1 /*******************************************************************************
2 * This file contains main functions related to iSCSI Parameter negotiation.
4 * \u00a9 Copyright 2007-2011 RisingTide Systems LLC.
6 * Licensed to the Linux Foundation under the General Public License (GPL) version 2.
8 * Author: Nicholas A. Bellinger <nab@linux-iscsi.org>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 ******************************************************************************/
21 #include <linux/ctype.h>
22 #include <scsi/iscsi_proto.h>
23 #include <target/target_core_base.h>
24 #include <target/target_core_fabric.h>
25 #include <target/iscsi/iscsi_transport.h>
27 #include "iscsi_target_core.h"
28 #include "iscsi_target_parameters.h"
29 #include "iscsi_target_login.h"
30 #include "iscsi_target_nego.h"
31 #include "iscsi_target_tpg.h"
32 #include "iscsi_target_util.h"
33 #include "iscsi_target.h"
34 #include "iscsi_target_auth.h"
36 #define MAX_LOGIN_PDUS 7
39 void convert_null_to_semi(char *buf
, int len
)
43 for (i
= 0; i
< len
; i
++)
48 static int strlen_semi(char *buf
)
52 while (buf
[i
] != '\0') {
64 unsigned int max_length
,
71 if (!in_buf
|| !pattern
|| !out_buf
|| !type
)
74 ptr
= strstr(in_buf
, pattern
);
78 ptr
= strstr(ptr
, "=");
83 if (*ptr
== '0' && (*(ptr
+1) == 'x' || *(ptr
+1) == 'X')) {
84 ptr
+= 2; /* skip 0x */
89 len
= strlen_semi(ptr
);
93 if (len
> max_length
) {
94 pr_err("Length of input: %d exceeds max_length:"
95 " %d\n", len
, max_length
);
98 memcpy(out_buf
, ptr
, len
);
104 static u32
iscsi_handle_authentication(
105 struct iscsi_conn
*conn
,
110 unsigned char *authtype
)
112 struct iscsi_session
*sess
= conn
->sess
;
113 struct iscsi_node_auth
*auth
;
114 struct iscsi_node_acl
*iscsi_nacl
;
115 struct iscsi_portal_group
*iscsi_tpg
;
116 struct se_node_acl
*se_nacl
;
118 if (!sess
->sess_ops
->SessionType
) {
120 * For SessionType=Normal
122 se_nacl
= conn
->sess
->se_sess
->se_node_acl
;
124 pr_err("Unable to locate struct se_node_acl for"
128 iscsi_nacl
= container_of(se_nacl
, struct iscsi_node_acl
,
131 pr_err("Unable to locate struct iscsi_node_acl for"
136 if (se_nacl
->dynamic_node_acl
) {
137 iscsi_tpg
= container_of(se_nacl
->se_tpg
,
138 struct iscsi_portal_group
, tpg_se_tpg
);
140 auth
= &iscsi_tpg
->tpg_demo_auth
;
142 iscsi_nacl
= container_of(se_nacl
, struct iscsi_node_acl
,
145 auth
= ISCSI_NODE_AUTH(iscsi_nacl
);
149 * For SessionType=Discovery
151 auth
= &iscsit_global
->discovery_acl
.node_auth
;
154 if (strstr("CHAP", authtype
))
155 strcpy(conn
->sess
->auth_type
, "CHAP");
157 strcpy(conn
->sess
->auth_type
, NONE
);
159 if (strstr("None", authtype
))
162 else if (strstr("SRP", authtype
))
163 return srp_main_loop(conn
, auth
, in_buf
, out_buf
,
164 &in_length
, out_length
);
166 else if (strstr("CHAP", authtype
))
167 return chap_main_loop(conn
, auth
, in_buf
, out_buf
,
168 &in_length
, out_length
);
169 else if (strstr("SPKM1", authtype
))
171 else if (strstr("SPKM2", authtype
))
173 else if (strstr("KRB5", authtype
))
179 static void iscsi_remove_failed_auth_entry(struct iscsi_conn
*conn
)
181 kfree(conn
->auth_protocol
);
184 int iscsi_target_check_login_request(
185 struct iscsi_conn
*conn
,
186 struct iscsi_login
*login
)
188 int req_csg
, req_nsg
;
190 struct iscsi_login_req
*login_req
;
192 login_req
= (struct iscsi_login_req
*) login
->req
;
193 payload_length
= ntoh24(login_req
->dlength
);
195 switch (login_req
->opcode
& ISCSI_OPCODE_MASK
) {
199 pr_err("Received unknown opcode 0x%02x.\n",
200 login_req
->opcode
& ISCSI_OPCODE_MASK
);
201 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
202 ISCSI_LOGIN_STATUS_INIT_ERR
);
206 if ((login_req
->flags
& ISCSI_FLAG_LOGIN_CONTINUE
) &&
207 (login_req
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
)) {
208 pr_err("Login request has both ISCSI_FLAG_LOGIN_CONTINUE"
209 " and ISCSI_FLAG_LOGIN_TRANSIT set, protocol error.\n");
210 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
211 ISCSI_LOGIN_STATUS_INIT_ERR
);
215 req_csg
= ISCSI_LOGIN_CURRENT_STAGE(login_req
->flags
);
216 req_nsg
= ISCSI_LOGIN_NEXT_STAGE(login_req
->flags
);
218 if (req_csg
!= login
->current_stage
) {
219 pr_err("Initiator unexpectedly changed login stage"
220 " from %d to %d, login failed.\n", login
->current_stage
,
222 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
223 ISCSI_LOGIN_STATUS_INIT_ERR
);
227 if ((req_nsg
== 2) || (req_csg
>= 2) ||
228 ((login_req
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
) &&
229 (req_nsg
<= req_csg
))) {
230 pr_err("Illegal login_req->flags Combination, CSG: %d,"
231 " NSG: %d, ISCSI_FLAG_LOGIN_TRANSIT: %d.\n", req_csg
,
232 req_nsg
, (login_req
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
));
233 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
234 ISCSI_LOGIN_STATUS_INIT_ERR
);
238 if ((login_req
->max_version
!= login
->version_max
) ||
239 (login_req
->min_version
!= login
->version_min
)) {
240 pr_err("Login request changed Version Max/Nin"
241 " unexpectedly to 0x%02x/0x%02x, protocol error\n",
242 login_req
->max_version
, login_req
->min_version
);
243 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
244 ISCSI_LOGIN_STATUS_INIT_ERR
);
248 if (memcmp(login_req
->isid
, login
->isid
, 6) != 0) {
249 pr_err("Login request changed ISID unexpectedly,"
250 " protocol error.\n");
251 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
252 ISCSI_LOGIN_STATUS_INIT_ERR
);
256 if (login_req
->itt
!= login
->init_task_tag
) {
257 pr_err("Login request changed ITT unexpectedly to"
258 " 0x%08x, protocol error.\n", login_req
->itt
);
259 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
260 ISCSI_LOGIN_STATUS_INIT_ERR
);
264 if (payload_length
> MAX_KEY_VALUE_PAIRS
) {
265 pr_err("Login request payload exceeds default"
266 " MaxRecvDataSegmentLength: %u, protocol error.\n",
267 MAX_KEY_VALUE_PAIRS
);
274 static int iscsi_target_check_first_request(
275 struct iscsi_conn
*conn
,
276 struct iscsi_login
*login
)
278 struct iscsi_param
*param
= NULL
;
279 struct se_node_acl
*se_nacl
;
281 login
->first_request
= 0;
283 list_for_each_entry(param
, &conn
->param_list
->param_list
, p_list
) {
284 if (!strncmp(param
->name
, SESSIONTYPE
, 11)) {
285 if (!IS_PSTATE_ACCEPTOR(param
)) {
286 pr_err("SessionType key not received"
287 " in first login request.\n");
288 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
289 ISCSI_LOGIN_STATUS_MISSING_FIELDS
);
292 if (!strncmp(param
->value
, DISCOVERY
, 9))
296 if (!strncmp(param
->name
, INITIATORNAME
, 13)) {
297 if (!IS_PSTATE_ACCEPTOR(param
)) {
298 if (!login
->leading_connection
)
301 pr_err("InitiatorName key not received"
302 " in first login request.\n");
303 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
304 ISCSI_LOGIN_STATUS_MISSING_FIELDS
);
309 * For non-leading connections, double check that the
310 * received InitiatorName matches the existing session's
311 * struct iscsi_node_acl.
313 if (!login
->leading_connection
) {
314 se_nacl
= conn
->sess
->se_sess
->se_node_acl
;
316 pr_err("Unable to locate"
317 " struct se_node_acl\n");
318 iscsit_tx_login_rsp(conn
,
319 ISCSI_STATUS_CLS_INITIATOR_ERR
,
320 ISCSI_LOGIN_STATUS_TGT_NOT_FOUND
);
324 if (strcmp(param
->value
,
325 se_nacl
->initiatorname
)) {
327 " InitiatorName: %s for this"
328 " iSCSI Initiator Node.\n",
330 iscsit_tx_login_rsp(conn
,
331 ISCSI_STATUS_CLS_INITIATOR_ERR
,
332 ISCSI_LOGIN_STATUS_TGT_NOT_FOUND
);
342 static int iscsi_target_do_tx_login_io(struct iscsi_conn
*conn
, struct iscsi_login
*login
)
345 struct iscsi_session
*sess
= conn
->sess
;
346 struct iscsi_login_rsp
*login_rsp
;
348 login_rsp
= (struct iscsi_login_rsp
*) login
->rsp
;
350 login_rsp
->opcode
= ISCSI_OP_LOGIN_RSP
;
351 hton24(login_rsp
->dlength
, login
->rsp_length
);
352 memcpy(login_rsp
->isid
, login
->isid
, 6);
353 login_rsp
->tsih
= cpu_to_be16(login
->tsih
);
354 login_rsp
->itt
= login
->init_task_tag
;
355 login_rsp
->statsn
= cpu_to_be32(conn
->stat_sn
++);
356 login_rsp
->exp_cmdsn
= cpu_to_be32(conn
->sess
->exp_cmd_sn
);
357 login_rsp
->max_cmdsn
= cpu_to_be32(conn
->sess
->max_cmd_sn
);
359 pr_debug("Sending Login Response, Flags: 0x%02x, ITT: 0x%08x,"
360 " ExpCmdSN; 0x%08x, MaxCmdSN: 0x%08x, StatSN: 0x%08x, Length:"
361 " %u\n", login_rsp
->flags
, (__force u32
)login_rsp
->itt
,
362 ntohl(login_rsp
->exp_cmdsn
), ntohl(login_rsp
->max_cmdsn
),
363 ntohl(login_rsp
->statsn
), login
->rsp_length
);
365 padding
= ((-login
->rsp_length
) & 3);
367 if (conn
->conn_transport
->iscsit_put_login_tx(conn
, login
,
368 login
->rsp_length
+ padding
) < 0)
371 login
->rsp_length
= 0;
372 mutex_lock(&sess
->cmdsn_mutex
);
373 login_rsp
->exp_cmdsn
= cpu_to_be32(sess
->exp_cmd_sn
);
374 login_rsp
->max_cmdsn
= cpu_to_be32(sess
->max_cmd_sn
);
375 mutex_unlock(&sess
->cmdsn_mutex
);
380 static int iscsi_target_do_login_io(struct iscsi_conn
*conn
, struct iscsi_login
*login
)
382 if (iscsi_target_do_tx_login_io(conn
, login
) < 0)
385 if (conn
->conn_transport
->iscsit_get_login_rx(conn
, login
) < 0)
392 * NOTE: We check for existing sessions or connections AFTER the initiator
393 * has been successfully authenticated in order to protect against faked
394 * ISID/TSIH combinations.
396 static int iscsi_target_check_for_existing_instances(
397 struct iscsi_conn
*conn
,
398 struct iscsi_login
*login
)
400 if (login
->checked_for_existing
)
403 login
->checked_for_existing
= 1;
406 return iscsi_check_for_session_reinstatement(conn
);
408 return iscsi_login_post_auth_non_zero_tsih(conn
, login
->cid
,
409 login
->initial_exp_statsn
);
412 static int iscsi_target_do_authentication(
413 struct iscsi_conn
*conn
,
414 struct iscsi_login
*login
)
418 struct iscsi_param
*param
;
419 struct iscsi_login_req
*login_req
;
420 struct iscsi_login_rsp
*login_rsp
;
422 login_req
= (struct iscsi_login_req
*) login
->req
;
423 login_rsp
= (struct iscsi_login_rsp
*) login
->rsp
;
424 payload_length
= ntoh24(login_req
->dlength
);
426 param
= iscsi_find_param_from_key(AUTHMETHOD
, conn
->param_list
);
430 authret
= iscsi_handle_authentication(
439 pr_debug("Received OK response"
440 " from LIO Authentication, continuing.\n");
443 pr_debug("iSCSI security negotiation"
444 " completed successfully.\n");
445 login
->auth_complete
= 1;
446 if ((login_req
->flags
& ISCSI_FLAG_LOGIN_NEXT_STAGE1
) &&
447 (login_req
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
)) {
448 login_rsp
->flags
|= (ISCSI_FLAG_LOGIN_NEXT_STAGE1
|
449 ISCSI_FLAG_LOGIN_TRANSIT
);
450 login
->current_stage
= 1;
452 return iscsi_target_check_for_existing_instances(
455 pr_err("Security negotiation"
457 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
458 ISCSI_LOGIN_STATUS_AUTH_FAILED
);
461 pr_err("Received unknown error %d from LIO"
462 " Authentication\n", authret
);
463 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_TARGET_ERR
,
464 ISCSI_LOGIN_STATUS_TARGET_ERROR
);
471 static int iscsi_target_handle_csg_zero(
472 struct iscsi_conn
*conn
,
473 struct iscsi_login
*login
)
477 struct iscsi_param
*param
;
478 struct iscsi_login_req
*login_req
;
479 struct iscsi_login_rsp
*login_rsp
;
481 login_req
= (struct iscsi_login_req
*) login
->req
;
482 login_rsp
= (struct iscsi_login_rsp
*) login
->rsp
;
483 payload_length
= ntoh24(login_req
->dlength
);
485 param
= iscsi_find_param_from_key(AUTHMETHOD
, conn
->param_list
);
489 ret
= iscsi_decode_text_input(
490 PHASE_SECURITY
|PHASE_DECLARATIVE
,
491 SENDER_INITIATOR
|SENDER_RECEIVER
,
499 if (login
->auth_complete
) {
500 pr_err("Initiator has already been"
501 " successfully authenticated, but is still"
502 " sending %s keys.\n", param
->value
);
503 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
504 ISCSI_LOGIN_STATUS_INIT_ERR
);
511 if (login
->first_request
)
512 if (iscsi_target_check_first_request(conn
, login
) < 0)
515 ret
= iscsi_encode_text_output(
516 PHASE_SECURITY
|PHASE_DECLARATIVE
,
524 if (!iscsi_check_negotiated_keys(conn
->param_list
)) {
525 if (ISCSI_TPG_ATTRIB(ISCSI_TPG_C(conn
))->authentication
&&
526 !strncmp(param
->value
, NONE
, 4)) {
527 pr_err("Initiator sent AuthMethod=None but"
528 " Target is enforcing iSCSI Authentication,"
530 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
531 ISCSI_LOGIN_STATUS_AUTH_FAILED
);
535 if (ISCSI_TPG_ATTRIB(ISCSI_TPG_C(conn
))->authentication
&&
536 !login
->auth_complete
)
539 if (strncmp(param
->value
, NONE
, 4) && !login
->auth_complete
)
542 if ((login_req
->flags
& ISCSI_FLAG_LOGIN_NEXT_STAGE1
) &&
543 (login_req
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
)) {
544 login_rsp
->flags
|= ISCSI_FLAG_LOGIN_NEXT_STAGE1
|
545 ISCSI_FLAG_LOGIN_TRANSIT
;
546 login
->current_stage
= 1;
552 return iscsi_target_do_authentication(conn
, login
);
555 static int iscsi_target_handle_csg_one(struct iscsi_conn
*conn
, struct iscsi_login
*login
)
559 struct iscsi_login_req
*login_req
;
560 struct iscsi_login_rsp
*login_rsp
;
562 login_req
= (struct iscsi_login_req
*) login
->req
;
563 login_rsp
= (struct iscsi_login_rsp
*) login
->rsp
;
564 payload_length
= ntoh24(login_req
->dlength
);
566 ret
= iscsi_decode_text_input(
567 PHASE_OPERATIONAL
|PHASE_DECLARATIVE
,
568 SENDER_INITIATOR
|SENDER_RECEIVER
,
573 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
574 ISCSI_LOGIN_STATUS_INIT_ERR
);
578 if (login
->first_request
)
579 if (iscsi_target_check_first_request(conn
, login
) < 0)
582 if (iscsi_target_check_for_existing_instances(conn
, login
) < 0)
585 ret
= iscsi_encode_text_output(
586 PHASE_OPERATIONAL
|PHASE_DECLARATIVE
,
592 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
593 ISCSI_LOGIN_STATUS_INIT_ERR
);
597 if (!login
->auth_complete
&&
598 ISCSI_TPG_ATTRIB(ISCSI_TPG_C(conn
))->authentication
) {
599 pr_err("Initiator is requesting CSG: 1, has not been"
600 " successfully authenticated, and the Target is"
601 " enforcing iSCSI Authentication, login failed.\n");
602 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
603 ISCSI_LOGIN_STATUS_AUTH_FAILED
);
607 if (!iscsi_check_negotiated_keys(conn
->param_list
))
608 if ((login_req
->flags
& ISCSI_FLAG_LOGIN_NEXT_STAGE3
) &&
609 (login_req
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
))
610 login_rsp
->flags
|= ISCSI_FLAG_LOGIN_NEXT_STAGE3
|
611 ISCSI_FLAG_LOGIN_TRANSIT
;
616 static int iscsi_target_do_login(struct iscsi_conn
*conn
, struct iscsi_login
*login
)
619 struct iscsi_login_req
*login_req
;
620 struct iscsi_login_rsp
*login_rsp
;
622 login_req
= (struct iscsi_login_req
*) login
->req
;
623 login_rsp
= (struct iscsi_login_rsp
*) login
->rsp
;
626 if (++pdu_count
> MAX_LOGIN_PDUS
) {
627 pr_err("MAX_LOGIN_PDUS count reached.\n");
628 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_TARGET_ERR
,
629 ISCSI_LOGIN_STATUS_TARGET_ERROR
);
633 switch (ISCSI_LOGIN_CURRENT_STAGE(login_req
->flags
)) {
635 login_rsp
->flags
&= ~ISCSI_FLAG_LOGIN_CURRENT_STAGE_MASK
;
636 if (iscsi_target_handle_csg_zero(conn
, login
) < 0)
640 login_rsp
->flags
|= ISCSI_FLAG_LOGIN_CURRENT_STAGE1
;
641 if (iscsi_target_handle_csg_one(conn
, login
) < 0)
643 if (login_rsp
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
) {
644 login
->tsih
= conn
->sess
->tsih
;
645 login
->login_complete
= 1;
646 if (iscsi_target_do_tx_login_io(conn
,
653 pr_err("Illegal CSG: %d received from"
654 " Initiator, protocol error.\n",
655 ISCSI_LOGIN_CURRENT_STAGE(login_req
->flags
));
659 if (iscsi_target_do_login_io(conn
, login
) < 0)
662 if (login_rsp
->flags
& ISCSI_FLAG_LOGIN_TRANSIT
) {
663 login_rsp
->flags
&= ~ISCSI_FLAG_LOGIN_TRANSIT
;
664 login_rsp
->flags
&= ~ISCSI_FLAG_LOGIN_NEXT_STAGE_MASK
;
671 static void iscsi_initiatorname_tolower(
675 u32 iqn_size
= strlen(param_buf
), i
;
677 for (i
= 0; i
< iqn_size
; i
++) {
687 * Processes the first Login Request..
689 int iscsi_target_locate_portal(
691 struct iscsi_conn
*conn
,
692 struct iscsi_login
*login
)
694 char *i_buf
= NULL
, *s_buf
= NULL
, *t_buf
= NULL
;
695 char *tmpbuf
, *start
= NULL
, *end
= NULL
, *key
, *value
;
696 struct iscsi_session
*sess
= conn
->sess
;
697 struct iscsi_tiqn
*tiqn
;
698 struct iscsi_login_req
*login_req
;
700 int sessiontype
= 0, ret
= 0;
702 login_req
= (struct iscsi_login_req
*) login
->req
;
703 payload_length
= ntoh24(login_req
->dlength
);
705 tmpbuf
= kzalloc(payload_length
+ 1, GFP_KERNEL
);
707 pr_err("Unable to allocate memory for tmpbuf.\n");
711 memcpy(tmpbuf
, login
->req_buf
, payload_length
);
712 tmpbuf
[payload_length
] = '\0';
714 end
= (start
+ payload_length
);
717 * Locate the initial keys expected from the Initiator node in
718 * the first login request in order to progress with the login phase.
720 while (start
< end
) {
721 if (iscsi_extract_key_value(start
, &key
, &value
) < 0) {
726 if (!strncmp(key
, "InitiatorName", 13))
728 else if (!strncmp(key
, "SessionType", 11))
730 else if (!strncmp(key
, "TargetName", 10))
733 start
+= strlen(key
) + strlen(value
) + 2;
736 printk("i_buf: %s, s_buf: %s, t_buf: %s\n", i_buf
, s_buf
, t_buf
);
739 * See 5.3. Login Phase.
742 pr_err("InitiatorName key not received"
743 " in first login request.\n");
744 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
745 ISCSI_LOGIN_STATUS_MISSING_FIELDS
);
750 * Convert the incoming InitiatorName to lowercase following
751 * RFC-3720 3.2.6.1. section c) that says that iSCSI IQNs
752 * are NOT case sensitive.
754 iscsi_initiatorname_tolower(i_buf
);
757 if (!login
->leading_connection
)
760 pr_err("SessionType key not received"
761 " in first login request.\n");
762 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
763 ISCSI_LOGIN_STATUS_MISSING_FIELDS
);
769 * Use default portal group for discovery sessions.
771 sessiontype
= strncmp(s_buf
, DISCOVERY
, 9);
773 conn
->tpg
= iscsit_global
->discovery_tpg
;
774 if (!login
->leading_connection
)
777 sess
->sess_ops
->SessionType
= 1;
779 * Setup crc32c modules from libcrypto
781 if (iscsi_login_setup_crypto(conn
) < 0) {
782 pr_err("iscsi_login_setup_crypto() failed\n");
787 * Serialize access across the discovery struct iscsi_portal_group to
788 * process login attempt.
790 if (iscsit_access_np(np
, conn
->tpg
) < 0) {
791 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_TARGET_ERR
,
792 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE
);
802 pr_err("TargetName key not received"
803 " in first login request while"
804 " SessionType=Normal.\n");
805 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
806 ISCSI_LOGIN_STATUS_MISSING_FIELDS
);
812 * Locate Target IQN from Storage Node.
814 tiqn
= iscsit_get_tiqn_for_login(t_buf
);
816 pr_err("Unable to locate Target IQN: %s in"
817 " Storage Node\n", t_buf
);
818 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_TARGET_ERR
,
819 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE
);
823 pr_debug("Located Storage Object: %s\n", tiqn
->tiqn
);
826 * Locate Target Portal Group from Storage Node.
828 conn
->tpg
= iscsit_get_tpg_from_np(tiqn
, np
);
830 pr_err("Unable to locate Target Portal Group"
831 " on %s\n", tiqn
->tiqn
);
832 iscsit_put_tiqn_for_login(tiqn
);
833 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_TARGET_ERR
,
834 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE
);
838 pr_debug("Located Portal Group Object: %hu\n", conn
->tpg
->tpgt
);
840 * Setup crc32c modules from libcrypto
842 if (iscsi_login_setup_crypto(conn
) < 0) {
843 pr_err("iscsi_login_setup_crypto() failed\n");
848 * Serialize access across the struct iscsi_portal_group to
849 * process login attempt.
851 if (iscsit_access_np(np
, conn
->tpg
) < 0) {
852 iscsit_put_tiqn_for_login(tiqn
);
853 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_TARGET_ERR
,
854 ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE
);
861 * conn->sess->node_acl will be set when the referenced
862 * struct iscsi_session is located from received ISID+TSIH in
863 * iscsi_login_non_zero_tsih_s2().
865 if (!login
->leading_connection
) {
871 * This value is required in iscsi_login_zero_tsih_s2()
873 sess
->sess_ops
->SessionType
= 0;
876 * Locate incoming Initiator IQN reference from Storage Node.
878 sess
->se_sess
->se_node_acl
= core_tpg_check_initiator_node_acl(
879 &conn
->tpg
->tpg_se_tpg
, i_buf
);
880 if (!sess
->se_sess
->se_node_acl
) {
881 pr_err("iSCSI Initiator Node: %s is not authorized to"
882 " access iSCSI target portal group: %hu.\n",
883 i_buf
, conn
->tpg
->tpgt
);
884 iscsit_tx_login_rsp(conn
, ISCSI_STATUS_CLS_INITIATOR_ERR
,
885 ISCSI_LOGIN_STATUS_TGT_FORBIDDEN
);
896 int iscsi_target_start_negotiation(
897 struct iscsi_login
*login
,
898 struct iscsi_conn
*conn
)
902 ret
= iscsi_target_do_login(conn
, login
);
904 iscsi_remove_failed_auth_entry(conn
);
906 iscsi_target_nego_release(conn
);
910 void iscsi_target_nego_release(struct iscsi_conn
*conn
)
912 struct iscsi_login
*login
= conn
->conn_login
;
917 kfree(login
->req_buf
);
918 kfree(login
->rsp_buf
);
921 conn
->conn_login
= NULL
;