Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

ISCSI.cpp

Last change on this file was 103527, checked in by vboxsync, 3 months ago
Storage/ISCSI.cpp: Some unused variable fixes, bugref:3409
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 200.0 KB

Line
1	/* $Id: ISCSI.cpp 103527 2024-02-22 11:20:33Z vboxsync $ */
2	/** @file
3	* iSCSI initiator driver, VD backend.
4	*/
5
6	/*
7	* Copyright (C) 2006-2023 Oracle and/or its affiliates.
8	*
9	* This file is part of VirtualBox base platform packages, as
10	* available from https://www.virtualbox.org.
11	*
12	* This program is free software; you can redistribute it and/or
13	* modify it under the terms of the GNU General Public License
14	* as published by the Free Software Foundation, in version 3 of the
15	* License.
16	*
17	* This program is distributed in the hope that it will be useful, but
18	* WITHOUT ANY WARRANTY; without even the implied warranty of
19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20	* General Public License for more details.
21	*
22	* You should have received a copy of the GNU General Public License
23	* along with this program; if not, see <https://www.gnu.org/licenses>.
24	*
25	* SPDX-License-Identifier: GPL-3.0-only
26	*/
27
28
29	/*********************************************************************************************************************************
30	* Header Files *
31	*********************************************************************************************************************************/
32	#define LOG_GROUP LOG_GROUP_VD_ISCSI
33	#include <VBox/vd-plugin.h>
34	#include <VBox/err.h>
35
36	#include <VBox/log.h>
37	#include <iprt/alloc.h>
38	#include <iprt/assert.h>
39	#include <iprt/uuid.h>
40	#include <iprt/string.h>
41	#include <iprt/asm.h>
42	#include <iprt/thread.h>
43	#include <iprt/semaphore.h>
44	#include <iprt/md5.h>
45	#include <iprt/tcp.h>
46	#include <iprt/time.h>
47	#include <VBox/scsi.h>
48
49	#include "VDBackends.h"
50	#include "VDBackendsInline.h"
51
52
53	/*********************************************************************************************************************************
54	* Defined Constants And Macros *
55	*********************************************************************************************************************************/
56
57	/** The maximum number of release log entries per image. */
58	#define MAX_LOG_REL_ERRORS 1024
59
60	/** Default port number to use for iSCSI. */
61	#define ISCSI_DEFAULT_PORT 3260
62
63
64	/** Converts a number in the range of 0 - 15 into the corresponding hex char. */
65	#define NUM_2_HEX(b) ('0' + (b) + (((b) > 9) ? 39 : 0))
66	/** Converts a hex char into the corresponding number in the range 0-15. */
67	#define HEX_2_NUM(c) (((c) <= '9') ? ((c) - '0') : (((c - 'A' + 10) & 0xf)))
68	/* Converts a base64 char into the corresponding number in the range 0-63. */
69	#define B64_2_NUM(c) ((c >= 'A' && c <= 'Z') ? (c - 'A') : (c >= 'a' && c <= 'z') ? (c - 'a' + 26) : (c >= '0' && c <= '9') ? (c - '0' + 52) : (c == '+') ? 62 : (c == '/') ? 63 : -1)
70
71
72	/** Minimum CHAP_MD5 challenge length in bytes. */
73	#define CHAP_MD5_CHALLENGE_MIN 16
74	/** Maximum CHAP_MD5 challenge length in bytes. */
75	#define CHAP_MD5_CHALLENGE_MAX 24
76
77
78	/**
79	* SCSI peripheral device type. */
80	typedef enum SCSIDEVTYPE
81	{
82	/** direct-access device. */
83	SCSI_DEVTYPE_DISK = 0,
84	/** sequential-access device. */
85	SCSI_DEVTYPE_TAPE,
86	/** printer device. */
87	SCSI_DEVTYPE_PRINTER,
88	/** processor device. */
89	SCSI_DEVTYPE_PROCESSOR,
90	/** write-once device. */
91	SCSI_DEVTYPE_WORM,
92	/** CD/DVD device. */
93	SCSI_DEVTYPE_CDROM,
94	/** scanner device. */
95	SCSI_DEVTYPE_SCANNER,
96	/** optical memory device. */
97	SCSI_DEVTYPE_OPTICAL,
98	/** medium changer. */
99	SCSI_DEVTYPE_CHANGER,
100	/** communications device. */
101	SCSI_DEVTYPE_COMMUNICATION,
102	/** storage array controller device. */
103	SCSI_DEVTYPE_RAIDCTL = 0x0c,
104	/** enclosure services device. */
105	SCSI_DEVTYPE_ENCLOSURE,
106	/** simplified direct-access device. */
107	SCSI_DEVTYPE_SIMPLEDISK,
108	/** optical card reader/writer device. */
109	SCSI_DEVTYPE_OCRW,
110	/** bridge controller device. */
111	SCSI_DEVTYPE_BRIDGE,
112	/** object-based storage device. */
113	SCSI_DEVTYPE_OSD
114	} SCSIDEVTYPE;
115
116	/** Mask for extracting the SCSI device type out of the first byte of the INQUIRY response. */
117	#define SCSI_DEVTYPE_MASK 0x1f
118
119	/** Mask to extract the CmdQue bit out of the seventh byte of the INQUIRY response. */
120	#define SCSI_INQUIRY_CMDQUE_MASK 0x02
121
122	/** Maximum PDU payload size we can handle in one piece. Greater or equal than
123	* s_iscsiConfigDefaultWriteSplit. */
124	#define ISCSI_DATA_LENGTH_MAX _256K
125
126	/** Maximum PDU size we can handle in one piece. */
127	#define ISCSI_RECV_PDU_BUFFER_SIZE (ISCSI_DATA_LENGTH_MAX + ISCSI_BHS_SIZE)
128
129
130	/** Version of the iSCSI standard which this initiator driver can handle. */
131	#define ISCSI_MY_VERSION 0
132
133
134	/** Length of ISCSI basic header segment. */
135	#define ISCSI_BHS_SIZE 48
136
137
138	/** Reserved task tag value. */
139	#define ISCSI_TASK_TAG_RSVD 0xffffffff
140
141
142	/**
143	* iSCSI opcodes. */
144	typedef enum ISCSIOPCODE
145	{
146	/** NOP-Out. */
147	ISCSIOP_NOP_OUT = 0x00000000,
148	/** SCSI command. */
149	ISCSIOP_SCSI_CMD = 0x01000000,
150	/** SCSI task management request. */
151	ISCSIOP_SCSI_TASKMGMT_REQ = 0x02000000,
152	/** Login request. */
153	ISCSIOP_LOGIN_REQ = 0x03000000,
154	/** Text request. */
155	ISCSIOP_TEXT_REQ = 0x04000000,
156	/** SCSI Data-Out. */
157	ISCSIOP_SCSI_DATA_OUT = 0x05000000,
158	/** Logout request. */
159	ISCSIOP_LOGOUT_REQ = 0x06000000,
160	/** SNACK request. */
161	ISCSIOP_SNACK_REQ = 0x10000000,
162
163	/** NOP-In. */
164	ISCSIOP_NOP_IN = 0x20000000,
165	/** SCSI response. */
166	ISCSIOP_SCSI_RES = 0x21000000,
167	/** SCSI Task Management response. */
168	ISCSIOP_SCSI_TASKMGMT_RES = 0x22000000,
169	/** Login response. */
170	ISCSIOP_LOGIN_RES = 0x23000000,
171	/** Text response. */
172	ISCSIOP_TEXT_RES = 0x24000000,
173	/** SCSI Data-In. */
174	ISCSIOP_SCSI_DATA_IN = 0x25000000,
175	/** Logout response. */
176	ISCSIOP_LOGOUT_RES = 0x26000000,
177	/** Ready To Transfer (R2T). */
178	ISCSIOP_R2T = 0x31000000,
179	/** Asynchronous message. */
180	ISCSIOP_ASYN_MSG = 0x32000000,
181	/** Reject. */
182	ISCSIOP_REJECT = 0x3f000000
183	} ISCSIOPCODE;
184
185	/** Mask for extracting the iSCSI opcode out of the first header word. */
186	#define ISCSIOP_MASK 0x3f000000
187
188
189	/** ISCSI BHS word 0: Request should be processed immediately. */
190	#define ISCSI_IMMEDIATE_DELIVERY_BIT 0x40000000
191
192	/** ISCSI BHS word 0: This is the final PDU for this request/response. */
193	#define ISCSI_FINAL_BIT 0x00800000
194	/** ISCSI BHS word 0: Mask for extracting the CSG. */
195	#define ISCSI_CSG_MASK 0x000c0000
196	/** ISCSI BHS word 0: Shift offset for extracting the CSG. */
197	#define ISCSI_CSG_SHIFT 18
198	/** ISCSI BHS word 0: Mask for extracting the NSG. */
199	#define ISCSI_NSG_MASK 0x00030000
200	/** ISCSI BHS word 0: Shift offset for extracting the NSG. */
201	#define ISCSI_NSG_SHIFT 16
202
203	/** ISCSI BHS word 0: task attribute untagged */
204	#define ISCSI_TASK_ATTR_UNTAGGED 0x00000000
205	/** ISCSI BHS word 0: task attribute simple */
206	#define ISCSI_TASK_ATTR_SIMPLE 0x00010000
207	/** ISCSI BHS word 0: task attribute ordered */
208	#define ISCSI_TASK_ATTR_ORDERED 0x00020000
209	/** ISCSI BHS word 0: task attribute head of queue */
210	#define ISCSI_TASK_ATTR_HOQ 0x00030000
211	/** ISCSI BHS word 0: task attribute ACA */
212	#define ISCSI_TASK_ATTR_ACA 0x00040000
213
214	/** ISCSI BHS word 0: transit to next login phase. */
215	#define ISCSI_TRANSIT_BIT 0x00800000
216	/** ISCSI BHS word 0: continue with login negotiation. */
217	#define ISCSI_CONTINUE_BIT 0x00400000
218
219	/** ISCSI BHS word 0: residual underflow. */
220	#define ISCSI_RESIDUAL_UNFL_BIT 0x00020000
221	/** ISCSI BHS word 0: residual overflow. */
222	#define ISCSI_RESIDUAL_OVFL_BIT 0x00040000
223	/** ISCSI BHS word 0: Bidirectional read residual underflow. */
224	#define ISCSI_BI_READ_RESIDUAL_UNFL_BIT 0x00080000
225	/** ISCSI BHS word 0: Bidirectional read residual overflow. */
226	#define ISCSI_BI_READ_RESIDUAL_OVFL_BIT 0x00100000
227
228	/** ISCSI BHS word 0: SCSI response mask. */
229	#define ISCSI_SCSI_RESPONSE_MASK 0x0000ff00
230	/** ISCSI BHS word 0: SCSI status mask. */
231	#define ISCSI_SCSI_STATUS_MASK 0x000000ff
232
233	/** ISCSI BHS word 0: response includes status. */
234	#define ISCSI_STATUS_BIT 0x00010000
235
236	/** Maximum number of scatter/gather segments needed to send a PDU. */
237	#define ISCSI_SG_SEGMENTS_MAX 4
238
239	/** Number of entries in the command table. */
240	#define ISCSI_CMD_WAITING_ENTRIES 32
241
242	/**
243	* iSCSI login status class. */
244	typedef enum ISCSILOGINSTATUSCLASS
245	{
246	/** Success. */
247	ISCSI_LOGIN_STATUS_CLASS_SUCCESS = 0,
248	/** Redirection. */
249	ISCSI_LOGIN_STATUS_CLASS_REDIRECTION,
250	/** Initiator error. */
251	ISCSI_LOGIN_STATUS_CLASS_INITIATOR_ERROR,
252	/** Target error. */
253	ISCSI_LOGIN_STATUS_CLASS_TARGET_ERROR
254	} ISCSILOGINSTATUSCLASS;
255
256
257	/**
258	* iSCSI connection state. */
259	typedef enum ISCSISTATE
260	{
261	/** Not having a connection/session at all. */
262	ISCSISTATE_FREE,
263	/** Currently trying to login. */
264	ISCSISTATE_IN_LOGIN,
265	/** Normal operation, corresponds roughly to the Full Feature Phase. */
266	ISCSISTATE_NORMAL,
267	/** Currently trying to logout. */
268	ISCSISTATE_IN_LOGOUT
269	} ISCSISTATE;
270
271	/**
272	* iSCSI PDU send/receive flags (and maybe more in the future). */
273	typedef enum ISCSIPDUFLAGS
274	{
275	/** No special flags */
276	ISCSIPDU_DEFAULT = 0,
277	/** Do not attempt to re-attach to the target if the connection is lost */
278	ISCSIPDU_NO_REATTACH = RT_BIT(1)
279	} ISCSIPDUFLAGS;
280
281
282	/*********************************************************************************************************************************
283	* Structures and Typedefs *
284	*********************************************************************************************************************************/
285
286	/**
287	* iSCSI login negotiation parameter
288	*/
289	typedef struct ISCSIPARAMETER
290	{
291	/** Name of the parameter. */
292	const char *pszParamName;
293	/** Value of the parameter. */
294	const char *pszParamValue;
295	/** Length of the binary parameter. 0=zero-terminated string. */
296	size_t cbParamValue;
297	} ISCSIPARAMETER;
298
299
300	/**
301	* iSCSI Response PDU buffer (scatter).
302	*/
303	typedef struct ISCSIRES
304	{
305	/** Length of PDU segment. */
306	size_t cbSeg;
307	/** Pointer to PDU segment. */
308	void *pvSeg;
309	} ISCSIRES;
310	/** Pointer to an iSCSI Response PDU buffer. */
311	typedef ISCSIRES *PISCSIRES;
312	/** Pointer to a const iSCSI Response PDU buffer. */
313	typedef ISCSIRES const *PCISCSIRES;
314
315
316	/**
317	* iSCSI Request PDU buffer (gather).
318	*/
319	typedef struct ISCSIREQ
320	{
321	/** Length of PDU segment in bytes. */
322	size_t cbSeg;
323	/** Pointer to PDU segment. */
324	const void *pcvSeg;
325	} ISCSIREQ;
326	/** Pointer to an iSCSI Request PDU buffer. */
327	typedef ISCSIREQ *PISCSIREQ;
328	/** Pointer to a const iSCSI Request PDU buffer. */
329	typedef ISCSIREQ const *PCISCSIREQ;
330
331
332	/**
333	* SCSI transfer directions.
334	*/
335	typedef enum SCSIXFER
336	{
337	SCSIXFER_NONE = 0,
338	SCSIXFER_TO_TARGET,
339	SCSIXFER_FROM_TARGET,
340	SCSIXFER_TO_FROM_TARGET
341	} SCSIXFER, *PSCSIXFER;
342
343	/** Forward declaration. */
344	typedef struct ISCSIIMAGE *PISCSIIMAGE;
345
346	/**
347	* SCSI request structure.
348	*/
349	typedef struct SCSIREQ
350	{
351	/** I/O context associated with this request. */
352	PVDIOCTX pIoCtx;
353	/** Transfer direction. */
354	SCSIXFER enmXfer;
355	/** Length of command block. */
356	size_t cbCDB;
357	/** Length of Initiator2Target data buffer. */
358	size_t cbI2TData;
359	/** Length of Target2Initiator data buffer. */
360	size_t cbT2IData;
361	/** Length of sense buffer
362	* This contains the number of sense bytes received upon completion. */
363	size_t cbSense;
364	/** Completion status of the command. */
365	uint8_t status;
366	/** The CDB. */
367	uint8_t abCDB[16];
368	/** The sense buffer. */
369	uint8_t abSense[96];
370	/** Status code to return if we got sense data. */
371	int rcSense;
372	/** Pointer to the Initiator2Target S/G list. */
373	PRTSGSEG paI2TSegs;
374	/** Number of entries in the I2T S/G list. */
375	unsigned cI2TSegs;
376	/** Pointer to the Target2Initiator S/G list. */
377	PRTSGSEG paT2ISegs;
378	/** Number of entries in the T2I S/G list. */
379	unsigned cT2ISegs;
380	/** S/G buffer for the target to initiator bits. */
381	RTSGBUF SgBufT2I;
382	/** Number of retries if the command completes with sense
383	* data before we return with an error.
384	*/
385	unsigned cSenseRetries;
386	/** The S/G list - variable in size.
387	* This array holds both the I2T and T2I segments.
388	* The I2T segments are first and the T2I are second.
389	*/
390	RTSGSEG aSegs[1];
391	} SCSIREQ, *PSCSIREQ;
392
393	typedef enum ISCSICMDTYPE
394	{
395	/** Process a SCSI request. */
396	ISCSICMDTYPE_REQ = 0,
397	/** Call a function in the I/O thread. */
398	ISCSICMDTYPE_EXEC,
399	/** Usual 32bit hack. */
400	ISCSICMDTYPE_32BIT_HACK = 0x7fffffff
401	} ISCSICMDTYPE;
402
403
404	/** The command completion function. */
405	typedef DECLCALLBACKTYPE(void, FNISCSICMDCOMPLETED,(PISCSIIMAGE pImage, int rcReq, void *pvUser));
406	/** Pointer to a command completion function. */
407	typedef FNISCSICMDCOMPLETED *PFNISCSICMDCOMPLETED;
408
409	/** The command execution function. */
410	typedef DECLCALLBACKTYPE(int, FNISCSIEXEC,(void *pvUser));
411	/** Pointer to a command execution function. */
412	typedef FNISCSIEXEC *PFNISCSIEXEC;
413
414	/**
415	* Structure used to complete a synchronous request.
416	*/
417	typedef struct ISCSICMDSYNC
418	{
419	/** Event semaphore to wakeup the waiting thread. */
420	RTSEMEVENT EventSem;
421	/** Status code of the command. */
422	int rcCmd;
423	} ISCSICMDSYNC, *PISCSICMDSYNC;
424
425	/**
426	* iSCSI command.
427	* Used to forward requests to the I/O thread
428	* if existing.
429	*/
430	typedef struct ISCSICMD
431	{
432	/** Next one in the list. */
433	struct ISCSICMD *pNext;
434	/** Assigned ITT. */
435	uint32_t Itt;
436	/** Completion callback. */
437	PFNISCSICMDCOMPLETED pfnComplete;
438	/** Opaque user data. */
439	void *pvUser;
440	/** Command to execute. */
441	ISCSICMDTYPE enmCmdType;
442	/** Command type dependent data. */
443	union
444	{
445	/** Process a SCSI request. */
446	struct
447	{
448	/** The SCSI request to process. */
449	PSCSIREQ pScsiReq;
450	} ScsiReq;
451	/** Call a function in the I/O thread. */
452	struct
453	{
454	/** The method to execute. */
455	PFNISCSIEXEC pfnExec;
456	/** User data. */
457	void *pvUser;
458	} Exec;
459	} CmdType;
460	} ISCSICMD, *PISCSICMD;
461
462	/**
463	* Send iSCSI PDU.
464	* Contains all necessary data to send a PDU.
465	*/
466	typedef struct ISCSIPDUTX
467	{
468	/** Pointer to the next PDu to send. */
469	struct ISCSIPDUTX *pNext;
470	/** The BHS. */
471	uint32_t aBHS[12];
472	/** Assigned CmdSN for this PDU. */
473	uint32_t CmdSN;
474	/** The S/G buffer used for sending. */
475	RTSGBUF SgBuf;
476	/** Number of bytes to send until the PDU completed. */
477	size_t cbSgLeft;
478	/** The iSCSI command this PDU belongs to. */
479	PISCSICMD pIScsiCmd;
480	/** Number of segments in the request segments array. */
481	unsigned cISCSIReq;
482	/** The request segments - variable in size. */
483	RTSGSEG aISCSIReq[1];
484	} ISCSIPDUTX, *PISCSIPDUTX;
485
486	/**
487	* Block driver instance data.
488	*/
489	typedef struct ISCSIIMAGE
490	{
491	/** Pointer to the filename (location). Not really used. */
492	const char *pszFilename;
493	/** Pointer to the initiator name. */
494	char *pszInitiatorName;
495	/** Pointer to the target name. */
496	char *pszTargetName;
497	/** Pointer to the target address. */
498	char *pszTargetAddress;
499	/** Pointer to the user name for authenticating the Initiator. */
500	char *pszInitiatorUsername;
501	/** Pointer to the secret for authenticating the Initiator. */
502	uint8_t *pbInitiatorSecret;
503	/** Length of the secret for authenticating the Initiator. */
504	size_t cbInitiatorSecret;
505	/** Pointer to the user name for authenticating the Target. */
506	char *pszTargetUsername;
507	/** Pointer to the secret for authenticating the Initiator. */
508	uint8_t *pbTargetSecret;
509	/** Length of the secret for authenticating the Initiator. */
510	size_t cbTargetSecret;
511	/** Limit for iSCSI writes, essentially limiting the amount of data
512	* written in a single write. This is negotiated with the target, so
513	* the actual size might be smaller. */
514	uint32_t cbWriteSplit;
515	/** Initiator session identifier. */
516	uint64_t ISID;
517	/** SCSI Logical Unit Number. */
518	uint64_t LUN;
519	/** Pointer to the per-disk VD interface list. */
520	PVDINTERFACE pVDIfsDisk;
521	/** Pointer to the per-image VD interface list. */
522	PVDINTERFACE pVDIfsImage;
523	/** Error interface. */
524	PVDINTERFACEERROR pIfError;
525	/** Config interface. */
526	PVDINTERFACECONFIG pIfConfig;
527	/** I/O interface. */
528	PVDINTERFACEIOINT pIfIo;
529	/** TCP network stack interface. */
530	PVDINTERFACETCPNET pIfNet;
531	/** Image open flags. */
532	unsigned uOpenFlags;
533	/** Number of re-login retries when a connection fails. */
534	uint32_t cISCSIRetries;
535	/** Sector size on volume. */
536	uint32_t cbSector;
537	/** Size of volume in sectors. */
538	uint64_t cVolume;
539	/** Total volume size in bytes. Easier than multiplying the above values all the time. */
540	uint64_t cbSize;
541
542	/** Negotiated maximum data length when sending to target. */
543	uint32_t cbSendDataLength;
544	/** Negotiated maximum data length when receiving from target. */
545	uint32_t cbRecvDataLength;
546
547	/** Current state of the connection/session. */
548	ISCSISTATE state;
549	/** Flag whether the first Login Response PDU has been seen. */
550	bool FirstRecvPDU;
551	/** Initiator Task Tag of the last iSCSI request PDU. */
552	uint32_t ITT;
553	/** Sequence number of the last command. */
554	uint32_t CmdSN;
555	/** Sequence number of the next command expected by the target. */
556	uint32_t ExpCmdSN;
557	/** Maximum sequence number accepted by the target (determines size of window). */
558	uint32_t MaxCmdSN;
559	/** Expected sequence number of next status. */
560	uint32_t ExpStatSN;
561	/** Currently active request. */
562	PISCSIREQ paCurrReq;
563	/** Segment number of currently active request. */
564	uint32_t cnCurrReq;
565	/** Pointer to receive PDU buffer. (Freed by RT) */
566	void *pvRecvPDUBuf;
567	/** Length of receive PDU buffer. */
568	size_t cbRecvPDUBuf;
569	/** Mutex protecting against concurrent use from several threads. */
570	RTSEMMUTEX Mutex;
571
572	/** Pointer to the target hostname. */
573	char *pszHostname;
574	/** Port to use on the target host. */
575	uint32_t uPort;
576	/** Socket handle of the TCP connection. */
577	VDSOCKET Socket;
578	/** Timeout for read operations on the TCP connection (in milliseconds). */
579	uint32_t uReadTimeout;
580	/** Flag whether to automatically generate the initiator name. */
581	bool fAutomaticInitiatorName;
582	/** Flag whether to automatically determine the LUN. */
583	bool fAutomaticLUN;
584	/** Flag whether to use the host IP stack or DevINIP. */
585	bool fHostIP;
586	/** Flag whether to dump malformed packets in the release log. */
587	bool fDumpMalformedPackets;
588	/** Flag whtether the target is readonly. */
589	bool fTargetReadOnly;
590	/** Flag whether to retry the connection before processing new requests. */
591	bool fTryReconnect;
592
593	/** Head of request queue */
594	PISCSICMD pScsiReqQueue;
595	/** Mutex protecting the request queue from concurrent access. */
596	RTSEMMUTEX MutexReqQueue;
597	/** I/O thread. */
598	RTTHREAD hThreadIo;
599	/** Flag whether the thread should be still running. */
600	volatile bool fRunning;
601	/* Flag whether the target supports command queuing. */
602	bool fCmdQueuingSupported;
603	/** Flag whether extended select is supported. */
604	bool fExtendedSelectSupported;
605	/** Padding used for aligning the PDUs. */
606	uint8_t aPadding[4];
607	/** Socket events to poll for. */
608	uint32_t fPollEvents;
609	/** Number of bytes to read to complete the current PDU. */
610	size_t cbRecvPDUResidual;
611	/** Current position in the PDU buffer. */
612	uint8_t *pbRecvPDUBufCur;
613	/** Flag whether we are currently reading the BHS. */
614	bool fRecvPDUBHS;
615	/** List of PDUs waiting to get transmitted. */
616	PISCSIPDUTX pIScsiPDUTxHead;
617	/** Tail of PDUs waiting to get transmitted. */
618	PISCSIPDUTX pIScsiPDUTxTail;
619	/** PDU we are currently transmitting. */
620	PISCSIPDUTX pIScsiPDUTxCur;
621	/** Number of commands waiting for an answer from the target.
622	* Used for timeout handling for poll.
623	*/
624	unsigned cCmdsWaiting;
625	/** Table of commands waiting for a response from the target. */
626	PISCSICMD aCmdsWaiting[ISCSI_CMD_WAITING_ENTRIES];
627	/** Number of logins since last successful I/O.
628	* Used to catch the case where logging succeeds but
629	* processing read/write/flushes cause a disconnect.
630	*/
631	volatile uint32_t cLoginsSinceIo;
632
633	/** Release log counter. */
634	unsigned cLogRelErrors;
635	/** The static region list. */
636	VDREGIONLIST RegionList;
637	} ISCSIIMAGE;
638
639
640	/*********************************************************************************************************************************
641	* Static Variables *
642	*********************************************************************************************************************************/
643
644	/** Default initiator basename. */
645	static const char *s_iscsiDefaultInitiatorBasename = "iqn.2009-08.com.sun.virtualbox.initiator";
646
647	/** Default LUN. */
648	static const char *s_iscsiConfigDefaultLUN = "0";
649
650	/** Default timeout, 10 seconds. */
651	static const char *s_iscsiConfigDefaultTimeout = "10000";
652
653	/** Default write split value, less or equal to ISCSI_DATA_LENGTH_MAX. */
654	static const char *s_iscsiConfigDefaultWriteSplit = "262144";
655
656	/** Default host IP stack. */
657	static const char *s_iscsiConfigDefaultHostIPStack = "1";
658
659	/** Default dump malformed packet configuration value. */
660	static const char *s_iscsiConfigDefaultDumpMalformedPackets = "0";
661
662	/** Description of all accepted config parameters. */
663	static const VDCONFIGINFO s_iscsiConfigInfo[] =
664	{
665	{ "TargetName", NULL, VDCFGVALUETYPE_STRING, VD_CFGKEY_MANDATORY },
666	/* LUN is defined of string type to handle the "enc" prefix. */
667	{ "LUN", s_iscsiConfigDefaultLUN, VDCFGVALUETYPE_STRING, VD_CFGKEY_MANDATORY },
668	{ "TargetAddress", NULL, VDCFGVALUETYPE_STRING, VD_CFGKEY_MANDATORY },
669	{ "InitiatorName", NULL, VDCFGVALUETYPE_STRING, 0 },
670	{ "InitiatorUsername", NULL, VDCFGVALUETYPE_STRING, 0 },
671	{ "InitiatorSecret", NULL, VDCFGVALUETYPE_BYTES, 0 },
672	{ "TargetUsername", NULL, VDCFGVALUETYPE_STRING, VD_CFGKEY_EXPERT },
673	{ "TargetSecret", NULL, VDCFGVALUETYPE_BYTES, VD_CFGKEY_EXPERT },
674	{ "WriteSplit", s_iscsiConfigDefaultWriteSplit, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
675	{ "Timeout", s_iscsiConfigDefaultTimeout, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
676	{ "HostIPStack", s_iscsiConfigDefaultHostIPStack, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
677	{ "DumpMalformedPackets", s_iscsiConfigDefaultDumpMalformedPackets, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
678	{ NULL, NULL, VDCFGVALUETYPE_INTEGER, 0 }
679	};
680
681
682	/*********************************************************************************************************************************
683	* Internal Functions *
684	*********************************************************************************************************************************/
685
686	/* iSCSI low-level functions (only to be used from the iSCSI high-level functions). */
687	static uint32_t iscsiNewITT(PISCSIIMAGE pImage);
688	static int iscsiSendPDU(PISCSIIMAGE pImage, PISCSIREQ paReq, uint32_t cnReq, uint32_t uFlags);
689	static int iscsiRecvPDU(PISCSIIMAGE pImage, uint32_t itt, PISCSIRES paRes, uint32_t cnRes, uint32_t fFlags);
690	static int iscsiRecvPDUAsync(PISCSIIMAGE pImage);
691	static int iscsiSendPDUAsync(PISCSIIMAGE pImage);
692	static int iscsiValidatePDU(PISCSIRES paRes, uint32_t cnRes);
693	static int iscsiRecvPDUProcess(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes);
694	static int iscsiPDUTxPrepare(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd);
695	static int iscsiRecvPDUUpdateRequest(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes);
696	static void iscsiCmdComplete(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd, int rcCmd);
697	static int iscsiTextAddKeyValue(uint8_t pbBuf, size_t cbBuf, size_t pcbBufCurr, const char pcszKey, const char pcszValue, size_t cbValue);
698	static int iscsiTextGetKeyValue(const uint8_t pbBuf, size_t cbBuf, const char pcszKey, const char **ppcszValue);
699	static int iscsiStrToBinary(const char pcszValue, uint8_t pbValue, size_t *pcbValue);
700	static int iscsiUpdateParameters(PISCSIIMAGE pImage, const uint8_t *pbBuf, size_t cbBuf);
701
702	/* Serial number arithmetic comparison. */
703	static bool serial_number_less(uint32_t sn1, uint32_t sn2);
704	static bool serial_number_greater(uint32_t sn1, uint32_t sn2);
705
706	/* CHAP-MD5 functions. */
707	#ifdef IMPLEMENT_TARGET_AUTH
708	static void chap_md5_generate_challenge(uint8_t pbChallenge, size_t pcbChallenge);
709	#endif
710	static void chap_md5_compute_response(uint8_t pbResponse, uint8_t id, const uint8_t pbChallenge, size_t cbChallenge,
711	const uint8_t *pbSecret, size_t cbSecret);
712
713	/**
714	* Internal: release log wrapper limiting the number of entries.
715	*/
716	DECLINLINE(void) iscsiLogRel(PISCSIIMAGE pImage, const char *pcszFormat, ...)
717	{
718	if (pImage->cLogRelErrors++ < MAX_LOG_REL_ERRORS)
719	{
720	va_list va;
721
722	va_start(va, pcszFormat);
723	LogRel(("%N\n", pcszFormat, &va));
724	va_end(va);
725	}
726	}
727
728	DECLINLINE(bool) iscsiIsClientConnected(PISCSIIMAGE pImage)
729	{
730	return pImage->Socket != NIL_VDSOCKET
731	&& pImage->pIfNet->pfnIsClientConnected(pImage->Socket);
732	}
733
734	/**
735	* Calculates the hash for the given ITT used
736	* to look up the command in the table.
737	*/
738	DECLINLINE(uint32_t) iscsiIttHash(uint32_t Itt)
739	{
740	return Itt % ISCSI_CMD_WAITING_ENTRIES;
741	}
742
743	static PISCSICMD iscsiCmdGetFromItt(PISCSIIMAGE pImage, uint32_t Itt)
744	{
745	PISCSICMD pIScsiCmd = NULL;
746
747	pIScsiCmd = pImage->aCmdsWaiting[iscsiIttHash(Itt)];
748
749	while ( pIScsiCmd
750	&& pIScsiCmd->Itt != Itt)
751	pIScsiCmd = pIScsiCmd->pNext;
752
753	return pIScsiCmd;
754	}
755
756	static void iscsiCmdInsert(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd)
757	{
758	PISCSICMD pIScsiCmdOld;
759	uint32_t idx = iscsiIttHash(pIScsiCmd->Itt);
760
761	Assert(!pIScsiCmd->pNext);
762
763	pIScsiCmdOld = pImage->aCmdsWaiting[idx];
764	pIScsiCmd->pNext = pIScsiCmdOld;
765	pImage->aCmdsWaiting[idx] = pIScsiCmd;
766	pImage->cCmdsWaiting++;
767	}
768
769	static PISCSICMD iscsiCmdRemove(PISCSIIMAGE pImage, uint32_t Itt)
770	{
771	PISCSICMD pIScsiCmd = NULL;
772	PISCSICMD pIScsiCmdPrev = NULL;
773	uint32_t idx = iscsiIttHash(Itt);
774
775	pIScsiCmd = pImage->aCmdsWaiting[idx];
776
777	while ( pIScsiCmd
778	&& pIScsiCmd->Itt != Itt)
779	{
780	pIScsiCmdPrev = pIScsiCmd;
781	pIScsiCmd = pIScsiCmd->pNext;
782	}
783
784	if (pIScsiCmd)
785	{
786	if (pIScsiCmdPrev)
787	{
788	AssertPtrNull(pIScsiCmd->pNext);
789	pIScsiCmdPrev->pNext = pIScsiCmd->pNext;
790	}
791	else
792	{
793	pImage->aCmdsWaiting[idx] = pIScsiCmd->pNext;
794	AssertPtrNull(pImage->aCmdsWaiting[idx]);
795	}
796	pImage->cCmdsWaiting--;
797	}
798
799	return pIScsiCmd;
800	}
801
802	/**
803	* Removes all commands from the table and returns the
804	* list head
805	*
806	* @returns Pointer to the head of the command list.
807	* @param pImage iSCSI connection to use.
808	*/
809	static PISCSICMD iscsiCmdRemoveAll(PISCSIIMAGE pImage)
810	{
811	PISCSICMD pIScsiCmdHead = NULL;
812
813	for (unsigned idx = 0; idx < RT_ELEMENTS(pImage->aCmdsWaiting); idx++)
814	{
815	PISCSICMD pHead;
816	PISCSICMD pTail;
817
818	pHead = pImage->aCmdsWaiting[idx];
819	pImage->aCmdsWaiting[idx] = NULL;
820
821	if (pHead)
822	{
823	/* Get the tail. */
824	pTail = pHead;
825	while (pTail->pNext)
826	pTail = pTail->pNext;
827
828	/* Concatenate. */
829	pTail->pNext = pIScsiCmdHead;
830	pIScsiCmdHead = pHead;
831	}
832	}
833	pImage->cCmdsWaiting = 0;
834
835	return pIScsiCmdHead;
836	}
837
838	/**
839	* Dumps an iSCSI packet if enabled.
840	*
841	* @param pImage The iSCSI image instance data.
842	* @param paISCSISegs Pointer to the segments array.
843	* @param cnISCSISegs Number of segments in the array.
844	* @param rc Status code for this packet.
845	* @param fRequest Flag whether this is request or response packet.
846	*/
847	static void iscsiDumpPacket(PISCSIIMAGE pImage, PISCSIREQ paISCSISegs, unsigned cnISCSISegs, int rc, bool fRequest)
848	{
849	if (pImage->fDumpMalformedPackets)
850	{
851	LogRel(("iSCSI{%s}: Dumping %s packet completed with status code %Rrc\n", pImage->pszTargetName, fRequest ? "request" : "response", rc));
852	for (unsigned i = 0; i < cnISCSISegs; i++)
853	{
854	if (paISCSISegs[i].cbSeg)
855	{
856	LogRel(("iSCSI{%s}: Segment %u, size %zu\n"
857	"%.*Rhxd\n",
858	pImage->pszTargetName, i, paISCSISegs[i].cbSeg,
859	paISCSISegs[i].cbSeg, paISCSISegs[i].pcvSeg));
860	}
861	}
862	}
863	}
864
865	static int iscsiTransportConnect(PISCSIIMAGE pImage)
866	{
867	int rc;
868	if (!pImage->pszHostname)
869	return VERR_NET_DEST_ADDRESS_REQUIRED;
870
871	rc = pImage->pIfNet->pfnClientConnect(pImage->Socket, pImage->pszHostname, pImage->uPort, pImage->uReadTimeout);
872	if (RT_FAILURE(rc))
873	{
874	if ( rc == VERR_NET_CONNECTION_REFUSED
875	\|\| rc == VERR_NET_CONNECTION_RESET
876	\|\| rc == VERR_NET_UNREACHABLE
877	\|\| rc == VERR_NET_HOST_UNREACHABLE
878	\|\| rc == VERR_NET_CONNECTION_TIMED_OUT)
879	{
880	/* Standardize return value for no connection. */
881	rc = VERR_NET_CONNECTION_REFUSED;
882	}
883	return rc;
884	}
885
886	/* Disable Nagle algorithm, we want things to be sent immediately. */
887	pImage->pIfNet->pfnSetSendCoalescing(pImage->Socket, false);
888
889	/* Make initiator name and ISID unique on this host. */
890	RTNETADDR LocalAddr;
891	rc = pImage->pIfNet->pfnGetLocalAddress(pImage->Socket, &LocalAddr);
892	if (RT_FAILURE(rc))
893	return rc;
894	if ( LocalAddr.uPort == RTNETADDR_PORT_NA
895	\|\| LocalAddr.uPort > 65535)
896	return VERR_NET_ADDRESS_FAMILY_NOT_SUPPORTED;
897	pImage->ISID &= ~65535ULL;
898	pImage->ISID \|= LocalAddr.uPort;
899	/* Eliminate the port so that it isn't included below. */
900	LocalAddr.uPort = RTNETADDR_PORT_NA;
901	if (pImage->fAutomaticInitiatorName)
902	{
903	if (pImage->pszInitiatorName)
904	RTStrFree(pImage->pszInitiatorName);
905	RTStrAPrintf(&pImage->pszInitiatorName, "%s:01:%RTnaddr",
906	s_iscsiDefaultInitiatorBasename, &LocalAddr);
907	if (!pImage->pszInitiatorName)
908	return VERR_NO_MEMORY;
909	}
910	LogRel(("iSCSI: connect from initiator %s with source port %u\n", pImage->pszInitiatorName, pImage->ISID & 65535));
911	return VINF_SUCCESS;
912	}
913
914
915	static int iscsiTransportClose(PISCSIIMAGE pImage)
916	{
917	int rc;
918
919	LogFlowFunc(("(%s:%d)\n", pImage->pszHostname, pImage->uPort));
920	if (iscsiIsClientConnected(pImage))
921	{
922	LogRel(("iSCSI: disconnect from initiator %s with source port %u\n", pImage->pszInitiatorName, pImage->ISID & 65535));
923	rc = pImage->pIfNet->pfnClientClose(pImage->Socket);
924	}
925	else
926	rc = VINF_SUCCESS;
927	LogFlowFunc(("returns %Rrc\n", rc));
928	return rc;
929	}
930
931
932	static int iscsiTransportRead(PISCSIIMAGE pImage, PISCSIRES paResponse, unsigned int cnResponse)
933	{
934	int rc = VINF_SUCCESS;
935	unsigned int i = 0;
936	size_t cbToRead, cbActuallyRead, residual, cbSegActual = 0, cbAHSLength, cbDataLength;
937	char *pDst;
938
939	LogFlowFunc(("cnResponse=%d (%s:%d)\n", cnResponse, pImage->pszHostname, pImage->uPort));
940	if (!iscsiIsClientConnected(pImage))
941	{
942	/* Reconnecting makes no sense in this case, as there will be nothing
943	* to receive. We would just run into a timeout. */
944	rc = VERR_BROKEN_PIPE;
945	}
946
947	if (RT_SUCCESS(rc) && paResponse[0].cbSeg >= ISCSI_BHS_SIZE)
948	{
949	cbToRead = 0;
950	residual = ISCSI_BHS_SIZE; /* Do not read more than the BHS length before the true PDU length is known. */
951	cbSegActual = residual;
952	pDst = (char *)paResponse[i].pvSeg;
953	uint64_t u64Timeout = RTTimeMilliTS() + pImage->uReadTimeout;
954	do
955	{
956	int64_t cMilliesRemaining = u64Timeout - RTTimeMilliTS();
957	if (cMilliesRemaining <= 0)
958	{
959	rc = VERR_TIMEOUT;
960	break;
961	}
962	Assert(cMilliesRemaining < 1000000);
963	rc = pImage->pIfNet->pfnSelectOne(pImage->Socket, cMilliesRemaining);
964	if (RT_FAILURE(rc))
965	break;
966	rc = pImage->pIfNet->pfnRead(pImage->Socket, pDst, residual, &cbActuallyRead);
967	if (RT_FAILURE(rc))
968	break;
969	if (cbActuallyRead == 0)
970	{
971	/* The other end has closed the connection. */
972	iscsiTransportClose(pImage);
973	pImage->state = ISCSISTATE_FREE;
974	rc = VERR_NET_CONNECTION_RESET;
975	break;
976	}
977	if (cbToRead == 0)
978	{
979	/* Currently reading the BHS. */
980	residual -= cbActuallyRead;
981	pDst += cbActuallyRead;
982	if (residual <= 40)
983	{
984	/* Enough data read to figure out the actual PDU size. */
985	uint32_t word1 = RT_N2H_U32(((uint32_t *)(paResponse[0].pvSeg))[1]);
986	cbAHSLength = (word1 & 0xff000000) >> 24;
987	cbAHSLength = ((cbAHSLength - 1) \| 3) + 1; /* Add padding. */
988	cbDataLength = word1 & 0x00ffffff;
989	cbDataLength = ((cbDataLength - 1) \| 3) + 1; /* Add padding. */
990	cbToRead = residual + cbAHSLength + cbDataLength;
991	residual += paResponse[0].cbSeg - ISCSI_BHS_SIZE;
992	if (residual > cbToRead)
993	residual = cbToRead;
994	cbSegActual = ISCSI_BHS_SIZE + cbAHSLength + cbDataLength;
995	/* Check whether we are already done with this PDU (no payload). */
996	if (cbToRead == 0)
997	break;
998	}
999	}
1000	else
1001	{
1002	cbToRead -= cbActuallyRead;
1003	if (cbToRead == 0)
1004	break;
1005	pDst += cbActuallyRead;
1006	residual -= cbActuallyRead;
1007	}
1008	if (residual == 0)
1009	{
1010	i++;
1011	if (i >= cnResponse)
1012	{
1013	/* No space left in receive buffers. */
1014	rc = VERR_BUFFER_OVERFLOW;
1015	break;
1016	}
1017	pDst = (char *)paResponse[i].pvSeg;
1018	residual = paResponse[i].cbSeg;
1019	if (residual > cbToRead)
1020	residual = cbToRead;
1021	cbSegActual = residual;
1022	}
1023	LogFlowFunc(("cbToRead=%u residual=%u cbSegActual=%u cbActuallRead=%u\n",
1024	cbToRead, residual, cbSegActual, cbActuallyRead));
1025	} while (true);
1026	}
1027	else
1028	{
1029	if (RT_SUCCESS(rc))
1030	rc = VERR_BUFFER_OVERFLOW;
1031	}
1032	if (RT_SUCCESS(rc))
1033	{
1034	paResponse[i].cbSeg = cbSegActual;
1035	for (i++; i < cnResponse; i++)
1036	paResponse[i].cbSeg = 0;
1037	}
1038
1039	if (RT_UNLIKELY( RT_FAILURE(rc)
1040	&& ( rc == VERR_NET_CONNECTION_RESET
1041	\|\| rc == VERR_NET_CONNECTION_ABORTED
1042	\|\| rc == VERR_NET_CONNECTION_RESET_BY_PEER
1043	\|\| rc == VERR_NET_CONNECTION_REFUSED
1044	\|\| rc == VERR_BROKEN_PIPE)))
1045	{
1046	/* Standardize return value for broken connection. */
1047	rc = VERR_BROKEN_PIPE;
1048	}
1049
1050	LogFlowFunc(("returns %Rrc\n", rc));
1051	return rc;
1052	}
1053
1054
1055	static int iscsiTransportWrite(PISCSIIMAGE pImage, PISCSIREQ paRequest, unsigned int cnRequest)
1056	{
1057	int rc = VINF_SUCCESS;
1058	unsigned int i;
1059
1060	LogFlowFunc(("cnRequest=%d (%s:%d)\n", cnRequest, pImage->pszHostname, pImage->uPort));
1061	if (!iscsiIsClientConnected(pImage))
1062	{
1063	/* Attempt to reconnect if the connection was previously broken. */
1064	rc = iscsiTransportConnect(pImage);
1065	}
1066
1067	if (RT_SUCCESS(rc))
1068	{
1069	/* Construct scatter/gather buffer for entire request, worst case
1070	* needs twice as many entries to allow for padding. */
1071	unsigned cBuf = 0;
1072	for (i = 0; i < cnRequest; i++)
1073	{
1074	cBuf++;
1075	if (paRequest[i].cbSeg & 3)
1076	cBuf++;
1077	}
1078	Assert(cBuf < ISCSI_SG_SEGMENTS_MAX);
1079	RTSGBUF buf;
1080	RTSGSEG aSeg[ISCSI_SG_SEGMENTS_MAX];
1081	static char aPad[4] = { 0, 0, 0, 0 };
1082	RTSgBufInit(&buf, &aSeg[0], cBuf);
1083	unsigned iBuf = 0;
1084	for (i = 0; i < cnRequest; i++)
1085	{
1086	/* Actual data chunk. */
1087	aSeg[iBuf].pvSeg = (void *)paRequest[i].pcvSeg;
1088	aSeg[iBuf].cbSeg = paRequest[i].cbSeg;
1089	iBuf++;
1090	/* Insert proper padding before the next chunk. */
1091	if (paRequest[i].cbSeg & 3)
1092	{
1093	aSeg[iBuf].pvSeg = &aPad[0];
1094	aSeg[iBuf].cbSeg = 4 - (paRequest[i].cbSeg & 3);
1095	iBuf++;
1096	}
1097	}
1098	/* Send out the request, the socket is set to send data immediately,
1099	* avoiding unnecessary delays. */
1100	rc = pImage->pIfNet->pfnSgWrite(pImage->Socket, &buf);
1101
1102	}
1103
1104	if (RT_UNLIKELY( RT_FAILURE(rc)
1105	&& ( rc == VERR_NET_CONNECTION_RESET
1106	\|\| rc == VERR_NET_CONNECTION_ABORTED
1107	\|\| rc == VERR_NET_CONNECTION_RESET_BY_PEER
1108	\|\| rc == VERR_NET_CONNECTION_REFUSED
1109	\|\| rc == VERR_BROKEN_PIPE)))
1110	{
1111	/* Standardize return value for broken connection. */
1112	rc = VERR_BROKEN_PIPE;
1113	}
1114
1115	LogFlowFunc(("returns %Rrc\n", rc));
1116	return rc;
1117	}
1118
1119
1120	static int iscsiTransportOpen(PISCSIIMAGE pImage)
1121	{
1122	int rc = VINF_SUCCESS;
1123	size_t cbHostname = 0; /* shut up gcc */
1124	const char pcszPort = NULL; / shut up gcc */
1125	char *pszPortEnd;
1126	uint16_t uPort;
1127
1128	/* Clean up previous connection data. */
1129	iscsiTransportClose(pImage);
1130	if (pImage->pszHostname)
1131	{
1132	RTMemFree(pImage->pszHostname);
1133	pImage->pszHostname = NULL;
1134	pImage->uPort = 0;
1135	}
1136
1137	/* Locate the port number via the colon separating the hostname from the port. */
1138	if (*pImage->pszTargetAddress)
1139	{
1140	if (*pImage->pszTargetAddress != '[')
1141	{
1142	/* Normal hostname or IPv4 dotted decimal. */
1143	pcszPort = strchr(pImage->pszTargetAddress, ':');
1144	if (pcszPort != NULL)
1145	{
1146	cbHostname = pcszPort - pImage->pszTargetAddress;
1147	pcszPort++;
1148	}
1149	else
1150	cbHostname = strlen(pImage->pszTargetAddress);
1151	}
1152	else
1153	{
1154	/* IPv6 literal address. Contains colons, so skip to closing square bracket. */
1155	pcszPort = strchr(pImage->pszTargetAddress, ']');
1156	if (pcszPort != NULL)
1157	{
1158	pcszPort++;
1159	cbHostname = pcszPort - pImage->pszTargetAddress;
1160	if (*pcszPort == '\0')
1161	pcszPort = NULL;
1162	else if (*pcszPort != ':')
1163	rc = VERR_PARSE_ERROR;
1164	else
1165	pcszPort++;
1166	}
1167	else
1168	rc = VERR_PARSE_ERROR;
1169	}
1170	}
1171	else
1172	rc = VERR_PARSE_ERROR;
1173
1174	/* Now split address into hostname and port. */
1175	if (RT_SUCCESS(rc))
1176	{
1177	pImage->pszHostname = (char *)RTMemAlloc(cbHostname + 1);
1178	if (!pImage->pszHostname)
1179	rc = VERR_NO_MEMORY;
1180	else
1181	{
1182	if (pImage->pszTargetAddress[0] == '[')
1183	memcpy(pImage->pszHostname, pImage->pszTargetAddress + 1, cbHostname);
1184	else
1185	memcpy(pImage->pszHostname, pImage->pszTargetAddress, cbHostname);
1186	pImage->pszHostname[cbHostname] = '\0';
1187	if (pcszPort != NULL)
1188	{
1189	rc = RTStrToUInt16Ex(pcszPort, &pszPortEnd, 0, &uPort);
1190	/* Note that RT_SUCCESS() macro to check the rc value is not strict enough in this case. */
1191	if (rc == VINF_SUCCESS && *pszPortEnd == '\0' && uPort != 0)
1192	{
1193	pImage->uPort = uPort;
1194	}
1195	else
1196	{
1197	rc = VERR_PARSE_ERROR;
1198	}
1199	}
1200	else
1201	pImage->uPort = ISCSI_DEFAULT_PORT;
1202	}
1203	}
1204
1205	if (RT_SUCCESS(rc))
1206	{
1207	if (!iscsiIsClientConnected(pImage))
1208	rc = iscsiTransportConnect(pImage);
1209	}
1210	else
1211	{
1212	if (pImage->pszHostname)
1213	{
1214	RTMemFree(pImage->pszHostname);
1215	pImage->pszHostname = NULL;
1216	}
1217	pImage->uPort = 0;
1218	}
1219
1220	LogFlowFunc(("returns %Rrc\n", rc));
1221	return rc;
1222	}
1223
1224	/**
1225	* Returns a human readable version of the given initiator login error detail.
1226	*
1227	* @returns String with the error detail.
1228	* @param u8Detail The detail indicator from the response.
1229	*/
1230	static const char *iscsiGetLoginErrorDetail(uint8_t u8Detail)
1231	{
1232	const char *pszDetail = NULL;
1233
1234	switch (u8Detail)
1235	{
1236	case 0x00:
1237	pszDetail = "Miscelleanous iSCSI intiaitor error";
1238	break;
1239	case 0x01:
1240	pszDetail = "Authentication failure";
1241	break;
1242	case 0x02:
1243	pszDetail = "Authorization failure";
1244	break;
1245	case 0x03:
1246	pszDetail = "Not found";
1247	break;
1248	case 0x04:
1249	pszDetail = "Target removed";
1250	break;
1251	case 0x05:
1252	pszDetail = "Unsupported version";
1253	break;
1254	case 0x06:
1255	pszDetail = "Too many connections";
1256	break;
1257	case 0x07:
1258	pszDetail = "Missing parameter";
1259	break;
1260	case 0x08:
1261	pszDetail = "Can't include in session";
1262	break;
1263	case 0x09:
1264	pszDetail = "Session type not supported";
1265	break;
1266	case 0x0a:
1267	pszDetail = "Session does not exist";
1268	break;
1269	case 0x0b:
1270	pszDetail = "Invalid request type during login";
1271	break;
1272	default:
1273	pszDetail = "Unknown status detail";
1274	}
1275
1276	return pszDetail;
1277	}
1278
1279	/**
1280	* Attempts one login attempt to the given target.
1281	*
1282	* @returns VBox status code.
1283	* @retval VINF_TRY_AGAIN when getting redirected and having to start over.
1284	* @retval VERR_TRY_AGAIN in case the connection was lost while receiving a reply
1285	* from the target and the login attempt can be repeated.
1286	* @param pImage The iSCSI connection state to be used.
1287	*/
1288	static int iscsiLogin(PISCSIIMAGE pImage)
1289	{
1290	int rc = VINF_SUCCESS;
1291	uint32_t itt;
1292	uint32_t csg, nsg, substate;
1293	uint64_t isid_tsih;
1294	uint8_t bBuf[4096]; /* Should be large enough even for large authentication values. */
1295	size_t cbBuf;
1296	bool transit;
1297	uint8_t pbChallenge[1024]; /* RFC3720 specifies this as maximum. */
1298	size_t cbChallenge = 0; /* shut up gcc */
1299	uint8_t bChapIdx = 0; /* (MSC is used uninitialized) */
1300	uint8_t aResponse[RTMD5HASHSIZE];
1301	uint32_t cnISCSIReq = 0;
1302	ISCSIREQ aISCSIReq[4];
1303	uint32_t aReqBHS[12];
1304	uint32_t cnISCSIRes = 0;
1305	ISCSIRES aISCSIRes[2];
1306	uint32_t aResBHS[12];
1307	char *pszNext;
1308	bool fParameterNeg = true;
1309	pImage->cbRecvDataLength = ISCSI_DATA_LENGTH_MAX;
1310	pImage->cbSendDataLength = RT_MIN(ISCSI_DATA_LENGTH_MAX, pImage->cbWriteSplit);
1311	char szMaxDataLength[16];
1312	RTStrPrintf(szMaxDataLength, sizeof(szMaxDataLength), "%u", ISCSI_DATA_LENGTH_MAX);
1313	ISCSIPARAMETER aParameterNeg[] =
1314	{
1315	{ "HeaderDigest", "None", 0 },
1316	{ "DataDigest", "None", 0 },
1317	{ "MaxConnections", "1", 0 },
1318	{ "InitialR2T", "No", 0 },
1319	{ "ImmediateData", "Yes", 0 },
1320	{ "MaxRecvDataSegmentLength", szMaxDataLength, 0 },
1321	{ "MaxBurstLength", szMaxDataLength, 0 },
1322	{ "FirstBurstLength", szMaxDataLength, 0 },
1323	{ "DefaultTime2Wait", "0", 0 },
1324	{ "DefaultTime2Retain", "60", 0 },
1325	{ "DataPDUInOrder", "Yes", 0 },
1326	{ "DataSequenceInOrder", "Yes", 0 },
1327	{ "ErrorRecoveryLevel", "0", 0 },
1328	{ "MaxOutstandingR2T", "1", 0 }
1329	};
1330
1331	if (!iscsiIsClientConnected(pImage))
1332	{
1333	rc = iscsiTransportOpen(pImage);
1334	if (RT_FAILURE(rc))
1335	return rc;
1336	}
1337
1338	pImage->state = ISCSISTATE_IN_LOGIN;
1339	pImage->ITT = 1;
1340	pImage->FirstRecvPDU = true;
1341	pImage->CmdSN = 1;
1342	pImage->ExpCmdSN = 0;
1343	pImage->MaxCmdSN = 1;
1344	pImage->ExpStatSN = 0;
1345
1346	/*
1347	* Send login request to target.
1348	*/
1349	itt = iscsiNewITT(pImage);
1350	csg = 0;
1351	nsg = 0;
1352	substate = 0;
1353	isid_tsih = pImage->ISID << 16; /* TSIH field currently always 0 */
1354
1355	do
1356	{
1357	transit = false;
1358	cbBuf = 0;
1359	/* Handle all cases with a single switch statement. */
1360	switch (csg << 8 \| substate)
1361	{
1362	case 0x0000: /* security negotiation, step 0: propose authentication. */
1363	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "SessionType", "Normal", 0);
1364	if (RT_FAILURE(rc))
1365	break;
1366	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "InitiatorName", pImage->pszInitiatorName, 0);
1367	if (RT_FAILURE(rc))
1368	break;
1369	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "TargetName", pImage->pszTargetName, 0);
1370	if (RT_FAILURE(rc))
1371	break;
1372	if (pImage->pszInitiatorUsername == NULL)
1373	{
1374	/* No authentication. Immediately switch to next phase. */
1375	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "AuthMethod", "None", 0);
1376	if (RT_FAILURE(rc))
1377	break;
1378	nsg = 1;
1379	transit = true;
1380	}
1381	else
1382	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "AuthMethod", "CHAP,None", 0);
1383	break;
1384	case 0x0001: /* security negotiation, step 1: propose CHAP_MD5 variant. */
1385	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "CHAP_A", "5", 0);
1386	break;
1387	case 0x0002: /* security negotiation, step 2: send authentication info. */
1388	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "CHAP_N", pImage->pszInitiatorUsername, 0);
1389	if (RT_FAILURE(rc))
1390	break;
1391	chap_md5_compute_response(aResponse, bChapIdx, pbChallenge, cbChallenge,
1392	pImage->pbInitiatorSecret, pImage->cbInitiatorSecret);
1393	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "CHAP_R", (const char *)aResponse, RTMD5HASHSIZE);
1394	if (RT_FAILURE(rc))
1395	break;
1396	nsg = 1;
1397	transit = true;
1398	break;
1399	case 0x0100: /* login operational negotiation, step 0: set parameters. */
1400	if (fParameterNeg)
1401	{
1402	for (unsigned i = 0; i < RT_ELEMENTS(aParameterNeg); i++)
1403	{
1404	rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf,
1405	aParameterNeg[i].pszParamName,
1406	aParameterNeg[i].pszParamValue,
1407	aParameterNeg[i].cbParamValue);
1408	if (RT_FAILURE(rc))
1409	break;
1410	}
1411	fParameterNeg = false;
1412	}
1413
1414	nsg = 3;
1415	transit = true;
1416	break;
1417	case 0x0300: /* full feature phase. */
1418	default:
1419	/* Should never come here. */
1420	AssertMsgFailed(("send: Undefined login state %d substate %d\n", csg, substate));
1421	break;
1422	}
1423
1424	if (RT_FAILURE(rc))
1425	break;
1426
1427	aReqBHS[0] = RT_H2N_U32( ISCSI_IMMEDIATE_DELIVERY_BIT
1428	\| (csg << ISCSI_CSG_SHIFT)
1429	\| (transit ? (nsg << ISCSI_NSG_SHIFT \| ISCSI_TRANSIT_BIT) : 0)
1430	\| ISCSI_MY_VERSION /* Minimum version. */
1431	\| (ISCSI_MY_VERSION << 8) /* Maximum version. */
1432	\| ISCSIOP_LOGIN_REQ); /* C=0 */
1433	aReqBHS[1] = RT_H2N_U32((uint32_t)cbBuf); /* TotalAHSLength=0 */
1434	aReqBHS[2] = RT_H2N_U32(isid_tsih >> 32);
1435	aReqBHS[3] = RT_H2N_U32(isid_tsih & 0xffffffff);
1436	aReqBHS[4] = itt;
1437	aReqBHS[5] = RT_H2N_U32(1 << 16); /* CID=1,reserved */
1438	aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
1439	aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
1440	aReqBHS[8] = 0; /* reserved */
1441	aReqBHS[9] = 0; /* reserved */
1442	aReqBHS[10] = 0; /* reserved */
1443	aReqBHS[11] = 0; /* reserved */
1444
1445	cnISCSIReq = 0;
1446	aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
1447	aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
1448	cnISCSIReq++;
1449
1450	aISCSIReq[cnISCSIReq].pcvSeg = bBuf;
1451	aISCSIReq[cnISCSIReq].cbSeg = cbBuf;
1452	cnISCSIReq++;
1453
1454	rc = iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_NO_REATTACH);
1455	if (RT_SUCCESS(rc))
1456	{
1457	ISCSIOPCODE cmd;
1458	ISCSILOGINSTATUSCLASS loginStatusClass;
1459
1460	cnISCSIRes = 0;
1461	aISCSIRes[cnISCSIRes].pvSeg = aResBHS;
1462	aISCSIRes[cnISCSIRes].cbSeg = sizeof(aResBHS);
1463	cnISCSIRes++;
1464	aISCSIRes[cnISCSIRes].pvSeg = bBuf;
1465	aISCSIRes[cnISCSIRes].cbSeg = sizeof(bBuf);
1466	cnISCSIRes++;
1467
1468	rc = iscsiRecvPDU(pImage, itt, aISCSIRes, cnISCSIRes, ISCSIPDU_NO_REATTACH);
1469	if (RT_FAILURE(rc))
1470	{
1471	/*
1472	* We lost connection to the target while receiving the answer,
1473	* start from the beginning.
1474	*/
1475	if (rc == VERR_BROKEN_PIPE \|\| rc == VERR_NET_CONNECTION_REFUSED)
1476	rc = VERR_TRY_AGAIN;
1477	break;
1478	}
1479
1480	/** @todo collect partial login responses with Continue bit set. */
1481	Assert(aISCSIRes[0].pvSeg == aResBHS);
1482	Assert(aISCSIRes[0].cbSeg >= ISCSI_BHS_SIZE);
1483	Assert((RT_N2H_U32(aResBHS[0]) & ISCSI_CONTINUE_BIT) == 0);
1484
1485	cmd = (ISCSIOPCODE)(RT_N2H_U32(aResBHS[0]) & ISCSIOP_MASK);
1486	if (cmd == ISCSIOP_LOGIN_RES)
1487	{
1488	if ((RT_N2H_U32(aResBHS[0]) & 0xff) != ISCSI_MY_VERSION)
1489	{
1490	iscsiTransportClose(pImage);
1491	rc = VERR_PARSE_ERROR;
1492	break; /* Give up immediately, as a RFC violation in version fields is very serious. */
1493	}
1494
1495	loginStatusClass = (ISCSILOGINSTATUSCLASS)(RT_N2H_U32(aResBHS[9]) >> 24);
1496	switch (loginStatusClass)
1497	{
1498	case ISCSI_LOGIN_STATUS_CLASS_SUCCESS:
1499	uint32_t targetCSG;
1500	uint32_t targetNSG;
1501	bool targetTransit;
1502
1503	if (pImage->FirstRecvPDU)
1504	{
1505	pImage->FirstRecvPDU = false;
1506	pImage->ExpStatSN = RT_N2H_U32(aResBHS[6]) + 1;
1507	}
1508
1509	targetCSG = (RT_N2H_U32(aResBHS[0]) & ISCSI_CSG_MASK) >> ISCSI_CSG_SHIFT;
1510	targetNSG = (RT_N2H_U32(aResBHS[0]) & ISCSI_NSG_MASK) >> ISCSI_NSG_SHIFT;
1511	targetTransit = !!(RT_N2H_U32(aResBHS[0]) & ISCSI_TRANSIT_BIT);
1512
1513	/* Handle all cases with a single switch statement. */
1514	switch (csg << 8 \| substate)
1515	{
1516	case 0x0000: /* security negotiation, step 0: receive final authentication. */
1517	rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1518	if (RT_FAILURE(rc))
1519	break;
1520
1521	const char *pcszAuthMethod;
1522
1523	rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "AuthMethod", &pcszAuthMethod);
1524	if (RT_FAILURE(rc))
1525	{
1526	rc = VERR_PARSE_ERROR;
1527	break;
1528	}
1529	if (strcmp(pcszAuthMethod, "None") == 0)
1530	{
1531	/* Authentication offered, but none required. Skip to operational parameters. */
1532	csg = 1;
1533	nsg = 1;
1534	transit = true;
1535	substate = 0;
1536	break;
1537	}
1538	else if (strcmp(pcszAuthMethod, "CHAP") == 0 && targetNSG == 0 && !targetTransit)
1539	{
1540	/* CHAP authentication required, continue with next substate. */
1541	substate++;
1542	break;
1543	}
1544
1545	/* Unknown auth method or login response PDU headers incorrect. */
1546	rc = VERR_PARSE_ERROR;
1547	break;
1548	case 0x0001: /* security negotiation, step 1: receive final CHAP variant and challenge. */
1549	{
1550	rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1551	if (RT_FAILURE(rc))
1552	break;
1553
1554	const char *pcszChapAuthMethod;
1555	const char *pcszChapIdxTarget;
1556	const char *pcszChapChallengeStr;
1557
1558	rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "CHAP_A", &pcszChapAuthMethod);
1559	if (RT_FAILURE(rc))
1560	{
1561	rc = VERR_PARSE_ERROR;
1562	break;
1563	}
1564	if (strcmp(pcszChapAuthMethod, "5") != 0)
1565	{
1566	rc = VERR_PARSE_ERROR;
1567	break;
1568	}
1569	rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "CHAP_I", &pcszChapIdxTarget);
1570	if (RT_FAILURE(rc))
1571	{
1572	rc = VERR_PARSE_ERROR;
1573	break;
1574	}
1575	rc = RTStrToUInt8Ex(pcszChapIdxTarget, &pszNext, 0, &bChapIdx);
1576	/** @todo r=bird: Unsafe use of pszNext on failure. The code should probably
1577	* use RTStrToUInt8Full and check for rc != VINF_SUCCESS. */
1578	if (rc > VINF_SUCCESS \|\| *pszNext != '\0')
1579	{
1580	rc = VERR_PARSE_ERROR;
1581	break;
1582	}
1583	rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "CHAP_C", &pcszChapChallengeStr);
1584	if (RT_FAILURE(rc))
1585	{
1586	rc = VERR_PARSE_ERROR;
1587	break;
1588	}
1589	cbChallenge = sizeof(pbChallenge);
1590	rc = iscsiStrToBinary(pcszChapChallengeStr, pbChallenge, &cbChallenge);
1591	if (RT_FAILURE(rc))
1592	break;
1593	substate++;
1594	transit = true;
1595	break;
1596	}
1597	case 0x0002: /* security negotiation, step 2: check authentication success. */
1598	rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1599	if (RT_FAILURE(rc))
1600	break;
1601
1602	if (targetCSG == 0 && targetNSG == 1 && targetTransit)
1603	{
1604	/* Target wants to continue in login operational state, authentication success. */
1605	csg = 1;
1606	nsg = 3;
1607	substate = 0;
1608	break;
1609	}
1610	rc = VERR_PARSE_ERROR;
1611	break;
1612	case 0x0100: /* login operational negotiation, step 0: check results. */
1613	rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1614	if (RT_FAILURE(rc))
1615	break;
1616
1617	if (targetCSG == 1 && targetNSG == 3 && targetTransit)
1618	{
1619	/* Target wants to continue in full feature phase, login finished. */
1620	csg = 3;
1621	nsg = 3;
1622	substate = 0;
1623	break;
1624	}
1625	else if (targetCSG == 1 && (targetNSG == 1 \|\| !targetTransit))
1626	{
1627	/* Target wants to negotiate certain parameters and
1628	* stay in login operational negotiation. */
1629	csg = 1;
1630	nsg = 3;
1631	substate = 0;
1632	break;
1633	}
1634	rc = VERR_PARSE_ERROR;
1635	break;
1636	case 0x0300: /* full feature phase. */
1637	default:
1638	AssertMsgFailed(("recv: Undefined login state %d substate %d\n", csg, substate));
1639	rc = VERR_PARSE_ERROR;
1640	break;
1641	}
1642	break;
1643	case ISCSI_LOGIN_STATUS_CLASS_REDIRECTION:
1644	const char *pcszTargetRedir;
1645
1646	/* Target has moved to some other location, as indicated in the TargetAddress key. */
1647	rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "TargetAddress", &pcszTargetRedir);
1648	if (RT_FAILURE(rc))
1649	{
1650	rc = VERR_PARSE_ERROR;
1651	break;
1652	}
1653	if (pImage->pszTargetAddress)
1654	RTMemFree(pImage->pszTargetAddress);
1655	{
1656	size_t cb = strlen(pcszTargetRedir) + 1;
1657	pImage->pszTargetAddress = (char *)RTMemAlloc(cb);
1658	if (!pImage->pszTargetAddress)
1659	{
1660	rc = VERR_NO_MEMORY;
1661	break;
1662	}
1663	memcpy(pImage->pszTargetAddress, pcszTargetRedir, cb);
1664	}
1665	rc = VINF_TRY_AGAIN;
1666	break;
1667	case ISCSI_LOGIN_STATUS_CLASS_INITIATOR_ERROR:
1668	{
1669	LogRel(("iSCSI: login to target failed with: %s\n",
1670	iscsiGetLoginErrorDetail((RT_N2H_U32(aResBHS[9]) >> 16) & 0xff)));
1671	iscsiTransportClose(pImage);
1672	rc = VERR_IO_GEN_FAILURE;
1673	break;
1674	}
1675	case ISCSI_LOGIN_STATUS_CLASS_TARGET_ERROR:
1676	iscsiTransportClose(pImage);
1677	rc = VINF_EOF;
1678	break;
1679	default:
1680	rc = VERR_PARSE_ERROR;
1681	}
1682
1683	if (RT_FAILURE(rc) \|\| rc == VINF_TRY_AGAIN)
1684	break;
1685
1686	if (csg == 3)
1687	{
1688	/*
1689	* Finished login, continuing with Full Feature Phase.
1690	*/
1691	rc = VINF_SUCCESS;
1692	break;
1693	}
1694	}
1695	else
1696	AssertMsgFailed(("%s: ignoring unexpected PDU with first word = %#08x\n", __FUNCTION__, RT_N2H_U32(aResBHS[0])));
1697	}
1698	else
1699	break;
1700	} while (true);
1701
1702	if ( RT_FAILURE(rc)
1703	&& rc != VERR_TRY_AGAIN)
1704	{
1705	/*
1706	* Dump the last request and response of we are supposed to do so and there is a request
1707	* or response.
1708	*/
1709	if (cnISCSIReq)
1710	iscsiDumpPacket(pImage, aISCSIReq, cnISCSIReq, VINF_SUCCESS, true /* fRequest */);
1711
1712	if (cnISCSIRes)
1713	iscsiDumpPacket(pImage, (PISCSIREQ)aISCSIRes, cnISCSIRes, rc, false /* fRequest */);
1714
1715	/*
1716	* Close connection to target.
1717	*/
1718	iscsiTransportClose(pImage);
1719	pImage->state = ISCSISTATE_FREE;
1720	}
1721	else if (rc == VINF_SUCCESS)
1722	pImage->state = ISCSISTATE_NORMAL;
1723
1724	return rc;
1725	}
1726
1727	/**
1728	* Attach to an iSCSI target. Performs all operations necessary to enter
1729	* Full Feature Phase.
1730	*
1731	* @returns VBox status code.
1732	* @param pvUser The iSCSI connection state to be used as opaque user data.
1733	*/
1734	static DECLCALLBACK(int) iscsiAttach(void *pvUser)
1735	{
1736	int rc = VINF_SUCCESS;
1737	unsigned cRetries = 5;
1738	PISCSIIMAGE pImage = (PISCSIIMAGE)pvUser;
1739
1740	LogFlowFunc(("entering\n"));
1741
1742	Assert(pImage->state == ISCSISTATE_FREE);
1743
1744	/*
1745	* If there were too many logins without any successful I/O just fail
1746	* and assume the target is not working properly.
1747	*/
1748	if (ASMAtomicReadU32(&pImage->cLoginsSinceIo) == 3)
1749	return VERR_BROKEN_PIPE;
1750
1751	RTSemMutexRequest(pImage->Mutex, RT_INDEFINITE_WAIT);
1752
1753	/* Make 100% sure the connection isn't reused for a new login. */
1754	iscsiTransportClose(pImage);
1755
1756	/* Try to log in a few number of times. */
1757	while (cRetries > 0)
1758	{
1759	rc = iscsiLogin(pImage);
1760	if (rc == VINF_SUCCESS) /* Login succeeded, continue with full feature phase. */
1761	break;
1762	else if (rc == VERR_TRY_AGAIN) /* Lost connection during receive. */
1763	cRetries--;
1764	else if (RT_FAILURE(rc))
1765	break;
1766	else /* For redirects try again. */
1767	AssertMsg(rc == VINF_TRY_AGAIN, ("Unexpected status code %Rrc\n", rc));
1768	}
1769
1770	if (RT_SUCCESS(rc))
1771	ASMAtomicIncU32(&pImage->cLoginsSinceIo);
1772
1773	RTSemMutexRelease(pImage->Mutex);
1774
1775	LogFlowFunc(("returning %Rrc\n", rc));
1776	LogRel(("iSCSI: login to target %s %s (%Rrc)\n", pImage->pszTargetName, RT_SUCCESS(rc) ? "successful" : "failed", rc));
1777	return rc;
1778	}
1779
1780
1781	/**
1782	* Detach from an iSCSI target.
1783	*
1784	* @returns VBox status code.
1785	* @param pvUser The iSCSI connection state to be used as opaque user data.
1786	*/
1787	static DECLCALLBACK(int) iscsiDetach(void *pvUser)
1788	{
1789	int rc;
1790	uint32_t itt;
1791	uint32_t cnISCSIReq = 0;
1792	ISCSIREQ aISCSIReq[4];
1793	uint32_t aReqBHS[12];
1794	PISCSIIMAGE pImage = (PISCSIIMAGE)pvUser;
1795
1796	LogFlowFunc(("entering\n"));
1797
1798	RTSemMutexRequest(pImage->Mutex, RT_INDEFINITE_WAIT);
1799
1800	if (pImage->state != ISCSISTATE_FREE && pImage->state != ISCSISTATE_IN_LOGOUT)
1801	{
1802	pImage->state = ISCSISTATE_IN_LOGOUT;
1803
1804	/*
1805	* Send logout request to target.
1806	*/
1807	itt = iscsiNewITT(pImage);
1808	aReqBHS[0] = RT_H2N_U32(ISCSI_FINAL_BIT \| ISCSIOP_LOGOUT_REQ); /* I=0,F=1,Reason=close session */
1809	aReqBHS[1] = RT_H2N_U32(0); /* TotalAHSLength=0,DataSementLength=0 */
1810	aReqBHS[2] = 0; /* reserved */
1811	aReqBHS[3] = 0; /* reserved */
1812	aReqBHS[4] = itt;
1813	aReqBHS[5] = 0; /* reserved */
1814	aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
1815	aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
1816	aReqBHS[8] = 0; /* reserved */
1817	aReqBHS[9] = 0; /* reserved */
1818	aReqBHS[10] = 0; /* reserved */
1819	aReqBHS[11] = 0; /* reserved */
1820	pImage->CmdSN++;
1821
1822	aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
1823	aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
1824	cnISCSIReq++;
1825
1826	rc = iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_NO_REATTACH);
1827	if (RT_SUCCESS(rc))
1828	{
1829	/*
1830	* Read logout response from target.
1831	*/
1832	ISCSIRES aISCSIRes;
1833	uint32_t aResBHS[12];
1834
1835	aISCSIRes.pvSeg = aResBHS;
1836	aISCSIRes.cbSeg = sizeof(aResBHS);
1837	rc = iscsiRecvPDU(pImage, itt, &aISCSIRes, 1, ISCSIPDU_NO_REATTACH);
1838	if (RT_SUCCESS(rc))
1839	{
1840	if (RT_N2H_U32(aResBHS[0]) != (ISCSI_FINAL_BIT \| ISCSIOP_LOGOUT_RES))
1841	AssertMsgFailed(("iSCSI Logout response invalid\n"));
1842	}
1843	else
1844	AssertMsgFailed(("iSCSI Logout response error, rc=%Rrc\n", rc));
1845	}
1846	else
1847	AssertMsgFailed(("Could not send iSCSI Logout request, rc=%Rrc\n", rc));
1848	}
1849
1850	if (pImage->state != ISCSISTATE_FREE)
1851	{
1852	/*
1853	* Close connection to target.
1854	*/
1855	rc = iscsiTransportClose(pImage);
1856	if (RT_FAILURE(rc))
1857	AssertMsgFailed(("Could not close connection to target, rc=%Rrc\n", rc));
1858	}
1859
1860	pImage->state = ISCSISTATE_FREE;
1861
1862	RTSemMutexRelease(pImage->Mutex);
1863
1864	LogFlowFunc(("leaving\n"));
1865	LogRel(("iSCSI: logout to target %s\n", pImage->pszTargetName));
1866	return VINF_SUCCESS;
1867	}
1868
1869
1870	/**
1871	* Perform a command on an iSCSI target. Target must be already in
1872	* Full Feature Phase.
1873	*
1874	* @returns VBox status code.
1875	* @param pImage The iSCSI connection state to be used.
1876	* @param pRequest Command descriptor. Contains all information about
1877	* the command, its transfer directions and pointers
1878	* to the buffer(s) used for transferring data and
1879	* status information.
1880	*/
1881	static int iscsiCommand(PISCSIIMAGE pImage, PSCSIREQ pRequest)
1882	{
1883	int rc;
1884	uint32_t itt;
1885	uint32_t cbData;
1886	uint32_t cnISCSIReq = 0;
1887	ISCSIREQ aISCSIReq[4];
1888	uint32_t aReqBHS[12];
1889
1890	uint32_t *pDst = NULL;
1891	size_t cbBufLength;
1892	uint32_t aStatus[256]; /*< Plenty of buffer for status information. /
1893	bool final = false;
1894
1895
1896	LogFlowFunc(("entering, CmdSN=%d\n", pImage->CmdSN));
1897
1898	Assert(pRequest->enmXfer != SCSIXFER_TO_FROM_TARGET); /*< @todo not yet supported, would require AHS. /
1899	Assert(pRequest->cbI2TData <= 0xffffff); /* larger transfers would require R2T support. */
1900	Assert(pRequest->cbCDB <= 16); /* would cause buffer overrun below. */
1901
1902	/* If not in normal state, then the transport connection was dropped. Try
1903	* to reestablish by logging in, the target might be responsive again. */
1904	if (pImage->state == ISCSISTATE_FREE)
1905	rc = iscsiAttach(pImage);
1906
1907	/* If still not in normal state, then the underlying transport connection
1908	* cannot be established. Get out before bad things happen (and make
1909	* sure the caller suspends the VM again). */
1910	if (pImage->state == ISCSISTATE_NORMAL)
1911	{
1912	/*
1913	* Send SCSI command to target with all I2T data included.
1914	*/
1915	cbData = 0;
1916	if (pRequest->enmXfer == SCSIXFER_FROM_TARGET)
1917	cbData = (uint32_t)pRequest->cbT2IData;
1918	else
1919	cbData = (uint32_t)pRequest->cbI2TData;
1920
1921	RTSemMutexRequest(pImage->Mutex, RT_INDEFINITE_WAIT);
1922
1923	itt = iscsiNewITT(pImage);
1924	memset(aReqBHS, 0, sizeof(aReqBHS));
1925	aReqBHS[0] = RT_H2N_U32( ISCSI_FINAL_BIT \| ISCSI_TASK_ATTR_SIMPLE \| ISCSIOP_SCSI_CMD
1926	\| (pRequest->enmXfer << 21)); /* I=0,F=1,Attr=Simple */
1927	aReqBHS[1] = RT_H2N_U32(0x00000000 \| ((uint32_t)pRequest->cbI2TData & 0xffffff)); /* TotalAHSLength=0 */
1928	aReqBHS[2] = RT_H2N_U32(pImage->LUN >> 32);
1929	aReqBHS[3] = RT_H2N_U32(pImage->LUN & 0xffffffff);
1930	aReqBHS[4] = itt;
1931	aReqBHS[5] = RT_H2N_U32(cbData);
1932	aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
1933	aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
1934	memcpy(aReqBHS + 8, pRequest->abCDB, pRequest->cbCDB);
1935	pImage->CmdSN++;
1936
1937	aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
1938	aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
1939	cnISCSIReq++;
1940
1941	if ( pRequest->enmXfer == SCSIXFER_TO_TARGET
1942	\|\| pRequest->enmXfer == SCSIXFER_TO_FROM_TARGET)
1943	{
1944	Assert(pRequest->cI2TSegs == 1);
1945	aISCSIReq[cnISCSIReq].pcvSeg = pRequest->paI2TSegs[0].pvSeg;
1946	aISCSIReq[cnISCSIReq].cbSeg = pRequest->paI2TSegs[0].cbSeg; /* Padding done by transport. */
1947	cnISCSIReq++;
1948	}
1949
1950	rc = iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_DEFAULT);
1951	if (RT_SUCCESS(rc))
1952	{
1953	/* Place SCSI request in queue. */
1954	pImage->paCurrReq = aISCSIReq;
1955	pImage->cnCurrReq = cnISCSIReq;
1956
1957	/*
1958	* Read SCSI response/data in PDUs from target.
1959	*/
1960	if ( pRequest->enmXfer == SCSIXFER_FROM_TARGET
1961	\|\| pRequest->enmXfer == SCSIXFER_TO_FROM_TARGET)
1962	{
1963	Assert(pRequest->cT2ISegs == 1);
1964	pDst = (uint32_t *)pRequest->paT2ISegs[0].pvSeg;
1965	cbBufLength = pRequest->paT2ISegs[0].cbSeg;
1966	}
1967	else
1968	cbBufLength = 0;
1969
1970	do
1971	{
1972	uint32_t cnISCSIRes = 0;
1973	ISCSIRES aISCSIRes[4];
1974	uint32_t aResBHS[12];
1975
1976	aISCSIRes[cnISCSIRes].pvSeg = aResBHS;
1977	aISCSIRes[cnISCSIRes].cbSeg = sizeof(aResBHS);
1978	cnISCSIRes++;
1979	if (cbBufLength != 0 &&
1980	( pRequest->enmXfer == SCSIXFER_FROM_TARGET
1981	\|\| pRequest->enmXfer == SCSIXFER_TO_FROM_TARGET))
1982	{
1983	aISCSIRes[cnISCSIRes].pvSeg = pDst;
1984	aISCSIRes[cnISCSIRes].cbSeg = cbBufLength;
1985	cnISCSIRes++;
1986	}
1987	/* Always reserve space for the status - it's impossible to tell
1988	* beforehand whether this will be the final PDU or not. */
1989	aISCSIRes[cnISCSIRes].pvSeg = aStatus;
1990	aISCSIRes[cnISCSIRes].cbSeg = sizeof(aStatus);
1991	cnISCSIRes++;
1992
1993	rc = iscsiRecvPDU(pImage, itt, aISCSIRes, cnISCSIRes, ISCSIPDU_DEFAULT);
1994	if (RT_FAILURE(rc))
1995	break;
1996
1997	final = !!(RT_N2H_U32(aResBHS[0]) & ISCSI_FINAL_BIT);
1998	ISCSIOPCODE cmd = (ISCSIOPCODE)(RT_N2H_U32(aResBHS[0]) & ISCSIOP_MASK);
1999	if (cmd == ISCSIOP_SCSI_RES)
2000	{
2001	/* This is the final PDU which delivers the status (and may be omitted if
2002	* the last Data-In PDU included successful completion status). Note
2003	* that ExpStatSN has been bumped already in iscsiRecvPDU. */
2004	if (!final \|\| ((RT_N2H_U32(aResBHS[0]) & 0x0000ff00) != 0) \|\| (RT_N2H_U32(aResBHS[6]) != pImage->ExpStatSN - 1))
2005	{
2006	/* SCSI Response in the wrong place or with a (target) failure. */
2007	rc = VERR_PARSE_ERROR;
2008	break;
2009	}
2010	/* The following is a bit tricky, as in error situations we may
2011	* get the status only instead of the result data plus optional
2012	* status. Thus the status may have ended up partially in the
2013	* data area. */
2014	pRequest->status = RT_N2H_U32(aResBHS[0]) & 0x000000ff;
2015	cbData = RT_N2H_U32(aResBHS[1]) & 0x00ffffff;
2016	if (cbData >= 2)
2017	{
2018	uint32_t cbStat = RT_N2H_U32(((uint32_t *)aISCSIRes[1].pvSeg)[0]) >> 16;
2019	if (cbStat + 2 > cbData)
2020	{
2021	rc = VERR_BUFFER_OVERFLOW;
2022	break;
2023	}
2024	/* Truncate sense data if it doesn't fit into the buffer. */
2025	pRequest->cbSense = RT_MIN(cbStat, pRequest->cbSense);
2026	memcpy(pRequest->abSense,
2027	((const char *)aISCSIRes[1].pvSeg) + 2,
2028	RT_MIN(aISCSIRes[1].cbSeg - 2, pRequest->cbSense));
2029	if ( cnISCSIRes > 2 && aISCSIRes[2].cbSeg
2030	&& (ssize_t)pRequest->cbSense - aISCSIRes[1].cbSeg + 2 > 0)
2031	{
2032	memcpy((char *)pRequest->abSense + aISCSIRes[1].cbSeg - 2,
2033	aISCSIRes[2].pvSeg,
2034	pRequest->cbSense - aISCSIRes[1].cbSeg + 2);
2035	}
2036	}
2037	else if (cbData == 1)
2038	{
2039	rc = VERR_PARSE_ERROR;
2040	break;
2041	}
2042	else
2043	pRequest->cbSense = 0;
2044	break;
2045	}
2046	else if (cmd == ISCSIOP_SCSI_DATA_IN)
2047	{
2048	/* A Data-In PDU carries some data that needs to be added to the received
2049	* data in response to the command. There may be both partial and complete
2050	* Data-In PDUs, so collect data until the status is included or the status
2051	* is sent in a separate SCSI Result frame (see above). */
2052	if (final && aISCSIRes[2].cbSeg != 0)
2053	{
2054	/* The received PDU is partially stored in the buffer for status.
2055	* Must not happen under normal circumstances and is a target error. */
2056	rc = VERR_BUFFER_OVERFLOW;
2057	break;
2058	}
2059	uint32_t len = RT_N2H_U32(aResBHS[1]) & 0x00ffffff;
2060	pDst = (uint32_t )((char )pDst + len);
2061	cbBufLength -= len;
2062	if (final && (RT_N2H_U32(aResBHS[0]) & ISCSI_STATUS_BIT) != 0)
2063	{
2064	pRequest->status = RT_N2H_U32(aResBHS[0]) & 0x000000ff;
2065	pRequest->cbSense = 0;
2066	break;
2067	}
2068	}
2069	else
2070	{
2071	rc = VERR_PARSE_ERROR;
2072	break;
2073	}
2074	} while (true);
2075
2076	/* Remove SCSI request from queue. */
2077	pImage->paCurrReq = NULL;
2078	pImage->cnCurrReq = 0;
2079	}
2080
2081	if (rc == VERR_TIMEOUT)
2082	{
2083	/* Drop connection in case the target plays dead. Much better than
2084	* delaying the next requests until the timed out command actually
2085	* finishes. Also keep in mind that command shouldn't take longer than
2086	* about 30-40 seconds, or the guest will lose its patience. */
2087	iscsiTransportClose(pImage);
2088	pImage->state = ISCSISTATE_FREE;
2089	rc = VERR_BROKEN_PIPE;
2090	}
2091	RTSemMutexRelease(pImage->Mutex);
2092	}
2093	else
2094	rc = VERR_NET_CONNECTION_REFUSED;
2095
2096	if (RT_SUCCESS(rc))
2097	ASMAtomicWriteU32(&pImage->cLoginsSinceIo, 0);
2098	LogFlowFunc(("returns %Rrc\n", rc));
2099	return rc;
2100	}
2101
2102
2103	/**
2104	* Generate a new Initiator Task Tag.
2105	*
2106	* @returns Initiator Task Tag.
2107	* @param pImage The iSCSI connection state to be used.
2108	*/
2109	static uint32_t iscsiNewITT(PISCSIIMAGE pImage)
2110	{
2111	uint32_t next_itt;
2112
2113	next_itt = pImage->ITT++;
2114	if (pImage->ITT == ISCSI_TASK_TAG_RSVD)
2115	pImage->ITT = 0;
2116	return RT_H2N_U32(next_itt);
2117	}
2118
2119
2120	/**
2121	* Send an iSCSI request. The request can consist of several segments, which
2122	* are padded to 4 byte boundaries and concatenated.
2123	*
2124	* @returns VBOX status
2125	* @param pImage The iSCSI connection state to be used.
2126	* @param paReq Pointer to array of iSCSI request sections.
2127	* @param cnReq Number of valid iSCSI request sections in the array.
2128	* @param uFlags Flags controlling the exact send semantics.
2129	*/
2130	static int iscsiSendPDU(PISCSIIMAGE pImage, PISCSIREQ paReq, uint32_t cnReq,
2131	uint32_t uFlags)
2132	{
2133	int rc = VINF_SUCCESS;
2134	/** @todo return VERR_VD_ISCSI_INVALID_STATE in the appropriate situations,
2135	* needs cleaning up of timeout/disconnect handling a bit, as otherwise
2136	* too many incorrect errors are signalled. */
2137	Assert(cnReq >= 1);
2138	Assert(paReq[0].cbSeg >= ISCSI_BHS_SIZE);
2139
2140	for (uint32_t i = 0; i < pImage->cISCSIRetries; i++)
2141	{
2142	rc = iscsiTransportWrite(pImage, paReq, cnReq);
2143	if (RT_SUCCESS(rc))
2144	break;
2145	if ( (uFlags & ISCSIPDU_NO_REATTACH)
2146	\|\| (rc != VERR_BROKEN_PIPE && rc != VERR_NET_CONNECTION_REFUSED))
2147	break;
2148	/* No point in reestablishing the connection for a logout */
2149	if (pImage->state == ISCSISTATE_IN_LOGOUT)
2150	break;
2151	RTThreadSleep(500);
2152	if (pImage->state != ISCSISTATE_IN_LOGIN)
2153	{
2154	/* Attempt to re-login when a connection fails, but only when not
2155	* currently logging in. */
2156	rc = iscsiAttach(pImage);
2157	if (RT_FAILURE(rc))
2158	break;
2159	}
2160	}
2161	return rc;
2162	}
2163
2164
2165	/**
2166	* Wait for an iSCSI response with a matching Initiator Target Tag. The response is
2167	* split into several segments, as requested by the caller-provided buffer specification.
2168	* Remember that the response can be split into several PDUs by the sender, so make
2169	* sure that all parts are collected and processed appropriately by the caller.
2170	*
2171	* @returns VBOX status
2172	* @param pImage The iSCSI connection state to be used.
2173	* @param itt The initiator task tag.
2174	* @param paRes Pointer to array of iSCSI response sections.
2175	* @param cnRes Number of valid iSCSI response sections in the array.
2176	* @param fRecvFlags PDU receive flags.
2177	*/
2178	static int iscsiRecvPDU(PISCSIIMAGE pImage, uint32_t itt, PISCSIRES paRes, uint32_t cnRes,
2179	uint32_t fRecvFlags)
2180	{
2181	int rc = VINF_SUCCESS;
2182	ISCSIRES aResBuf;
2183
2184	for (uint32_t i = 0; i < pImage->cISCSIRetries; i++)
2185	{
2186	aResBuf.pvSeg = pImage->pvRecvPDUBuf;
2187	aResBuf.cbSeg = pImage->cbRecvPDUBuf;
2188	rc = iscsiTransportRead(pImage, &aResBuf, 1);
2189	if (RT_FAILURE(rc))
2190	{
2191	if (rc == VERR_BROKEN_PIPE \|\| rc == VERR_NET_CONNECTION_REFUSED)
2192	{
2193	/* No point in reestablishing the connection for a logout */
2194	if (pImage->state == ISCSISTATE_IN_LOGOUT)
2195	break;
2196	/* Connection broken while waiting for a response - wait a while and
2197	* try to restart by re-sending the original request (if any).
2198	* This also handles the connection reestablishment (login etc.). */
2199	RTThreadSleep(500);
2200	if ( pImage->state != ISCSISTATE_IN_LOGIN
2201	&& !(fRecvFlags & ISCSIPDU_NO_REATTACH))
2202	{
2203	/* Attempt to re-login when a connection fails, but only when not
2204	* currently logging in. */
2205	rc = iscsiAttach(pImage);
2206	if (RT_FAILURE(rc))
2207	break;
2208
2209	if (pImage->paCurrReq != NULL)
2210	{
2211	rc = iscsiSendPDU(pImage, pImage->paCurrReq, pImage->cnCurrReq, ISCSIPDU_DEFAULT);
2212	if (RT_FAILURE(rc))
2213	break;
2214	}
2215	}
2216	}
2217	else
2218	{
2219	/* Signal other errors (VERR_BUFFER_OVERFLOW etc.) to the caller. */
2220	break;
2221	}
2222	}
2223	else
2224	{
2225	ISCSIOPCODE cmd;
2226	const uint32_t pcvResSeg = (const uint32_t )aResBuf.pvSeg;
2227
2228	/* Check whether the received PDU is valid, and update the internal state of
2229	* the iSCSI connection/session. */
2230	rc = iscsiValidatePDU(&aResBuf, 1);
2231	if (RT_FAILURE(rc))
2232	{
2233	iscsiDumpPacket(pImage, (PISCSIREQ)&aResBuf, 1, rc, false /* fRequest */);
2234	continue;
2235	}
2236	cmd = (ISCSIOPCODE)(RT_N2H_U32(pcvResSeg[0]) & ISCSIOP_MASK);
2237	switch (cmd)
2238	{
2239	case ISCSIOP_SCSI_RES:
2240	case ISCSIOP_SCSI_TASKMGMT_RES:
2241	case ISCSIOP_SCSI_DATA_IN:
2242	case ISCSIOP_R2T:
2243	case ISCSIOP_ASYN_MSG:
2244	case ISCSIOP_TEXT_RES:
2245	case ISCSIOP_LOGIN_RES:
2246	case ISCSIOP_LOGOUT_RES:
2247	case ISCSIOP_REJECT:
2248	case ISCSIOP_NOP_IN:
2249	if (serial_number_less(pImage->MaxCmdSN, RT_N2H_U32(pcvResSeg[8])))
2250	pImage->MaxCmdSN = RT_N2H_U32(pcvResSeg[8]);
2251	if (serial_number_less(pImage->ExpCmdSN, RT_N2H_U32(pcvResSeg[7])))
2252	pImage->ExpCmdSN = RT_N2H_U32(pcvResSeg[7]);
2253	break;
2254	default:
2255	rc = VERR_PARSE_ERROR;
2256	iscsiDumpPacket(pImage, (PISCSIREQ)&aResBuf, 1, rc, false /* fRequest */);
2257	}
2258	if (RT_FAILURE(rc))
2259	continue;
2260	if ( !pImage->FirstRecvPDU
2261	&& (cmd != ISCSIOP_SCSI_DATA_IN \|\| (RT_N2H_U32(pcvResSeg[0]) & ISCSI_STATUS_BIT))
2262	&& ( cmd != ISCSIOP_LOGIN_RES
2263	\|\| (ISCSILOGINSTATUSCLASS)((RT_N2H_U32(pcvResSeg[9]) >> 24) == ISCSI_LOGIN_STATUS_CLASS_SUCCESS)))
2264	{
2265	if (pImage->ExpStatSN == RT_N2H_U32(pcvResSeg[6]))
2266	{
2267	/* StatSN counter is not advanced on R2T and on a target SN update NOP-In. */
2268	if ( (cmd != ISCSIOP_R2T)
2269	&& ((cmd != ISCSIOP_NOP_IN) \|\| (RT_N2H_U32(pcvResSeg[4]) != ISCSI_TASK_TAG_RSVD)))
2270	pImage->ExpStatSN++;
2271	}
2272	else
2273	{
2274	rc = VERR_PARSE_ERROR;
2275	iscsiDumpPacket(pImage, (PISCSIREQ)&aResBuf, 1, rc, false /* fRequest */);
2276	continue;
2277	}
2278	}
2279	/* Finally check whether the received PDU matches what the caller wants. */
2280	if ( itt == pcvResSeg[4]
2281	&& itt != ISCSI_TASK_TAG_RSVD)
2282	{
2283	/* Copy received PDU (one segment) to caller-provided buffers. */
2284	uint32_t j;
2285	size_t cbSeg;
2286	const uint8_t *pSrc;
2287
2288	pSrc = (const uint8_t *)aResBuf.pvSeg;
2289	cbSeg = aResBuf.cbSeg;
2290	for (j = 0; j < cnRes; j++)
2291	{
2292	if (cbSeg > paRes[j].cbSeg)
2293	{
2294	memcpy(paRes[j].pvSeg, pSrc, paRes[j].cbSeg);
2295	pSrc += paRes[j].cbSeg;
2296	cbSeg -= paRes[j].cbSeg;
2297	}
2298	else
2299	{
2300	memcpy(paRes[j].pvSeg, pSrc, cbSeg);
2301	paRes[j].cbSeg = cbSeg;
2302	cbSeg = 0;
2303	break;
2304	}
2305	}
2306	if (cbSeg != 0)
2307	{
2308	rc = VERR_BUFFER_OVERFLOW;
2309	break;
2310	}
2311	for (j++; j < cnRes; j++)
2312	paRes[j].cbSeg = 0;
2313	break;
2314	}
2315	else if ( cmd == ISCSIOP_NOP_IN
2316	&& RT_N2H_U32(pcvResSeg[5]) != ISCSI_TASK_TAG_RSVD)
2317	{
2318	uint32_t cnISCSIReq;
2319	ISCSIREQ aISCSIReq[4];
2320	uint32_t aReqBHS[12];
2321
2322	aReqBHS[0] = RT_H2N_U32(ISCSI_IMMEDIATE_DELIVERY_BIT \| ISCSI_FINAL_BIT \| ISCSIOP_NOP_OUT);
2323	aReqBHS[1] = RT_H2N_U32(0); /* TotalAHSLength=0,DataSementLength=0 */
2324	aReqBHS[2] = pcvResSeg[2]; /* copy LUN from NOP-In */
2325	aReqBHS[3] = pcvResSeg[3]; /* copy LUN from NOP-In */
2326	aReqBHS[4] = RT_H2N_U32(ISCSI_TASK_TAG_RSVD); /* ITT, reply */
2327	aReqBHS[5] = pcvResSeg[5]; /* copy TTT from NOP-In */
2328	aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
2329	aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
2330	aReqBHS[8] = 0; /* reserved */
2331	aReqBHS[9] = 0; /* reserved */
2332	aReqBHS[10] = 0; /* reserved */
2333	aReqBHS[11] = 0; /* reserved */
2334
2335	cnISCSIReq = 0;
2336	aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
2337	aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
2338	cnISCSIReq++;
2339
2340	iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_NO_REATTACH);
2341	/* Break if the caller wanted to process the NOP-in only. */
2342	if (itt == ISCSI_TASK_TAG_RSVD)
2343	break;
2344	}
2345	}
2346	}
2347
2348	LogFlowFunc(("returns rc=%Rrc\n", rc));
2349	return rc;
2350	}
2351
2352
2353	/**
2354	* Reset the PDU buffer
2355	*
2356	* @param pImage The iSCSI connection state to be used.
2357	*/
2358	static void iscsiRecvPDUReset(PISCSIIMAGE pImage)
2359	{
2360	pImage->cbRecvPDUResidual = ISCSI_BHS_SIZE;
2361	pImage->fRecvPDUBHS = true;
2362	pImage->pbRecvPDUBufCur = (uint8_t *)pImage->pvRecvPDUBuf;
2363	}
2364
2365	static void iscsiPDUTxAdd(PISCSIIMAGE pImage, PISCSIPDUTX pIScsiPDUTx, bool fFront)
2366	{
2367	if (!fFront)
2368	{
2369	/* Insert PDU at the tail of the list. */
2370	if (!pImage->pIScsiPDUTxHead)
2371	pImage->pIScsiPDUTxHead = pIScsiPDUTx;
2372	else
2373	pImage->pIScsiPDUTxTail->pNext = pIScsiPDUTx;
2374	pImage->pIScsiPDUTxTail = pIScsiPDUTx;
2375	}
2376	else
2377	{
2378	/* Insert PDU at the beginning of the list. */
2379	pIScsiPDUTx->pNext = pImage->pIScsiPDUTxHead;
2380	pImage->pIScsiPDUTxHead = pIScsiPDUTx;
2381	if (!pImage->pIScsiPDUTxTail)
2382	pImage->pIScsiPDUTxTail = pIScsiPDUTx;
2383	}
2384	}
2385
2386	/**
2387	* Receives a PDU in a non blocking way.
2388	*
2389	* @returns VBOX status code.
2390	* @param pImage The iSCSI connection state to be used.
2391	*/
2392	static int iscsiRecvPDUAsync(PISCSIIMAGE pImage)
2393	{
2394	size_t cbActuallyRead = 0;
2395	int rc = VINF_SUCCESS;
2396
2397	LogFlowFunc(("pImage=%#p\n", pImage));
2398
2399	/* Check if we are in the middle of a PDU receive. */
2400	if (pImage->cbRecvPDUResidual == 0)
2401	{
2402	/*
2403	* We are receiving a new PDU, don't read more than the BHS initially
2404	* until we know the real size of the PDU.
2405	*/
2406	iscsiRecvPDUReset(pImage);
2407	LogFlow(("Receiving new PDU\n"));
2408	}
2409
2410	rc = pImage->pIfNet->pfnReadNB(pImage->Socket, pImage->pbRecvPDUBufCur,
2411	pImage->cbRecvPDUResidual, &cbActuallyRead);
2412	if (RT_SUCCESS(rc) && cbActuallyRead == 0)
2413	rc = VERR_BROKEN_PIPE;
2414
2415	if (RT_SUCCESS(rc))
2416	{
2417	LogFlow(("Received %zu bytes\n", cbActuallyRead));
2418	pImage->cbRecvPDUResidual -= cbActuallyRead;
2419	pImage->pbRecvPDUBufCur += cbActuallyRead;
2420
2421	/* Check if we received everything we wanted. */
2422	if ( !pImage->cbRecvPDUResidual
2423	&& pImage->fRecvPDUBHS)
2424	{
2425	size_t cbAHSLength, cbDataLength;
2426
2427	/* If we were reading the BHS first get the actual PDU size now. */
2428	uint32_t word1 = RT_N2H_U32(((uint32_t *)(pImage->pvRecvPDUBuf))[1]);
2429	cbAHSLength = (word1 & 0xff000000) >> 24;
2430	cbAHSLength = ((cbAHSLength - 1) \| 3) + 1; /* Add padding. */
2431	cbDataLength = word1 & 0x00ffffff;
2432	cbDataLength = ((cbDataLength - 1) \| 3) + 1; /* Add padding. */
2433	pImage->cbRecvPDUResidual = cbAHSLength + cbDataLength;
2434	pImage->fRecvPDUBHS = false; /* Start receiving the rest of the PDU. */
2435	}
2436
2437	if (!pImage->cbRecvPDUResidual)
2438	{
2439	/* We received the complete PDU with or without any payload now. */
2440	LogFlow(("Received complete PDU\n"));
2441	ISCSIRES aResBuf;
2442	aResBuf.pvSeg = pImage->pvRecvPDUBuf;
2443	aResBuf.cbSeg = pImage->cbRecvPDUBuf;
2444	rc = iscsiRecvPDUProcess(pImage, &aResBuf, 1);
2445	}
2446	}
2447	else
2448	LogFlowFunc(("Reading from the socket returned with rc=%Rrc\n", rc));
2449
2450	return rc;
2451	}
2452
2453	static int iscsiSendPDUAsync(PISCSIIMAGE pImage)
2454	{
2455	size_t cbSent = 0;
2456	int rc = VINF_SUCCESS;
2457
2458	LogFlowFunc(("pImage=%#p\n", pImage));
2459
2460	do
2461	{
2462	/*
2463	* If there is no PDU active, get the first one from the list.
2464	* Check that we are allowed to transfer the PDU by comparing the
2465	* command sequence number and the maximum sequence number allowed by the target.
2466	*/
2467	if (!pImage->pIScsiPDUTxCur)
2468	{
2469	if ( !pImage->pIScsiPDUTxHead
2470	\|\| serial_number_greater(pImage->pIScsiPDUTxHead->CmdSN, pImage->MaxCmdSN))
2471	break;
2472
2473	pImage->pIScsiPDUTxCur = pImage->pIScsiPDUTxHead;
2474	pImage->pIScsiPDUTxHead = pImage->pIScsiPDUTxCur->pNext;
2475	if (!pImage->pIScsiPDUTxHead)
2476	pImage->pIScsiPDUTxTail = NULL;
2477	}
2478
2479	/* Send as much as we can. */
2480	rc = pImage->pIfNet->pfnSgWriteNB(pImage->Socket, &pImage->pIScsiPDUTxCur->SgBuf, &cbSent);
2481	LogFlow(("SgWriteNB returned rc=%Rrc cbSent=%zu\n", rc, cbSent));
2482	if (RT_SUCCESS(rc))
2483	{
2484	LogFlow(("Sent %zu bytes for PDU %#p\n", cbSent, pImage->pIScsiPDUTxCur));
2485	pImage->pIScsiPDUTxCur->cbSgLeft -= cbSent;
2486	RTSgBufAdvance(&pImage->pIScsiPDUTxCur->SgBuf, cbSent);
2487	if (!pImage->pIScsiPDUTxCur->cbSgLeft)
2488	{
2489	/* PDU completed, free it and place the command on the waiting for response list. */
2490	if (pImage->pIScsiPDUTxCur->pIScsiCmd)
2491	{
2492	LogFlow(("Sent complete PDU, placing on waiting list\n"));
2493	iscsiCmdInsert(pImage, pImage->pIScsiPDUTxCur->pIScsiCmd);
2494	}
2495	RTMemFree(pImage->pIScsiPDUTxCur);
2496	pImage->pIScsiPDUTxCur = NULL;
2497	}
2498	}
2499	} while ( RT_SUCCESS(rc)
2500	&& !pImage->pIScsiPDUTxCur);
2501
2502	if (rc == VERR_TRY_AGAIN)
2503	rc = VINF_SUCCESS;
2504
2505	/* Add the write poll flag if we still have something to send, clear it otherwise. */
2506	if (pImage->pIScsiPDUTxCur)
2507	pImage->fPollEvents \|= VD_INTERFACETCPNET_EVT_WRITE;
2508	else
2509	pImage->fPollEvents &= ~VD_INTERFACETCPNET_EVT_WRITE;
2510
2511	LogFlowFunc(("rc=%Rrc pIScsiPDUTxCur=%#p\n", rc, pImage->pIScsiPDUTxCur));
2512	return rc;
2513	}
2514
2515	/**
2516	* Process a received PDU.
2517	*
2518	* @return VBOX status code.
2519	* @param pImage The iSCSI connection state to be used.
2520	* @param paRes Pointer to the array of iSCSI response sections.
2521	* @param cnRes Number of valid iSCSI response sections in the array.
2522	*/
2523	static int iscsiRecvPDUProcess(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes)
2524	{
2525	int rc = VINF_SUCCESS;
2526
2527	LogFlowFunc(("pImage=%#p paRes=%#p cnRes=%u\n", pImage, paRes, cnRes));
2528
2529	/* Validate the PDU first. */
2530	rc = iscsiValidatePDU(paRes, cnRes);
2531	if (RT_SUCCESS(rc))
2532	{
2533	ISCSIOPCODE cmd;
2534	const uint32_t pcvResSeg = (const uint32_t )paRes[0].pvSeg;
2535
2536	Assert(paRes[0].cbSeg > 9 * sizeof(uint32_t));
2537
2538	do
2539	{
2540	cmd = (ISCSIOPCODE)(RT_N2H_U32(pcvResSeg[0]) & ISCSIOP_MASK);
2541	switch (cmd)
2542	{
2543	case ISCSIOP_SCSI_RES:
2544	case ISCSIOP_SCSI_TASKMGMT_RES:
2545	case ISCSIOP_SCSI_DATA_IN:
2546	case ISCSIOP_R2T:
2547	case ISCSIOP_ASYN_MSG:
2548	case ISCSIOP_TEXT_RES:
2549	case ISCSIOP_LOGIN_RES:
2550	case ISCSIOP_LOGOUT_RES:
2551	case ISCSIOP_REJECT:
2552	case ISCSIOP_NOP_IN:
2553	if (serial_number_less(pImage->MaxCmdSN, RT_N2H_U32(pcvResSeg[8])))
2554	pImage->MaxCmdSN = RT_N2H_U32(pcvResSeg[8]);
2555	if (serial_number_less(pImage->ExpCmdSN, RT_N2H_U32(pcvResSeg[7])))
2556	pImage->ExpCmdSN = RT_N2H_U32(pcvResSeg[7]);
2557	break;
2558	default:
2559	rc = VERR_PARSE_ERROR;
2560	iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2561	}
2562
2563	if (RT_FAILURE(rc))
2564	break;
2565
2566	if ( !pImage->FirstRecvPDU
2567	&& (cmd != ISCSIOP_SCSI_DATA_IN \|\| (RT_N2H_U32(pcvResSeg[0]) & ISCSI_STATUS_BIT)))
2568	{
2569	if (pImage->ExpStatSN == RT_N2H_U32(pcvResSeg[6]))
2570	{
2571	/* StatSN counter is not advanced on R2T and on a target SN update NOP-In. */
2572	if ( (cmd != ISCSIOP_R2T)
2573	&& ((cmd != ISCSIOP_NOP_IN) \|\| (RT_N2H_U32(pcvResSeg[4]) != ISCSI_TASK_TAG_RSVD)))
2574	pImage->ExpStatSN++;
2575	}
2576	else
2577	{
2578	rc = VERR_PARSE_ERROR;
2579	iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2580	break;
2581	}
2582	}
2583
2584	if (pcvResSeg[4] != ISCSI_TASK_TAG_RSVD)
2585	{
2586	/*
2587	* This is a response from the target for a request from the initiator.
2588	* Get the request and update its state.
2589	*/
2590	rc = iscsiRecvPDUUpdateRequest(pImage, paRes, cnRes);
2591	/* Try to send more PDUs now that we updated the MaxCmdSN field */
2592	if ( RT_SUCCESS(rc)
2593	&& !pImage->pIScsiPDUTxCur)
2594	rc = iscsiSendPDUAsync(pImage);
2595	}
2596	else
2597	{
2598	/* This is a target initiated request (we handle only NOP-In request at the moment). */
2599	if ( cmd == ISCSIOP_NOP_IN
2600	&& RT_N2H_U32(pcvResSeg[5]) != ISCSI_TASK_TAG_RSVD)
2601	{
2602	PISCSIPDUTX pIScsiPDUTx;
2603	uint32_t cnISCSIReq;
2604	uint32_t *paReqBHS;
2605
2606	LogFlowFunc(("Sending NOP-Out\n"));
2607
2608	/* Allocate a new PDU initialize it and put onto the waiting list. */
2609	pIScsiPDUTx = (PISCSIPDUTX)RTMemAllocZ(sizeof(ISCSIPDUTX));
2610	if (!pIScsiPDUTx)
2611	{
2612	rc = VERR_NO_MEMORY;
2613	break;
2614	}
2615	paReqBHS = &pIScsiPDUTx->aBHS[0];
2616	paReqBHS[0] = RT_H2N_U32(ISCSI_IMMEDIATE_DELIVERY_BIT \| ISCSI_FINAL_BIT \| ISCSIOP_NOP_OUT);
2617	paReqBHS[1] = RT_H2N_U32(0); /* TotalAHSLength=0,DataSementLength=0 */
2618	paReqBHS[2] = pcvResSeg[2]; /* copy LUN from NOP-In */
2619	paReqBHS[3] = pcvResSeg[3]; /* copy LUN from NOP-In */
2620	paReqBHS[4] = RT_H2N_U32(ISCSI_TASK_TAG_RSVD); /* ITT, reply */
2621	paReqBHS[5] = pcvResSeg[5]; /* copy TTT from NOP-In */
2622	paReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
2623	paReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
2624	paReqBHS[8] = 0; /* reserved */
2625	paReqBHS[9] = 0; /* reserved */
2626	paReqBHS[10] = 0; /* reserved */
2627	paReqBHS[11] = 0; /* reserved */
2628
2629	cnISCSIReq = 0;
2630	pIScsiPDUTx->aISCSIReq[cnISCSIReq].pvSeg = paReqBHS;
2631	pIScsiPDUTx->aISCSIReq[cnISCSIReq].cbSeg = sizeof(pIScsiPDUTx->aBHS);
2632	cnISCSIReq++;
2633	pIScsiPDUTx->cbSgLeft = sizeof(pIScsiPDUTx->aBHS);
2634	RTSgBufInit(&pIScsiPDUTx->SgBuf, pIScsiPDUTx->aISCSIReq, cnISCSIReq);
2635
2636	/*
2637	* Link the PDU to the list.
2638	* Insert at the front of the list to send the response as soon as possible
2639	* to avoid frequent reconnects for a slow connection when there are many PDUs
2640	* waiting.
2641	*/
2642	iscsiPDUTxAdd(pImage, pIScsiPDUTx, true /* fFront */);
2643
2644	/* Start transfer of a PDU if there is no one active at the moment. */
2645	if (!pImage->pIScsiPDUTxCur)
2646	rc = iscsiSendPDUAsync(pImage);
2647	}
2648	}
2649	} while (0);
2650	}
2651	else
2652	iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2653
2654	return rc;
2655	}
2656
2657	/**
2658	* Check the static (not dependent on the connection/session state) validity of an iSCSI response PDU.
2659	*
2660	* @returns VBOX status
2661	* @param paRes Pointer to array of iSCSI response sections.
2662	* @param cnRes Number of valid iSCSI response sections in the array.
2663	*/
2664	static int iscsiValidatePDU(PISCSIRES paRes, uint32_t cnRes)
2665	{
2666	RT_NOREF1(cnRes);
2667	const uint32_t *pcrgResBHS;
2668	uint32_t hw0;
2669	Assert(cnRes >= 1);
2670	Assert(paRes[0].cbSeg >= ISCSI_BHS_SIZE);
2671
2672	LogFlowFunc(("paRes=%#p cnRes=%u\n", paRes, cnRes));
2673
2674	pcrgResBHS = (const uint32_t *)(paRes[0].pvSeg);
2675	hw0 = RT_N2H_U32(pcrgResBHS[0]);
2676	switch (hw0 & ISCSIOP_MASK)
2677	{
2678	case ISCSIOP_NOP_IN:
2679	/* NOP-In responses must not be split into several PDUs nor it may contain
2680	* ping data for target-initiated pings nor may both task tags be valid task tags. */
2681	if ( (hw0 & ISCSI_FINAL_BIT) == 0
2682	\|\| ( RT_N2H_U32(pcrgResBHS[4]) == ISCSI_TASK_TAG_RSVD
2683	&& RT_N2H_U32(pcrgResBHS[1]) != 0)
2684	\|\| ( RT_N2H_U32(pcrgResBHS[4]) != ISCSI_TASK_TAG_RSVD
2685	&& RT_N2H_U32(pcrgResBHS[5]) != ISCSI_TASK_TAG_RSVD))
2686	return VERR_PARSE_ERROR;
2687	break;
2688	case ISCSIOP_SCSI_RES:
2689	/* SCSI responses must not be split into several PDUs nor must the residual
2690	* bits be contradicting each other nor may the residual bits be set for PDUs
2691	* containing anything else but a completed command response. Underflow
2692	* is no reason for declaring a PDU as invalid, as the target may choose
2693	* to return less data than we assume to get. */
2694	if ( (hw0 & ISCSI_FINAL_BIT) == 0
2695	\|\| ((hw0 & ISCSI_BI_READ_RESIDUAL_OVFL_BIT) && (hw0 & ISCSI_BI_READ_RESIDUAL_UNFL_BIT))
2696	\|\| ((hw0 & ISCSI_RESIDUAL_OVFL_BIT) && (hw0 & ISCSI_RESIDUAL_UNFL_BIT))
2697	\|\| ( ((hw0 & ISCSI_SCSI_RESPONSE_MASK) == 0)
2698	&& ((hw0 & ISCSI_SCSI_STATUS_MASK) == SCSI_STATUS_OK)
2699	&& (hw0 & ( ISCSI_BI_READ_RESIDUAL_OVFL_BIT \| ISCSI_BI_READ_RESIDUAL_UNFL_BIT
2700	\| ISCSI_RESIDUAL_OVFL_BIT))))
2701	return VERR_PARSE_ERROR;
2702	else
2703	LogFlowFunc(("good SCSI response, first word %#08x\n", RT_N2H_U32(pcrgResBHS[0])));
2704	break;
2705	case ISCSIOP_LOGIN_RES:
2706	/* Login responses must not contain contradicting transit and continue bits. */
2707	if ((hw0 & ISCSI_CONTINUE_BIT) && ((hw0 & ISCSI_TRANSIT_BIT) != 0))
2708	return VERR_PARSE_ERROR;
2709	break;
2710	case ISCSIOP_TEXT_RES:
2711	/* Text responses must not contain contradicting final and continue bits nor
2712	* may the final bit be set for PDUs containing a target transfer tag other than
2713	* the reserved transfer tag (and vice versa). */
2714	if ( (((hw0 & ISCSI_CONTINUE_BIT) && (hw0 & ISCSI_FINAL_BIT) != 0))
2715	\|\| (((hw0 & ISCSI_FINAL_BIT) && (RT_N2H_U32(pcrgResBHS[5]) != ISCSI_TASK_TAG_RSVD)))
2716	\|\| (((hw0 & ISCSI_FINAL_BIT) == 0) && (RT_N2H_U32(pcrgResBHS[5]) == ISCSI_TASK_TAG_RSVD)))
2717	return VERR_PARSE_ERROR;
2718	break;
2719	case ISCSIOP_SCSI_DATA_IN:
2720	/* SCSI Data-in responses must not contain contradicting residual bits when
2721	* status bit is set. */
2722	if ((hw0 & ISCSI_STATUS_BIT) && (hw0 & ISCSI_RESIDUAL_OVFL_BIT) && (hw0 & ISCSI_RESIDUAL_UNFL_BIT))
2723	return VERR_PARSE_ERROR;
2724	break;
2725	case ISCSIOP_LOGOUT_RES:
2726	/* Logout responses must not have the final bit unset and may not contain any
2727	* data or additional header segments. */
2728	if ( ((hw0 & ISCSI_FINAL_BIT) == 0)
2729	\|\| (RT_N2H_U32(pcrgResBHS[1]) != 0))
2730	return VERR_PARSE_ERROR;
2731	break;
2732	case ISCSIOP_ASYN_MSG:
2733	/* Asynchronous Messages must not have the final bit unset and may not contain
2734	* an initiator task tag. */
2735	if ( ((hw0 & ISCSI_FINAL_BIT) == 0)
2736	\|\| (RT_N2H_U32(pcrgResBHS[4]) != ISCSI_TASK_TAG_RSVD))
2737	return VERR_PARSE_ERROR;
2738	break;
2739	case ISCSIOP_SCSI_TASKMGMT_RES:
2740	case ISCSIOP_R2T:
2741	case ISCSIOP_REJECT:
2742	default:
2743	/* Do some logging, ignore PDU. */
2744	LogFlowFunc(("ignore unhandled PDU, first word %#08x\n", RT_N2H_U32(pcrgResBHS[0])));
2745	return VERR_PARSE_ERROR;
2746	}
2747	/* A target must not send PDUs with MaxCmdSN less than ExpCmdSN-1. */
2748
2749	if (serial_number_less(RT_N2H_U32(pcrgResBHS[8]), RT_N2H_U32(pcrgResBHS[7])-1))
2750	return VERR_PARSE_ERROR;
2751
2752	return VINF_SUCCESS;
2753	}
2754
2755
2756	/**
2757	* Prepares a PDU to transfer for the given command and adds it to the list.
2758	*/
2759	static int iscsiPDUTxPrepare(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd)
2760	{
2761	int rc = VINF_SUCCESS;
2762	uint32_t *paReqBHS;
2763	size_t cbData = 0;
2764	size_t cbSegs = 0;
2765	PSCSIREQ pScsiReq;
2766	PISCSIPDUTX pIScsiPDU = NULL;
2767
2768	LogFlowFunc(("pImage=%#p pIScsiCmd=%#p\n", pImage, pIScsiCmd));
2769
2770	Assert(pIScsiCmd->enmCmdType == ISCSICMDTYPE_REQ);
2771
2772	pIScsiCmd->Itt = iscsiNewITT(pImage);
2773	pScsiReq = pIScsiCmd->CmdType.ScsiReq.pScsiReq;
2774
2775	if (pScsiReq->cT2ISegs)
2776	RTSgBufInit(&pScsiReq->SgBufT2I, pScsiReq->paT2ISegs, pScsiReq->cT2ISegs);
2777
2778	/*
2779	* Allocate twice as much entries as required for padding (worst case).
2780	* The additional segment is for the BHS.
2781	*/
2782	size_t cI2TSegs = 2*(pScsiReq->cI2TSegs + 1);
2783	pIScsiPDU = (PISCSIPDUTX)RTMemAllocZ(RT_UOFFSETOF_DYN(ISCSIPDUTX, aISCSIReq[cI2TSegs]));
2784	if (!pIScsiPDU)
2785	return VERR_NO_MEMORY;
2786
2787	pIScsiPDU->pIScsiCmd = pIScsiCmd;
2788
2789	if (pScsiReq->enmXfer == SCSIXFER_FROM_TARGET)
2790	cbData = (uint32_t)pScsiReq->cbT2IData;
2791	else
2792	cbData = (uint32_t)pScsiReq->cbI2TData;
2793
2794	paReqBHS = pIScsiPDU->aBHS;
2795
2796	/* Setup the BHS. */
2797	paReqBHS[0] = RT_H2N_U32( ISCSI_FINAL_BIT \| ISCSI_TASK_ATTR_SIMPLE \| ISCSIOP_SCSI_CMD
2798	\| (pScsiReq->enmXfer << 21)); /* I=0,F=1,Attr=Simple */
2799	paReqBHS[1] = RT_H2N_U32(0x00000000 \| ((uint32_t)pScsiReq->cbI2TData & 0xffffff)); /* TotalAHSLength=0 */
2800	paReqBHS[2] = RT_H2N_U32(pImage->LUN >> 32);
2801	paReqBHS[3] = RT_H2N_U32(pImage->LUN & 0xffffffff);
2802	paReqBHS[4] = pIScsiCmd->Itt;
2803	paReqBHS[5] = RT_H2N_U32((uint32_t)cbData); Assert((uint32_t)cbData == cbData);
2804	paReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
2805	paReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
2806	memcpy(paReqBHS + 8, pScsiReq->abCDB, pScsiReq->cbCDB);
2807
2808	pIScsiPDU->CmdSN = pImage->CmdSN;
2809	pImage->CmdSN++;
2810
2811	/* Setup the S/G buffers. */
2812	uint32_t cnISCSIReq = 0;
2813	pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg = sizeof(pIScsiPDU->aBHS);
2814	pIScsiPDU->aISCSIReq[cnISCSIReq].pvSeg = pIScsiPDU->aBHS;
2815	cnISCSIReq++;
2816	cbSegs = sizeof(pIScsiPDU->aBHS);
2817	/* Padding is not necessary for the BHS. */
2818
2819	if (pScsiReq->cbI2TData)
2820	{
2821	for (unsigned cSeg = 0; cSeg < pScsiReq->cI2TSegs; cSeg++)
2822	{
2823	Assert(cnISCSIReq < cI2TSegs);
2824	pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg = pScsiReq->paI2TSegs[cSeg].cbSeg;
2825	pIScsiPDU->aISCSIReq[cnISCSIReq].pvSeg = pScsiReq->paI2TSegs[cSeg].pvSeg;
2826	cbSegs += pScsiReq->paI2TSegs[cSeg].cbSeg;
2827	cnISCSIReq++;
2828
2829	/* Add padding if necessary. */
2830	if (pScsiReq->paI2TSegs[cSeg].cbSeg & 3)
2831	{
2832	Assert(cnISCSIReq < cI2TSegs);
2833	pIScsiPDU->aISCSIReq[cnISCSIReq].pvSeg = &pImage->aPadding[0];
2834	pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg = 4 - (pScsiReq->paI2TSegs[cSeg].cbSeg & 3);
2835	cbSegs += pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg;
2836	cnISCSIReq++;
2837	}
2838	}
2839	}
2840
2841	pIScsiPDU->cISCSIReq = cnISCSIReq;
2842	pIScsiPDU->cbSgLeft = cbSegs;
2843	RTSgBufInit(&pIScsiPDU->SgBuf, pIScsiPDU->aISCSIReq, cnISCSIReq);
2844
2845	/* Link the PDU to the list. */
2846	iscsiPDUTxAdd(pImage, pIScsiPDU, false /* fFront */);
2847
2848	/* Start transfer of a PDU if there is no one active at the moment. */
2849	if (!pImage->pIScsiPDUTxCur)
2850	rc = iscsiSendPDUAsync(pImage);
2851
2852	return rc;
2853	}
2854
2855
2856	/**
2857	* Updates the state of a request from the PDU we received.
2858	*
2859	* @return VBox status code.
2860	* @param pImage iSCSI connection state to use.
2861	* @param paRes Pointer to array of iSCSI response sections.
2862	* @param cnRes Number of valid iSCSI response sections in the array.
2863	*/
2864	static int iscsiRecvPDUUpdateRequest(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes)
2865	{
2866	int rc = VINF_SUCCESS;
2867	PISCSICMD pIScsiCmd;
2868	uint32_t *paResBHS;
2869
2870	LogFlowFunc(("pImage=%#p paRes=%#p cnRes=%u\n", pImage, paRes, cnRes));
2871
2872	Assert(cnRes == 1);
2873	Assert(paRes[0].cbSeg >= ISCSI_BHS_SIZE);
2874
2875	paResBHS = (uint32_t *)paRes[0].pvSeg;
2876
2877	pIScsiCmd = iscsiCmdGetFromItt(pImage, paResBHS[4]);
2878
2879	if (pIScsiCmd)
2880	{
2881	bool final = false;
2882	PSCSIREQ pScsiReq;
2883
2884	LogFlow(("Found SCSI command %#p for Itt=%#u\n", pIScsiCmd, paResBHS[4]));
2885
2886	Assert(pIScsiCmd->enmCmdType == ISCSICMDTYPE_REQ);
2887	pScsiReq = pIScsiCmd->CmdType.ScsiReq.pScsiReq;
2888
2889	final = !!(RT_N2H_U32(paResBHS[0]) & ISCSI_FINAL_BIT);
2890	ISCSIOPCODE cmd = (ISCSIOPCODE)(RT_N2H_U32(paResBHS[0]) & ISCSIOP_MASK);
2891	if (cmd == ISCSIOP_SCSI_RES)
2892	{
2893	/* This is the final PDU which delivers the status (and may be omitted if
2894	* the last Data-In PDU included successful completion status). Note
2895	* that ExpStatSN has been bumped already in iscsiRecvPDU. */
2896	if (!final \|\| ((RT_N2H_U32(paResBHS[0]) & 0x0000ff00) != 0) \|\| (RT_N2H_U32(paResBHS[6]) != pImage->ExpStatSN - 1))
2897	{
2898	/* SCSI Response in the wrong place or with a (target) failure. */
2899	LogFlow(("Wrong ExpStatSN value in PDU\n"));
2900	rc = VERR_PARSE_ERROR;
2901	}
2902	else
2903	{
2904	pScsiReq->status = RT_N2H_U32(paResBHS[0]) & 0x000000ff;
2905	size_t cbData = RT_N2H_U32(paResBHS[1]) & 0x00ffffff;
2906	void pvSense = (uint8_t )paRes[0].pvSeg + ISCSI_BHS_SIZE;
2907
2908	if (cbData >= 2)
2909	{
2910	uint32_t cbStat = RT_N2H_U32(((uint32_t *)pvSense)[0]) >> 16;
2911	if (cbStat + 2 > cbData)
2912	{
2913	rc = VERR_BUFFER_OVERFLOW;
2914	}
2915	else
2916	{
2917	/* Truncate sense data if it doesn't fit into the buffer. */
2918	pScsiReq->cbSense = RT_MIN(cbStat, pScsiReq->cbSense);
2919	memcpy(pScsiReq->abSense, (uint8_t *)pvSense + 2,
2920	RT_MIN(paRes[0].cbSeg - ISCSI_BHS_SIZE - 2, pScsiReq->cbSense));
2921	}
2922	}
2923	else if (cbData == 1)
2924	rc = VERR_PARSE_ERROR;
2925	else
2926	pScsiReq->cbSense = 0;
2927	}
2928	iscsiCmdComplete(pImage, pIScsiCmd, rc);
2929	}
2930	else if (cmd == ISCSIOP_SCSI_DATA_IN)
2931	{
2932	/* A Data-In PDU carries some data that needs to be added to the received
2933	* data in response to the command. There may be both partial and complete
2934	* Data-In PDUs, so collect data until the status is included or the status
2935	* is sent in a separate SCSI Result frame (see above). */
2936	size_t cbData = RT_N2H_U32(paResBHS[1]) & 0x00ffffff;
2937	void pvData = (uint8_t )paRes[0].pvSeg + ISCSI_BHS_SIZE;
2938
2939	if (final && cbData > pScsiReq->cbT2IData)
2940	{
2941	/* The received PDU is bigger than what we requested.
2942	* Must not happen under normal circumstances and is a target error. */
2943	rc = VERR_BUFFER_OVERFLOW;
2944	}
2945	else
2946	{
2947	/* Copy data from the received PDU into the T2I segments. */
2948	size_t cbCopied = RTSgBufCopyFromBuf(&pScsiReq->SgBufT2I, pvData, cbData);
2949	Assert(cbCopied == cbData); NOREF(cbCopied);
2950
2951	if (final && (RT_N2H_U32(paResBHS[0]) & ISCSI_STATUS_BIT) != 0)
2952	{
2953	pScsiReq->status = RT_N2H_U32(paResBHS[0]) & 0x000000ff;
2954	pScsiReq->cbSense = 0;
2955	iscsiCmdComplete(pImage, pIScsiCmd, VINF_SUCCESS);
2956	}
2957	}
2958	}
2959	else
2960	rc = VERR_PARSE_ERROR;
2961	}
2962
2963	/* Log any errors here but ignore the PDU. */
2964	if (RT_FAILURE(rc))
2965	{
2966	LogRel(("iSCSI: Received malformed PDU from target %s (rc=%Rrc), ignoring\n", pImage->pszTargetName, rc));
2967	iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2968	rc = VINF_SUCCESS;
2969	}
2970
2971	return rc;
2972	}
2973
2974	/**
2975	* Appends a key-value pair to the buffer. Normal ASCII strings (cbValue == 0) and large binary values
2976	* of a given length (cbValue > 0) are directly supported. Other value types must be converted to ASCII
2977	* by the caller. Strings must be in UTF-8 encoding.
2978	*
2979	* @returns VBOX status
2980	* @param pbBuf Pointer to the key-value buffer.
2981	* @param cbBuf Length of the key-value buffer.
2982	* @param pcbBufCurr Currently used portion of the key-value buffer.
2983	* @param pcszKey Pointer to a string containing the key.
2984	* @param pcszValue Pointer to either a string containing the value or to a large binary value.
2985	* @param cbValue Length of the binary value if applicable.
2986	*/
2987	static int iscsiTextAddKeyValue(uint8_t pbBuf, size_t cbBuf, size_t pcbBufCurr, const char *pcszKey,
2988	const char *pcszValue, size_t cbValue)
2989	{
2990	size_t cbBufTmp = *pcbBufCurr;
2991	size_t cbKey = strlen(pcszKey);
2992	size_t cbValueEnc;
2993	uint8_t *pbCurr;
2994
2995	if (cbValue == 0)
2996	cbValueEnc = strlen(pcszValue);
2997	else
2998	cbValueEnc = cbValue * 2 + 2; /* 2 hex bytes per byte, 2 bytes prefix */
2999
3000	if (cbBuf < cbBufTmp + cbKey + 1 + cbValueEnc + 1)
3001	{
3002	/* Buffer would overflow, signal error. */
3003	return VERR_BUFFER_OVERFLOW;
3004	}
3005
3006	/*
3007	* Append a key=value pair (zero terminated string) to the end of the buffer.
3008	*/
3009	pbCurr = pbBuf + cbBufTmp;
3010	memcpy(pbCurr, pcszKey, cbKey);
3011	pbCurr += cbKey;
3012	*pbCurr++ = '=';
3013	if (cbValue == 0)
3014	{
3015	memcpy(pbCurr, pcszValue, cbValueEnc);
3016	pbCurr += cbValueEnc;
3017	}
3018	else
3019	{
3020	*pbCurr++ = '0';
3021	*pbCurr++ = 'x';
3022	for (uint32_t i = 0; i < cbValue; i++)
3023	{
3024	uint8_t b;
3025	b = pcszValue[i];
3026	*pbCurr++ = NUM_2_HEX(b >> 4);
3027	*pbCurr++ = NUM_2_HEX(b & 0xf);
3028	}
3029	}
3030	*pbCurr = '\0';
3031	*pcbBufCurr = cbBufTmp + cbKey + 1 + cbValueEnc + 1;
3032
3033	return VINF_SUCCESS;
3034	}
3035
3036
3037	/**
3038	* Retrieve the value for a given key from the key=value buffer.
3039	*
3040	* @returns VBox status code.
3041	* @param pbBuf Buffer containing key=value pairs.
3042	* @param cbBuf Length of buffer with key=value pairs.
3043	* @param pcszKey Pointer to key for which to retrieve the value.
3044	* @param ppcszValue Pointer to value string pointer.
3045	*/
3046	static int iscsiTextGetKeyValue(const uint8_t pbBuf, size_t cbBuf, const char pcszKey, const char **ppcszValue)
3047	{
3048	size_t cbKey = strlen(pcszKey);
3049
3050	while (cbBuf != 0)
3051	{
3052	size_t cbKeyValNull = strlen((const char *)pbBuf) + 1;
3053
3054	if (strncmp(pcszKey, (const char *)pbBuf, cbKey) == 0 && pbBuf[cbKey] == '=')
3055	{
3056	ppcszValue = (const char )(pbBuf + cbKey + 1);
3057	return VINF_SUCCESS;
3058	}
3059	pbBuf += cbKeyValNull;
3060	cbBuf -= cbKeyValNull;
3061	}
3062	return VERR_INVALID_NAME;
3063	}
3064
3065
3066	/**
3067	* Convert a long-binary value from a value string to the binary representation.
3068	*
3069	* @returns VBOX status
3070	* @param pcszValue Pointer to a string containing the textual value representation.
3071	* @param pbValue Pointer to the value buffer for the binary value.
3072	* @param pcbValue In: length of value buffer, out: actual length of binary value.
3073	*/
3074	static int iscsiStrToBinary(const char pcszValue, uint8_t pbValue, size_t *pcbValue)
3075	{
3076	size_t cbValue = *pcbValue;
3077	char c1, c2, c3, c4;
3078	Assert(cbValue >= 1);
3079
3080	if (strlen(pcszValue) < 3)
3081	return VERR_PARSE_ERROR;
3082	if (*pcszValue++ != '0')
3083	return VERR_PARSE_ERROR;
3084	switch (*pcszValue++)
3085	{
3086	case 'x':
3087	case 'X':
3088	if (strlen(pcszValue) & 1)
3089	{
3090	c1 = *pcszValue++;
3091	*pbValue++ = HEX_2_NUM(c1);
3092	cbValue--;
3093	}
3094	while (*pcszValue != '\0')
3095	{
3096	if (cbValue == 0)
3097	return VERR_BUFFER_OVERFLOW;
3098	c1 = *pcszValue++;
3099	if ((c1 < '0' \|\| c1 > '9') && (c1 < 'a' \|\| c1 > 'f') && (c1 < 'A' \|\| c1 > 'F'))
3100	return VERR_PARSE_ERROR;
3101	c2 = *pcszValue++;
3102	if ((c2 < '0' \|\| c2 > '9') && (c2 < 'a' \|\| c2 > 'f') && (c2 < 'A' \|\| c2 > 'F'))
3103	return VERR_PARSE_ERROR;
3104	*pbValue++ = (HEX_2_NUM(c1) << 4) \| HEX_2_NUM(c2);
3105	cbValue--;
3106	}
3107	*pcbValue -= cbValue;
3108	break;
3109	case 'b':
3110	case 'B':
3111	if ((strlen(pcszValue) & 3) != 0)
3112	return VERR_PARSE_ERROR;
3113	while (*pcszValue != '\0')
3114	{
3115	uint32_t temp;
3116	if (cbValue == 0)
3117	return VERR_BUFFER_OVERFLOW;
3118	c1 = *pcszValue++;
3119	if ((c1 < 'A' \|\| c1 > 'Z') && (c1 < 'a' \|\| c1 >'z') && (c1 < '0' \|\| c1 > '9') && (c1 != '+') && (c1 != '/'))
3120	return VERR_PARSE_ERROR;
3121	c2 = *pcszValue++;
3122	if ((c2 < 'A' \|\| c2 > 'Z') && (c2 < 'a' \|\| c2 >'z') && (c2 < '0' \|\| c2 > '9') && (c2 != '+') && (c2 != '/'))
3123	return VERR_PARSE_ERROR;
3124	c3 = *pcszValue++;
3125	if ((c3 < 'A' \|\| c3 > 'Z') && (c3 < 'a' \|\| c3 >'z') && (c3 < '0' \|\| c3 > '9') && (c3 != '+') && (c3 != '/') && (c3 != '='))
3126	return VERR_PARSE_ERROR;
3127	c4 = *pcszValue++;
3128	if ( (c3 == '=' && c4 != '=')
3129	\|\| ((c4 < 'A' \|\| c4 > 'Z') && (c4 < 'a' \|\| c4 >'z') && (c4 < '0' \|\| c4 > '9') && (c4 != '+') && (c4 != '/') && (c4 != '=')))
3130	return VERR_PARSE_ERROR;
3131	temp = (B64_2_NUM(c1) << 18) \| (B64_2_NUM(c2) << 12);
3132	if (c3 == '=') {
3133	if (*pcszValue != '\0')
3134	return VERR_PARSE_ERROR;
3135	*pbValue++ = temp >> 16;
3136	cbValue--;
3137	} else {
3138	temp \|= B64_2_NUM(c3) << 6;
3139	if (c4 == '=') {
3140	if (*pcszValue != '\0')
3141	return VERR_PARSE_ERROR;
3142	if (cbValue < 2)
3143	return VERR_BUFFER_OVERFLOW;
3144	*pbValue++ = temp >> 16;
3145	*pbValue++ = (temp >> 8) & 0xff;
3146	cbValue -= 2;
3147	}
3148	else
3149	{
3150	temp \|= B64_2_NUM(c4);
3151	if (cbValue < 3)
3152	return VERR_BUFFER_OVERFLOW;
3153	*pbValue++ = temp >> 16;
3154	*pbValue++ = (temp >> 8) & 0xff;
3155	*pbValue++ = temp & 0xff;
3156	cbValue -= 3;
3157	}
3158	}
3159	}
3160	*pcbValue -= cbValue;
3161	break;
3162	default:
3163	return VERR_PARSE_ERROR;
3164	}
3165	return VINF_SUCCESS;
3166	}
3167
3168
3169	/**
3170	* Retrieve the relevant parameter values and update the initiator state.
3171	*
3172	* @returns VBox status code.
3173	* @param pImage Current iSCSI initiator state.
3174	* @param pbBuf Buffer containing key=value pairs.
3175	* @param cbBuf Length of buffer with key=value pairs.
3176	*/
3177	static int iscsiUpdateParameters(PISCSIIMAGE pImage, const uint8_t *pbBuf, size_t cbBuf)
3178	{
3179	int rc;
3180	const char *pcszMaxRecvDataSegmentLength = NULL;
3181	const char *pcszMaxBurstLength = NULL;
3182	const char *pcszFirstBurstLength = NULL;
3183	rc = iscsiTextGetKeyValue(pbBuf, cbBuf, "MaxRecvDataSegmentLength", &pcszMaxRecvDataSegmentLength);
3184	if (rc == VERR_INVALID_NAME)
3185	rc = VINF_SUCCESS;
3186	if (RT_FAILURE(rc))
3187	return VERR_PARSE_ERROR;
3188	rc = iscsiTextGetKeyValue(pbBuf, cbBuf, "MaxBurstLength", &pcszMaxBurstLength);
3189	if (rc == VERR_INVALID_NAME)
3190	rc = VINF_SUCCESS;
3191	if (RT_FAILURE(rc))
3192	return VERR_PARSE_ERROR;
3193	rc = iscsiTextGetKeyValue(pbBuf, cbBuf, "FirstBurstLength", &pcszFirstBurstLength);
3194	if (rc == VERR_INVALID_NAME)
3195	rc = VINF_SUCCESS;
3196	if (RT_FAILURE(rc))
3197	return VERR_PARSE_ERROR;
3198	if (pcszMaxRecvDataSegmentLength)
3199	{
3200	uint32_t cb = pImage->cbSendDataLength;
3201	rc = RTStrToUInt32Full(pcszMaxRecvDataSegmentLength, 0, &cb);
3202	AssertRC(rc);
3203	pImage->cbSendDataLength = RT_MIN(pImage->cbSendDataLength, cb);
3204	}
3205	if (pcszMaxBurstLength)
3206	{
3207	uint32_t cb = pImage->cbSendDataLength;
3208	rc = RTStrToUInt32Full(pcszMaxBurstLength, 0, &cb);
3209	AssertRC(rc);
3210	pImage->cbSendDataLength = RT_MIN(pImage->cbSendDataLength, cb);
3211	}
3212	if (pcszFirstBurstLength)
3213	{
3214	uint32_t cb = pImage->cbSendDataLength;
3215	rc = RTStrToUInt32Full(pcszFirstBurstLength, 0, &cb);
3216	AssertRC(rc);
3217	pImage->cbSendDataLength = RT_MIN(pImage->cbSendDataLength, cb);
3218	}
3219	return VINF_SUCCESS;
3220	}
3221
3222
3223	static bool serial_number_less(uint32_t s1, uint32_t s2)
3224	{
3225	return (s1 < s2 && s2 - s1 < 0x80000000) \|\| (s1 > s2 && s1 - s2 > 0x80000000);
3226	}
3227
3228	static bool serial_number_greater(uint32_t s1, uint32_t s2)
3229	{
3230	return (s1 < s2 && s2 - s1 > 0x80000000) \|\| (s1 > s2 && s1 - s2 < 0x80000000);
3231	}
3232
3233
3234	#ifdef IMPLEMENT_TARGET_AUTH
3235	static void chap_md5_generate_challenge(uint8_t pbChallenge, size_t pcbChallenge)
3236	{
3237	uint8_t cbChallenge;
3238
3239	cbChallenge = RTrand_U8(CHAP_MD5_CHALLENGE_MIN, CHAP_MD5_CHALLENGE_MAX);
3240	RTrand_bytes(pbChallenge, cbChallenge);
3241	*pcbChallenge = cbChallenge;
3242	}
3243	#endif
3244
3245
3246	static void chap_md5_compute_response(uint8_t pbResponse, uint8_t id, const uint8_t pbChallenge, size_t cbChallenge,
3247	const uint8_t *pbSecret, size_t cbSecret)
3248	{
3249	RTMD5CONTEXT ctx;
3250	uint8_t bId;
3251
3252	bId = id;
3253	RTMd5Init(&ctx);
3254	RTMd5Update(&ctx, &bId, 1);
3255	RTMd5Update(&ctx, pbSecret, cbSecret);
3256	RTMd5Update(&ctx, pbChallenge, cbChallenge);
3257	RTMd5Final(pbResponse, &ctx);
3258	}
3259
3260	/**
3261	* Internal. - Wrapper around the extended select callback of the net interface.
3262	*/
3263	DECLINLINE(int) iscsiIoThreadWait(PISCSIIMAGE pImage, RTMSINTERVAL cMillies, uint32_t fEvents, uint32_t *pfEvents)
3264	{
3265	return pImage->pIfNet->pfnSelectOneEx(pImage->Socket, fEvents, pfEvents, cMillies);
3266	}
3267
3268	/**
3269	* Internal. - Pokes a thread waiting for I/O.
3270	*/
3271	DECLINLINE(int) iscsiIoThreadPoke(PISCSIIMAGE pImage)
3272	{
3273	return pImage->pIfNet->pfnPoke(pImage->Socket);
3274	}
3275
3276	/**
3277	* Internal. - Get the next request from the queue.
3278	*/
3279	DECLINLINE(PISCSICMD) iscsiCmdGet(PISCSIIMAGE pImage)
3280	{
3281	int rc;
3282	PISCSICMD pIScsiCmd = NULL;
3283
3284	rc = RTSemMutexRequest(pImage->MutexReqQueue, RT_INDEFINITE_WAIT);
3285	AssertRC(rc);
3286
3287	pIScsiCmd = pImage->pScsiReqQueue;
3288	if (pIScsiCmd)
3289	{
3290	pImage->pScsiReqQueue = pIScsiCmd->pNext;
3291	pIScsiCmd->pNext = NULL;
3292	}
3293
3294	rc = RTSemMutexRelease(pImage->MutexReqQueue);
3295	AssertRC(rc);
3296
3297	return pIScsiCmd;
3298	}
3299
3300
3301	/**
3302	* Internal. - Adds the given command to the queue.
3303	*/
3304	DECLINLINE(int) iscsiCmdPut(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd)
3305	{
3306	int rc = RTSemMutexRequest(pImage->MutexReqQueue, RT_INDEFINITE_WAIT);
3307	AssertRC(rc);
3308
3309	pIScsiCmd->pNext = pImage->pScsiReqQueue;
3310	pImage->pScsiReqQueue = pIScsiCmd;
3311
3312	rc = RTSemMutexRelease(pImage->MutexReqQueue);
3313	AssertRC(rc);
3314
3315	iscsiIoThreadPoke(pImage);
3316
3317	return rc;
3318	}
3319
3320	/**
3321	* Internal. - Completes the request with the appropriate action.
3322	* Synchronous requests are completed with waking up the thread
3323	* and asynchronous ones by continuing the associated I/O context.
3324	*/
3325	static void iscsiCmdComplete(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd, int rcCmd)
3326	{
3327	LogFlowFunc(("pImage=%#p pIScsiCmd=%#p rcCmd=%Rrc\n", pImage, pIScsiCmd, rcCmd));
3328
3329	/* Remove from the table first. */
3330	iscsiCmdRemove(pImage, pIScsiCmd->Itt);
3331
3332	/* Call completion callback. */
3333	pIScsiCmd->pfnComplete(pImage, rcCmd, pIScsiCmd->pvUser);
3334
3335	/* Free command structure. */
3336	#ifdef DEBUG
3337	memset(pIScsiCmd, 0xff, sizeof(ISCSICMD));
3338	#endif
3339	RTMemFree(pIScsiCmd);
3340	}
3341
3342	/**
3343	* Clears all RX/TX PDU states and returns the command for the current
3344	* pending TX PDU if existing.
3345	*
3346	* @returns Pointer to the iSCSI command for the current PDU transmitted or NULL
3347	* if none is waiting.
3348	* @param pImage iSCSI connection state.
3349	*/
3350	static PISCSICMD iscsiPDURxTxClear(PISCSIIMAGE pImage)
3351	{
3352	PISCSICMD pIScsiCmdHead = NULL;
3353	PISCSIPDUTX pIScsiPDUTx = NULL;
3354
3355	/* Reset PDU we are receiving. */
3356	iscsiRecvPDUReset(pImage);
3357
3358	/*
3359	* Abort all PDUs we are about to transmit,
3360	* the command need a new Itt if the relogin is successful.
3361	*/
3362	while (pImage->pIScsiPDUTxHead)
3363	{
3364	pIScsiPDUTx = pImage->pIScsiPDUTxHead;
3365	pImage->pIScsiPDUTxHead = pIScsiPDUTx->pNext;
3366
3367	PISCSICMD pIScsiCmd = pIScsiPDUTx->pIScsiCmd;
3368	if (pIScsiCmd)
3369	{
3370	/* Place on command list. */
3371	pIScsiCmd->pNext = pIScsiCmdHead;
3372	pIScsiCmdHead = pIScsiCmd;
3373	}
3374	RTMemFree(pIScsiPDUTx);
3375	}
3376
3377	/* Clear the tail pointer (safety precaution). */
3378	pImage->pIScsiPDUTxTail = NULL;
3379
3380	/* Clear the current PDU too. */
3381	if (pImage->pIScsiPDUTxCur)
3382	{
3383	pIScsiPDUTx = pImage->pIScsiPDUTxCur;
3384
3385	pImage->pIScsiPDUTxCur = NULL;
3386	PISCSICMD pIScsiCmd = pIScsiPDUTx->pIScsiCmd;
3387	if (pIScsiCmd)
3388	{
3389	pIScsiCmd->pNext = pIScsiCmdHead;
3390	pIScsiCmdHead = pIScsiCmd;
3391	}
3392	RTMemFree(pIScsiPDUTx);
3393	}
3394
3395	return pIScsiCmdHead;
3396	}
3397
3398	/**
3399	* Rests the iSCSI connection state and returns a list of iSCSI commands pending
3400	* when this was called.
3401	*
3402	* @returns Pointer to the head of the pending iSCSI command list.
3403	* @param pImage iSCSI connection state.
3404	*/
3405	static PISCSICMD iscsiReset(PISCSIIMAGE pImage)
3406	{
3407	PISCSICMD pIScsiCmdHead = NULL;
3408	PISCSICMD pIScsiCmdCur = NULL;
3409
3410	/* Clear all in flight PDUs. */
3411	pIScsiCmdHead = iscsiPDURxTxClear(pImage);
3412
3413	/*
3414	* Get all commands which are waiting for a response
3415	* They need to be resend too after a successful reconnect.
3416	*/
3417	PISCSICMD pIScsiCmd = iscsiCmdRemoveAll(pImage);
3418	if (pIScsiCmd)
3419	{
3420	pIScsiCmdCur = pIScsiCmd;
3421	while (pIScsiCmdCur->pNext)
3422	pIScsiCmdCur = pIScsiCmdCur->pNext;
3423
3424	/*
3425	* Place them in front of the list because they are the oldest requests
3426	* and need to be processed first to minimize the risk to time out.
3427	*/
3428	pIScsiCmdCur->pNext = pIScsiCmdHead;
3429	pIScsiCmdHead = pIScsiCmd;
3430	}
3431
3432	return pIScsiCmdHead;
3433	}
3434
3435	/**
3436	* Reattaches the to the target after an error aborting
3437	* pending commands and resending them.
3438	*
3439	* @param pImage iSCSI connection state.
3440	*/
3441	static void iscsiReattach(PISCSIIMAGE pImage)
3442	{
3443	/* Close connection. */
3444	iscsiTransportClose(pImage);
3445	pImage->state = ISCSISTATE_FREE;
3446
3447	/* Reset the state and get the currently pending commands. */
3448	PISCSICMD pIScsiCmdHead = iscsiReset(pImage);
3449
3450	/* Try to attach. */
3451	int rc = iscsiAttach(pImage);
3452	if (RT_SUCCESS(rc))
3453	{
3454	/* Phew, we have a connection again.
3455	* Prepare new PDUs for the aborted commands.
3456	*/
3457	while (pIScsiCmdHead)
3458	{
3459	PISCSICMD pIScsiCmd = pIScsiCmdHead;
3460	pIScsiCmdHead = pIScsiCmdHead->pNext;
3461
3462	pIScsiCmd->pNext = NULL;
3463
3464	rc = iscsiPDUTxPrepare(pImage, pIScsiCmd);
3465	if (RT_FAILURE(rc))
3466	break;
3467	}
3468
3469	if (RT_FAILURE(rc))
3470	{
3471	/* Another error, just give up and report an error. */
3472	PISCSICMD pIScsiCmd = iscsiReset(pImage);
3473
3474	/* Concatenate both lists together so we can abort all requests below. */
3475	if (pIScsiCmd)
3476	{
3477	PISCSICMD pIScsiCmdCur = pIScsiCmd;
3478	while (pIScsiCmdCur->pNext)
3479	pIScsiCmdCur = pIScsiCmdCur->pNext;
3480
3481	pIScsiCmdCur->pNext = pIScsiCmdHead;
3482	pIScsiCmdHead = pIScsiCmd;
3483	}
3484	}
3485	}
3486
3487	if (RT_FAILURE(rc))
3488	{
3489	/*
3490	* Still no luck, complete commands with error so the caller
3491	* has a chance to inform the user and maybe resend the command.
3492	*/
3493	while (pIScsiCmdHead)
3494	{
3495	PISCSICMD pIScsiCmd = pIScsiCmdHead;
3496	pIScsiCmdHead = pIScsiCmdHead->pNext;
3497
3498	iscsiCmdComplete(pImage, pIScsiCmd, VERR_BROKEN_PIPE);
3499	}
3500	}
3501	}
3502
3503	/**
3504	* Internal. Main iSCSI I/O worker.
3505	*/
3506	static DECLCALLBACK(int) iscsiIoThreadWorker(RTTHREAD hThreadSelf, void *pvUser)
3507	{
3508	RT_NOREF1(hThreadSelf);
3509	PISCSIIMAGE pImage = (PISCSIIMAGE)pvUser;
3510
3511	/* Initialize the initial event mask. */
3512	pImage->fPollEvents = VD_INTERFACETCPNET_EVT_READ \| VD_INTERFACETCPNET_EVT_ERROR;
3513
3514	while (pImage->fRunning)
3515	{
3516	uint32_t fEvents;
3517	int rc;
3518
3519	fEvents = 0;
3520
3521	/* Wait for work or for data from the target. */
3522	RTMSINTERVAL msWait;
3523
3524	if (pImage->cCmdsWaiting)
3525	{
3526	pImage->fPollEvents &= ~VD_INTERFACETCPNET_HINT_INTERRUPT;
3527	msWait = pImage->uReadTimeout;
3528	}
3529	else
3530	{
3531	pImage->fPollEvents \|= VD_INTERFACETCPNET_HINT_INTERRUPT;
3532	msWait = RT_INDEFINITE_WAIT;
3533	}
3534
3535	LogFlow(("Waiting for events fPollEvents=%#x\n", pImage->fPollEvents));
3536	rc = iscsiIoThreadWait(pImage, msWait, pImage->fPollEvents, &fEvents);
3537	if (rc == VERR_INTERRUPTED)
3538	{
3539	/* Check the queue. */
3540	PISCSICMD pIScsiCmd = iscsiCmdGet(pImage);
3541
3542	while (pIScsiCmd)
3543	{
3544	switch (pIScsiCmd->enmCmdType)
3545	{
3546	case ISCSICMDTYPE_REQ:
3547	{
3548	if ( !iscsiIsClientConnected(pImage)
3549	&& pImage->fTryReconnect)
3550	{
3551	pImage->fTryReconnect = false;
3552	iscsiReattach(pImage);
3553	}
3554
3555	/* If there is no connection complete the command with an error. */
3556	if (RT_LIKELY(iscsiIsClientConnected(pImage)))
3557	{
3558	rc = iscsiPDUTxPrepare(pImage, pIScsiCmd);
3559	if (RT_FAILURE(rc))
3560	iscsiReattach(pImage);
3561	}
3562	else
3563	iscsiCmdComplete(pImage, pIScsiCmd, VERR_NET_CONNECTION_REFUSED);
3564	break;
3565	}
3566	case ISCSICMDTYPE_EXEC:
3567	{
3568	rc = pIScsiCmd->CmdType.Exec.pfnExec(pIScsiCmd->CmdType.Exec.pvUser);
3569	iscsiCmdComplete(pImage, pIScsiCmd, rc);
3570	break;
3571	}
3572	default:
3573	AssertMsgFailed(("Invalid command type %d\n", pIScsiCmd->enmCmdType));
3574	}
3575
3576	pIScsiCmd = iscsiCmdGet(pImage);
3577	}
3578	}
3579	else if (rc == VERR_TIMEOUT && pImage->cCmdsWaiting)
3580	{
3581	/*
3582	* We are waiting for a response from the target but
3583	* it didn't answered yet.
3584	* We assume the connection is broken and try to reconnect.
3585	*/
3586	LogFlow(("Timed out while waiting for an answer from the target, reconnecting\n"));
3587	iscsiReattach(pImage);
3588	}
3589	else if (RT_SUCCESS(rc) \|\| rc == VERR_TIMEOUT)
3590	{
3591	Assert(pImage->state == ISCSISTATE_NORMAL);
3592	LogFlow(("Got socket events %#x\n", fEvents));
3593
3594	if (fEvents & VD_INTERFACETCPNET_EVT_READ)
3595	{
3596	/* Continue or start a new PDU receive task */
3597	LogFlow(("There is data on the socket\n"));
3598	rc = iscsiRecvPDUAsync(pImage);
3599	if (rc == VERR_BROKEN_PIPE)
3600	iscsiReattach(pImage);
3601	else if (RT_FAILURE(rc))
3602	iscsiLogRel(pImage, "iSCSI: Handling incoming request failed %Rrc\n", rc);
3603	}
3604
3605	if (fEvents & VD_INTERFACETCPNET_EVT_WRITE)
3606	{
3607	LogFlow(("The socket is writable\n"));
3608	rc = iscsiSendPDUAsync(pImage);
3609	if (RT_FAILURE(rc))
3610	{
3611	/*
3612	* Something unexpected happened, log the error and try to reset everything
3613	* by reattaching to the target.
3614	*/
3615	iscsiLogRel(pImage, "iSCSI: Sending PDU failed %Rrc\n", rc);
3616	iscsiReattach(pImage);
3617	}
3618	}
3619
3620	if (fEvents & VD_INTERFACETCPNET_EVT_ERROR)
3621	{
3622	LogFlow(("An error ocurred\n"));
3623	iscsiReattach(pImage);
3624	}
3625	}
3626	else
3627	iscsiLogRel(pImage, "iSCSI: Waiting for I/O failed rc=%Rrc\n", rc);
3628	}
3629
3630	return VINF_SUCCESS;
3631	}
3632
3633	/**
3634	* Internal. - Enqueues a request asynchronously.
3635	*/
3636	static int iscsiCommandAsync(PISCSIIMAGE pImage, PSCSIREQ pScsiReq,
3637	PFNISCSICMDCOMPLETED pfnComplete, void *pvUser)
3638	{
3639	int rc;
3640
3641	if (pImage->fExtendedSelectSupported)
3642	{
3643	PISCSICMD pIScsiCmd = (PISCSICMD)RTMemAllocZ(sizeof(ISCSICMD));
3644	if (!pIScsiCmd)
3645	return VERR_NO_MEMORY;
3646
3647	/* Init the command structure. */
3648	pIScsiCmd->pNext = NULL;
3649	pIScsiCmd->enmCmdType = ISCSICMDTYPE_REQ;
3650	pIScsiCmd->pfnComplete = pfnComplete;
3651	pIScsiCmd->pvUser = pvUser;
3652	pIScsiCmd->CmdType.ScsiReq.pScsiReq = pScsiReq;
3653
3654	rc = iscsiCmdPut(pImage, pIScsiCmd);
3655	if (RT_FAILURE(rc))
3656	RTMemFree(pIScsiCmd);
3657	}
3658	else
3659	rc = VERR_NOT_SUPPORTED;
3660
3661	return rc;
3662	}
3663
3664	static DECLCALLBACK(void) iscsiCommandCompleteSync(PISCSIIMAGE pImage, int rcReq, void *pvUser)
3665	{
3666	RT_NOREF1(pImage);
3667	PISCSICMDSYNC pIScsiCmdSync = (PISCSICMDSYNC)pvUser;
3668
3669	pIScsiCmdSync->rcCmd = rcReq;
3670	int rc = RTSemEventSignal(pIScsiCmdSync->EventSem);
3671	AssertRC(rc);
3672	}
3673
3674	/**
3675	* Internal. - Enqueues a request in a synchronous fashion
3676	* i.e. returns when the request completed.
3677	*/
3678	static int iscsiCommandSync(PISCSIIMAGE pImage, PSCSIREQ pScsiReq, bool fRetry, int rcSense)
3679	{
3680	int rc;
3681
3682	if (pImage->fExtendedSelectSupported)
3683	{
3684	ISCSICMDSYNC IScsiCmdSync;
3685
3686	/* Create event semaphore. */
3687	rc = RTSemEventCreate(&IScsiCmdSync.EventSem);
3688	if (RT_FAILURE(rc))
3689	return rc;
3690
3691	if (fRetry)
3692	{
3693	for (unsigned i = 0; i < 10; i++)
3694	{
3695	rc = iscsiCommandAsync(pImage, pScsiReq, iscsiCommandCompleteSync, &IScsiCmdSync);
3696	if (RT_FAILURE(rc))
3697	break;
3698
3699	rc = RTSemEventWait(IScsiCmdSync.EventSem, RT_INDEFINITE_WAIT);
3700	AssertRC(rc);
3701	rc = IScsiCmdSync.rcCmd;
3702
3703	if ( (RT_SUCCESS(rc) && !pScsiReq->cbSense)
3704	\|\| RT_FAILURE(rc))
3705	break;
3706	rc = rcSense;
3707	}
3708	}
3709	else
3710	{
3711	rc = iscsiCommandAsync(pImage, pScsiReq, iscsiCommandCompleteSync, &IScsiCmdSync);
3712	if (RT_SUCCESS(rc))
3713	{
3714	rc = RTSemEventWait(IScsiCmdSync.EventSem, RT_INDEFINITE_WAIT);
3715	AssertRC(rc);
3716	rc = IScsiCmdSync.rcCmd;
3717
3718	if (RT_FAILURE(rc) \|\| pScsiReq->cbSense > 0)
3719	rc = rcSense;
3720	}
3721	}
3722
3723	RTSemEventDestroy(IScsiCmdSync.EventSem);
3724	}
3725	else
3726	{
3727	if (fRetry)
3728	{
3729	rc = VINF_SUCCESS; /* (MSC incorrectly thinks it can be uninitialized) */
3730	for (unsigned i = 0; i < 10; i++)
3731	{
3732	rc = iscsiCommand(pImage, pScsiReq);
3733	if ( (RT_SUCCESS(rc) && !pScsiReq->cbSense)
3734	\|\| RT_FAILURE(rc))
3735	break;
3736	rc = rcSense;
3737	}
3738	}
3739	else
3740	{
3741	rc = iscsiCommand(pImage, pScsiReq);
3742	if (RT_FAILURE(rc) \|\| pScsiReq->cbSense > 0)
3743	rc = rcSense;
3744	}
3745	}
3746
3747	return rc;
3748	}
3749
3750
3751	/**
3752	* Internal. - Executes a given function in a synchronous fashion
3753	* on the I/O thread if available.
3754	*/
3755	static int iscsiExecSync(PISCSIIMAGE pImage, PFNISCSIEXEC pfnExec, void *pvUser)
3756	{
3757	int rc;
3758
3759	if (pImage->fExtendedSelectSupported)
3760	{
3761	ISCSICMDSYNC IScsiCmdSync;
3762	PISCSICMD pIScsiCmd = (PISCSICMD)RTMemAllocZ(sizeof(ISCSICMD));
3763	if (!pIScsiCmd)
3764	return VERR_NO_MEMORY;
3765
3766	/* Create event semaphore. */
3767	rc = RTSemEventCreate(&IScsiCmdSync.EventSem);
3768	if (RT_FAILURE(rc))
3769	{
3770	RTMemFree(pIScsiCmd);
3771	return rc;
3772	}
3773
3774	/* Init the command structure. */
3775	pIScsiCmd->pNext = NULL;
3776	pIScsiCmd->enmCmdType = ISCSICMDTYPE_EXEC;
3777	pIScsiCmd->pfnComplete = iscsiCommandCompleteSync;
3778	pIScsiCmd->pvUser = &IScsiCmdSync;
3779	pIScsiCmd->CmdType.Exec.pfnExec = pfnExec;
3780	pIScsiCmd->CmdType.Exec.pvUser = pvUser;
3781
3782	rc = iscsiCmdPut(pImage, pIScsiCmd);
3783	if (RT_FAILURE(rc))
3784	RTMemFree(pIScsiCmd);
3785	else
3786	{
3787	rc = RTSemEventWait(IScsiCmdSync.EventSem, RT_INDEFINITE_WAIT);
3788	AssertRC(rc);
3789	rc = IScsiCmdSync.rcCmd;
3790	}
3791
3792	RTSemEventDestroy(IScsiCmdSync.EventSem);
3793	}
3794	else
3795	{
3796	/* No I/O thread, execute in the current thread. */
3797	rc = pfnExec(pvUser);
3798	}
3799
3800	return rc;
3801	}
3802
3803
3804	static DECLCALLBACK(void) iscsiCommandAsyncComplete(PISCSIIMAGE pImage, int rcReq, void *pvUser)
3805	{
3806	bool fComplete = true;
3807	size_t cbTransfered = 0;
3808	PSCSIREQ pScsiReq = (PSCSIREQ)pvUser;
3809
3810	if (RT_SUCCESS(rcReq))
3811	ASMAtomicWriteU32(&pImage->cLoginsSinceIo, 0);
3812
3813	if ( RT_SUCCESS(rcReq)
3814	&& pScsiReq->cbSense > 0)
3815	{
3816	/* Try again if possible. */
3817	if (pScsiReq->cSenseRetries > 0)
3818	{
3819	pScsiReq->cSenseRetries--;
3820	pScsiReq->cbSense = sizeof(pScsiReq->abSense);
3821	int rc = iscsiCommandAsync(pImage, pScsiReq, iscsiCommandAsyncComplete, pScsiReq);
3822	if (RT_SUCCESS(rc))
3823	fComplete = false;
3824	else
3825	rcReq = pScsiReq->rcSense;
3826	}
3827	else
3828	rcReq = pScsiReq->rcSense;
3829	}
3830
3831	if (fComplete)
3832	{
3833	if (pScsiReq->enmXfer == SCSIXFER_FROM_TARGET)
3834	cbTransfered = pScsiReq->cbT2IData;
3835	else if (pScsiReq->enmXfer == SCSIXFER_TO_TARGET)
3836	cbTransfered = pScsiReq->cbI2TData;
3837	else
3838	AssertMsg(pScsiReq->enmXfer == SCSIXFER_NONE, ("To/From transfers are not supported yet\n"));
3839
3840	/* Continue I/O context. */
3841	pImage->pIfIo->pfnIoCtxCompleted(pImage->pIfIo->Core.pvUser,
3842	pScsiReq->pIoCtx, rcReq,
3843	cbTransfered);
3844
3845	RTMemFree(pScsiReq);
3846	}
3847	}
3848
3849
3850	/**
3851	* Internal. Free all allocated space for representing an image, and optionally
3852	* delete the image from disk.
3853	*/
3854	static int iscsiFreeImage(PISCSIIMAGE pImage, bool fDelete)
3855	{
3856	int rc = VINF_SUCCESS;
3857	Assert(!fDelete); NOREF(fDelete); /* This MUST be false, the flag isn't supported. */
3858
3859	/* Freeing a never allocated image (e.g. because the open failed) is
3860	* not signalled as an error. After all nothing bad happens. */
3861	if (pImage)
3862	{
3863	if (pImage->Mutex != NIL_RTSEMMUTEX)
3864	{
3865	/* Detaching only makes sense when the mutex is there. Otherwise the
3866	* failure happened long before we could attach to the target. */
3867	iscsiExecSync(pImage, iscsiDetach, pImage);
3868	RTSemMutexDestroy(pImage->Mutex);
3869	pImage->Mutex = NIL_RTSEMMUTEX;
3870	}
3871	if (pImage->hThreadIo != NIL_RTTHREAD)
3872	{
3873	ASMAtomicXchgBool(&pImage->fRunning, false);
3874	rc = iscsiIoThreadPoke(pImage);
3875	AssertRC(rc);
3876
3877	/* Wait for the thread to terminate. */
3878	rc = RTThreadWait(pImage->hThreadIo, RT_INDEFINITE_WAIT, NULL);
3879	AssertRC(rc);
3880	}
3881	/* Destroy the socket. */
3882	if (pImage->Socket != NIL_VDSOCKET)
3883	{
3884	pImage->pIfNet->pfnSocketDestroy(pImage->Socket);
3885	}
3886	if (pImage->MutexReqQueue != NIL_RTSEMMUTEX)
3887	{
3888	RTSemMutexDestroy(pImage->MutexReqQueue);
3889	pImage->MutexReqQueue = NIL_RTSEMMUTEX;
3890	}
3891	if (pImage->pszTargetName)
3892	{
3893	RTMemFree(pImage->pszTargetName);
3894	pImage->pszTargetName = NULL;
3895	}
3896	if (pImage->pszTargetAddress)
3897	{
3898	RTMemFree(pImage->pszTargetAddress);
3899	pImage->pszTargetAddress = NULL;
3900	}
3901	if (pImage->pszInitiatorName)
3902	{
3903	if (pImage->fAutomaticInitiatorName)
3904	RTStrFree(pImage->pszInitiatorName);
3905	else
3906	RTMemFree(pImage->pszInitiatorName);
3907	pImage->pszInitiatorName = NULL;
3908	}
3909	if (pImage->pszInitiatorUsername)
3910	{
3911	RTMemFree(pImage->pszInitiatorUsername);
3912	pImage->pszInitiatorUsername = NULL;
3913	}
3914	if (pImage->pbInitiatorSecret)
3915	{
3916	RTMemFree(pImage->pbInitiatorSecret);
3917	pImage->pbInitiatorSecret = NULL;
3918	}
3919	if (pImage->pszTargetUsername)
3920	{
3921	RTMemFree(pImage->pszTargetUsername);
3922	pImage->pszTargetUsername = NULL;
3923	}
3924	if (pImage->pbTargetSecret)
3925	{
3926	RTMemFree(pImage->pbTargetSecret);
3927	pImage->pbTargetSecret = NULL;
3928	}
3929	if (pImage->pvRecvPDUBuf)
3930	{
3931	RTMemFree(pImage->pvRecvPDUBuf);
3932	pImage->pvRecvPDUBuf = NULL;
3933	}
3934	if (pImage->pszHostname)
3935	{
3936	RTMemFree(pImage->pszHostname);
3937	pImage->pszHostname = NULL;
3938	}
3939
3940	pImage->cbRecvPDUResidual = 0;
3941	}
3942
3943	LogFlowFunc(("returns %Rrc\n", rc));
3944	return rc;
3945	}
3946
3947	/**
3948	* Inits the basic iSCSI image state, allocating vital resources.
3949	*
3950	* @returns VBox status code.
3951	* @param pImage The iSCSI image instance.
3952	*/
3953	static int iscsiOpenImageInit(PISCSIIMAGE pImage)
3954	{
3955	int rc = VINF_SUCCESS;
3956
3957	/* Get error signalling interface. */
3958	pImage->pIfError = VDIfErrorGet(pImage->pVDIfsDisk);
3959
3960	/* Get TCP network stack interface. */
3961	pImage->pIfNet = VDIfTcpNetGet(pImage->pVDIfsImage);
3962	if (pImage->pIfNet)
3963	{
3964	/* Get configuration interface. */
3965	pImage->pIfConfig = VDIfConfigGet(pImage->pVDIfsImage);
3966	if (pImage->pIfConfig)
3967	{
3968	/* Get I/O interface. */
3969	pImage->pIfIo = VDIfIoIntGet(pImage->pVDIfsImage);
3970	if (pImage->pIfIo)
3971	{
3972	/* This ISID will be adjusted later to make it unique on this host. */
3973	pImage->pszHostname = NULL;
3974	pImage->uPort = 0;
3975	pImage->Socket = NIL_VDSOCKET;
3976	pImage->ISID = 0x800000000000ULL \| 0x001234560000ULL;
3977	pImage->cISCSIRetries = 10;
3978	pImage->state = ISCSISTATE_FREE;
3979	pImage->cLoginsSinceIo = 0;
3980	pImage->Mutex = NIL_RTSEMMUTEX;
3981	pImage->MutexReqQueue = NIL_RTSEMMUTEX;
3982	pImage->pszInitiatorUsername = NULL;
3983	pImage->pbInitiatorSecret = NULL;
3984	pImage->cbInitiatorSecret = 0;
3985	pImage->pszTargetUsername = NULL;
3986	pImage->pbTargetSecret = NULL;
3987	pImage->cbTargetSecret = 0;
3988
3989	memset(pImage->aCmdsWaiting, 0, sizeof(pImage->aCmdsWaiting));
3990	pImage->cbRecvPDUResidual = 0;
3991
3992	pImage->pvRecvPDUBuf = RTMemAlloc(ISCSI_RECV_PDU_BUFFER_SIZE);
3993	pImage->cbRecvPDUBuf = ISCSI_RECV_PDU_BUFFER_SIZE;
3994	if (!pImage->pvRecvPDUBuf)
3995	rc = VERR_NO_MEMORY;
3996
3997	if (RT_SUCCESS(rc))
3998	rc = RTSemMutexCreate(&pImage->Mutex);
3999	if (RT_SUCCESS(rc))
4000	rc = RTSemMutexCreate(&pImage->MutexReqQueue);
4001	}
4002	else
4003	rc = vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_INTERFACE,
4004	RT_SRC_POS, N_("iSCSI: I/O interface missing"));
4005	}
4006	else
4007	rc = vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_INTERFACE,
4008	RT_SRC_POS, N_("iSCSI: configuration interface missing"));
4009	}
4010	else
4011	rc = vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_INTERFACE,
4012	RT_SRC_POS, N_("iSCSI: TCP network stack interface missing"));
4013
4014	return rc;
4015	}
4016
4017	/**
4018	* Parses the user supplied config before opening the connection to the target.
4019	*
4020	* @returns VBox status code.
4021	* @param pImage The iSCSI image instance.
4022	*/
4023	static int iscsiOpenImageParseCfg(PISCSIIMAGE pImage)
4024	{
4025	char pszLUN = NULL, pszLUNInitial = NULL;
4026	bool fLunEncoded = false;
4027	uint32_t uWriteSplitDef = 0;
4028	uint32_t uTimeoutDef = 0;
4029	uint64_t uCfgTmp = 0;
4030	bool fHostIPDef = false;
4031	bool fDumpMalformedPacketsDef = false;
4032
4033	int rc = RTStrToUInt32Full(s_iscsiConfigDefaultWriteSplit, 0, &uWriteSplitDef);
4034	AssertRC(rc);
4035	rc = RTStrToUInt32Full(s_iscsiConfigDefaultTimeout, 0, &uTimeoutDef);
4036	AssertRC(rc);
4037	rc = RTStrToUInt64Full(s_iscsiConfigDefaultHostIPStack, 0, &uCfgTmp);
4038	AssertRC(rc);
4039	fHostIPDef = RT_BOOL(uCfgTmp);
4040	rc = RTStrToUInt64Full(s_iscsiConfigDefaultDumpMalformedPackets, 0, &uCfgTmp);
4041	AssertRC(rc);
4042	fDumpMalformedPacketsDef = RT_BOOL(uCfgTmp);
4043
4044	/* Validate configuration, detect unknown keys. */
4045	if (!VDCFGAreKeysValid(pImage->pIfConfig,
4046	"TargetName\0"
4047	"InitiatorName\0"
4048	"LUN\0"
4049	"TargetAddress\0"
4050	"InitiatorUsername\0"
4051	"InitiatorSecret\0"
4052	"InitiatorSecretEncrypted\0"
4053	"TargetUsername\0"
4054	"TargetSecret\0"
4055	"WriteSplit\0"
4056	"Timeout\0"
4057	"HostIPStack\0"
4058	"DumpMalformedPackets\0"))
4059	return vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_CFG_VALUES, RT_SRC_POS, N_("iSCSI: configuration error: unknown configuration keys present"));
4060
4061	/* Query the iSCSI upper level configuration. */
4062	rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "TargetName", &pImage->pszTargetName);
4063	if (RT_FAILURE(rc))
4064	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetName as string"));
4065
4066	rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "InitiatorName", &pImage->pszInitiatorName);
4067	if (rc == VERR_CFGM_VALUE_NOT_FOUND \|\| rc == VERR_CFGM_NO_PARENT)
4068	pImage->fAutomaticInitiatorName = true;
4069	else if (RT_FAILURE(rc))
4070	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read InitiatorName as string"));
4071
4072	rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "LUN", &pszLUN);
4073	if (rc == VERR_CFGM_VALUE_NOT_FOUND \|\| rc == VERR_CFGM_NO_PARENT)
4074	{
4075	rc = VINF_SUCCESS;
4076	pImage->fAutomaticLUN = true;
4077	}
4078	else if (RT_FAILURE(rc))
4079	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read LUN as string"));
4080
4081	if (pImage->fAutomaticLUN)
4082	pImage->LUN = 0; /* Default to LUN 0. */
4083	else
4084	{
4085	pszLUNInitial = pszLUN;
4086	if (!strncmp(pszLUN, "enc", 3))
4087	{
4088	fLunEncoded = true;
4089	pszLUN += 3;
4090	}
4091	rc = RTStrToUInt64Full(pszLUN, 0, &pImage->LUN);
4092	if (RT_FAILURE(rc))
4093	rc = vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to convert LUN to integer"));
4094
4095	RTMemFree(pszLUNInitial);
4096	}
4097	if (RT_SUCCESS(rc) && !fLunEncoded)
4098	{
4099	if (pImage->LUN <= 255)
4100	pImage->LUN = pImage->LUN << 48; /* uses peripheral device addressing method */
4101	else if (pImage->LUN <= 16383)
4102	pImage->LUN = (pImage->LUN << 48) \| RT_BIT_64(62); /* uses flat space addressing method */
4103	else
4104	rc = vdIfError(pImage->pIfError, VERR_OUT_OF_RANGE, RT_SRC_POS, N_("iSCSI: configuration error: LUN number out of range (0-16383)"));
4105	}
4106
4107	if (RT_FAILURE(rc))
4108	return rc;
4109
4110	rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "TargetAddress", &pImage->pszTargetAddress);
4111	if (RT_FAILURE(rc))
4112	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetAddress as string"));
4113
4114	rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "InitiatorUsername", &pImage->pszInitiatorUsername);
4115	if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4116	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read InitiatorUsername as string"));
4117
4118	rc = VDCFGQueryBytesAlloc(pImage->pIfConfig, "InitiatorSecret",
4119	(void **)&pImage->pbInitiatorSecret, &pImage->cbInitiatorSecret);
4120	if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4121	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read InitiatorSecret as byte string"));
4122
4123	void *pvInitiatorSecretEncrypted;
4124	size_t cbInitiatorSecretEncrypted;
4125	rc = VDCFGQueryBytesAlloc(pImage->pIfConfig, "InitiatorSecretEncrypted",
4126	&pvInitiatorSecretEncrypted, &cbInitiatorSecretEncrypted);
4127	if (RT_SUCCESS(rc))
4128	{
4129	RTMemFree(pvInitiatorSecretEncrypted);
4130	if (!pImage->pbInitiatorSecret)
4131	{
4132	/* we have an encrypted initiator secret but not an unencrypted one */
4133	return vdIfError(pImage->pIfError, VERR_VD_ISCSI_SECRET_ENCRYPTED, RT_SRC_POS, N_("iSCSI: initiator secret not decrypted"));
4134	}
4135	}
4136
4137	rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "TargetUsername", &pImage->pszTargetUsername);
4138	if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4139	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetUsername as string"));
4140
4141	rc = VDCFGQueryBytesAlloc(pImage->pIfConfig, "TargetSecret",
4142	(void **)&pImage->pbTargetSecret, &pImage->cbTargetSecret);
4143	if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4144	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetSecret as byte string"));
4145
4146	rc = VDCFGQueryU32Def(pImage->pIfConfig, "WriteSplit", &pImage->cbWriteSplit, uWriteSplitDef);
4147	if (RT_FAILURE(rc))
4148	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read WriteSplit as U32"));
4149
4150	/* Query the iSCSI lower level configuration. */
4151	rc = VDCFGQueryU32Def(pImage->pIfConfig, "Timeout", &pImage->uReadTimeout, uTimeoutDef);
4152	if (RT_FAILURE(rc))
4153	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read Timeout as U32"));
4154
4155	rc = VDCFGQueryBoolDef(pImage->pIfConfig, "HostIPStack", &pImage->fHostIP, fHostIPDef);
4156	if (RT_FAILURE(rc))
4157	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read HostIPStack as boolean"));
4158
4159	rc = VDCFGQueryBoolDef(pImage->pIfConfig, "DumpMalformedPackets",
4160	&pImage->fDumpMalformedPackets, fDumpMalformedPacketsDef);
4161	if (RT_FAILURE(rc))
4162	return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read DumpMalformedPackets as boolean"));
4163
4164	return VINF_SUCCESS;
4165	}
4166
4167	/**
4168	* Creates the necessary socket structure.
4169	*
4170	* @returns VBox status code.
4171	* @param pImage The iSCSI image instance.
4172	*/
4173	static int iscsiOpenImageSocketCreate(PISCSIIMAGE pImage)
4174	{
4175	/* Create the socket structure. */
4176	int rc = pImage->pIfNet->pfnSocketCreate(VD_INTERFACETCPNET_CONNECT_EXTENDED_SELECT,
4177	&pImage->Socket);
4178	if (RT_SUCCESS(rc))
4179	{
4180	pImage->fExtendedSelectSupported = true;
4181	pImage->fRunning = true;
4182	rc = RTThreadCreate(&pImage->hThreadIo, iscsiIoThreadWorker, pImage, 0,
4183	RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "iSCSI-Io");
4184	if (RT_FAILURE(rc))
4185	LogFunc(("Creating iSCSI I/O thread failed rc=%Rrc\n", rc));
4186	}
4187	else if (rc == VERR_NOT_SUPPORTED)
4188	{
4189	/* Async I/O is not supported without extended select. */
4190	if ((pImage->uOpenFlags & VD_OPEN_FLAGS_ASYNC_IO))
4191	LogFunc(("Extended select is not supported by the interface but async I/O is requested -> %Rrc\n", rc));
4192	else
4193	{
4194	pImage->fExtendedSelectSupported = false;
4195	rc = pImage->pIfNet->pfnSocketCreate(0, &pImage->Socket);
4196	}
4197	}
4198
4199	if (RT_FAILURE(rc))
4200	LogFunc(("Creating socket failed -> %Rrc\n", rc));
4201
4202	return rc;
4203	}
4204
4205	/**
4206	* Issues a REPORT LUNS to the target.
4207	*
4208	* @returns VBox status code.
4209	* @param pImage The iSCSI image instance.
4210	*/
4211	static int iscsiOpenImageReportLuns(PISCSIIMAGE pImage)
4212	{
4213	SCSIREQ sr;
4214	RTSGSEG DataSeg;
4215	uint8_t rlundata[16];
4216
4217	/*
4218	* Inquire available LUNs.
4219	*/
4220	RT_ZERO(sr.abCDB);
4221	sr.abCDB[0] = SCSI_REPORT_LUNS;
4222	sr.abCDB[1] = 0; /* reserved */
4223	sr.abCDB[2] = 0; /* reserved */
4224	sr.abCDB[3] = 0; /* reserved */
4225	sr.abCDB[4] = 0; /* reserved */
4226	sr.abCDB[5] = 0; /* reserved */
4227	sr.abCDB[6] = sizeof(rlundata) >> 24;
4228	sr.abCDB[7] = (sizeof(rlundata) >> 16) & 0xff;
4229	sr.abCDB[8] = (sizeof(rlundata) >> 8) & 0xff;
4230	sr.abCDB[9] = sizeof(rlundata) & 0xff;
4231	sr.abCDB[10] = 0; /* reserved */
4232	sr.abCDB[11] = 0; /* control */
4233
4234	DataSeg.pvSeg = rlundata;
4235	DataSeg.cbSeg = sizeof(rlundata);
4236
4237	sr.enmXfer = SCSIXFER_FROM_TARGET;
4238	sr.cbCDB = 12;
4239	sr.cbI2TData = 0;
4240	sr.paI2TSegs = NULL;
4241	sr.cI2TSegs = 0;
4242	sr.cbT2IData = DataSeg.cbSeg;
4243	sr.paT2ISegs = &DataSeg;
4244	sr.cT2ISegs = 1;
4245	sr.cbSense = sizeof(sr.abSense);
4246	int rc = iscsiCommandSync(pImage, &sr, false, VERR_INVALID_STATE);
4247	if (RT_FAILURE(rc))
4248	LogRel(("iSCSI: Could not get LUN info for target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4249
4250	/* If there is a single LUN on the target, then either verify that it matches the explicitly
4251	* configured LUN, or just use it if a LUN was not configured (defaulted to 0). For multi-LUN targets,
4252	* require a correctly configured LUN.
4253	*/
4254	uint32_t cbLuns = (rlundata[0] << 24) \| (rlundata[1] << 16) \| (rlundata[2] << 8) \| rlundata[3];
4255	unsigned cLuns = cbLuns / 8;
4256
4257	/* Dig out the first LUN. */
4258	uint64_t uTgtLun = 0;
4259	if ((rlundata[8] & 0xc0) == 0)
4260	{
4261	/* Single-byte LUN in 0-255 range. */
4262	uTgtLun = rlundata[9];
4263	}
4264	else if ((rlundata[8] & 0xc0) == 0x40)
4265	{
4266	/* Two-byte LUN in 256-16383 range. */
4267	uTgtLun = rlundata[9] \| ((rlundata[8] & 0x3f) << 8);
4268	uTgtLun = (uTgtLun << 48) \| RT_BIT_64(62);
4269	}
4270	else
4271	rc = vdIfError(pImage->pIfError, VERR_OUT_OF_RANGE, RT_SRC_POS, N_("iSCSI: Reported LUN number out of range (0-16383)"));
4272	if (RT_FAILURE(rc))
4273	return rc;
4274
4275	LogRel(("iSCSI: %u LUN(s), first LUN %RX64\n", cLuns, uTgtLun));
4276
4277	/* Convert the LUN back into the 64-bit format. */
4278	if (uTgtLun <= 255)
4279	uTgtLun = uTgtLun << 48;
4280	else
4281	{
4282	Assert(uTgtLun <= 16383);
4283	uTgtLun = (uTgtLun << 48) \| RT_BIT_64(62);
4284	}
4285
4286	if (cLuns == 1)
4287	{
4288	/* NB: It is valid to have a single LUN other than zero, at least in SPC-3. */
4289	if (pImage->fAutomaticLUN)
4290	pImage->LUN = uTgtLun;
4291	else if (pImage->LUN != uTgtLun)
4292	rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE, RT_SRC_POS, N_("iSCSI: configuration error: Configured LUN does not match what target provides"));
4293	}
4294
4295	return rc;
4296	}
4297
4298	/**
4299	* Issues the INQUIRY command to the target and checks for the correct device type.
4300	*
4301	* @returns VBox status code.
4302	* @param pImage The iSCSI image instance.
4303	*/
4304	static int iscsiOpenImageInquiry(PISCSIIMAGE pImage)
4305	{
4306	SCSIREQ sr;
4307	RTSGSEG DataSeg;
4308	uint8_t data8[8];
4309
4310	/*
4311	* Inquire device characteristics - no tapes, scanners etc., please.
4312	*/
4313	RT_ZERO(sr.abCDB);
4314	sr.abCDB[0] = SCSI_INQUIRY;
4315	sr.abCDB[1] = 0; /* reserved */
4316	sr.abCDB[2] = 0; /* reserved */
4317	sr.abCDB[3] = 0; /* reserved */
4318	sr.abCDB[4] = sizeof(data8);
4319	sr.abCDB[5] = 0; /* control */
4320
4321	DataSeg.pvSeg = data8;
4322	DataSeg.cbSeg = sizeof(data8);
4323
4324	sr.enmXfer = SCSIXFER_FROM_TARGET;
4325	sr.cbCDB = 6;
4326	sr.cbI2TData = 0;
4327	sr.paI2TSegs = NULL;
4328	sr.cI2TSegs = 0;
4329	sr.cbT2IData = DataSeg.cbSeg;
4330	sr.paT2ISegs = &DataSeg;
4331	sr.cT2ISegs = 1;
4332	sr.cbSense = sizeof(sr.abSense);
4333	int rc = iscsiCommandSync(pImage, &sr, true /* fRetry */, VERR_INVALID_STATE);
4334	if (RT_SUCCESS(rc))
4335	{
4336	uint8_t devType = (sr.cbT2IData > 0) ? data8[0] & SCSI_DEVTYPE_MASK : 255;
4337	if (devType == SCSI_DEVTYPE_DISK)
4338	{
4339	uint8_t uCmdQueue = (sr.cbT2IData >= 8) ? data8[7] & SCSI_INQUIRY_CMDQUE_MASK : 0;
4340	if (uCmdQueue > 0)
4341	pImage->fCmdQueuingSupported = true;
4342	else if (pImage->uOpenFlags & VD_OPEN_FLAGS_ASYNC_IO)
4343	rc = VERR_NOT_SUPPORTED;
4344	else
4345	LogRel(("iSCSI: target address %s, target name %s, %s command queuing\n",
4346	pImage->pszTargetAddress, pImage->pszTargetName,
4347	pImage->fCmdQueuingSupported ? "supports" : "doesn't support"));
4348	}
4349	else
4350	{
4351	rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE,
4352	RT_SRC_POS, N_("iSCSI: target address %s, target name %s, SCSI LUN %lld reports device type=%u"),
4353	pImage->pszTargetAddress, pImage->pszTargetName,
4354	pImage->LUN, devType);
4355	LogRel(("iSCSI: Unsupported SCSI peripheral device type %d for target %s\n", devType & SCSI_DEVTYPE_MASK, pImage->pszTargetName));
4356	}
4357	}
4358	else
4359	LogRel(("iSCSI: Could not get INQUIRY info for target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4360
4361	return rc;
4362	}
4363
4364	/**
4365	* Checks that the target allows write access if the caller requested it.
4366	*
4367	* @returns VBox status code.
4368	* @param pImage The iSCSI image instance.
4369	*/
4370	static int iscsiOpenImageCheckWriteAccess(PISCSIIMAGE pImage)
4371	{
4372	SCSIREQ sr;
4373	RTSGSEG DataSeg;
4374	uint8_t data4[4];
4375
4376	/*
4377	* Query write disable bit in the device specific parameter entry in the
4378	* mode parameter header. Refuse read/write opening of read only disks.
4379	*/
4380	RT_ZERO(sr.abCDB);
4381	sr.abCDB[0] = SCSI_MODE_SENSE_6;
4382	sr.abCDB[1] = 0; /* dbd=0/reserved */
4383	sr.abCDB[2] = 0x3f; /* pc=0/page code=0x3f, ask for all pages */
4384	sr.abCDB[3] = 0; /* subpage code=0, return everything in page_0 format */
4385	sr.abCDB[4] = sizeof(data4); /* allocation length=4 */
4386	sr.abCDB[5] = 0; /* control */
4387
4388	DataSeg.pvSeg = data4;
4389	DataSeg.cbSeg = sizeof(data4);
4390
4391	sr.enmXfer = SCSIXFER_FROM_TARGET;
4392	sr.cbCDB = 6;
4393	sr.cbI2TData = 0;
4394	sr.paI2TSegs = NULL;
4395	sr.cI2TSegs = 0;
4396	sr.cbT2IData = DataSeg.cbSeg;
4397	sr.paT2ISegs = &DataSeg;
4398	sr.cT2ISegs = 1;
4399	sr.cbSense = sizeof(sr.abSense);
4400	int rc = iscsiCommandSync(pImage, &sr, true /* fRetry */, VERR_INVALID_STATE);
4401	if (RT_SUCCESS(rc))
4402	{
4403	pImage->fTargetReadOnly = !!(data4[2] & 0x80);
4404	if (!(pImage->uOpenFlags & VD_OPEN_FLAGS_READONLY) && pImage->fTargetReadOnly)
4405	rc = VERR_VD_IMAGE_READ_ONLY;
4406	}
4407	else
4408	LogRel(("iSCSI: Could not get MODE SENSE info for target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4409
4410	return rc;
4411	}
4412
4413	/**
4414	* Queries the media and sector size of the target.
4415	*
4416	* @returns VBox status code.
4417	* @param pImage The iSCSI image instance.
4418	*/
4419	static int iscsiOpenImageQueryTargetSizes(PISCSIIMAGE pImage)
4420	{
4421	SCSIREQ sr;
4422	RTSGSEG DataSeg;
4423	uint8_t data12[12];
4424
4425	/*
4426	* Determine sector size and capacity of the volume immediately.
4427	*/
4428	RT_ZERO(data12);
4429	RT_ZERO(sr.abCDB);
4430	sr.abCDB[0] = SCSI_SERVICE_ACTION_IN_16;
4431	sr.abCDB[1] = SCSI_SVC_ACTION_IN_READ_CAPACITY_16; /* subcommand */
4432	sr.abCDB[10+3] = sizeof(data12); /* allocation length (dword) */
4433
4434	DataSeg.pvSeg = data12;
4435	DataSeg.cbSeg = sizeof(data12);
4436
4437	sr.enmXfer = SCSIXFER_FROM_TARGET;
4438	sr.cbCDB = 16;
4439	sr.cbI2TData = 0;
4440	sr.paI2TSegs = NULL;
4441	sr.cI2TSegs = 0;
4442	sr.cbT2IData = DataSeg.cbSeg;
4443	sr.paT2ISegs = &DataSeg;
4444	sr.cT2ISegs = 1;
4445	sr.cbSense = sizeof(sr.abSense);
4446
4447	int rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4448	if (RT_SUCCESS(rc))
4449	{
4450	bool fEnd = false;
4451	uint8_t cMaxRetries = 10;
4452	do
4453	{
4454	switch (sr.status)
4455	{
4456	case SCSI_STATUS_OK:
4457	{
4458	pImage->cVolume = RT_BE2H_U64((uint64_t )&data12[0]);
4459	pImage->cVolume++;
4460	pImage->cbSector = RT_BE2H_U32((uint32_t )&data12[8]);
4461	pImage->cbSize = pImage->cVolume * pImage->cbSector;
4462	if (pImage->cVolume == 0 \|\| pImage->cbSize < pImage->cVolume)
4463	{
4464	rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE,
4465	RT_SRC_POS, N_("iSCSI: target address %s, target name %s, SCSI LUN %lld reports media sector count=%llu sector size=%u"),
4466	pImage->pszTargetAddress, pImage->pszTargetName,
4467	pImage->LUN, pImage->cVolume, pImage->cbSector);
4468	}
4469	fEnd = true;
4470	break;
4471	}
4472	case SCSI_STATUS_CHECK_CONDITION:
4473	{
4474	if((sr.abSense[2] & 0x0f) == SCSI_SENSE_UNIT_ATTENTION)
4475	{
4476	if( sr.abSense[12] == SCSI_ASC_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED
4477	&& sr.abSense[13] == SCSI_ASCQ_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED)
4478	{
4479	/** @todo for future: prepare and send command "REQUEST SENSE" which will
4480	* return the status of target and will clear any unit attention
4481	* condition that it reports */
4482	rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4483	if (RT_FAILURE(rc))
4484	fEnd = true;
4485	cMaxRetries--;
4486	break;
4487	}
4488	}
4489	break;
4490	}
4491	default:
4492	{
4493	rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4494	if (RT_FAILURE(rc))
4495	fEnd = true;
4496	cMaxRetries--;
4497	break;
4498	}
4499	}
4500	if (!cMaxRetries)
4501	fEnd = true;
4502	} while(!fEnd);
4503	}
4504	else
4505	{
4506	uint8_t data8[8];
4507
4508	RT_ZERO(data8);
4509	sr.abCDB[0] = SCSI_READ_CAPACITY;
4510	sr.abCDB[1] = 0; /* reserved */
4511	sr.abCDB[2] = 0; /* reserved */
4512	sr.abCDB[3] = 0; /* reserved */
4513	sr.abCDB[4] = 0; /* reserved */
4514	sr.abCDB[5] = 0; /* reserved */
4515	sr.abCDB[6] = 0; /* reserved */
4516	sr.abCDB[7] = 0; /* reserved */
4517	sr.abCDB[8] = 0; /* reserved */
4518	sr.abCDB[9] = 0; /* control */
4519
4520	DataSeg.pvSeg = data8;
4521	DataSeg.cbSeg = sizeof(data8);
4522
4523	sr.enmXfer = SCSIXFER_FROM_TARGET;
4524	sr.cbCDB = 10;
4525	sr.cbI2TData = 0;
4526	sr.paI2TSegs = NULL;
4527	sr.cI2TSegs = 0;
4528	sr.cbT2IData = DataSeg.cbSeg;
4529	sr.paT2ISegs = &DataSeg;
4530	sr.cT2ISegs = 1;
4531	sr.cbSense = sizeof(sr.abSense);
4532	rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4533	if (RT_SUCCESS(rc))
4534	{
4535	bool fEnd = false;
4536	uint8_t cMaxRetries = 10;
4537	do
4538	{
4539	switch (sr.status)
4540	{
4541	case SCSI_STATUS_OK:
4542	{
4543	pImage->cVolume = (data8[0] << 24) \| (data8[1] << 16) \| (data8[2] << 8) \| data8[3];
4544	pImage->cVolume++;
4545	pImage->cbSector = (data8[4] << 24) \| (data8[5] << 16) \| (data8[6] << 8) \| data8[7];
4546	pImage->cbSize = pImage->cVolume * pImage->cbSector;
4547	if (pImage->cVolume == 0)
4548	{
4549	rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE,
4550	RT_SRC_POS, N_("iSCSI: fallback capacity detection for target address %s, target name %s, SCSI LUN %lld reports media sector count=%llu sector size=%u"),
4551	pImage->pszTargetAddress, pImage->pszTargetName,
4552	pImage->LUN, pImage->cVolume, pImage->cbSector);
4553	}
4554
4555	fEnd = true;
4556	break;
4557	}
4558	case SCSI_STATUS_CHECK_CONDITION:
4559	{
4560	if((sr.abSense[2] & 0x0f) == SCSI_SENSE_UNIT_ATTENTION)
4561	{
4562	if( sr.abSense[12] == SCSI_ASC_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED
4563	&& sr.abSense[13] == SCSI_ASCQ_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED)
4564	{
4565	/** @todo for future: prepare and send command "REQUEST SENSE" which will
4566	* return the status of target and will clear any unit attention
4567	* condition that it reports */
4568	rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4569	if (RT_FAILURE(rc))
4570	fEnd = true;
4571	cMaxRetries--;
4572	break;
4573
4574	}
4575	}
4576	break;
4577	}
4578	default:
4579	{
4580	rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4581	if (RT_FAILURE(rc))
4582	fEnd = true;
4583	cMaxRetries--;
4584	break;
4585	}
4586	}
4587	if (!cMaxRetries)
4588	fEnd = true;
4589	} while(!fEnd);
4590	}
4591	else
4592	LogRel(("iSCSI: Could not determine capacity of target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4593	}
4594
4595	return rc;
4596	}
4597
4598	/**
4599	* Queries the state of the read/write caches and tries to enable them if disabled.
4600	*
4601	* @returns VBox status code.
4602	* @param pImage The iSCSI image instance.
4603	*/
4604	static int iscsiOpenImageEnableReadWriteCache(PISCSIIMAGE pImage)
4605	{
4606	/*
4607	* Check the read and write cache bits.
4608	* Try to enable the cache if it is disabled.
4609	*
4610	* We already checked that this is a block access device. No need
4611	* to do it again.
4612	*/
4613	SCSIREQ sr;
4614	RTSGSEG DataSeg;
4615	uint8_t aCachingModePage[32];
4616
4617	memset(aCachingModePage, '\0', sizeof(aCachingModePage));
4618	sr.abCDB[0] = SCSI_MODE_SENSE_6;
4619	sr.abCDB[1] = 0;
4620	sr.abCDB[2] = (0x00 << 6) \| (0x08 & 0x3f); /* Current values and caching mode page */
4621	sr.abCDB[3] = 0; /* Sub page code. */
4622	sr.abCDB[4] = sizeof(aCachingModePage) & 0xff;
4623	sr.abCDB[5] = 0;
4624
4625	DataSeg.pvSeg = aCachingModePage;
4626	DataSeg.cbSeg = sizeof(aCachingModePage);
4627
4628	sr.enmXfer = SCSIXFER_FROM_TARGET;
4629	sr.cbCDB = 6;
4630	sr.cbI2TData = 0;
4631	sr.paI2TSegs = NULL;
4632	sr.cI2TSegs = 0;
4633	sr.cbT2IData = DataSeg.cbSeg;
4634	sr.paT2ISegs = &DataSeg;
4635	sr.cT2ISegs = 1;
4636	sr.cbSense = sizeof(sr.abSense);
4637	int rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4638	if ( RT_SUCCESS(rc)
4639	&& (sr.status == SCSI_STATUS_OK)
4640	&& (aCachingModePage[0] >= 15)
4641	&& (aCachingModePage[4 + aCachingModePage[3]] & 0x3f) == 0x08
4642	&& (aCachingModePage[4 + aCachingModePage[3] + 1] > 3))
4643	{
4644	uint32_t Offset = 4 + aCachingModePage[3];
4645	/*
4646	* Check if the read and/or the write cache is disabled.
4647	* The write cache is disabled if bit 2 (WCE) is zero and
4648	* the read cache is disabled if bit 0 (RCD) is set.
4649	*/
4650	if (!ASMBitTest(&aCachingModePage[Offset + 2], 2) \|\| ASMBitTest(&aCachingModePage[Offset + 2], 0))
4651	{
4652	/*
4653	* Write Cache Enable (WCE) bit is zero or the Read Cache Disable (RCD) is one
4654	* So one of the caches is disabled. Enable both caches.
4655	* The rest is unchanged.
4656	*/
4657	ASMBitSet(&aCachingModePage[Offset + 2], 2);
4658	ASMBitClear(&aCachingModePage[Offset + 2], 0);
4659
4660	sr.abCDB[0] = SCSI_MODE_SELECT_6;
4661	sr.abCDB[1] = 0; /* Don't write the page into NV RAM. */
4662	sr.abCDB[2] = 0;
4663	sr.abCDB[3] = 0;
4664	sr.abCDB[4] = sizeof(aCachingModePage) & 0xff;
4665	sr.abCDB[5] = 0;
4666
4667	DataSeg.pvSeg = aCachingModePage;
4668	DataSeg.cbSeg = sizeof(aCachingModePage);
4669
4670	sr.enmXfer = SCSIXFER_TO_TARGET;
4671	sr.cbCDB = 6;
4672	sr.cbI2TData = DataSeg.cbSeg;
4673	sr.paI2TSegs = &DataSeg;
4674	sr.cI2TSegs = 1;
4675	sr.cbT2IData = 0;
4676	sr.paT2ISegs = NULL;
4677	sr.cT2ISegs = 0;
4678	sr.cbSense = sizeof(sr.abSense);
4679	sr.status = 0;
4680	rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4681	if ( RT_SUCCESS(rc)
4682	&& (sr.status == SCSI_STATUS_OK))
4683	LogRel(("iSCSI: Enabled read and write cache of target %s\n", pImage->pszTargetName));
4684	else
4685	{
4686	/* Log failures but continue. */
4687	LogRel(("iSCSI: Could not enable read and write cache of target %s, rc=%Rrc status=%#x\n",
4688	pImage->pszTargetName, rc, sr.status));
4689	LogRel(("iSCSI: Sense:\n%.*Rhxd\n", sr.cbSense, sr.abSense));
4690	rc = VINF_SUCCESS;
4691	}
4692	}
4693	}
4694	else
4695	{
4696	/* Log errors but continue. */
4697	LogRel(("iSCSI: Could not check write cache of target %s, rc=%Rrc, got mode page %#x\n", pImage->pszTargetName, rc, aCachingModePage[0] & 0x3f));
4698	LogRel(("iSCSI: Sense:\n%.*Rhxd\n", sr.cbSense, sr.abSense));
4699	rc = VINF_SUCCESS;
4700	}
4701
4702	return rc;
4703	}
4704
4705	/**
4706	* Internal: Open an image, constructing all necessary data structures.
4707	*/
4708	static int iscsiOpenImage(PISCSIIMAGE pImage, unsigned uOpenFlags)
4709	{
4710	pImage->uOpenFlags = uOpenFlags;
4711
4712	int rc = iscsiOpenImageInit(pImage);
4713	if (RT_SUCCESS(rc))
4714	rc = iscsiOpenImageParseCfg(pImage);
4715
4716	if (RT_SUCCESS(rc))
4717	{
4718	/* Don't actually establish iSCSI transport connection if this is just an
4719	* open to query the image information and the host IP stack isn't used.
4720	* Even trying is rather useless, as in this context the InTnet IP stack
4721	* isn't present. Returning dummies is the best possible result anyway. */
4722	if ((uOpenFlags & VD_OPEN_FLAGS_INFO) && !pImage->fHostIP)
4723	LogFunc(("Not opening the transport connection as IntNet IP stack is not available. Will return dummies\n"));
4724	else
4725	{
4726	rc = iscsiOpenImageSocketCreate(pImage);
4727	if (RT_SUCCESS(rc))
4728	{
4729	/*
4730	* Attach to the iSCSI target. This implicitly establishes the iSCSI
4731	* transport connection.
4732	*/
4733	rc = iscsiExecSync(pImage, iscsiAttach, pImage);
4734	if (RT_SUCCESS(rc))
4735	{
4736	LogFlowFunc(("target '%s' opened successfully\n", pImage->pszTargetName));
4737
4738	rc = iscsiOpenImageReportLuns(pImage);
4739	if (RT_SUCCESS(rc))
4740	rc = iscsiOpenImageInquiry(pImage);
4741	if (RT_SUCCESS(rc))
4742	rc = iscsiOpenImageCheckWriteAccess(pImage);
4743	if (RT_SUCCESS(rc))
4744	rc = iscsiOpenImageQueryTargetSizes(pImage);
4745	if (RT_SUCCESS(rc))
4746	rc = iscsiOpenImageEnableReadWriteCache(pImage);
4747	}
4748	else
4749	LogRel(("iSCSI: could not open target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4750	}
4751	}
4752	}
4753
4754	if (RT_SUCCESS(rc))
4755	{
4756	PVDREGIONDESC pRegion = &pImage->RegionList.aRegions[0];
4757	pImage->RegionList.fFlags = 0;
4758	pImage->RegionList.cRegions = 1;
4759
4760	pRegion->offRegion = 0; /* Disk start. */
4761	pRegion->cbBlock = pImage->cbSector;
4762	pRegion->enmDataForm = VDREGIONDATAFORM_RAW;
4763	pRegion->enmMetadataForm = VDREGIONMETADATAFORM_NONE;
4764	pRegion->cbData = pImage->cbSector;
4765	pRegion->cbMetadata = 0;
4766	pRegion->cRegionBlocksOrBytes = pImage->cbSize;
4767	}
4768	else
4769	iscsiFreeImage(pImage, false);
4770	return rc;
4771	}
4772
4773
4774	/** @copydoc VDIMAGEBACKEND::pfnProbe */
4775	static DECLCALLBACK(int) iscsiProbe(const char *pszFilename, PVDINTERFACE pVDIfsDisk,
4776	PVDINTERFACE pVDIfsImage, VDTYPE enmDesiredType, VDTYPE *penmType)
4777	{
4778	RT_NOREF(pszFilename, pVDIfsDisk, pVDIfsImage, enmDesiredType, penmType);
4779	LogFlowFunc(("pszFilename=\"%s\"\n", pszFilename));
4780
4781	/* iSCSI images can't be checked for validity this way, as the filename
4782	* just can't supply enough configuration information. */
4783	int rc = VERR_VD_ISCSI_INVALID_HEADER;
4784
4785	LogFlowFunc(("returns %Rrc\n", rc));
4786	return rc;
4787	}
4788
4789	/** @copydoc VDIMAGEBACKEND::pfnOpen */
4790	static DECLCALLBACK(int) iscsiOpen(const char *pszFilename, unsigned uOpenFlags,
4791	PVDINTERFACE pVDIfsDisk, PVDINTERFACE pVDIfsImage,
4792	VDTYPE enmType, void **ppBackendData)
4793	{
4794	RT_NOREF1(enmType); /*< @todo r=klaus make use of the type info. /
4795
4796	LogFlowFunc(("pszFilename=\"%s\" uOpenFlags=%#x pVDIfsDisk=%#p pVDIfsImage=%#p enmType=%u ppBackendData=%#p\n",
4797	pszFilename, uOpenFlags, pVDIfsDisk, pVDIfsImage, enmType, ppBackendData));
4798	int rc;
4799
4800	/* Check open flags. All valid flags are supported. */
4801	AssertReturn(!(uOpenFlags & ~VD_OPEN_FLAGS_MASK), VERR_INVALID_PARAMETER);
4802	AssertPtrReturn(pszFilename, VERR_INVALID_POINTER);
4803	AssertReturn(*pszFilename != '\0', VERR_INVALID_PARAMETER);
4804
4805	PISCSIIMAGE pImage = (PISCSIIMAGE)RTMemAllocZ(RT_UOFFSETOF(ISCSIIMAGE, RegionList.aRegions[1]));
4806	if (RT_LIKELY(pImage))
4807	{
4808	pImage->pszFilename = pszFilename;
4809	pImage->pszInitiatorName = NULL;
4810	pImage->pszTargetName = NULL;
4811	pImage->pszTargetAddress = NULL;
4812	pImage->pszInitiatorUsername = NULL;
4813	pImage->pbInitiatorSecret = NULL;
4814	pImage->pszTargetUsername = NULL;
4815	pImage->pbTargetSecret = NULL;
4816	pImage->paCurrReq = NULL;
4817	pImage->pvRecvPDUBuf = NULL;
4818	pImage->pszHostname = NULL;
4819	pImage->pVDIfsDisk = pVDIfsDisk;
4820	pImage->pVDIfsImage = pVDIfsImage;
4821	pImage->cLogRelErrors = 0;
4822
4823	rc = iscsiOpenImage(pImage, uOpenFlags);
4824	if (RT_SUCCESS(rc))
4825	{
4826	LogFlowFunc(("target %s cVolume %d, cbSector %d\n", pImage->pszTargetName, pImage->cVolume, pImage->cbSector));
4827	LogRel(("iSCSI: target address %s, target name %s, SCSI LUN %lld\n", pImage->pszTargetAddress, pImage->pszTargetName, pImage->LUN));
4828	*ppBackendData = pImage;
4829	}
4830	else
4831	RTMemFree(pImage);
4832	}
4833	else
4834	rc = VERR_NO_MEMORY;
4835
4836	LogFlowFunc(("returns %Rrc (pBackendData=%#p)\n", rc, *ppBackendData));
4837	return rc;
4838	}
4839
4840	/** @copydoc VDIMAGEBACKEND::pfnCreate */
4841	static DECLCALLBACK(int) iscsiCreate(const char *pszFilename, uint64_t cbSize,
4842	unsigned uImageFlags, const char *pszComment,
4843	PCVDGEOMETRY pPCHSGeometry, PCVDGEOMETRY pLCHSGeometry,
4844	PCRTUUID pUuid, unsigned uOpenFlags,
4845	unsigned uPercentStart, unsigned uPercentSpan,
4846	PVDINTERFACE pVDIfsDisk, PVDINTERFACE pVDIfsImage,
4847	PVDINTERFACE pVDIfsOperation, VDTYPE enmType,
4848	void **ppBackendData)
4849	{
4850	RT_NOREF8(pszFilename, cbSize, uImageFlags, pszComment, pPCHSGeometry, pLCHSGeometry, pUuid, uOpenFlags);
4851	RT_NOREF7(uPercentStart, uPercentSpan, pVDIfsDisk, pVDIfsImage, pVDIfsOperation, enmType, ppBackendData);
4852	LogFlowFunc(("pszFilename=\"%s\" cbSize=%llu uImageFlags=%#x pszComment=\"%s\" pPCHSGeometry=%#p pLCHSGeometry=%#p Uuid=%RTuuid uOpenFlags=%#x uPercentStart=%u uPercentSpan=%u pVDIfsDisk=%#p pVDIfsImage=%#p pVDIfsOperation=%#p enmType=%u ppBackendData=%#p",
4853	pszFilename, cbSize, uImageFlags, pszComment, pPCHSGeometry, pLCHSGeometry, pUuid, uOpenFlags, uPercentStart, uPercentSpan, pVDIfsDisk, pVDIfsImage, pVDIfsOperation, enmType, ppBackendData));
4854	int rc = VERR_NOT_SUPPORTED;
4855
4856	LogFlowFunc(("returns %Rrc (pBackendData=%#p)\n", rc, *ppBackendData));
4857	return rc;
4858	}
4859
4860	/** @copydoc VDIMAGEBACKEND::pfnClose */
4861	static DECLCALLBACK(int) iscsiClose(void *pBackendData, bool fDelete)
4862	{
4863	LogFlowFunc(("pBackendData=%#p fDelete=%d\n", pBackendData, fDelete));
4864	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
4865	int rc;
4866
4867	Assert(!fDelete); /* This flag is unsupported. */
4868
4869	rc = iscsiFreeImage(pImage, fDelete);
4870	RTMemFree(pImage);
4871
4872	LogFlowFunc(("returns %Rrc\n", rc));
4873	return rc;
4874	}
4875
4876	/** @copydoc VDIMAGEBACKEND::pfnRead */
4877	static DECLCALLBACK(int) iscsiRead(void *pBackendData, uint64_t uOffset, size_t cbToRead,
4878	PVDIOCTX pIoCtx, size_t *pcbActuallyRead)
4879	{
4880	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
4881	int rc = VINF_SUCCESS;
4882
4883	LogFlowFunc(("pBackendData=%p uOffset=%#llx pIoCtx=%#p cbToRead=%u pcbActuallyRead=%p\n",
4884	pBackendData, uOffset, pIoCtx, cbToRead, pcbActuallyRead));
4885
4886	if ( uOffset + cbToRead > pImage->cbSize
4887	\|\| cbToRead == 0)
4888	return VERR_INVALID_PARAMETER;
4889
4890	/*
4891	* Clip read size to a value which is supported by the target.
4892	*/
4893	cbToRead = RT_MIN(cbToRead, pImage->cbRecvDataLength);
4894
4895	unsigned cT2ISegs = 0;
4896	size_t cbSegs = 0;
4897
4898	/* Get the number of segments. */
4899	cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
4900	NULL, &cT2ISegs, cbToRead);
4901	Assert(cbSegs == cbToRead);
4902
4903	PSCSIREQ pReq = (PSCSIREQ)RTMemAllocZ(RT_UOFFSETOF_DYN(SCSIREQ, aSegs[cT2ISegs]));
4904	if (RT_LIKELY(pReq))
4905	{
4906	uint64_t lba;
4907	uint16_t tls;
4908	uint8_t *pbCDB = &pReq->abCDB[0];
4909	size_t cbCDB;
4910
4911	lba = uOffset / pImage->cbSector;
4912	tls = (uint16_t)(cbToRead / pImage->cbSector);
4913
4914	cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
4915	&pReq->aSegs[0],
4916	&cT2ISegs, cbToRead);
4917	Assert(cbSegs == cbToRead);
4918
4919	if (pImage->cVolume < _4G)
4920	{
4921	cbCDB = 10;
4922	pbCDB[0] = SCSI_READ_10;
4923	pbCDB[1] = 0; /* reserved */
4924	pbCDB[2] = (lba >> 24) & 0xff;
4925	pbCDB[3] = (lba >> 16) & 0xff;
4926	pbCDB[4] = (lba >> 8) & 0xff;
4927	pbCDB[5] = lba & 0xff;
4928	pbCDB[6] = 0; /* reserved */
4929	pbCDB[7] = (tls >> 8) & 0xff;
4930	pbCDB[8] = tls & 0xff;
4931	pbCDB[9] = 0; /* control */
4932	}
4933	else
4934	{
4935	cbCDB = 16;
4936	pbCDB[0] = SCSI_READ_16;
4937	pbCDB[1] = 0; /* reserved */
4938	pbCDB[2] = (lba >> 56) & 0xff;
4939	pbCDB[3] = (lba >> 48) & 0xff;
4940	pbCDB[4] = (lba >> 40) & 0xff;
4941	pbCDB[5] = (lba >> 32) & 0xff;
4942	pbCDB[6] = (lba >> 24) & 0xff;
4943	pbCDB[7] = (lba >> 16) & 0xff;
4944	pbCDB[8] = (lba >> 8) & 0xff;
4945	pbCDB[9] = lba & 0xff;
4946	pbCDB[10] = 0; /* tls unused */
4947	pbCDB[11] = 0; /* tls unused */
4948	pbCDB[12] = (tls >> 8) & 0xff;
4949	pbCDB[13] = tls & 0xff;
4950	pbCDB[14] = 0; /* reserved */
4951	pbCDB[15] = 0; /* reserved */
4952	}
4953
4954	pReq->enmXfer = SCSIXFER_FROM_TARGET;
4955	pReq->cbCDB = cbCDB;
4956	pReq->cbI2TData = 0;
4957	pReq->paI2TSegs = NULL;
4958	pReq->cI2TSegs = 0;
4959	pReq->cbT2IData = cbToRead;
4960	pReq->paT2ISegs = &pReq->aSegs[pReq->cI2TSegs];
4961	pReq->cbSense = sizeof(pReq->abSense);
4962	pReq->cT2ISegs = cT2ISegs;
4963	pReq->pIoCtx = pIoCtx;
4964	pReq->cSenseRetries = 10;
4965	pReq->rcSense = VERR_READ_ERROR;
4966
4967	if (vdIfIoIntIoCtxIsSynchronous(pImage->pIfIo, pIoCtx))
4968	{
4969	rc = iscsiCommandSync(pImage, pReq, true, VERR_READ_ERROR);
4970	if (RT_FAILURE(rc))
4971	{
4972	LogFlow(("iscsiCommandSync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
4973	*pcbActuallyRead = 0;
4974	}
4975	else
4976	*pcbActuallyRead = pReq->cbT2IData;
4977	}
4978	else
4979	{
4980	rc = iscsiCommandAsync(pImage, pReq, iscsiCommandAsyncComplete, pReq);
4981	if (RT_FAILURE(rc))
4982	AssertMsgFailed(("iscsiCommandAsync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
4983	else
4984	{
4985	*pcbActuallyRead = cbToRead;
4986	return VERR_VD_IOCTX_HALT; /* Halt the I/O context until further notification from the I/O thread. */
4987	}
4988	}
4989
4990	RTMemFree(pReq);
4991	}
4992	else
4993	rc = VERR_NO_MEMORY;
4994
4995	LogFlowFunc(("returns rc=%Rrc\n", rc));
4996	return rc;
4997	}
4998
4999	/** @copydoc VDIMAGEBACKEND::pfnWrite */
5000	static DECLCALLBACK(int) iscsiWrite(void *pBackendData, uint64_t uOffset, size_t cbToWrite,
5001	PVDIOCTX pIoCtx, size_t pcbWriteProcess, size_t pcbPreRead,
5002	size_t *pcbPostRead, unsigned fWrite)
5003	{
5004	RT_NOREF3(pcbPreRead, pcbPostRead, fWrite);
5005	LogFlowFunc(("pBackendData=%p uOffset=%llu pIoCtx=%#p cbToWrite=%u pcbWriteProcess=%p pcbPreRead=%p pcbPostRead=%p fWrite=%u\n",
5006	pBackendData, uOffset, pIoCtx, cbToWrite, pcbWriteProcess, pcbPreRead, pcbPostRead, fWrite));
5007	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5008	int rc = VINF_SUCCESS;
5009
5010	AssertPtr(pImage);
5011	Assert(uOffset % 512 == 0);
5012	Assert(cbToWrite % 512 == 0);
5013
5014	if (uOffset + cbToWrite > pImage->cbSize)
5015	return VERR_INVALID_PARAMETER;
5016
5017	/*
5018	* Clip read size to a value which is supported by the target.
5019	*/
5020	cbToWrite = RT_MIN(cbToWrite, pImage->cbSendDataLength);
5021
5022	unsigned cI2TSegs = 0;
5023	size_t cbSegs = 0;
5024
5025	/* Get the number of segments. */
5026	cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
5027	NULL, &cI2TSegs, cbToWrite);
5028	Assert(cbSegs == cbToWrite);
5029
5030	PSCSIREQ pReq = (PSCSIREQ)RTMemAllocZ(RT_UOFFSETOF_DYN(SCSIREQ, aSegs[cI2TSegs]));
5031	if (RT_LIKELY(pReq))
5032	{
5033	uint64_t lba;
5034	uint16_t tls;
5035	uint8_t *pbCDB = &pReq->abCDB[0];
5036	size_t cbCDB;
5037
5038	lba = uOffset / pImage->cbSector;
5039	tls = (uint16_t)(cbToWrite / pImage->cbSector);
5040
5041	cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
5042	&pReq->aSegs[0],
5043	&cI2TSegs, cbToWrite);
5044	Assert(cbSegs == cbToWrite);
5045
5046	if (pImage->cVolume < _4G)
5047	{
5048	cbCDB = 10;
5049	pbCDB[0] = SCSI_WRITE_10;
5050	pbCDB[1] = 0; /* reserved */
5051	pbCDB[2] = (lba >> 24) & 0xff;
5052	pbCDB[3] = (lba >> 16) & 0xff;
5053	pbCDB[4] = (lba >> 8) & 0xff;
5054	pbCDB[5] = lba & 0xff;
5055	pbCDB[6] = 0; /* reserved */
5056	pbCDB[7] = (tls >> 8) & 0xff;
5057	pbCDB[8] = tls & 0xff;
5058	pbCDB[9] = 0; /* control */
5059	}
5060	else
5061	{
5062	cbCDB = 16;
5063	pbCDB[0] = SCSI_WRITE_16;
5064	pbCDB[1] = 0; /* reserved */
5065	pbCDB[2] = (lba >> 56) & 0xff;
5066	pbCDB[3] = (lba >> 48) & 0xff;
5067	pbCDB[4] = (lba >> 40) & 0xff;
5068	pbCDB[5] = (lba >> 32) & 0xff;
5069	pbCDB[6] = (lba >> 24) & 0xff;
5070	pbCDB[7] = (lba >> 16) & 0xff;
5071	pbCDB[8] = (lba >> 8) & 0xff;
5072	pbCDB[9] = lba & 0xff;
5073	pbCDB[10] = 0; /* tls unused */
5074	pbCDB[11] = 0; /* tls unused */
5075	pbCDB[12] = (tls >> 8) & 0xff;
5076	pbCDB[13] = tls & 0xff;
5077	pbCDB[14] = 0; /* reserved */
5078	pbCDB[15] = 0; /* reserved */
5079	}
5080
5081	pReq->enmXfer = SCSIXFER_TO_TARGET;
5082	pReq->cbCDB = cbCDB;
5083	pReq->cbI2TData = cbToWrite;
5084	pReq->paI2TSegs = &pReq->aSegs[0];
5085	pReq->cI2TSegs = cI2TSegs;
5086	pReq->cbT2IData = 0;
5087	pReq->paT2ISegs = NULL;
5088	pReq->cT2ISegs = 0;
5089	pReq->cbSense = sizeof(pReq->abSense);
5090	pReq->pIoCtx = pIoCtx;
5091	pReq->cSenseRetries = 10;
5092	pReq->rcSense = VERR_WRITE_ERROR;
5093
5094	if (vdIfIoIntIoCtxIsSynchronous(pImage->pIfIo, pIoCtx))
5095	{
5096	rc = iscsiCommandSync(pImage, pReq, true, VERR_WRITE_ERROR);
5097	if (RT_FAILURE(rc))
5098	{
5099	LogFlow(("iscsiCommandSync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
5100	*pcbWriteProcess = 0;
5101	}
5102	else
5103	*pcbWriteProcess = cbToWrite;
5104	}
5105	else
5106	{
5107	rc = iscsiCommandAsync(pImage, pReq, iscsiCommandAsyncComplete, pReq);
5108	if (RT_FAILURE(rc))
5109	AssertMsgFailed(("iscsiCommandAsync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
5110	else
5111	{
5112	*pcbWriteProcess = cbToWrite;
5113	return VERR_VD_IOCTX_HALT; /* Halt the I/O context until further notification from the I/O thread. */
5114	}
5115	}
5116
5117	RTMemFree(pReq);
5118	}
5119	else
5120	rc = VERR_NO_MEMORY;
5121
5122	LogFlowFunc(("returns rc=%Rrc\n", rc));
5123	return rc;
5124	}
5125
5126	/** @copydoc VDIMAGEBACKEND::pfnFlush */
5127	static DECLCALLBACK(int) iscsiFlush(void *pBackendData, PVDIOCTX pIoCtx)
5128	{
5129	LogFlowFunc(("pBackendData=%p pIoCtx=%#p\n", pBackendData, pIoCtx));
5130	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5131	int rc = VINF_SUCCESS;
5132
5133	PSCSIREQ pReq = (PSCSIREQ)RTMemAllocZ(sizeof(SCSIREQ));
5134	if (RT_LIKELY(pReq))
5135	{
5136	uint8_t *pbCDB = &pReq->abCDB[0];
5137
5138	pbCDB[0] = SCSI_SYNCHRONIZE_CACHE;
5139	pbCDB[1] = 0; /* reserved */
5140	pbCDB[2] = 0; /* reserved */
5141	pbCDB[3] = 0; /* reserved */
5142	pbCDB[4] = 0; /* reserved */
5143	pbCDB[5] = 0; /* reserved */
5144	pbCDB[6] = 0; /* reserved */
5145	pbCDB[7] = 0; /* reserved */
5146	pbCDB[8] = 0; /* reserved */
5147	pbCDB[9] = 0; /* control */
5148
5149	pReq->enmXfer = SCSIXFER_NONE;
5150	pReq->cbCDB = 10;
5151	pReq->cbI2TData = 0;
5152	pReq->paI2TSegs = NULL;
5153	pReq->cI2TSegs = 0;
5154	pReq->cbT2IData = 0;
5155	pReq->paT2ISegs = NULL;
5156	pReq->cT2ISegs = 0;
5157	pReq->cbSense = sizeof(pReq->abSense);
5158	pReq->pIoCtx = pIoCtx;
5159	pReq->cSenseRetries = 0;
5160	pReq->rcSense = VINF_SUCCESS;
5161
5162	if (vdIfIoIntIoCtxIsSynchronous(pImage->pIfIo, pIoCtx))
5163	{
5164	rc = iscsiCommandSync(pImage, pReq, false, VINF_SUCCESS);
5165	if (RT_FAILURE(rc))
5166	AssertMsgFailed(("iscsiCommand(%s) -> %Rrc\n", pImage->pszTargetName, rc));
5167	}
5168	else
5169	{
5170	rc = iscsiCommandAsync(pImage, pReq, iscsiCommandAsyncComplete, pReq);
5171	if (RT_FAILURE(rc))
5172	AssertMsgFailed(("iscsiCommand(%s) -> %Rrc\n", pImage->pszTargetName, rc));
5173	else
5174	return VERR_VD_IOCTX_HALT; /* Halt the I/O context until further notification from the I/O thread. */
5175	}
5176
5177	RTMemFree(pReq);
5178	}
5179	else
5180	rc = VERR_NO_MEMORY;
5181
5182	LogFlowFunc(("returns rc=%Rrc\n", rc));
5183	return rc;
5184	}
5185
5186	/** @copydoc VDIMAGEBACKEND::pfnGetVersion */
5187	static DECLCALLBACK(unsigned) iscsiGetVersion(void *pBackendData)
5188	{
5189	LogFlowFunc(("pBackendData=%#p\n", pBackendData));
5190	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5191
5192	AssertPtr(pImage);
5193	RT_NOREF1(pImage);
5194
5195	return 0;
5196	}
5197
5198	/** @copydoc VDIMAGEBACKEND::pfnGetFileSize */
5199	static DECLCALLBACK(uint64_t) iscsiGetFileSize(void *pBackendData)
5200	{
5201	LogFlowFunc(("pBackendData=%#p\n", pBackendData));
5202	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5203
5204	AssertPtrReturn(pImage, 0);
5205
5206	return pImage->cbSize;
5207	}
5208
5209	/** @copydoc VDIMAGEBACKEND::pfnGetPCHSGeometry */
5210	static DECLCALLBACK(int) iscsiGetPCHSGeometry(void *pBackendData, PVDGEOMETRY pPCHSGeometry)
5211	{
5212	RT_NOREF1(pPCHSGeometry);
5213	LogFlowFunc(("pBackendData=%#p pPCHSGeometry=%#p\n", pBackendData, pPCHSGeometry));
5214	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5215
5216	AssertPtrReturn(pImage, VERR_VD_NOT_OPENED);
5217
5218	LogFlowFunc(("returns %Rrc (PCHS=%u/%u/%u)\n", VERR_VD_GEOMETRY_NOT_SET,
5219	pPCHSGeometry->cCylinders, pPCHSGeometry->cHeads, pPCHSGeometry->cSectors));
5220	return VERR_VD_GEOMETRY_NOT_SET;
5221	}
5222
5223	/** @copydoc VDIMAGEBACKEND::pfnSetPCHSGeometry */
5224	static DECLCALLBACK(int) iscsiSetPCHSGeometry(void *pBackendData, PCVDGEOMETRY pPCHSGeometry)
5225	{
5226	RT_NOREF1(pPCHSGeometry);
5227	LogFlowFunc(("pBackendData=%#p pPCHSGeometry=%#p PCHS=%u/%u/%u\n", pBackendData, pPCHSGeometry, pPCHSGeometry->cCylinders, pPCHSGeometry->cHeads, pPCHSGeometry->cSectors));
5228	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5229
5230	AssertPtrReturn(pImage, VERR_VD_NOT_OPENED);
5231
5232	int rc;
5233	if (pImage->uOpenFlags & VD_OPEN_FLAGS_READONLY)
5234	rc = VERR_VD_IMAGE_READ_ONLY;
5235	else
5236	rc = VERR_VD_GEOMETRY_NOT_SET;
5237
5238	LogFlowFunc(("returns %Rrc\n", rc));
5239	return rc;
5240	}
5241
5242	/** @copydoc VDIMAGEBACKEND::pfnGetLCHSGeometry */
5243	static DECLCALLBACK(int) iscsiGetLCHSGeometry(void *pBackendData, PVDGEOMETRY pLCHSGeometry)
5244	{
5245	RT_NOREF1(pLCHSGeometry);
5246	LogFlowFunc(("pBackendData=%#p pLCHSGeometry=%#p\n", pBackendData, pLCHSGeometry));
5247	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5248
5249	AssertPtrReturn(pImage, VERR_VD_NOT_OPENED);
5250
5251	LogFlowFunc(("returns %Rrc (LCHS=%u/%u/%u)\n", VERR_VD_GEOMETRY_NOT_SET,
5252	pLCHSGeometry->cCylinders, pLCHSGeometry->cHeads, pLCHSGeometry->cSectors));
5253	return VERR_VD_GEOMETRY_NOT_SET;
5254	}
5255
5256	/** @copydoc VDIMAGEBACKEND::pfnSetLCHSGeometry */
5257	static DECLCALLBACK(int) iscsiSetLCHSGeometry(void *pBackendData, PCVDGEOMETRY pLCHSGeometry)
5258	{
5259	RT_NOREF1(pLCHSGeometry);
5260	LogFlowFunc(("pBackendData=%#p pLCHSGeometry=%#p LCHS=%u/%u/%u\n", pBackendData, pLCHSGeometry, pLCHSGeometry->cCylinders, pLCHSGeometry->cHeads, pLCHSGeometry->cSectors));
5261	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5262
5263	AssertPtrReturn(pImage, VERR_VD_NOT_OPENED);
5264
5265	int rc;
5266	if (pImage->uOpenFlags & VD_OPEN_FLAGS_READONLY)
5267	rc = VERR_VD_IMAGE_READ_ONLY;
5268	else
5269	rc = VERR_VD_GEOMETRY_NOT_SET;
5270
5271	LogFlowFunc(("returns %Rrc\n", rc));
5272	return rc;
5273	}
5274
5275	/** @copydoc VDIMAGEBACKEND::pfnQueryRegions */
5276	static DECLCALLBACK(int) iscsiQueryRegions(void pBackendData, PCVDREGIONLIST ppRegionList)
5277	{
5278	LogFlowFunc(("pBackendData=%#p ppRegionList=%#p\n", pBackendData, ppRegionList));
5279	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5280
5281	AssertPtrReturn(pImage, VERR_VD_NOT_OPENED);
5282
5283	*ppRegionList = &pImage->RegionList;
5284	LogFlowFunc(("returns %Rrc\n", VINF_SUCCESS));
5285	return VINF_SUCCESS;
5286	}
5287
5288	/** @copydoc VDIMAGEBACKEND::pfnRegionListRelease */
5289	static DECLCALLBACK(void) iscsiRegionListRelease(void *pBackendData, PCVDREGIONLIST pRegionList)
5290	{
5291	RT_NOREF1(pRegionList);
5292	LogFlowFunc(("pBackendData=%#p pRegionList=%#p\n", pBackendData, pRegionList));
5293	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5294	AssertPtr(pImage); RT_NOREF(pImage);
5295
5296	/* Nothing to do here. */
5297	}
5298
5299	/** @copydoc VDIMAGEBACKEND::pfnGetImageFlags */
5300	static DECLCALLBACK(unsigned) iscsiGetImageFlags(void *pBackendData)
5301	{
5302	LogFlowFunc(("pBackendData=%#p\n", pBackendData));
5303	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5304
5305	AssertPtrReturn(pImage, 0);
5306
5307	LogFlowFunc(("returns %#x\n", VD_IMAGE_FLAGS_FIXED));
5308	return VD_IMAGE_FLAGS_FIXED;
5309	}
5310
5311	/** @copydoc VDIMAGEBACKEND::pfnGetOpenFlags */
5312	static DECLCALLBACK(unsigned) iscsiGetOpenFlags(void *pBackendData)
5313	{
5314	LogFlowFunc(("pBackendData=%#p\n", pBackendData));
5315	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5316
5317	AssertPtrReturn(pImage, 0);
5318
5319	LogFlowFunc(("returns %#x\n", pImage->uOpenFlags));
5320	return pImage->uOpenFlags;
5321	}
5322
5323	/** @copydoc VDIMAGEBACKEND::pfnSetOpenFlags */
5324	static DECLCALLBACK(int) iscsiSetOpenFlags(void *pBackendData, unsigned uOpenFlags)
5325	{
5326	LogFlowFunc(("pBackendData=%#p uOpenFlags=%#x\n", pBackendData, uOpenFlags));
5327	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5328	int rc = VINF_SUCCESS;
5329
5330	/* Image must be opened and the new flags must be valid. */
5331	AssertReturn(pImage && !(uOpenFlags & ~( VD_OPEN_FLAGS_READONLY \| VD_OPEN_FLAGS_INFO
5332	\| VD_OPEN_FLAGS_ASYNC_IO \| VD_OPEN_FLAGS_SHAREABLE
5333	\| VD_OPEN_FLAGS_SEQUENTIAL \| VD_OPEN_FLAGS_SKIP_CONSISTENCY_CHECKS)),
5334	VERR_INVALID_PARAMETER);
5335
5336	/*
5337	* A read/write -> readonly transition is always possible,
5338	* for the reverse direction check that the target didn't present itself
5339	* as readonly during the first attach.
5340	*/
5341	if ( !(uOpenFlags & VD_OPEN_FLAGS_READONLY)
5342	&& (pImage->uOpenFlags & VD_OPEN_FLAGS_READONLY)
5343	&& pImage->fTargetReadOnly)
5344	rc = VERR_VD_IMAGE_READ_ONLY;
5345	else
5346	{
5347	pImage->uOpenFlags = uOpenFlags;
5348	pImage->fTryReconnect = true;
5349	}
5350
5351	LogFlowFunc(("returns %Rrc\n", rc));
5352	return rc;
5353	}
5354
5355	/** @copydoc VDIMAGEBACKEND::pfnGetComment */
5356	VD_BACKEND_CALLBACK_GET_COMMENT_DEF_NOT_SUPPORTED(iscsiGetComment);
5357
5358	/** @copydoc VDIMAGEBACKEND::pfnSetComment */
5359	VD_BACKEND_CALLBACK_SET_COMMENT_DEF_NOT_SUPPORTED(iscsiSetComment, PISCSIIMAGE);
5360
5361	/** @copydoc VDIMAGEBACKEND::pfnGetUuid */
5362	VD_BACKEND_CALLBACK_GET_UUID_DEF_NOT_SUPPORTED(iscsiGetUuid);
5363
5364	/** @copydoc VDIMAGEBACKEND::pfnSetUuid */
5365	VD_BACKEND_CALLBACK_SET_UUID_DEF_NOT_SUPPORTED(iscsiSetUuid, PISCSIIMAGE);
5366
5367	/** @copydoc VDIMAGEBACKEND::pfnGetModificationUuid */
5368	VD_BACKEND_CALLBACK_GET_UUID_DEF_NOT_SUPPORTED(iscsiGetModificationUuid);
5369
5370	/** @copydoc VDIMAGEBACKEND::pfnSetModificationUuid */
5371	VD_BACKEND_CALLBACK_SET_UUID_DEF_NOT_SUPPORTED(iscsiSetModificationUuid, PISCSIIMAGE);
5372
5373	/** @copydoc VDIMAGEBACKEND::pfnGetParentUuid */
5374	VD_BACKEND_CALLBACK_GET_UUID_DEF_NOT_SUPPORTED(iscsiGetParentUuid);
5375
5376	/** @copydoc VDIMAGEBACKEND::pfnSetParentUuid */
5377	VD_BACKEND_CALLBACK_SET_UUID_DEF_NOT_SUPPORTED(iscsiSetParentUuid, PISCSIIMAGE);
5378
5379	/** @copydoc VDIMAGEBACKEND::pfnGetParentModificationUuid */
5380	VD_BACKEND_CALLBACK_GET_UUID_DEF_NOT_SUPPORTED(iscsiGetParentModificationUuid);
5381
5382	/** @copydoc VDIMAGEBACKEND::pfnSetParentModificationUuid */
5383	VD_BACKEND_CALLBACK_SET_UUID_DEF_NOT_SUPPORTED(iscsiSetParentModificationUuid, PISCSIIMAGE);
5384
5385	/** @copydoc VDIMAGEBACKEND::pfnDump */
5386	static DECLCALLBACK(void) iscsiDump(void *pBackendData)
5387	{
5388	PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5389
5390	AssertPtrReturnVoid(pImage);
5391	/** @todo put something useful here */
5392	vdIfErrorMessage(pImage->pIfError, "Header: cVolume=%u\n", pImage->cVolume);
5393	}
5394
5395	/** @copydoc VDIMAGEBACKEND::pfnComposeLocation */
5396	static DECLCALLBACK(int) iscsiComposeLocation(PVDINTERFACE pConfig, char **pszLocation)
5397	{
5398	char *pszTarget = NULL;
5399	char *pszLUN = NULL;
5400	char *pszAddress = NULL;
5401
5402	int rc;
5403	PVDINTERFACECONFIG pIfCfg = VDIfConfigGet(pConfig);
5404	if (pIfCfg)
5405	{
5406	rc = VDCFGQueryStringAlloc(pIfCfg, "TargetName", &pszTarget);
5407	if (RT_SUCCESS(rc))
5408	{
5409	rc = VDCFGQueryStringAlloc(pIfCfg, "LUN", &pszLUN);
5410	if (RT_SUCCESS(rc))
5411	{
5412	rc = VDCFGQueryStringAlloc(pIfCfg, "TargetAddress", &pszAddress);
5413	if (RT_SUCCESS(rc))
5414	{
5415	if (RTStrAPrintf(pszLocation, "iscsi://%s/%s/%s",
5416	pszAddress, pszTarget, pszLUN) < 0)
5417	rc = VERR_NO_MEMORY;
5418
5419	RTMemFree(pszAddress);
5420	}
5421	RTMemFree(pszLUN);
5422	}
5423	RTMemFree(pszTarget);
5424	}
5425	}
5426	else
5427	rc = VERR_INVALID_PARAMETER;
5428
5429	return rc;
5430	}
5431
5432	/** @copydoc VDIMAGEBACKEND::pfnComposeName */
5433	static DECLCALLBACK(int) iscsiComposeName(PVDINTERFACE pConfig, char **pszName)
5434	{
5435	char *pszTarget = NULL;
5436	char *pszLUN = NULL;
5437	char *pszAddress = NULL;
5438
5439	int rc;
5440	PVDINTERFACECONFIG pIfCfg = VDIfConfigGet(pConfig);
5441	if (pIfCfg)
5442	{
5443	rc = VDCFGQueryStringAlloc(pIfCfg, "TargetName", &pszTarget);
5444	if (RT_SUCCESS(rc))
5445	{
5446	rc = VDCFGQueryStringAlloc(pIfCfg, "LUN", &pszLUN);
5447	if (RT_SUCCESS(rc))
5448	{
5449	rc = VDCFGQueryStringAlloc(pIfCfg, "TargetAddress", &pszAddress);
5450	if (RT_SUCCESS(rc))
5451	{
5452	/** @todo think about a nicer looking location scheme for iSCSI */
5453	if (RTStrAPrintf(pszName, "%s/%s/%s",
5454	pszAddress, pszTarget, pszLUN) < 0)
5455	rc = VERR_NO_MEMORY;
5456
5457	RTMemFree(pszAddress);
5458	}
5459	RTMemFree(pszLUN);
5460	}
5461	RTMemFree(pszTarget);
5462	}
5463	}
5464	else
5465	rc = VERR_INVALID_PARAMETER;
5466
5467	return rc;
5468	}
5469
5470
5471	const VDIMAGEBACKEND g_ISCSIBackend =
5472	{
5473	/* u32Version */
5474	VD_IMGBACKEND_VERSION,
5475	/* pszBackendName */
5476	"iSCSI",
5477	/* uBackendCaps */
5478	VD_CAP_CONFIG \| VD_CAP_TCPNET \| VD_CAP_ASYNC,
5479	/* papszFileExtensions */
5480	NULL,
5481	/* paConfigInfo */
5482	s_iscsiConfigInfo,
5483	/* prnProbe */
5484	iscsiProbe,
5485	/* pfnOpen */
5486	iscsiOpen,
5487	/* pfnCreate */
5488	iscsiCreate,
5489	/* pfnRename */
5490	NULL,
5491	/* pfnClose */
5492	iscsiClose,
5493	/* pfnRead */
5494	iscsiRead,
5495	/* pfnWrite */
5496	iscsiWrite,
5497	/* pfnFlush */
5498	iscsiFlush,
5499	/* pfnDiscard */
5500	NULL,
5501	/* pfnGetVersion */
5502	iscsiGetVersion,
5503	/* pfnGetFileSize */
5504	iscsiGetFileSize,
5505	/* pfnGetPCHSGeometry */
5506	iscsiGetPCHSGeometry,
5507	/* pfnSetPCHSGeometry */
5508	iscsiSetPCHSGeometry,
5509	/* pfnGetLCHSGeometry */
5510	iscsiGetLCHSGeometry,
5511	/* pfnSetLCHSGeometry */
5512	iscsiSetLCHSGeometry,
5513	/* pfnQueryRegions */
5514	iscsiQueryRegions,
5515	/* pfnRegionListRelease */
5516	iscsiRegionListRelease,
5517	/* pfnGetImageFlags */
5518	iscsiGetImageFlags,
5519	/* pfnGetOpenFlags */
5520	iscsiGetOpenFlags,
5521	/* pfnSetOpenFlags */
5522	iscsiSetOpenFlags,
5523	/* pfnGetComment */
5524	iscsiGetComment,
5525	/* pfnSetComment */
5526	iscsiSetComment,
5527	/* pfnGetUuid */
5528	iscsiGetUuid,
5529	/* pfnSetUuid */
5530	iscsiSetUuid,
5531	/* pfnGetModificationUuid */
5532	iscsiGetModificationUuid,
5533	/* pfnSetModificationUuid */
5534	iscsiSetModificationUuid,
5535	/* pfnGetParentUuid */
5536	iscsiGetParentUuid,
5537	/* pfnSetParentUuid */
5538	iscsiSetParentUuid,
5539	/* pfnGetParentModificationUuid */
5540	iscsiGetParentModificationUuid,
5541	/* pfnSetParentModificationUuid */
5542	iscsiSetParentModificationUuid,
5543	/* pfnDump */
5544	iscsiDump,
5545	/* pfnGetTimestamp */
5546	NULL,
5547	/* pfnGetParentTimestamp */
5548	NULL,
5549	/* pfnSetParentTimestamp */
5550	NULL,
5551	/* pfnGetParentFilename */
5552	NULL,
5553	/* pfnSetParentFilename */
5554	NULL,
5555	/* pfnComposeLocation */
5556	iscsiComposeLocation,
5557	/* pfnComposeName */
5558	iscsiComposeName,
5559	/* pfnCompact */
5560	NULL,
5561	/* pfnResize */
5562	NULL,
5563	/* pfnRepair */
5564	NULL,
5565	/* pfnTraverseMetadata */
5566	NULL,
5567	/* u32VersionEnd */
5568	VD_IMGBACKEND_VERSION
5569	};

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: vbox/trunk/src/VBox/Storage/ISCSI.cpp

Download in other formats: