ooo_cmdsn, *ooo_cmdsn_tmp;
1056 
1057 	mutex_lock(&sess->cmdsn_mutex);
1058 	list_for_each_entry_safe(ooo_cmdsn, ooo_cmdsn_tmp,
1059 			&sess->sess_ooo_cmdsn_list, ooo_list) {
1060 
1061 		list_del(&ooo_cmdsn->ooo_list);
1062 		kmem_cache_free(lio_ooo_cache, ooo_cmdsn);
1063 	}
1064 	mutex_unlock(&sess->cmdsn_mutex);
1065 }
1066 
iscsit_handle_ooo_cmdsn(struct iscsi_session * sess,struct iscsi_cmd * cmd,u32 cmdsn)1067 int iscsit_handle_ooo_cmdsn(
1068 	struct iscsi_session *sess,
1069 	struct iscsi_cmd *cmd,
1070 	u32 cmdsn)
1071 {
1072 	int batch = 0;
1073 	struct iscsi_ooo_cmdsn *ooo_cmdsn = NULL, *ooo_tail = NULL;
1074 
1075 	cmd->deferred_i_state		= cmd->i_state;
1076 	cmd->i_state			= ISTATE_DEFERRED_CMD;
1077 	cmd->cmd_flags			|= ICF_OOO_CMDSN;
1078 
1079 	if (list_empty(&sess->sess_ooo_cmdsn_list))
1080 		batch = 1;
1081 	else {
1082 		ooo_tail = list_entry(sess->sess_ooo_cmdsn_list.prev,
1083 				typeof(*ooo_tail), ooo_list);
1084 		if (ooo_tail->cmdsn != (cmdsn - 1))
1085 			batch = 1;
1086 	}
1087 
1088 	ooo_cmdsn = iscsit_allocate_ooo_cmdsn();
1089 	if (!ooo_cmdsn)
1090 		return -ENOMEM;
1091 
1092 	ooo_cmdsn->cmd			= cmd;
1093 	ooo_cmdsn->batch_count		= (batch) ?
1094 					  (cmdsn - sess->exp_cmd_sn) : 1;
1095 	ooo_cmdsn->cid			= cmd->conn->cid;
1096 	ooo_cmdsn->exp_cmdsn		= sess->exp_cmd_sn;
1097 	ooo_cmdsn->cmdsn		= cmdsn;
1098 
1099 	if (iscsit_attach_ooo_cmdsn(sess, ooo_cmdsn) < 0) {
1100 		kmem_cache_free(lio_ooo_cache, ooo_cmdsn);
1101 		return -ENOMEM;
1102 	}
1103 
1104 	return 0;
1105 }
1106 
iscsit_set_dataout_timeout_values(struct iscsi_cmd * cmd,u32 * offset,u32 * length)1107 static int iscsit_set_dataout_timeout_values(
1108 	struct iscsi_cmd *cmd,
1109 	u32 *offset,
1110 	u32 *length)
1111 {
1112 	struct iscsi_conn *conn = cmd->conn;
1113 	struct iscsi_r2t *r2t;
1114 
1115 	if (cmd->unsolicited_data) {
1116 		*offset = 0;
1117 		*length = (conn->sess->sess_ops->FirstBurstLength >
1118 			   cmd->se_cmd.data_length) ?
1119 			   cmd->se_cmd.data_length :
1120 			   conn->sess->sess_ops->FirstBurstLength;
1121 		return 0;
1122 	}
1123 
1124 	spin_lock_bh(&cmd->r2t_lock);
1125 	if (list_empty(&cmd->cmd_r2t_list)) {
1126 		pr_err("cmd->cmd_r2t_list is empty!\n");
1127 		spin_unlock_bh(&cmd->r2t_lock);
1128 		return -1;
1129 	}
1130 
1131 	list_for_each_entry(r2t, &cmd->cmd_r2t_list, r2t_list) {
1132 		if (r2t->sent_r2t && !r2t->recovery_r2t && !r2t->seq_complete) {
1133 			*offset = r2t->offset;
1134 			*length = r2t->xfer_len;
1135 			spin_unlock_bh(&cmd->r2t_lock);
1136 			return 0;
1137 		}
1138 	}
1139 	spin_unlock_bh(&cmd->r2t_lock);
1140 
1141 	pr_err("Unable to locate any incomplete DataOUT"
1142 		" sequences for ITT: 0x%08x.\n", cmd->init_task_tag);
1143 
1144 	return -1;
1145 }
1146 
1147 /*
1148  *	NOTE: Called from interrupt (timer) context.
1149  */
iscsit_handle_dataout_timeout(unsigned long data)1150 static void iscsit_handle_dataout_timeout(unsigned long data)
1151 {
1152 	u32 pdu_length = 0, pdu_offset = 0;
1153 	u32 r2t_length = 0, r2t_offset = 0;
1154 	struct iscsi_cmd *cmd = (struct iscsi_cmd *) data;
1155 	struct iscsi_conn *conn = cmd->conn;
1156 	struct iscsi_session *sess = NULL;
1157 	struct iscsi_node_attrib *na;
1158 
1159 	iscsit_inc_conn_usage_count(conn);
1160 
1161 	spin_lock_bh(&cmd->dataout_timeout_lock);
1162 	if (cmd->dataout_timer_flags & ISCSI_TF_STOP) {
1163 		spin_unlock_bh(&cmd->dataout_timeout_lock);
1164 		iscsit_dec_conn_usage_count(conn);
1165 		return;
1166 	}
1167 	cmd->dataout_timer_flags &= ~ISCSI_TF_RUNNING;
1168 	sess = conn->sess;
1169 	na = iscsit_tpg_get_node_attrib(sess);
1170 
1171 	if (!sess->sess_ops->ErrorRecoveryLevel) {
1172 		pr_debug("Unable to recover from DataOut timeout while"
1173 			" in ERL=0.\n");
1174 		goto failure;
1175 	}
1176 
1177 	if (++cmd->dataout_timeout_retries == na->dataout_timeout_retries) {
1178 		pr_debug("Command ITT: 0x%08x exceeded max retries"
1179 			" for DataOUT timeout %u, closing iSCSI connection.\n",
1180 			cmd->init_task_tag, na->dataout_timeout_retries);
1181 		goto failure;
1182 	}
1183 
1184 	cmd->cmd_flags |= ICF_WITHIN_COMMAND_RECOVERY;
1185 
1186 	if (conn->sess->sess_ops->DataSequenceInOrder) {
1187 		if (conn->sess->sess_ops->DataPDUInOrder) {
1188 			pdu_offset = cmd->write_data_done;
1189 			if ((pdu_offset + (conn->sess->sess_ops->MaxBurstLength -
1190 			     cmd->next_burst_len)) > cmd->se_cmd.data_length)
1191 				pdu_length = (cmd->se_cmd.data_length -
1192 					cmd->write_data_done);
1193 			else
1194 				pdu_length = (conn->sess->sess_ops->MaxBurstLength -
1195 						cmd->next_burst_len);
1196 		} else {
1197 			pdu_offset = cmd->seq_start_offset;
1198 			pdu_length = (cmd->seq_end_offset -
1199 				cmd->seq_start_offset);
1200 		}
1201 	} else {
1202 		if (iscsit_set_dataout_timeout_values(cmd, &pdu_offset,
1203 				&pdu_length) < 0)
1204 			goto failure;
1205 	}
1206 
1207 	if (iscsit_recalculate_dataout_values(cmd, pdu_offset, pdu_length,
1208 			&r2t_offset, &r2t_length) < 0)
1209 		goto failure;
1210 
1211 	pr_debug("Command ITT: 0x%08x timed out waiting for"
1212 		" completion of %sDataOUT Sequence Offset: %u, Length: %u\n",
1213 		cmd->init_task_tag, (cmd->unsolicited_data) ? "Unsolicited " :
1214 		"", r2t_offset, r2t_length);
1215 
1216 	if (iscsit_send_recovery_r2t(cmd, r2t_offset, r2t_length) < 0)
1217 		goto failure;
1218 
1219 	iscsit_start_dataout_timer(cmd, conn);
1220 	spin_unlock_bh(&cmd->dataout_timeout_lock);
1221 	iscsit_dec_conn_usage_count(conn);
1222 
1223 	return;
1224 
1225 failure:
1226 	spin_unlock_bh(&cmd->dataout_timeout_lock);
1227 	iscsit_cause_connection_reinstatement(conn, 0);
1228 	iscsit_dec_conn_usage_count(conn);
1229 }
1230 
iscsit_mod_dataout_timer(struct iscsi_cmd * cmd)1231 void iscsit_mod_dataout_timer(struct iscsi_cmd *cmd)
1232 {
1233 	struct iscsi_conn *conn = cmd->conn;
1234 	struct iscsi_session *sess = conn->sess;
1235 	struct iscsi_node_attrib *na = iscsit_tpg_get_node_attrib(sess);
1236 
1237 	spin_lock_bh(&cmd->dataout_timeout_lock);
1238 	if (!(cmd->dataout_timer_flags & ISCSI_TF_RUNNING)) {
1239 		spin_unlock_bh(&cmd->dataout_timeout_lock);
1240 		return;
1241 	}
1242 
1243 	mod_timer(&cmd->dataout_timer,
1244 		(get_jiffies_64() + na->dataout_timeout * HZ));
1245 	pr_debug("Updated DataOUT timer for ITT: 0x%08x",
1246 			cmd->init_task_tag);
1247 	spin_unlock_bh(&cmd->dataout_timeout_lock);
1248 }
1249 
1250 /*
1251  *	Called with cmd->dataout_timeout_lock held.
1252  */
iscsit_start_dataout_timer(struct iscsi_cmd * cmd,struct iscsi_conn * conn)1253 void iscsit_start_dataout_timer(
1254 	struct iscsi_cmd *cmd,
1255 	struct iscsi_conn *conn)
1256 {
1257 	struct iscsi_session *sess = conn->sess;
1258 	struct iscsi_node_attrib *na = iscsit_tpg_get_node_attrib(sess);
1259 
1260 	if (cmd->dataout_timer_flags & ISCSI_TF_RUNNING)
1261 		return;
1262 
1263 	pr_debug("Starting DataOUT timer for ITT: 0x%08x on"
1264 		" CID: %hu.\n", cmd->init_task_tag, conn->cid);
1265 
1266 	init_timer(&cmd->dataout_timer);
1267 	cmd->dataout_timer.expires = (get_jiffies_64() + na->dataout_timeout * HZ);
1268 	cmd->dataout_timer.data = (unsigned long)cmd;
1269 	cmd->dataout_timer.function = iscsit_handle_dataout_timeout;
1270 	cmd->dataout_timer_flags &= ~ISCSI_TF_STOP;
1271 	cmd->dataout_timer_flags |= ISCSI_TF_RUNNING;
1272 	add_timer(&cmd->dataout_timer);
1273 }
1274 
iscsit_stop_dataout_timer(struct iscsi_cmd * cmd)1275 void iscsit_stop_dataout_timer(struct iscsi_cmd *cmd)
1276 {
1277 	spin_lock_bh(&cmd->dataout_timeout_lock);
1278 	if (!(cmd->dataout_timer_flags & ISCSI_TF_RUNNING)) {
1279 		spin_unlock_bh(&cmd->dataout_timeout_lock);
1280 		return;
1281 	}
1282 	cmd->dataout_timer_flags |= ISCSI_TF_STOP;
1283 	spin_unlock_bh(&cmd->dataout_timeout_lock);
1284 
1285 	del_timer_sync(&cmd->dataout_timer);
1286 
1287 	spin_lock_bh(&cmd->dataout_timeout_lock);
1288 	cmd->dataout_timer_flags &= ~ISCSI_TF_RUNNING;
1289 	pr_debug("Stopped DataOUT Timer for ITT: 0x%08x\n",
1290 			cmd->init_task_tag);
1291 	spin_unlock_bh(&cmd->dataout_timeout_lock);
1292 }
1293 EXPORT_SYMBOL(iscsit_stop_dataout_timer);
1294