1 /*******************************************************************************
2 * This file contains main functions related to iSCSI Parameter negotiation.
4 * \u00a9 Copyright 2007-2011 RisingTide Systems LLC.
6 * Licensed to the Linux Foundation under the General Public License (GPL) version 2.
8 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 ******************************************************************************/
21 #include <linux/ctype.h>
22 #include <scsi/iscsi_proto.h>
23 #include <target/target_core_base.h>
24 #include <target/target_core_fabric.h>
26 #include "iscsi_target_core.h"
27 #include "iscsi_target_parameters.h"
28 #include "iscsi_target_login.h"
29 #include "iscsi_target_nego.h"
30 #include "iscsi_target_tpg.h"
31 #include "iscsi_target_util.h"
32 #include "iscsi_target.h"
33 #include "iscsi_target_auth.h"
35 #define MAX_LOGIN_PDUS 7
38 void convert_null_to_semi(char *buf, int len)
42 for (i = 0; i < len; i++)
47 static int strlen_semi(char *buf)
51 while (buf[i] != '\0') {
63 unsigned int max_length,
70 if (!in_buf || !pattern || !out_buf || !type)
73 ptr = strstr(in_buf, pattern);
77 ptr = strstr(ptr, "=");
82 if (*ptr == '0' && (*(ptr+1) == 'x' || *(ptr+1) == 'X')) {
83 ptr += 2; /* skip 0x */
88 len = strlen_semi(ptr);
92 if (len > max_length) {
93 pr_err("Length of input: %d exceeds max_length:"
94 " %d\n", len, max_length);
97 memcpy(out_buf, ptr, len);
103 static u32 iscsi_handle_authentication(
104 struct iscsi_conn *conn,
109 unsigned char *authtype)
111 struct iscsi_session *sess = conn->sess;
112 struct iscsi_node_auth *auth;
113 struct iscsi_node_acl *iscsi_nacl;
114 struct se_node_acl *se_nacl;
116 if (!sess->sess_ops->SessionType) {
118 * For SessionType=Normal
120 se_nacl = conn->sess->se_sess->se_node_acl;
122 pr_err("Unable to locate struct se_node_acl for"
126 iscsi_nacl = container_of(se_nacl, struct iscsi_node_acl,
129 pr_err("Unable to locate struct iscsi_node_acl for"
134 auth = ISCSI_NODE_AUTH(iscsi_nacl);
137 * For SessionType=Discovery
139 auth = &iscsit_global->discovery_acl.node_auth;
142 if (strstr("CHAP", authtype))
143 strcpy(conn->sess->auth_type, "CHAP");
145 strcpy(conn->sess->auth_type, NONE);
147 if (strstr("None", authtype))
150 else if (strstr("SRP", authtype))
151 return srp_main_loop(conn, auth, in_buf, out_buf,
152 &in_length, out_length);
154 else if (strstr("CHAP", authtype))
155 return chap_main_loop(conn, auth, in_buf, out_buf,
156 &in_length, out_length);
157 else if (strstr("SPKM1", authtype))
159 else if (strstr("SPKM2", authtype))
161 else if (strstr("KRB5", authtype))
167 static void iscsi_remove_failed_auth_entry(struct iscsi_conn *conn)
169 kfree(conn->auth_protocol);
172 static int iscsi_target_check_login_request(
173 struct iscsi_conn *conn,
174 struct iscsi_login *login)
176 int req_csg, req_nsg;
178 struct iscsi_login_req *login_req;
180 login_req = (struct iscsi_login_req *) login->req;
181 payload_length = ntoh24(login_req->dlength);
183 switch (login_req->opcode & ISCSI_OPCODE_MASK) {
187 pr_err("Received unknown opcode 0x%02x.\n",
188 login_req->opcode & ISCSI_OPCODE_MASK);
189 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
190 ISCSI_LOGIN_STATUS_INIT_ERR);
194 if ((login_req->flags & ISCSI_FLAG_LOGIN_CONTINUE) &&
195 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) {
196 pr_err("Login request has both ISCSI_FLAG_LOGIN_CONTINUE"
197 " and ISCSI_FLAG_LOGIN_TRANSIT set, protocol error.\n");
198 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
199 ISCSI_LOGIN_STATUS_INIT_ERR);
203 req_csg = (login_req->flags & ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK) >> 2;
204 req_nsg = (login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE_MASK);
206 if (req_csg != login->current_stage) {
207 pr_err("Initiator unexpectedly changed login stage"
208 " from %d to %d, login failed.\n", login->current_stage,
210 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
211 ISCSI_LOGIN_STATUS_INIT_ERR);
215 if ((req_nsg == 2) || (req_csg >= 2) ||
216 ((login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT) &&
217 (req_nsg <= req_csg))) {
218 pr_err("Illegal login_req->flags Combination, CSG: %d,"
219 " NSG: %d, ISCSI_FLAG_LOGIN_TRANSIT: %d.\n", req_csg,
220 req_nsg, (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT));
221 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
222 ISCSI_LOGIN_STATUS_INIT_ERR);
226 if ((login_req->max_version != login->version_max) ||
227 (login_req->min_version != login->version_min)) {
228 pr_err("Login request changed Version Max/Nin"
229 " unexpectedly to 0x%02x/0x%02x, protocol error\n",
230 login_req->max_version, login_req->min_version);
231 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
232 ISCSI_LOGIN_STATUS_INIT_ERR);
236 if (memcmp(login_req->isid, login->isid, 6) != 0) {
237 pr_err("Login request changed ISID unexpectedly,"
238 " protocol error.\n");
239 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
240 ISCSI_LOGIN_STATUS_INIT_ERR);
244 if (login_req->itt != login->init_task_tag) {
245 pr_err("Login request changed ITT unexpectedly to"
246 " 0x%08x, protocol error.\n", login_req->itt);
247 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
248 ISCSI_LOGIN_STATUS_INIT_ERR);
252 if (payload_length > MAX_KEY_VALUE_PAIRS) {
253 pr_err("Login request payload exceeds default"
254 " MaxRecvDataSegmentLength: %u, protocol error.\n",
255 MAX_KEY_VALUE_PAIRS);
262 static int iscsi_target_check_first_request(
263 struct iscsi_conn *conn,
264 struct iscsi_login *login)
266 struct iscsi_param *param = NULL;
267 struct se_node_acl *se_nacl;
269 login->first_request = 0;
271 list_for_each_entry(param, &conn->param_list->param_list, p_list) {
272 if (!strncmp(param->name, SESSIONTYPE, 11)) {
273 if (!IS_PSTATE_ACCEPTOR(param)) {
274 pr_err("SessionType key not received"
275 " in first login request.\n");
276 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
277 ISCSI_LOGIN_STATUS_MISSING_FIELDS);
280 if (!strncmp(param->value, DISCOVERY, 9))
284 if (!strncmp(param->name, INITIATORNAME, 13)) {
285 if (!IS_PSTATE_ACCEPTOR(param)) {
286 if (!login->leading_connection)
289 pr_err("InitiatorName key not received"
290 " in first login request.\n");
291 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
292 ISCSI_LOGIN_STATUS_MISSING_FIELDS);
297 * For non-leading connections, double check that the
298 * received InitiatorName matches the existing session's
299 * struct iscsi_node_acl.
301 if (!login->leading_connection) {
302 se_nacl = conn->sess->se_sess->se_node_acl;
304 pr_err("Unable to locate"
305 " struct se_node_acl\n");
306 iscsit_tx_login_rsp(conn,
307 ISCSI_STATUS_CLS_INITIATOR_ERR,
308 ISCSI_LOGIN_STATUS_TGT_NOT_FOUND);
312 if (strcmp(param->value,
313 se_nacl->initiatorname)) {
315 " InitiatorName: %s for this"
316 " iSCSI Initiator Node.\n",
318 iscsit_tx_login_rsp(conn,
319 ISCSI_STATUS_CLS_INITIATOR_ERR,
320 ISCSI_LOGIN_STATUS_TGT_NOT_FOUND);
330 static int iscsi_target_do_tx_login_io(struct iscsi_conn *conn, struct iscsi_login *login)
333 struct iscsi_session *sess = conn->sess;
334 struct iscsi_login_rsp *login_rsp;
336 login_rsp = (struct iscsi_login_rsp *) login->rsp;
338 login_rsp->opcode = ISCSI_OP_LOGIN_RSP;
339 hton24(login_rsp->dlength, login->rsp_length);
340 memcpy(login_rsp->isid, login->isid, 6);
341 login_rsp->tsih = cpu_to_be16(login->tsih);
342 login_rsp->itt = login->init_task_tag;
343 login_rsp->statsn = cpu_to_be32(conn->stat_sn++);
344 login_rsp->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
345 login_rsp->max_cmdsn = cpu_to_be32(conn->sess->max_cmd_sn);
347 pr_debug("Sending Login Response, Flags: 0x%02x, ITT: 0x%08x,"
348 " ExpCmdSN; 0x%08x, MaxCmdSN: 0x%08x, StatSN: 0x%08x, Length:"
349 " %u\n", login_rsp->flags, (__force u32)login_rsp->itt,
350 ntohl(login_rsp->exp_cmdsn), ntohl(login_rsp->max_cmdsn),
351 ntohl(login_rsp->statsn), login->rsp_length);
353 padding = ((-login->rsp_length) & 3);
355 if (iscsi_login_tx_data(
359 login->rsp_length + padding) < 0)
362 login->rsp_length = 0;
363 mutex_lock(&sess->cmdsn_mutex);
364 login_rsp->exp_cmdsn = cpu_to_be32(sess->exp_cmd_sn);
365 login_rsp->max_cmdsn = cpu_to_be32(sess->max_cmd_sn);
366 mutex_unlock(&sess->cmdsn_mutex);
371 static int iscsi_target_do_rx_login_io(struct iscsi_conn *conn, struct iscsi_login *login)
373 u32 padding = 0, payload_length;
374 struct iscsi_login_req *login_req;
376 if (iscsi_login_rx_data(conn, login->req, ISCSI_HDR_LEN) < 0)
379 login_req = (struct iscsi_login_req *) login->req;
380 payload_length = ntoh24(login_req->dlength);
382 pr_debug("Got Login Command, Flags 0x%02x, ITT: 0x%08x,"
383 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, CID: %hu, Length: %u\n",
384 login_req->flags, login_req->itt, login_req->cmdsn,
385 login_req->exp_statsn, login_req->cid, payload_length);
387 if (iscsi_target_check_login_request(conn, login) < 0)
390 padding = ((-payload_length) & 3);
391 memset(login->req_buf, 0, MAX_KEY_VALUE_PAIRS);
393 if (iscsi_login_rx_data(
396 payload_length + padding) < 0)
402 static int iscsi_target_do_login_io(struct iscsi_conn *conn, struct iscsi_login *login)
404 if (iscsi_target_do_tx_login_io(conn, login) < 0)
407 if (iscsi_target_do_rx_login_io(conn, login) < 0)
413 static int iscsi_target_get_initial_payload(
414 struct iscsi_conn *conn,
415 struct iscsi_login *login)
417 u32 padding = 0, payload_length;
418 struct iscsi_login_req *login_req;
420 login_req = (struct iscsi_login_req *) login->req;
421 payload_length = ntoh24(login_req->dlength);
423 pr_debug("Got Login Command, Flags 0x%02x, ITT: 0x%08x,"
424 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n",
425 login_req->flags, login_req->itt, login_req->cmdsn,
426 login_req->exp_statsn, payload_length);
428 if (iscsi_target_check_login_request(conn, login) < 0)
431 padding = ((-payload_length) & 3);
433 if (iscsi_login_rx_data(
436 payload_length + padding) < 0)
443 * NOTE: We check for existing sessions or connections AFTER the initiator
444 * has been successfully authenticated in order to protect against faked
445 * ISID/TSIH combinations.
447 static int iscsi_target_check_for_existing_instances(
448 struct iscsi_conn *conn,
449 struct iscsi_login *login)
451 if (login->checked_for_existing)
454 login->checked_for_existing = 1;
457 return iscsi_check_for_session_reinstatement(conn);
459 return iscsi_login_post_auth_non_zero_tsih(conn, login->cid,
460 login->initial_exp_statsn);
463 static int iscsi_target_do_authentication(
464 struct iscsi_conn *conn,
465 struct iscsi_login *login)
469 struct iscsi_param *param;
470 struct iscsi_login_req *login_req;
471 struct iscsi_login_rsp *login_rsp;
473 login_req = (struct iscsi_login_req *) login->req;
474 login_rsp = (struct iscsi_login_rsp *) login->rsp;
475 payload_length = ntoh24(login_req->dlength);
477 param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list);
481 authret = iscsi_handle_authentication(
490 pr_debug("Received OK response"
491 " from LIO Authentication, continuing.\n");
494 pr_debug("iSCSI security negotiation"
495 " completed successfully.\n");
496 login->auth_complete = 1;
497 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE1) &&
498 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) {
499 login_rsp->flags |= (ISCSI_FLAG_LOGIN_NEXT_STAGE1 |
500 ISCSI_FLAG_LOGIN_TRANSIT);
501 login->current_stage = 1;
503 return iscsi_target_check_for_existing_instances(
506 pr_err("Security negotiation"
508 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
509 ISCSI_LOGIN_STATUS_AUTH_FAILED);
512 pr_err("Received unknown error %d from LIO"
513 " Authentication\n", authret);
514 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
515 ISCSI_LOGIN_STATUS_TARGET_ERROR);
522 static int iscsi_target_handle_csg_zero(
523 struct iscsi_conn *conn,
524 struct iscsi_login *login)
528 struct iscsi_param *param;
529 struct iscsi_login_req *login_req;
530 struct iscsi_login_rsp *login_rsp;
532 login_req = (struct iscsi_login_req *) login->req;
533 login_rsp = (struct iscsi_login_rsp *) login->rsp;
534 payload_length = ntoh24(login_req->dlength);
536 param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list);
540 ret = iscsi_decode_text_input(
541 PHASE_SECURITY|PHASE_DECLARATIVE,
542 SENDER_INITIATOR|SENDER_RECEIVER,
550 if (login->auth_complete) {
551 pr_err("Initiator has already been"
552 " successfully authenticated, but is still"
553 " sending %s keys.\n", param->value);
554 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
555 ISCSI_LOGIN_STATUS_INIT_ERR);
562 if (login->first_request)
563 if (iscsi_target_check_first_request(conn, login) < 0)
566 ret = iscsi_encode_text_output(
567 PHASE_SECURITY|PHASE_DECLARATIVE,
575 if (!iscsi_check_negotiated_keys(conn->param_list)) {
576 if (ISCSI_TPG_ATTRIB(ISCSI_TPG_C(conn))->authentication &&
577 !strncmp(param->value, NONE, 4)) {
578 pr_err("Initiator sent AuthMethod=None but"
579 " Target is enforcing iSCSI Authentication,"
581 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
582 ISCSI_LOGIN_STATUS_AUTH_FAILED);
586 if (ISCSI_TPG_ATTRIB(ISCSI_TPG_C(conn))->authentication &&
587 !login->auth_complete)
590 if (strncmp(param->value, NONE, 4) && !login->auth_complete)
593 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE1) &&
594 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT)) {
595 login_rsp->flags |= ISCSI_FLAG_LOGIN_NEXT_STAGE1 |
596 ISCSI_FLAG_LOGIN_TRANSIT;
597 login->current_stage = 1;
603 return iscsi_target_do_authentication(conn, login);
606 static int iscsi_target_handle_csg_one(struct iscsi_conn *conn, struct iscsi_login *login)
610 struct iscsi_login_req *login_req;
611 struct iscsi_login_rsp *login_rsp;
613 login_req = (struct iscsi_login_req *) login->req;
614 login_rsp = (struct iscsi_login_rsp *) login->rsp;
615 payload_length = ntoh24(login_req->dlength);
617 ret = iscsi_decode_text_input(
618 PHASE_OPERATIONAL|PHASE_DECLARATIVE,
619 SENDER_INITIATOR|SENDER_RECEIVER,
626 if (login->first_request)
627 if (iscsi_target_check_first_request(conn, login) < 0)
630 if (iscsi_target_check_for_existing_instances(conn, login) < 0)
633 ret = iscsi_encode_text_output(
634 PHASE_OPERATIONAL|PHASE_DECLARATIVE,
642 if (!login->auth_complete &&
643 ISCSI_TPG_ATTRIB(ISCSI_TPG_C(conn))->authentication) {
644 pr_err("Initiator is requesting CSG: 1, has not been"
645 " successfully authenticated, and the Target is"
646 " enforcing iSCSI Authentication, login failed.\n");
647 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
648 ISCSI_LOGIN_STATUS_AUTH_FAILED);
652 if (!iscsi_check_negotiated_keys(conn->param_list))
653 if ((login_req->flags & ISCSI_FLAG_LOGIN_NEXT_STAGE3) &&
654 (login_req->flags & ISCSI_FLAG_LOGIN_TRANSIT))
655 login_rsp->flags |= ISCSI_FLAG_LOGIN_NEXT_STAGE3 |
656 ISCSI_FLAG_LOGIN_TRANSIT;
661 static int iscsi_target_do_login(struct iscsi_conn *conn, struct iscsi_login *login)
664 struct iscsi_login_req *login_req;
665 struct iscsi_login_rsp *login_rsp;
667 login_req = (struct iscsi_login_req *) login->req;
668 login_rsp = (struct iscsi_login_rsp *) login->rsp;
671 if (++pdu_count > MAX_LOGIN_PDUS) {
672 pr_err("MAX_LOGIN_PDUS count reached.\n");
673 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
674 ISCSI_LOGIN_STATUS_TARGET_ERROR);
678 switch ((login_req->flags & ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK) >> 2) {
680 login_rsp->flags |= (0 & ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK);
681 if (iscsi_target_handle_csg_zero(conn, login) < 0)
685 login_rsp->flags |= ISCSI_FLAG_LOGIN_CURRENT_STAGE1;
686 if (iscsi_target_handle_csg_one(conn, login) < 0)
688 if (login_rsp->flags & ISCSI_FLAG_LOGIN_TRANSIT) {
689 login->tsih = conn->sess->tsih;
690 if (iscsi_target_do_tx_login_io(conn,
697 pr_err("Illegal CSG: %d received from"
698 " Initiator, protocol error.\n",
699 (login_req->flags & ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK)
704 if (iscsi_target_do_login_io(conn, login) < 0)
707 if (login_rsp->flags & ISCSI_FLAG_LOGIN_TRANSIT) {
708 login_rsp->flags &= ~ISCSI_FLAG_LOGIN_TRANSIT;
709 login_rsp->flags &= ~ISCSI_FLAG_LOGIN_NEXT_STAGE_MASK;
716 static void iscsi_initiatorname_tolower(
720 u32 iqn_size = strlen(param_buf), i;
722 for (i = 0; i < iqn_size; i++) {
732 * Processes the first Login Request..
734 static int iscsi_target_locate_portal(
736 struct iscsi_conn *conn,
737 struct iscsi_login *login)
739 char *i_buf = NULL, *s_buf = NULL, *t_buf = NULL;
740 char *tmpbuf, *start = NULL, *end = NULL, *key, *value;
741 struct iscsi_session *sess = conn->sess;
742 struct iscsi_tiqn *tiqn;
743 struct iscsi_login_req *login_req;
745 int sessiontype = 0, ret = 0;
747 login_req = (struct iscsi_login_req *) login->req;
748 payload_length = ntoh24(login_req->dlength);
750 login->first_request = 1;
751 login->leading_connection = (!login_req->tsih) ? 1 : 0;
752 login->current_stage =
753 (login_req->flags & ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK) >> 2;
754 login->version_min = login_req->min_version;
755 login->version_max = login_req->max_version;
756 memcpy(login->isid, login_req->isid, 6);
757 login->cmd_sn = be32_to_cpu(login_req->cmdsn);
758 login->init_task_tag = login_req->itt;
759 login->initial_exp_statsn = be32_to_cpu(login_req->exp_statsn);
760 login->cid = be16_to_cpu(login_req->cid);
761 login->tsih = be16_to_cpu(login_req->tsih);
763 if (iscsi_target_get_initial_payload(conn, login) < 0)
766 tmpbuf = kzalloc(payload_length + 1, GFP_KERNEL);
768 pr_err("Unable to allocate memory for tmpbuf.\n");
772 memcpy(tmpbuf, login->req_buf, payload_length);
773 tmpbuf[payload_length] = '\0';
775 end = (start + payload_length);
778 * Locate the initial keys expected from the Initiator node in
779 * the first login request in order to progress with the login phase.
781 while (start < end) {
782 if (iscsi_extract_key_value(start, &key, &value) < 0) {
787 if (!strncmp(key, "InitiatorName", 13))
789 else if (!strncmp(key, "SessionType", 11))
791 else if (!strncmp(key, "TargetName", 10))
794 start += strlen(key) + strlen(value) + 2;
798 * See 5.3. Login Phase.
801 pr_err("InitiatorName key not received"
802 " in first login request.\n");
803 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
804 ISCSI_LOGIN_STATUS_MISSING_FIELDS);
809 * Convert the incoming InitiatorName to lowercase following
810 * RFC-3720 3.2.6.1. section c) that says that iSCSI IQNs
811 * are NOT case sensitive.
813 iscsi_initiatorname_tolower(i_buf);
816 if (!login->leading_connection)
819 pr_err("SessionType key not received"
820 " in first login request.\n");
821 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
822 ISCSI_LOGIN_STATUS_MISSING_FIELDS);
828 * Use default portal group for discovery sessions.
830 sessiontype = strncmp(s_buf, DISCOVERY, 9);
832 conn->tpg = iscsit_global->discovery_tpg;
833 if (!login->leading_connection)
836 sess->sess_ops->SessionType = 1;
838 * Setup crc32c modules from libcrypto
840 if (iscsi_login_setup_crypto(conn) < 0) {
841 pr_err("iscsi_login_setup_crypto() failed\n");
846 * Serialize access across the discovery struct iscsi_portal_group to
847 * process login attempt.
849 if (iscsit_access_np(np, conn->tpg) < 0) {
850 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
851 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
861 pr_err("TargetName key not received"
862 " in first login request while"
863 " SessionType=Normal.\n");
864 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
865 ISCSI_LOGIN_STATUS_MISSING_FIELDS);
871 * Locate Target IQN from Storage Node.
873 tiqn = iscsit_get_tiqn_for_login(t_buf);
875 pr_err("Unable to locate Target IQN: %s in"
876 " Storage Node\n", t_buf);
877 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
878 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
882 pr_debug("Located Storage Object: %s\n", tiqn->tiqn);
885 * Locate Target Portal Group from Storage Node.
887 conn->tpg = iscsit_get_tpg_from_np(tiqn, np);
889 pr_err("Unable to locate Target Portal Group"
890 " on %s\n", tiqn->tiqn);
891 iscsit_put_tiqn_for_login(tiqn);
892 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
893 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
897 pr_debug("Located Portal Group Object: %hu\n", conn->tpg->tpgt);
899 * Setup crc32c modules from libcrypto
901 if (iscsi_login_setup_crypto(conn) < 0) {
902 pr_err("iscsi_login_setup_crypto() failed\n");
907 * Serialize access across the struct iscsi_portal_group to
908 * process login attempt.
910 if (iscsit_access_np(np, conn->tpg) < 0) {
911 iscsit_put_tiqn_for_login(tiqn);
912 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
913 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE);
920 * conn->sess->node_acl will be set when the referenced
921 * struct iscsi_session is located from received ISID+TSIH in
922 * iscsi_login_non_zero_tsih_s2().
924 if (!login->leading_connection) {
930 * This value is required in iscsi_login_zero_tsih_s2()
932 sess->sess_ops->SessionType = 0;
935 * Locate incoming Initiator IQN reference from Storage Node.
937 sess->se_sess->se_node_acl = core_tpg_check_initiator_node_acl(
938 &conn->tpg->tpg_se_tpg, i_buf);
939 if (!sess->se_sess->se_node_acl) {
940 pr_err("iSCSI Initiator Node: %s is not authorized to"
941 " access iSCSI target portal group: %hu.\n",
942 i_buf, conn->tpg->tpgt);
943 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
944 ISCSI_LOGIN_STATUS_TGT_FORBIDDEN);
955 struct iscsi_login *iscsi_target_init_negotiation(
957 struct iscsi_conn *conn,
960 struct iscsi_login *login;
962 login = kzalloc(sizeof(struct iscsi_login), GFP_KERNEL);
964 pr_err("Unable to allocate memory for struct iscsi_login.\n");
965 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
966 ISCSI_LOGIN_STATUS_NO_RESOURCES);
970 login->req = kmemdup(login_pdu, ISCSI_HDR_LEN, GFP_KERNEL);
972 pr_err("Unable to allocate memory for Login Request.\n");
973 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
974 ISCSI_LOGIN_STATUS_NO_RESOURCES);
978 login->req_buf = kzalloc(MAX_KEY_VALUE_PAIRS, GFP_KERNEL);
979 if (!login->req_buf) {
980 pr_err("Unable to allocate memory for response buffer.\n");
981 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
982 ISCSI_LOGIN_STATUS_NO_RESOURCES);
986 * SessionType: Discovery
988 * Locates Default Portal
990 * SessionType: Normal
992 * Locates Target Portal from NP -> Target IQN
994 if (iscsi_target_locate_portal(np, conn, login) < 0) {
1001 kfree(login->req_buf);
1007 int iscsi_target_start_negotiation(
1008 struct iscsi_login *login,
1009 struct iscsi_conn *conn)
1013 login->rsp = kzalloc(ISCSI_HDR_LEN, GFP_KERNEL);
1015 pr_err("Unable to allocate memory for"
1016 " Login Response.\n");
1017 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1018 ISCSI_LOGIN_STATUS_NO_RESOURCES);
1023 login->rsp_buf = kzalloc(MAX_KEY_VALUE_PAIRS, GFP_KERNEL);
1024 if (!login->rsp_buf) {
1025 pr_err("Unable to allocate memory for"
1026 " request buffer.\n");
1027 iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR,
1028 ISCSI_LOGIN_STATUS_NO_RESOURCES);
1033 ret = iscsi_target_do_login(conn, login);
1036 iscsi_remove_failed_auth_entry(conn);
1038 iscsi_target_nego_release(login, conn);
1042 void iscsi_target_nego_release(
1043 struct iscsi_login *login,
1044 struct iscsi_conn *conn)
1048 kfree(login->req_buf);
1049 kfree(login->rsp_buf);