VirtualBox

source: vbox/trunk/src/VBox/Storage/ISCSI.cpp@ 103068

Last change on this file since 103068 was 99739, checked in by vboxsync, 19 months ago

*: doxygen corrections (mostly about removing @returns from functions returning void).

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 199.7 KB
Line 
1/* $Id: ISCSI.cpp 99739 2023-05-11 01:01:08Z vboxsync $ */
2/** @file
3 * iSCSI initiator driver, VD backend.
4 */
5
6/*
7 * Copyright (C) 2006-2023 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * SPDX-License-Identifier: GPL-3.0-only
26 */
27
28
29/*********************************************************************************************************************************
30* Header Files *
31*********************************************************************************************************************************/
32#define LOG_GROUP LOG_GROUP_VD_ISCSI
33#include <VBox/vd-plugin.h>
34#include <VBox/err.h>
35
36#include <VBox/log.h>
37#include <iprt/alloc.h>
38#include <iprt/assert.h>
39#include <iprt/uuid.h>
40#include <iprt/string.h>
41#include <iprt/asm.h>
42#include <iprt/thread.h>
43#include <iprt/semaphore.h>
44#include <iprt/md5.h>
45#include <iprt/tcp.h>
46#include <iprt/time.h>
47#include <VBox/scsi.h>
48
49#include "VDBackends.h"
50#include "VDBackendsInline.h"
51
52
53/*********************************************************************************************************************************
54* Defined Constants And Macros *
55*********************************************************************************************************************************/
56
57/** The maximum number of release log entries per image. */
58#define MAX_LOG_REL_ERRORS 1024
59
60/** Default port number to use for iSCSI. */
61#define ISCSI_DEFAULT_PORT 3260
62
63
64/** Converts a number in the range of 0 - 15 into the corresponding hex char. */
65#define NUM_2_HEX(b) ('0' + (b) + (((b) > 9) ? 39 : 0))
66/** Converts a hex char into the corresponding number in the range 0-15. */
67#define HEX_2_NUM(c) (((c) <= '9') ? ((c) - '0') : (((c - 'A' + 10) & 0xf)))
68/* Converts a base64 char into the corresponding number in the range 0-63. */
69#define B64_2_NUM(c) ((c >= 'A' && c <= 'Z') ? (c - 'A') : (c >= 'a' && c <= 'z') ? (c - 'a' + 26) : (c >= '0' && c <= '9') ? (c - '0' + 52) : (c == '+') ? 62 : (c == '/') ? 63 : -1)
70
71
72/** Minimum CHAP_MD5 challenge length in bytes. */
73#define CHAP_MD5_CHALLENGE_MIN 16
74/** Maximum CHAP_MD5 challenge length in bytes. */
75#define CHAP_MD5_CHALLENGE_MAX 24
76
77
78/**
79 * SCSI peripheral device type. */
80typedef enum SCSIDEVTYPE
81{
82 /** direct-access device. */
83 SCSI_DEVTYPE_DISK = 0,
84 /** sequential-access device. */
85 SCSI_DEVTYPE_TAPE,
86 /** printer device. */
87 SCSI_DEVTYPE_PRINTER,
88 /** processor device. */
89 SCSI_DEVTYPE_PROCESSOR,
90 /** write-once device. */
91 SCSI_DEVTYPE_WORM,
92 /** CD/DVD device. */
93 SCSI_DEVTYPE_CDROM,
94 /** scanner device. */
95 SCSI_DEVTYPE_SCANNER,
96 /** optical memory device. */
97 SCSI_DEVTYPE_OPTICAL,
98 /** medium changer. */
99 SCSI_DEVTYPE_CHANGER,
100 /** communications device. */
101 SCSI_DEVTYPE_COMMUNICATION,
102 /** storage array controller device. */
103 SCSI_DEVTYPE_RAIDCTL = 0x0c,
104 /** enclosure services device. */
105 SCSI_DEVTYPE_ENCLOSURE,
106 /** simplified direct-access device. */
107 SCSI_DEVTYPE_SIMPLEDISK,
108 /** optical card reader/writer device. */
109 SCSI_DEVTYPE_OCRW,
110 /** bridge controller device. */
111 SCSI_DEVTYPE_BRIDGE,
112 /** object-based storage device. */
113 SCSI_DEVTYPE_OSD
114} SCSIDEVTYPE;
115
116/** Mask for extracting the SCSI device type out of the first byte of the INQUIRY response. */
117#define SCSI_DEVTYPE_MASK 0x1f
118
119/** Mask to extract the CmdQue bit out of the seventh byte of the INQUIRY response. */
120#define SCSI_INQUIRY_CMDQUE_MASK 0x02
121
122/** Maximum PDU payload size we can handle in one piece. Greater or equal than
123 * s_iscsiConfigDefaultWriteSplit. */
124#define ISCSI_DATA_LENGTH_MAX _256K
125
126/** Maximum PDU size we can handle in one piece. */
127#define ISCSI_RECV_PDU_BUFFER_SIZE (ISCSI_DATA_LENGTH_MAX + ISCSI_BHS_SIZE)
128
129
130/** Version of the iSCSI standard which this initiator driver can handle. */
131#define ISCSI_MY_VERSION 0
132
133
134/** Length of ISCSI basic header segment. */
135#define ISCSI_BHS_SIZE 48
136
137
138/** Reserved task tag value. */
139#define ISCSI_TASK_TAG_RSVD 0xffffffff
140
141
142/**
143 * iSCSI opcodes. */
144typedef enum ISCSIOPCODE
145{
146 /** NOP-Out. */
147 ISCSIOP_NOP_OUT = 0x00000000,
148 /** SCSI command. */
149 ISCSIOP_SCSI_CMD = 0x01000000,
150 /** SCSI task management request. */
151 ISCSIOP_SCSI_TASKMGMT_REQ = 0x02000000,
152 /** Login request. */
153 ISCSIOP_LOGIN_REQ = 0x03000000,
154 /** Text request. */
155 ISCSIOP_TEXT_REQ = 0x04000000,
156 /** SCSI Data-Out. */
157 ISCSIOP_SCSI_DATA_OUT = 0x05000000,
158 /** Logout request. */
159 ISCSIOP_LOGOUT_REQ = 0x06000000,
160 /** SNACK request. */
161 ISCSIOP_SNACK_REQ = 0x10000000,
162
163 /** NOP-In. */
164 ISCSIOP_NOP_IN = 0x20000000,
165 /** SCSI response. */
166 ISCSIOP_SCSI_RES = 0x21000000,
167 /** SCSI Task Management response. */
168 ISCSIOP_SCSI_TASKMGMT_RES = 0x22000000,
169 /** Login response. */
170 ISCSIOP_LOGIN_RES = 0x23000000,
171 /** Text response. */
172 ISCSIOP_TEXT_RES = 0x24000000,
173 /** SCSI Data-In. */
174 ISCSIOP_SCSI_DATA_IN = 0x25000000,
175 /** Logout response. */
176 ISCSIOP_LOGOUT_RES = 0x26000000,
177 /** Ready To Transfer (R2T). */
178 ISCSIOP_R2T = 0x31000000,
179 /** Asynchronous message. */
180 ISCSIOP_ASYN_MSG = 0x32000000,
181 /** Reject. */
182 ISCSIOP_REJECT = 0x3f000000
183} ISCSIOPCODE;
184
185/** Mask for extracting the iSCSI opcode out of the first header word. */
186#define ISCSIOP_MASK 0x3f000000
187
188
189/** ISCSI BHS word 0: Request should be processed immediately. */
190#define ISCSI_IMMEDIATE_DELIVERY_BIT 0x40000000
191
192/** ISCSI BHS word 0: This is the final PDU for this request/response. */
193#define ISCSI_FINAL_BIT 0x00800000
194/** ISCSI BHS word 0: Mask for extracting the CSG. */
195#define ISCSI_CSG_MASK 0x000c0000
196/** ISCSI BHS word 0: Shift offset for extracting the CSG. */
197#define ISCSI_CSG_SHIFT 18
198/** ISCSI BHS word 0: Mask for extracting the NSG. */
199#define ISCSI_NSG_MASK 0x00030000
200/** ISCSI BHS word 0: Shift offset for extracting the NSG. */
201#define ISCSI_NSG_SHIFT 16
202
203/** ISCSI BHS word 0: task attribute untagged */
204#define ISCSI_TASK_ATTR_UNTAGGED 0x00000000
205/** ISCSI BHS word 0: task attribute simple */
206#define ISCSI_TASK_ATTR_SIMPLE 0x00010000
207/** ISCSI BHS word 0: task attribute ordered */
208#define ISCSI_TASK_ATTR_ORDERED 0x00020000
209/** ISCSI BHS word 0: task attribute head of queue */
210#define ISCSI_TASK_ATTR_HOQ 0x00030000
211/** ISCSI BHS word 0: task attribute ACA */
212#define ISCSI_TASK_ATTR_ACA 0x00040000
213
214/** ISCSI BHS word 0: transit to next login phase. */
215#define ISCSI_TRANSIT_BIT 0x00800000
216/** ISCSI BHS word 0: continue with login negotiation. */
217#define ISCSI_CONTINUE_BIT 0x00400000
218
219/** ISCSI BHS word 0: residual underflow. */
220#define ISCSI_RESIDUAL_UNFL_BIT 0x00020000
221/** ISCSI BHS word 0: residual overflow. */
222#define ISCSI_RESIDUAL_OVFL_BIT 0x00040000
223/** ISCSI BHS word 0: Bidirectional read residual underflow. */
224#define ISCSI_BI_READ_RESIDUAL_UNFL_BIT 0x00080000
225/** ISCSI BHS word 0: Bidirectional read residual overflow. */
226#define ISCSI_BI_READ_RESIDUAL_OVFL_BIT 0x00100000
227
228/** ISCSI BHS word 0: SCSI response mask. */
229#define ISCSI_SCSI_RESPONSE_MASK 0x0000ff00
230/** ISCSI BHS word 0: SCSI status mask. */
231#define ISCSI_SCSI_STATUS_MASK 0x000000ff
232
233/** ISCSI BHS word 0: response includes status. */
234#define ISCSI_STATUS_BIT 0x00010000
235
236/** Maximum number of scatter/gather segments needed to send a PDU. */
237#define ISCSI_SG_SEGMENTS_MAX 4
238
239/** Number of entries in the command table. */
240#define ISCSI_CMD_WAITING_ENTRIES 32
241
242/**
243 * iSCSI login status class. */
244typedef enum ISCSILOGINSTATUSCLASS
245{
246 /** Success. */
247 ISCSI_LOGIN_STATUS_CLASS_SUCCESS = 0,
248 /** Redirection. */
249 ISCSI_LOGIN_STATUS_CLASS_REDIRECTION,
250 /** Initiator error. */
251 ISCSI_LOGIN_STATUS_CLASS_INITIATOR_ERROR,
252 /** Target error. */
253 ISCSI_LOGIN_STATUS_CLASS_TARGET_ERROR
254} ISCSILOGINSTATUSCLASS;
255
256
257/**
258 * iSCSI connection state. */
259typedef enum ISCSISTATE
260{
261 /** Not having a connection/session at all. */
262 ISCSISTATE_FREE,
263 /** Currently trying to login. */
264 ISCSISTATE_IN_LOGIN,
265 /** Normal operation, corresponds roughly to the Full Feature Phase. */
266 ISCSISTATE_NORMAL,
267 /** Currently trying to logout. */
268 ISCSISTATE_IN_LOGOUT
269} ISCSISTATE;
270
271/**
272 * iSCSI PDU send/receive flags (and maybe more in the future). */
273typedef enum ISCSIPDUFLAGS
274{
275 /** No special flags */
276 ISCSIPDU_DEFAULT = 0,
277 /** Do not attempt to re-attach to the target if the connection is lost */
278 ISCSIPDU_NO_REATTACH = RT_BIT(1)
279} ISCSIPDUFLAGS;
280
281
282/*********************************************************************************************************************************
283* Structures and Typedefs *
284*********************************************************************************************************************************/
285
286/**
287 * iSCSI login negotiation parameter
288 */
289typedef struct ISCSIPARAMETER
290{
291 /** Name of the parameter. */
292 const char *pszParamName;
293 /** Value of the parameter. */
294 const char *pszParamValue;
295 /** Length of the binary parameter. 0=zero-terminated string. */
296 size_t cbParamValue;
297} ISCSIPARAMETER;
298
299
300/**
301 * iSCSI Response PDU buffer (scatter).
302 */
303typedef struct ISCSIRES
304{
305 /** Length of PDU segment. */
306 size_t cbSeg;
307 /** Pointer to PDU segment. */
308 void *pvSeg;
309} ISCSIRES;
310/** Pointer to an iSCSI Response PDU buffer. */
311typedef ISCSIRES *PISCSIRES;
312/** Pointer to a const iSCSI Response PDU buffer. */
313typedef ISCSIRES const *PCISCSIRES;
314
315
316/**
317 * iSCSI Request PDU buffer (gather).
318 */
319typedef struct ISCSIREQ
320{
321 /** Length of PDU segment in bytes. */
322 size_t cbSeg;
323 /** Pointer to PDU segment. */
324 const void *pcvSeg;
325} ISCSIREQ;
326/** Pointer to an iSCSI Request PDU buffer. */
327typedef ISCSIREQ *PISCSIREQ;
328/** Pointer to a const iSCSI Request PDU buffer. */
329typedef ISCSIREQ const *PCISCSIREQ;
330
331
332/**
333 * SCSI transfer directions.
334 */
335typedef enum SCSIXFER
336{
337 SCSIXFER_NONE = 0,
338 SCSIXFER_TO_TARGET,
339 SCSIXFER_FROM_TARGET,
340 SCSIXFER_TO_FROM_TARGET
341} SCSIXFER, *PSCSIXFER;
342
343/** Forward declaration. */
344typedef struct ISCSIIMAGE *PISCSIIMAGE;
345
346/**
347 * SCSI request structure.
348 */
349typedef struct SCSIREQ
350{
351 /** I/O context associated with this request. */
352 PVDIOCTX pIoCtx;
353 /** Transfer direction. */
354 SCSIXFER enmXfer;
355 /** Length of command block. */
356 size_t cbCDB;
357 /** Length of Initiator2Target data buffer. */
358 size_t cbI2TData;
359 /** Length of Target2Initiator data buffer. */
360 size_t cbT2IData;
361 /** Length of sense buffer
362 * This contains the number of sense bytes received upon completion. */
363 size_t cbSense;
364 /** Completion status of the command. */
365 uint8_t status;
366 /** The CDB. */
367 uint8_t abCDB[16];
368 /** The sense buffer. */
369 uint8_t abSense[96];
370 /** Status code to return if we got sense data. */
371 int rcSense;
372 /** Pointer to the Initiator2Target S/G list. */
373 PRTSGSEG paI2TSegs;
374 /** Number of entries in the I2T S/G list. */
375 unsigned cI2TSegs;
376 /** Pointer to the Target2Initiator S/G list. */
377 PRTSGSEG paT2ISegs;
378 /** Number of entries in the T2I S/G list. */
379 unsigned cT2ISegs;
380 /** S/G buffer for the target to initiator bits. */
381 RTSGBUF SgBufT2I;
382 /** Number of retries if the command completes with sense
383 * data before we return with an error.
384 */
385 unsigned cSenseRetries;
386 /** The S/G list - variable in size.
387 * This array holds both the I2T and T2I segments.
388 * The I2T segments are first and the T2I are second.
389 */
390 RTSGSEG aSegs[1];
391} SCSIREQ, *PSCSIREQ;
392
393typedef enum ISCSICMDTYPE
394{
395 /** Process a SCSI request. */
396 ISCSICMDTYPE_REQ = 0,
397 /** Call a function in the I/O thread. */
398 ISCSICMDTYPE_EXEC,
399 /** Usual 32bit hack. */
400 ISCSICMDTYPE_32BIT_HACK = 0x7fffffff
401} ISCSICMDTYPE;
402
403
404/** The command completion function. */
405typedef DECLCALLBACKTYPE(void, FNISCSICMDCOMPLETED,(PISCSIIMAGE pImage, int rcReq, void *pvUser));
406/** Pointer to a command completion function. */
407typedef FNISCSICMDCOMPLETED *PFNISCSICMDCOMPLETED;
408
409/** The command execution function. */
410typedef DECLCALLBACKTYPE(int, FNISCSIEXEC,(void *pvUser));
411/** Pointer to a command execution function. */
412typedef FNISCSIEXEC *PFNISCSIEXEC;
413
414/**
415 * Structure used to complete a synchronous request.
416 */
417typedef struct ISCSICMDSYNC
418{
419 /** Event semaphore to wakeup the waiting thread. */
420 RTSEMEVENT EventSem;
421 /** Status code of the command. */
422 int rcCmd;
423} ISCSICMDSYNC, *PISCSICMDSYNC;
424
425/**
426 * iSCSI command.
427 * Used to forward requests to the I/O thread
428 * if existing.
429 */
430typedef struct ISCSICMD
431{
432 /** Next one in the list. */
433 struct ISCSICMD *pNext;
434 /** Assigned ITT. */
435 uint32_t Itt;
436 /** Completion callback. */
437 PFNISCSICMDCOMPLETED pfnComplete;
438 /** Opaque user data. */
439 void *pvUser;
440 /** Command to execute. */
441 ISCSICMDTYPE enmCmdType;
442 /** Command type dependent data. */
443 union
444 {
445 /** Process a SCSI request. */
446 struct
447 {
448 /** The SCSI request to process. */
449 PSCSIREQ pScsiReq;
450 } ScsiReq;
451 /** Call a function in the I/O thread. */
452 struct
453 {
454 /** The method to execute. */
455 PFNISCSIEXEC pfnExec;
456 /** User data. */
457 void *pvUser;
458 } Exec;
459 } CmdType;
460} ISCSICMD, *PISCSICMD;
461
462/**
463 * Send iSCSI PDU.
464 * Contains all necessary data to send a PDU.
465 */
466typedef struct ISCSIPDUTX
467{
468 /** Pointer to the next PDu to send. */
469 struct ISCSIPDUTX *pNext;
470 /** The BHS. */
471 uint32_t aBHS[12];
472 /** Assigned CmdSN for this PDU. */
473 uint32_t CmdSN;
474 /** The S/G buffer used for sending. */
475 RTSGBUF SgBuf;
476 /** Number of bytes to send until the PDU completed. */
477 size_t cbSgLeft;
478 /** The iSCSI command this PDU belongs to. */
479 PISCSICMD pIScsiCmd;
480 /** Number of segments in the request segments array. */
481 unsigned cISCSIReq;
482 /** The request segments - variable in size. */
483 RTSGSEG aISCSIReq[1];
484} ISCSIPDUTX, *PISCSIPDUTX;
485
486/**
487 * Block driver instance data.
488 */
489typedef struct ISCSIIMAGE
490{
491 /** Pointer to the filename (location). Not really used. */
492 const char *pszFilename;
493 /** Pointer to the initiator name. */
494 char *pszInitiatorName;
495 /** Pointer to the target name. */
496 char *pszTargetName;
497 /** Pointer to the target address. */
498 char *pszTargetAddress;
499 /** Pointer to the user name for authenticating the Initiator. */
500 char *pszInitiatorUsername;
501 /** Pointer to the secret for authenticating the Initiator. */
502 uint8_t *pbInitiatorSecret;
503 /** Length of the secret for authenticating the Initiator. */
504 size_t cbInitiatorSecret;
505 /** Pointer to the user name for authenticating the Target. */
506 char *pszTargetUsername;
507 /** Pointer to the secret for authenticating the Initiator. */
508 uint8_t *pbTargetSecret;
509 /** Length of the secret for authenticating the Initiator. */
510 size_t cbTargetSecret;
511 /** Limit for iSCSI writes, essentially limiting the amount of data
512 * written in a single write. This is negotiated with the target, so
513 * the actual size might be smaller. */
514 uint32_t cbWriteSplit;
515 /** Initiator session identifier. */
516 uint64_t ISID;
517 /** SCSI Logical Unit Number. */
518 uint64_t LUN;
519 /** Pointer to the per-disk VD interface list. */
520 PVDINTERFACE pVDIfsDisk;
521 /** Pointer to the per-image VD interface list. */
522 PVDINTERFACE pVDIfsImage;
523 /** Error interface. */
524 PVDINTERFACEERROR pIfError;
525 /** Config interface. */
526 PVDINTERFACECONFIG pIfConfig;
527 /** I/O interface. */
528 PVDINTERFACEIOINT pIfIo;
529 /** TCP network stack interface. */
530 PVDINTERFACETCPNET pIfNet;
531 /** Image open flags. */
532 unsigned uOpenFlags;
533 /** Number of re-login retries when a connection fails. */
534 uint32_t cISCSIRetries;
535 /** Sector size on volume. */
536 uint32_t cbSector;
537 /** Size of volume in sectors. */
538 uint64_t cVolume;
539 /** Total volume size in bytes. Easier than multiplying the above values all the time. */
540 uint64_t cbSize;
541
542 /** Negotiated maximum data length when sending to target. */
543 uint32_t cbSendDataLength;
544 /** Negotiated maximum data length when receiving from target. */
545 uint32_t cbRecvDataLength;
546
547 /** Current state of the connection/session. */
548 ISCSISTATE state;
549 /** Flag whether the first Login Response PDU has been seen. */
550 bool FirstRecvPDU;
551 /** Initiator Task Tag of the last iSCSI request PDU. */
552 uint32_t ITT;
553 /** Sequence number of the last command. */
554 uint32_t CmdSN;
555 /** Sequence number of the next command expected by the target. */
556 uint32_t ExpCmdSN;
557 /** Maximum sequence number accepted by the target (determines size of window). */
558 uint32_t MaxCmdSN;
559 /** Expected sequence number of next status. */
560 uint32_t ExpStatSN;
561 /** Currently active request. */
562 PISCSIREQ paCurrReq;
563 /** Segment number of currently active request. */
564 uint32_t cnCurrReq;
565 /** Pointer to receive PDU buffer. (Freed by RT) */
566 void *pvRecvPDUBuf;
567 /** Length of receive PDU buffer. */
568 size_t cbRecvPDUBuf;
569 /** Mutex protecting against concurrent use from several threads. */
570 RTSEMMUTEX Mutex;
571
572 /** Pointer to the target hostname. */
573 char *pszHostname;
574 /** Port to use on the target host. */
575 uint32_t uPort;
576 /** Socket handle of the TCP connection. */
577 VDSOCKET Socket;
578 /** Timeout for read operations on the TCP connection (in milliseconds). */
579 uint32_t uReadTimeout;
580 /** Flag whether to automatically generate the initiator name. */
581 bool fAutomaticInitiatorName;
582 /** Flag whether to automatically determine the LUN. */
583 bool fAutomaticLUN;
584 /** Flag whether to use the host IP stack or DevINIP. */
585 bool fHostIP;
586 /** Flag whether to dump malformed packets in the release log. */
587 bool fDumpMalformedPackets;
588 /** Flag whtether the target is readonly. */
589 bool fTargetReadOnly;
590 /** Flag whether to retry the connection before processing new requests. */
591 bool fTryReconnect;
592
593 /** Head of request queue */
594 PISCSICMD pScsiReqQueue;
595 /** Mutex protecting the request queue from concurrent access. */
596 RTSEMMUTEX MutexReqQueue;
597 /** I/O thread. */
598 RTTHREAD hThreadIo;
599 /** Flag whether the thread should be still running. */
600 volatile bool fRunning;
601 /* Flag whether the target supports command queuing. */
602 bool fCmdQueuingSupported;
603 /** Flag whether extended select is supported. */
604 bool fExtendedSelectSupported;
605 /** Padding used for aligning the PDUs. */
606 uint8_t aPadding[4];
607 /** Socket events to poll for. */
608 uint32_t fPollEvents;
609 /** Number of bytes to read to complete the current PDU. */
610 size_t cbRecvPDUResidual;
611 /** Current position in the PDU buffer. */
612 uint8_t *pbRecvPDUBufCur;
613 /** Flag whether we are currently reading the BHS. */
614 bool fRecvPDUBHS;
615 /** List of PDUs waiting to get transmitted. */
616 PISCSIPDUTX pIScsiPDUTxHead;
617 /** Tail of PDUs waiting to get transmitted. */
618 PISCSIPDUTX pIScsiPDUTxTail;
619 /** PDU we are currently transmitting. */
620 PISCSIPDUTX pIScsiPDUTxCur;
621 /** Number of commands waiting for an answer from the target.
622 * Used for timeout handling for poll.
623 */
624 unsigned cCmdsWaiting;
625 /** Table of commands waiting for a response from the target. */
626 PISCSICMD aCmdsWaiting[ISCSI_CMD_WAITING_ENTRIES];
627 /** Number of logins since last successful I/O.
628 * Used to catch the case where logging succeeds but
629 * processing read/write/flushes cause a disconnect.
630 */
631 volatile uint32_t cLoginsSinceIo;
632
633 /** Release log counter. */
634 unsigned cLogRelErrors;
635 /** The static region list. */
636 VDREGIONLIST RegionList;
637} ISCSIIMAGE;
638
639
640/*********************************************************************************************************************************
641* Static Variables *
642*********************************************************************************************************************************/
643
644/** Default initiator basename. */
645static const char *s_iscsiDefaultInitiatorBasename = "iqn.2009-08.com.sun.virtualbox.initiator";
646
647/** Default LUN. */
648static const char *s_iscsiConfigDefaultLUN = "0";
649
650/** Default timeout, 10 seconds. */
651static const char *s_iscsiConfigDefaultTimeout = "10000";
652
653/** Default write split value, less or equal to ISCSI_DATA_LENGTH_MAX. */
654static const char *s_iscsiConfigDefaultWriteSplit = "262144";
655
656/** Default host IP stack. */
657static const char *s_iscsiConfigDefaultHostIPStack = "1";
658
659/** Default dump malformed packet configuration value. */
660static const char *s_iscsiConfigDefaultDumpMalformedPackets = "0";
661
662/** Description of all accepted config parameters. */
663static const VDCONFIGINFO s_iscsiConfigInfo[] =
664{
665 { "TargetName", NULL, VDCFGVALUETYPE_STRING, VD_CFGKEY_MANDATORY },
666 /* LUN is defined of string type to handle the "enc" prefix. */
667 { "LUN", s_iscsiConfigDefaultLUN, VDCFGVALUETYPE_STRING, VD_CFGKEY_MANDATORY },
668 { "TargetAddress", NULL, VDCFGVALUETYPE_STRING, VD_CFGKEY_MANDATORY },
669 { "InitiatorName", NULL, VDCFGVALUETYPE_STRING, 0 },
670 { "InitiatorUsername", NULL, VDCFGVALUETYPE_STRING, 0 },
671 { "InitiatorSecret", NULL, VDCFGVALUETYPE_BYTES, 0 },
672 { "TargetUsername", NULL, VDCFGVALUETYPE_STRING, VD_CFGKEY_EXPERT },
673 { "TargetSecret", NULL, VDCFGVALUETYPE_BYTES, VD_CFGKEY_EXPERT },
674 { "WriteSplit", s_iscsiConfigDefaultWriteSplit, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
675 { "Timeout", s_iscsiConfigDefaultTimeout, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
676 { "HostIPStack", s_iscsiConfigDefaultHostIPStack, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
677 { "DumpMalformedPackets", s_iscsiConfigDefaultDumpMalformedPackets, VDCFGVALUETYPE_INTEGER, VD_CFGKEY_EXPERT },
678 { NULL, NULL, VDCFGVALUETYPE_INTEGER, 0 }
679};
680
681
682/*********************************************************************************************************************************
683* Internal Functions *
684*********************************************************************************************************************************/
685
686/* iSCSI low-level functions (only to be used from the iSCSI high-level functions). */
687static uint32_t iscsiNewITT(PISCSIIMAGE pImage);
688static int iscsiSendPDU(PISCSIIMAGE pImage, PISCSIREQ paReq, uint32_t cnReq, uint32_t uFlags);
689static int iscsiRecvPDU(PISCSIIMAGE pImage, uint32_t itt, PISCSIRES paRes, uint32_t cnRes, uint32_t fFlags);
690static int iscsiRecvPDUAsync(PISCSIIMAGE pImage);
691static int iscsiSendPDUAsync(PISCSIIMAGE pImage);
692static int iscsiValidatePDU(PISCSIRES paRes, uint32_t cnRes);
693static int iscsiRecvPDUProcess(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes);
694static int iscsiPDUTxPrepare(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd);
695static int iscsiRecvPDUUpdateRequest(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes);
696static void iscsiCmdComplete(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd, int rcCmd);
697static int iscsiTextAddKeyValue(uint8_t *pbBuf, size_t cbBuf, size_t *pcbBufCurr, const char *pcszKey, const char *pcszValue, size_t cbValue);
698static int iscsiTextGetKeyValue(const uint8_t *pbBuf, size_t cbBuf, const char *pcszKey, const char **ppcszValue);
699static int iscsiStrToBinary(const char *pcszValue, uint8_t *pbValue, size_t *pcbValue);
700static int iscsiUpdateParameters(PISCSIIMAGE pImage, const uint8_t *pbBuf, size_t cbBuf);
701
702/* Serial number arithmetic comparison. */
703static bool serial_number_less(uint32_t sn1, uint32_t sn2);
704static bool serial_number_greater(uint32_t sn1, uint32_t sn2);
705
706/* CHAP-MD5 functions. */
707#ifdef IMPLEMENT_TARGET_AUTH
708static void chap_md5_generate_challenge(uint8_t *pbChallenge, size_t *pcbChallenge);
709#endif
710static void chap_md5_compute_response(uint8_t *pbResponse, uint8_t id, const uint8_t *pbChallenge, size_t cbChallenge,
711 const uint8_t *pbSecret, size_t cbSecret);
712
713/**
714 * Internal: release log wrapper limiting the number of entries.
715 */
716DECLINLINE(void) iscsiLogRel(PISCSIIMAGE pImage, const char *pcszFormat, ...)
717{
718 if (pImage->cLogRelErrors++ < MAX_LOG_REL_ERRORS)
719 {
720 va_list va;
721
722 va_start(va, pcszFormat);
723 LogRel(("%N\n", pcszFormat, &va));
724 va_end(va);
725 }
726}
727
728DECLINLINE(bool) iscsiIsClientConnected(PISCSIIMAGE pImage)
729{
730 return pImage->Socket != NIL_VDSOCKET
731 && pImage->pIfNet->pfnIsClientConnected(pImage->Socket);
732}
733
734/**
735 * Calculates the hash for the given ITT used
736 * to look up the command in the table.
737 */
738DECLINLINE(uint32_t) iscsiIttHash(uint32_t Itt)
739{
740 return Itt % ISCSI_CMD_WAITING_ENTRIES;
741}
742
743static PISCSICMD iscsiCmdGetFromItt(PISCSIIMAGE pImage, uint32_t Itt)
744{
745 PISCSICMD pIScsiCmd = NULL;
746
747 pIScsiCmd = pImage->aCmdsWaiting[iscsiIttHash(Itt)];
748
749 while ( pIScsiCmd
750 && pIScsiCmd->Itt != Itt)
751 pIScsiCmd = pIScsiCmd->pNext;
752
753 return pIScsiCmd;
754}
755
756static void iscsiCmdInsert(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd)
757{
758 PISCSICMD pIScsiCmdOld;
759 uint32_t idx = iscsiIttHash(pIScsiCmd->Itt);
760
761 Assert(!pIScsiCmd->pNext);
762
763 pIScsiCmdOld = pImage->aCmdsWaiting[idx];
764 pIScsiCmd->pNext = pIScsiCmdOld;
765 pImage->aCmdsWaiting[idx] = pIScsiCmd;
766 pImage->cCmdsWaiting++;
767}
768
769static PISCSICMD iscsiCmdRemove(PISCSIIMAGE pImage, uint32_t Itt)
770{
771 PISCSICMD pIScsiCmd = NULL;
772 PISCSICMD pIScsiCmdPrev = NULL;
773 uint32_t idx = iscsiIttHash(Itt);
774
775 pIScsiCmd = pImage->aCmdsWaiting[idx];
776
777 while ( pIScsiCmd
778 && pIScsiCmd->Itt != Itt)
779 {
780 pIScsiCmdPrev = pIScsiCmd;
781 pIScsiCmd = pIScsiCmd->pNext;
782 }
783
784 if (pIScsiCmd)
785 {
786 if (pIScsiCmdPrev)
787 {
788 AssertPtrNull(pIScsiCmd->pNext);
789 pIScsiCmdPrev->pNext = pIScsiCmd->pNext;
790 }
791 else
792 {
793 pImage->aCmdsWaiting[idx] = pIScsiCmd->pNext;
794 AssertPtrNull(pImage->aCmdsWaiting[idx]);
795 }
796 pImage->cCmdsWaiting--;
797 }
798
799 return pIScsiCmd;
800}
801
802/**
803 * Removes all commands from the table and returns the
804 * list head
805 *
806 * @returns Pointer to the head of the command list.
807 * @param pImage iSCSI connection to use.
808 */
809static PISCSICMD iscsiCmdRemoveAll(PISCSIIMAGE pImage)
810{
811 PISCSICMD pIScsiCmdHead = NULL;
812
813 for (unsigned idx = 0; idx < RT_ELEMENTS(pImage->aCmdsWaiting); idx++)
814 {
815 PISCSICMD pHead;
816 PISCSICMD pTail;
817
818 pHead = pImage->aCmdsWaiting[idx];
819 pImage->aCmdsWaiting[idx] = NULL;
820
821 if (pHead)
822 {
823 /* Get the tail. */
824 pTail = pHead;
825 while (pTail->pNext)
826 pTail = pTail->pNext;
827
828 /* Concatenate. */
829 pTail->pNext = pIScsiCmdHead;
830 pIScsiCmdHead = pHead;
831 }
832 }
833 pImage->cCmdsWaiting = 0;
834
835 return pIScsiCmdHead;
836}
837
838/**
839 * Dumps an iSCSI packet if enabled.
840 *
841 * @param pImage The iSCSI image instance data.
842 * @param paISCSISegs Pointer to the segments array.
843 * @param cnISCSISegs Number of segments in the array.
844 * @param rc Status code for this packet.
845 * @param fRequest Flag whether this is request or response packet.
846 */
847static void iscsiDumpPacket(PISCSIIMAGE pImage, PISCSIREQ paISCSISegs, unsigned cnISCSISegs, int rc, bool fRequest)
848{
849 if (pImage->fDumpMalformedPackets)
850 {
851 LogRel(("iSCSI{%s}: Dumping %s packet completed with status code %Rrc\n", pImage->pszTargetName, fRequest ? "request" : "response", rc));
852 for (unsigned i = 0; i < cnISCSISegs; i++)
853 {
854 if (paISCSISegs[i].cbSeg)
855 {
856 LogRel(("iSCSI{%s}: Segment %u, size %zu\n"
857 "%.*Rhxd\n",
858 pImage->pszTargetName, i, paISCSISegs[i].cbSeg,
859 paISCSISegs[i].cbSeg, paISCSISegs[i].pcvSeg));
860 }
861 }
862 }
863}
864
865static int iscsiTransportConnect(PISCSIIMAGE pImage)
866{
867 int rc;
868 if (!pImage->pszHostname)
869 return VERR_NET_DEST_ADDRESS_REQUIRED;
870
871 rc = pImage->pIfNet->pfnClientConnect(pImage->Socket, pImage->pszHostname, pImage->uPort, pImage->uReadTimeout);
872 if (RT_FAILURE(rc))
873 {
874 if ( rc == VERR_NET_CONNECTION_REFUSED
875 || rc == VERR_NET_CONNECTION_RESET
876 || rc == VERR_NET_UNREACHABLE
877 || rc == VERR_NET_HOST_UNREACHABLE
878 || rc == VERR_NET_CONNECTION_TIMED_OUT)
879 {
880 /* Standardize return value for no connection. */
881 rc = VERR_NET_CONNECTION_REFUSED;
882 }
883 return rc;
884 }
885
886 /* Disable Nagle algorithm, we want things to be sent immediately. */
887 pImage->pIfNet->pfnSetSendCoalescing(pImage->Socket, false);
888
889 /* Make initiator name and ISID unique on this host. */
890 RTNETADDR LocalAddr;
891 rc = pImage->pIfNet->pfnGetLocalAddress(pImage->Socket, &LocalAddr);
892 if (RT_FAILURE(rc))
893 return rc;
894 if ( LocalAddr.uPort == RTNETADDR_PORT_NA
895 || LocalAddr.uPort > 65535)
896 return VERR_NET_ADDRESS_FAMILY_NOT_SUPPORTED;
897 pImage->ISID &= ~65535ULL;
898 pImage->ISID |= LocalAddr.uPort;
899 /* Eliminate the port so that it isn't included below. */
900 LocalAddr.uPort = RTNETADDR_PORT_NA;
901 if (pImage->fAutomaticInitiatorName)
902 {
903 if (pImage->pszInitiatorName)
904 RTStrFree(pImage->pszInitiatorName);
905 RTStrAPrintf(&pImage->pszInitiatorName, "%s:01:%RTnaddr",
906 s_iscsiDefaultInitiatorBasename, &LocalAddr);
907 if (!pImage->pszInitiatorName)
908 return VERR_NO_MEMORY;
909 }
910 LogRel(("iSCSI: connect from initiator %s with source port %u\n", pImage->pszInitiatorName, pImage->ISID & 65535));
911 return VINF_SUCCESS;
912}
913
914
915static int iscsiTransportClose(PISCSIIMAGE pImage)
916{
917 int rc;
918
919 LogFlowFunc(("(%s:%d)\n", pImage->pszHostname, pImage->uPort));
920 if (iscsiIsClientConnected(pImage))
921 {
922 LogRel(("iSCSI: disconnect from initiator %s with source port %u\n", pImage->pszInitiatorName, pImage->ISID & 65535));
923 rc = pImage->pIfNet->pfnClientClose(pImage->Socket);
924 }
925 else
926 rc = VINF_SUCCESS;
927 LogFlowFunc(("returns %Rrc\n", rc));
928 return rc;
929}
930
931
932static int iscsiTransportRead(PISCSIIMAGE pImage, PISCSIRES paResponse, unsigned int cnResponse)
933{
934 int rc = VINF_SUCCESS;
935 unsigned int i = 0;
936 size_t cbToRead, cbActuallyRead, residual, cbSegActual = 0, cbAHSLength, cbDataLength;
937 char *pDst;
938
939 LogFlowFunc(("cnResponse=%d (%s:%d)\n", cnResponse, pImage->pszHostname, pImage->uPort));
940 if (!iscsiIsClientConnected(pImage))
941 {
942 /* Reconnecting makes no sense in this case, as there will be nothing
943 * to receive. We would just run into a timeout. */
944 rc = VERR_BROKEN_PIPE;
945 }
946
947 if (RT_SUCCESS(rc) && paResponse[0].cbSeg >= ISCSI_BHS_SIZE)
948 {
949 cbToRead = 0;
950 residual = ISCSI_BHS_SIZE; /* Do not read more than the BHS length before the true PDU length is known. */
951 cbSegActual = residual;
952 pDst = (char *)paResponse[i].pvSeg;
953 uint64_t u64Timeout = RTTimeMilliTS() + pImage->uReadTimeout;
954 do
955 {
956 int64_t cMilliesRemaining = u64Timeout - RTTimeMilliTS();
957 if (cMilliesRemaining <= 0)
958 {
959 rc = VERR_TIMEOUT;
960 break;
961 }
962 Assert(cMilliesRemaining < 1000000);
963 rc = pImage->pIfNet->pfnSelectOne(pImage->Socket, cMilliesRemaining);
964 if (RT_FAILURE(rc))
965 break;
966 rc = pImage->pIfNet->pfnRead(pImage->Socket, pDst, residual, &cbActuallyRead);
967 if (RT_FAILURE(rc))
968 break;
969 if (cbActuallyRead == 0)
970 {
971 /* The other end has closed the connection. */
972 iscsiTransportClose(pImage);
973 pImage->state = ISCSISTATE_FREE;
974 rc = VERR_NET_CONNECTION_RESET;
975 break;
976 }
977 if (cbToRead == 0)
978 {
979 /* Currently reading the BHS. */
980 residual -= cbActuallyRead;
981 pDst += cbActuallyRead;
982 if (residual <= 40)
983 {
984 /* Enough data read to figure out the actual PDU size. */
985 uint32_t word1 = RT_N2H_U32(((uint32_t *)(paResponse[0].pvSeg))[1]);
986 cbAHSLength = (word1 & 0xff000000) >> 24;
987 cbAHSLength = ((cbAHSLength - 1) | 3) + 1; /* Add padding. */
988 cbDataLength = word1 & 0x00ffffff;
989 cbDataLength = ((cbDataLength - 1) | 3) + 1; /* Add padding. */
990 cbToRead = residual + cbAHSLength + cbDataLength;
991 residual += paResponse[0].cbSeg - ISCSI_BHS_SIZE;
992 if (residual > cbToRead)
993 residual = cbToRead;
994 cbSegActual = ISCSI_BHS_SIZE + cbAHSLength + cbDataLength;
995 /* Check whether we are already done with this PDU (no payload). */
996 if (cbToRead == 0)
997 break;
998 }
999 }
1000 else
1001 {
1002 cbToRead -= cbActuallyRead;
1003 if (cbToRead == 0)
1004 break;
1005 pDst += cbActuallyRead;
1006 residual -= cbActuallyRead;
1007 }
1008 if (residual == 0)
1009 {
1010 i++;
1011 if (i >= cnResponse)
1012 {
1013 /* No space left in receive buffers. */
1014 rc = VERR_BUFFER_OVERFLOW;
1015 break;
1016 }
1017 pDst = (char *)paResponse[i].pvSeg;
1018 residual = paResponse[i].cbSeg;
1019 if (residual > cbToRead)
1020 residual = cbToRead;
1021 cbSegActual = residual;
1022 }
1023 LogFlowFunc(("cbToRead=%u residual=%u cbSegActual=%u cbActuallRead=%u\n",
1024 cbToRead, residual, cbSegActual, cbActuallyRead));
1025 } while (true);
1026 }
1027 else
1028 {
1029 if (RT_SUCCESS(rc))
1030 rc = VERR_BUFFER_OVERFLOW;
1031 }
1032 if (RT_SUCCESS(rc))
1033 {
1034 paResponse[i].cbSeg = cbSegActual;
1035 for (i++; i < cnResponse; i++)
1036 paResponse[i].cbSeg = 0;
1037 }
1038
1039 if (RT_UNLIKELY( RT_FAILURE(rc)
1040 && ( rc == VERR_NET_CONNECTION_RESET
1041 || rc == VERR_NET_CONNECTION_ABORTED
1042 || rc == VERR_NET_CONNECTION_RESET_BY_PEER
1043 || rc == VERR_NET_CONNECTION_REFUSED
1044 || rc == VERR_BROKEN_PIPE)))
1045 {
1046 /* Standardize return value for broken connection. */
1047 rc = VERR_BROKEN_PIPE;
1048 }
1049
1050 LogFlowFunc(("returns %Rrc\n", rc));
1051 return rc;
1052}
1053
1054
1055static int iscsiTransportWrite(PISCSIIMAGE pImage, PISCSIREQ paRequest, unsigned int cnRequest)
1056{
1057 int rc = VINF_SUCCESS;
1058 unsigned int i;
1059
1060 LogFlowFunc(("cnRequest=%d (%s:%d)\n", cnRequest, pImage->pszHostname, pImage->uPort));
1061 if (!iscsiIsClientConnected(pImage))
1062 {
1063 /* Attempt to reconnect if the connection was previously broken. */
1064 rc = iscsiTransportConnect(pImage);
1065 }
1066
1067 if (RT_SUCCESS(rc))
1068 {
1069 /* Construct scatter/gather buffer for entire request, worst case
1070 * needs twice as many entries to allow for padding. */
1071 unsigned cBuf = 0;
1072 for (i = 0; i < cnRequest; i++)
1073 {
1074 cBuf++;
1075 if (paRequest[i].cbSeg & 3)
1076 cBuf++;
1077 }
1078 Assert(cBuf < ISCSI_SG_SEGMENTS_MAX);
1079 RTSGBUF buf;
1080 RTSGSEG aSeg[ISCSI_SG_SEGMENTS_MAX];
1081 static char aPad[4] = { 0, 0, 0, 0 };
1082 RTSgBufInit(&buf, &aSeg[0], cBuf);
1083 unsigned iBuf = 0;
1084 for (i = 0; i < cnRequest; i++)
1085 {
1086 /* Actual data chunk. */
1087 aSeg[iBuf].pvSeg = (void *)paRequest[i].pcvSeg;
1088 aSeg[iBuf].cbSeg = paRequest[i].cbSeg;
1089 iBuf++;
1090 /* Insert proper padding before the next chunk. */
1091 if (paRequest[i].cbSeg & 3)
1092 {
1093 aSeg[iBuf].pvSeg = &aPad[0];
1094 aSeg[iBuf].cbSeg = 4 - (paRequest[i].cbSeg & 3);
1095 iBuf++;
1096 }
1097 }
1098 /* Send out the request, the socket is set to send data immediately,
1099 * avoiding unnecessary delays. */
1100 rc = pImage->pIfNet->pfnSgWrite(pImage->Socket, &buf);
1101
1102 }
1103
1104 if (RT_UNLIKELY( RT_FAILURE(rc)
1105 && ( rc == VERR_NET_CONNECTION_RESET
1106 || rc == VERR_NET_CONNECTION_ABORTED
1107 || rc == VERR_NET_CONNECTION_RESET_BY_PEER
1108 || rc == VERR_NET_CONNECTION_REFUSED
1109 || rc == VERR_BROKEN_PIPE)))
1110 {
1111 /* Standardize return value for broken connection. */
1112 rc = VERR_BROKEN_PIPE;
1113 }
1114
1115 LogFlowFunc(("returns %Rrc\n", rc));
1116 return rc;
1117}
1118
1119
1120static int iscsiTransportOpen(PISCSIIMAGE pImage)
1121{
1122 int rc = VINF_SUCCESS;
1123 size_t cbHostname = 0; /* shut up gcc */
1124 const char *pcszPort = NULL; /* shut up gcc */
1125 char *pszPortEnd;
1126 uint16_t uPort;
1127
1128 /* Clean up previous connection data. */
1129 iscsiTransportClose(pImage);
1130 if (pImage->pszHostname)
1131 {
1132 RTMemFree(pImage->pszHostname);
1133 pImage->pszHostname = NULL;
1134 pImage->uPort = 0;
1135 }
1136
1137 /* Locate the port number via the colon separating the hostname from the port. */
1138 if (*pImage->pszTargetAddress)
1139 {
1140 if (*pImage->pszTargetAddress != '[')
1141 {
1142 /* Normal hostname or IPv4 dotted decimal. */
1143 pcszPort = strchr(pImage->pszTargetAddress, ':');
1144 if (pcszPort != NULL)
1145 {
1146 cbHostname = pcszPort - pImage->pszTargetAddress;
1147 pcszPort++;
1148 }
1149 else
1150 cbHostname = strlen(pImage->pszTargetAddress);
1151 }
1152 else
1153 {
1154 /* IPv6 literal address. Contains colons, so skip to closing square bracket. */
1155 pcszPort = strchr(pImage->pszTargetAddress, ']');
1156 if (pcszPort != NULL)
1157 {
1158 pcszPort++;
1159 cbHostname = pcszPort - pImage->pszTargetAddress;
1160 if (*pcszPort == '\0')
1161 pcszPort = NULL;
1162 else if (*pcszPort != ':')
1163 rc = VERR_PARSE_ERROR;
1164 else
1165 pcszPort++;
1166 }
1167 else
1168 rc = VERR_PARSE_ERROR;
1169 }
1170 }
1171 else
1172 rc = VERR_PARSE_ERROR;
1173
1174 /* Now split address into hostname and port. */
1175 if (RT_SUCCESS(rc))
1176 {
1177 pImage->pszHostname = (char *)RTMemAlloc(cbHostname + 1);
1178 if (!pImage->pszHostname)
1179 rc = VERR_NO_MEMORY;
1180 else
1181 {
1182 if (pImage->pszTargetAddress[0] == '[')
1183 memcpy(pImage->pszHostname, pImage->pszTargetAddress + 1, cbHostname);
1184 else
1185 memcpy(pImage->pszHostname, pImage->pszTargetAddress, cbHostname);
1186 pImage->pszHostname[cbHostname] = '\0';
1187 if (pcszPort != NULL)
1188 {
1189 rc = RTStrToUInt16Ex(pcszPort, &pszPortEnd, 0, &uPort);
1190 /* Note that RT_SUCCESS() macro to check the rc value is not strict enough in this case. */
1191 if (rc == VINF_SUCCESS && *pszPortEnd == '\0' && uPort != 0)
1192 {
1193 pImage->uPort = uPort;
1194 }
1195 else
1196 {
1197 rc = VERR_PARSE_ERROR;
1198 }
1199 }
1200 else
1201 pImage->uPort = ISCSI_DEFAULT_PORT;
1202 }
1203 }
1204
1205 if (RT_SUCCESS(rc))
1206 {
1207 if (!iscsiIsClientConnected(pImage))
1208 rc = iscsiTransportConnect(pImage);
1209 }
1210 else
1211 {
1212 if (pImage->pszHostname)
1213 {
1214 RTMemFree(pImage->pszHostname);
1215 pImage->pszHostname = NULL;
1216 }
1217 pImage->uPort = 0;
1218 }
1219
1220 LogFlowFunc(("returns %Rrc\n", rc));
1221 return rc;
1222}
1223
1224/**
1225 * Returns a human readable version of the given initiator login error detail.
1226 *
1227 * @returns String with the error detail.
1228 * @param u8Detail The detail indicator from the response.
1229 */
1230static const char *iscsiGetLoginErrorDetail(uint8_t u8Detail)
1231{
1232 const char *pszDetail = NULL;
1233
1234 switch (u8Detail)
1235 {
1236 case 0x00:
1237 pszDetail = "Miscelleanous iSCSI intiaitor error";
1238 break;
1239 case 0x01:
1240 pszDetail = "Authentication failure";
1241 break;
1242 case 0x02:
1243 pszDetail = "Authorization failure";
1244 break;
1245 case 0x03:
1246 pszDetail = "Not found";
1247 break;
1248 case 0x04:
1249 pszDetail = "Target removed";
1250 break;
1251 case 0x05:
1252 pszDetail = "Unsupported version";
1253 break;
1254 case 0x06:
1255 pszDetail = "Too many connections";
1256 break;
1257 case 0x07:
1258 pszDetail = "Missing parameter";
1259 break;
1260 case 0x08:
1261 pszDetail = "Can't include in session";
1262 break;
1263 case 0x09:
1264 pszDetail = "Session type not supported";
1265 break;
1266 case 0x0a:
1267 pszDetail = "Session does not exist";
1268 break;
1269 case 0x0b:
1270 pszDetail = "Invalid request type during login";
1271 break;
1272 default:
1273 pszDetail = "Unknown status detail";
1274 }
1275
1276 return pszDetail;
1277}
1278
1279/**
1280 * Attempts one login attempt to the given target.
1281 *
1282 * @returns VBox status code.
1283 * @retval VINF_TRY_AGAIN when getting redirected and having to start over.
1284 * @retval VERR_TRY_AGAIN in case the connection was lost while receiving a reply
1285 * from the target and the login attempt can be repeated.
1286 * @param pImage The iSCSI connection state to be used.
1287 */
1288static int iscsiLogin(PISCSIIMAGE pImage)
1289{
1290 int rc = VINF_SUCCESS;
1291 uint32_t itt;
1292 uint32_t csg, nsg, substate;
1293 uint64_t isid_tsih;
1294 uint8_t bBuf[4096]; /* Should be large enough even for large authentication values. */
1295 size_t cbBuf;
1296 bool transit;
1297 uint8_t pbChallenge[1024]; /* RFC3720 specifies this as maximum. */
1298 size_t cbChallenge = 0; /* shut up gcc */
1299 uint8_t bChapIdx = 0; /* (MSC is used uninitialized) */
1300 uint8_t aResponse[RTMD5HASHSIZE];
1301 uint32_t cnISCSIReq = 0;
1302 ISCSIREQ aISCSIReq[4];
1303 uint32_t aReqBHS[12];
1304 uint32_t cnISCSIRes = 0;
1305 ISCSIRES aISCSIRes[2];
1306 uint32_t aResBHS[12];
1307 char *pszNext;
1308 bool fParameterNeg = true;
1309 pImage->cbRecvDataLength = ISCSI_DATA_LENGTH_MAX;
1310 pImage->cbSendDataLength = RT_MIN(ISCSI_DATA_LENGTH_MAX, pImage->cbWriteSplit);
1311 char szMaxDataLength[16];
1312 RTStrPrintf(szMaxDataLength, sizeof(szMaxDataLength), "%u", ISCSI_DATA_LENGTH_MAX);
1313 ISCSIPARAMETER aParameterNeg[] =
1314 {
1315 { "HeaderDigest", "None", 0 },
1316 { "DataDigest", "None", 0 },
1317 { "MaxConnections", "1", 0 },
1318 { "InitialR2T", "No", 0 },
1319 { "ImmediateData", "Yes", 0 },
1320 { "MaxRecvDataSegmentLength", szMaxDataLength, 0 },
1321 { "MaxBurstLength", szMaxDataLength, 0 },
1322 { "FirstBurstLength", szMaxDataLength, 0 },
1323 { "DefaultTime2Wait", "0", 0 },
1324 { "DefaultTime2Retain", "60", 0 },
1325 { "DataPDUInOrder", "Yes", 0 },
1326 { "DataSequenceInOrder", "Yes", 0 },
1327 { "ErrorRecoveryLevel", "0", 0 },
1328 { "MaxOutstandingR2T", "1", 0 }
1329 };
1330
1331 if (!iscsiIsClientConnected(pImage))
1332 {
1333 rc = iscsiTransportOpen(pImage);
1334 if (RT_FAILURE(rc))
1335 return rc;
1336 }
1337
1338 pImage->state = ISCSISTATE_IN_LOGIN;
1339 pImage->ITT = 1;
1340 pImage->FirstRecvPDU = true;
1341 pImage->CmdSN = 1;
1342 pImage->ExpCmdSN = 0;
1343 pImage->MaxCmdSN = 1;
1344 pImage->ExpStatSN = 0;
1345
1346 /*
1347 * Send login request to target.
1348 */
1349 itt = iscsiNewITT(pImage);
1350 csg = 0;
1351 nsg = 0;
1352 substate = 0;
1353 isid_tsih = pImage->ISID << 16; /* TSIH field currently always 0 */
1354
1355 do
1356 {
1357 transit = false;
1358 cbBuf = 0;
1359 /* Handle all cases with a single switch statement. */
1360 switch (csg << 8 | substate)
1361 {
1362 case 0x0000: /* security negotiation, step 0: propose authentication. */
1363 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "SessionType", "Normal", 0);
1364 if (RT_FAILURE(rc))
1365 break;
1366 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "InitiatorName", pImage->pszInitiatorName, 0);
1367 if (RT_FAILURE(rc))
1368 break;
1369 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "TargetName", pImage->pszTargetName, 0);
1370 if (RT_FAILURE(rc))
1371 break;
1372 if (pImage->pszInitiatorUsername == NULL)
1373 {
1374 /* No authentication. Immediately switch to next phase. */
1375 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "AuthMethod", "None", 0);
1376 if (RT_FAILURE(rc))
1377 break;
1378 nsg = 1;
1379 transit = true;
1380 }
1381 else
1382 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "AuthMethod", "CHAP,None", 0);
1383 break;
1384 case 0x0001: /* security negotiation, step 1: propose CHAP_MD5 variant. */
1385 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "CHAP_A", "5", 0);
1386 break;
1387 case 0x0002: /* security negotiation, step 2: send authentication info. */
1388 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "CHAP_N", pImage->pszInitiatorUsername, 0);
1389 if (RT_FAILURE(rc))
1390 break;
1391 chap_md5_compute_response(aResponse, bChapIdx, pbChallenge, cbChallenge,
1392 pImage->pbInitiatorSecret, pImage->cbInitiatorSecret);
1393 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf, "CHAP_R", (const char *)aResponse, RTMD5HASHSIZE);
1394 if (RT_FAILURE(rc))
1395 break;
1396 nsg = 1;
1397 transit = true;
1398 break;
1399 case 0x0100: /* login operational negotiation, step 0: set parameters. */
1400 if (fParameterNeg)
1401 {
1402 for (unsigned i = 0; i < RT_ELEMENTS(aParameterNeg); i++)
1403 {
1404 rc = iscsiTextAddKeyValue(bBuf, sizeof(bBuf), &cbBuf,
1405 aParameterNeg[i].pszParamName,
1406 aParameterNeg[i].pszParamValue,
1407 aParameterNeg[i].cbParamValue);
1408 if (RT_FAILURE(rc))
1409 break;
1410 }
1411 fParameterNeg = false;
1412 }
1413
1414 nsg = 3;
1415 transit = true;
1416 break;
1417 case 0x0300: /* full feature phase. */
1418 default:
1419 /* Should never come here. */
1420 AssertMsgFailed(("send: Undefined login state %d substate %d\n", csg, substate));
1421 break;
1422 }
1423
1424 if (RT_FAILURE(rc))
1425 break;
1426
1427 aReqBHS[0] = RT_H2N_U32( ISCSI_IMMEDIATE_DELIVERY_BIT
1428 | (csg << ISCSI_CSG_SHIFT)
1429 | (transit ? (nsg << ISCSI_NSG_SHIFT | ISCSI_TRANSIT_BIT) : 0)
1430 | ISCSI_MY_VERSION /* Minimum version. */
1431 | (ISCSI_MY_VERSION << 8) /* Maximum version. */
1432 | ISCSIOP_LOGIN_REQ); /* C=0 */
1433 aReqBHS[1] = RT_H2N_U32((uint32_t)cbBuf); /* TotalAHSLength=0 */
1434 aReqBHS[2] = RT_H2N_U32(isid_tsih >> 32);
1435 aReqBHS[3] = RT_H2N_U32(isid_tsih & 0xffffffff);
1436 aReqBHS[4] = itt;
1437 aReqBHS[5] = RT_H2N_U32(1 << 16); /* CID=1,reserved */
1438 aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
1439 aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
1440 aReqBHS[8] = 0; /* reserved */
1441 aReqBHS[9] = 0; /* reserved */
1442 aReqBHS[10] = 0; /* reserved */
1443 aReqBHS[11] = 0; /* reserved */
1444
1445 cnISCSIReq = 0;
1446 aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
1447 aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
1448 cnISCSIReq++;
1449
1450 aISCSIReq[cnISCSIReq].pcvSeg = bBuf;
1451 aISCSIReq[cnISCSIReq].cbSeg = cbBuf;
1452 cnISCSIReq++;
1453
1454 rc = iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_NO_REATTACH);
1455 if (RT_SUCCESS(rc))
1456 {
1457 ISCSIOPCODE cmd;
1458 ISCSILOGINSTATUSCLASS loginStatusClass;
1459
1460 cnISCSIRes = 0;
1461 aISCSIRes[cnISCSIRes].pvSeg = aResBHS;
1462 aISCSIRes[cnISCSIRes].cbSeg = sizeof(aResBHS);
1463 cnISCSIRes++;
1464 aISCSIRes[cnISCSIRes].pvSeg = bBuf;
1465 aISCSIRes[cnISCSIRes].cbSeg = sizeof(bBuf);
1466 cnISCSIRes++;
1467
1468 rc = iscsiRecvPDU(pImage, itt, aISCSIRes, cnISCSIRes, ISCSIPDU_NO_REATTACH);
1469 if (RT_FAILURE(rc))
1470 {
1471 /*
1472 * We lost connection to the target while receiving the answer,
1473 * start from the beginning.
1474 */
1475 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1476 rc = VERR_TRY_AGAIN;
1477 break;
1478 }
1479
1480 /** @todo collect partial login responses with Continue bit set. */
1481 Assert(aISCSIRes[0].pvSeg == aResBHS);
1482 Assert(aISCSIRes[0].cbSeg >= ISCSI_BHS_SIZE);
1483 Assert((RT_N2H_U32(aResBHS[0]) & ISCSI_CONTINUE_BIT) == 0);
1484
1485 cmd = (ISCSIOPCODE)(RT_N2H_U32(aResBHS[0]) & ISCSIOP_MASK);
1486 if (cmd == ISCSIOP_LOGIN_RES)
1487 {
1488 if ((RT_N2H_U32(aResBHS[0]) & 0xff) != ISCSI_MY_VERSION)
1489 {
1490 iscsiTransportClose(pImage);
1491 rc = VERR_PARSE_ERROR;
1492 break; /* Give up immediately, as a RFC violation in version fields is very serious. */
1493 }
1494
1495 loginStatusClass = (ISCSILOGINSTATUSCLASS)(RT_N2H_U32(aResBHS[9]) >> 24);
1496 switch (loginStatusClass)
1497 {
1498 case ISCSI_LOGIN_STATUS_CLASS_SUCCESS:
1499 uint32_t targetCSG;
1500 uint32_t targetNSG;
1501 bool targetTransit;
1502
1503 if (pImage->FirstRecvPDU)
1504 {
1505 pImage->FirstRecvPDU = false;
1506 pImage->ExpStatSN = RT_N2H_U32(aResBHS[6]) + 1;
1507 }
1508
1509 targetCSG = (RT_N2H_U32(aResBHS[0]) & ISCSI_CSG_MASK) >> ISCSI_CSG_SHIFT;
1510 targetNSG = (RT_N2H_U32(aResBHS[0]) & ISCSI_NSG_MASK) >> ISCSI_NSG_SHIFT;
1511 targetTransit = !!(RT_N2H_U32(aResBHS[0]) & ISCSI_TRANSIT_BIT);
1512
1513 /* Handle all cases with a single switch statement. */
1514 switch (csg << 8 | substate)
1515 {
1516 case 0x0000: /* security negotiation, step 0: receive final authentication. */
1517 rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1518 if (RT_FAILURE(rc))
1519 break;
1520
1521 const char *pcszAuthMethod;
1522
1523 rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "AuthMethod", &pcszAuthMethod);
1524 if (RT_FAILURE(rc))
1525 {
1526 rc = VERR_PARSE_ERROR;
1527 break;
1528 }
1529 if (strcmp(pcszAuthMethod, "None") == 0)
1530 {
1531 /* Authentication offered, but none required. Skip to operational parameters. */
1532 csg = 1;
1533 nsg = 1;
1534 transit = true;
1535 substate = 0;
1536 break;
1537 }
1538 else if (strcmp(pcszAuthMethod, "CHAP") == 0 && targetNSG == 0 && !targetTransit)
1539 {
1540 /* CHAP authentication required, continue with next substate. */
1541 substate++;
1542 break;
1543 }
1544
1545 /* Unknown auth method or login response PDU headers incorrect. */
1546 rc = VERR_PARSE_ERROR;
1547 break;
1548 case 0x0001: /* security negotiation, step 1: receive final CHAP variant and challenge. */
1549 {
1550 rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1551 if (RT_FAILURE(rc))
1552 break;
1553
1554 const char *pcszChapAuthMethod;
1555 const char *pcszChapIdxTarget;
1556 const char *pcszChapChallengeStr;
1557
1558 rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "CHAP_A", &pcszChapAuthMethod);
1559 if (RT_FAILURE(rc))
1560 {
1561 rc = VERR_PARSE_ERROR;
1562 break;
1563 }
1564 if (strcmp(pcszChapAuthMethod, "5") != 0)
1565 {
1566 rc = VERR_PARSE_ERROR;
1567 break;
1568 }
1569 rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "CHAP_I", &pcszChapIdxTarget);
1570 if (RT_FAILURE(rc))
1571 {
1572 rc = VERR_PARSE_ERROR;
1573 break;
1574 }
1575 rc = RTStrToUInt8Ex(pcszChapIdxTarget, &pszNext, 0, &bChapIdx);
1576/** @todo r=bird: Unsafe use of pszNext on failure. The code should probably
1577 * use RTStrToUInt8Full and check for rc != VINF_SUCCESS. */
1578 if (rc > VINF_SUCCESS || *pszNext != '\0')
1579 {
1580 rc = VERR_PARSE_ERROR;
1581 break;
1582 }
1583 rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "CHAP_C", &pcszChapChallengeStr);
1584 if (RT_FAILURE(rc))
1585 {
1586 rc = VERR_PARSE_ERROR;
1587 break;
1588 }
1589 cbChallenge = sizeof(pbChallenge);
1590 rc = iscsiStrToBinary(pcszChapChallengeStr, pbChallenge, &cbChallenge);
1591 if (RT_FAILURE(rc))
1592 break;
1593 substate++;
1594 transit = true;
1595 break;
1596 }
1597 case 0x0002: /* security negotiation, step 2: check authentication success. */
1598 rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1599 if (RT_FAILURE(rc))
1600 break;
1601
1602 if (targetCSG == 0 && targetNSG == 1 && targetTransit)
1603 {
1604 /* Target wants to continue in login operational state, authentication success. */
1605 csg = 1;
1606 nsg = 3;
1607 substate = 0;
1608 break;
1609 }
1610 rc = VERR_PARSE_ERROR;
1611 break;
1612 case 0x0100: /* login operational negotiation, step 0: check results. */
1613 rc = iscsiUpdateParameters(pImage, bBuf, aISCSIRes[1].cbSeg);
1614 if (RT_FAILURE(rc))
1615 break;
1616
1617 if (targetCSG == 1 && targetNSG == 3 && targetTransit)
1618 {
1619 /* Target wants to continue in full feature phase, login finished. */
1620 csg = 3;
1621 nsg = 3;
1622 substate = 0;
1623 break;
1624 }
1625 else if (targetCSG == 1 && (targetNSG == 1 || !targetTransit))
1626 {
1627 /* Target wants to negotiate certain parameters and
1628 * stay in login operational negotiation. */
1629 csg = 1;
1630 nsg = 3;
1631 substate = 0;
1632 break;
1633 }
1634 rc = VERR_PARSE_ERROR;
1635 break;
1636 case 0x0300: /* full feature phase. */
1637 default:
1638 AssertMsgFailed(("recv: Undefined login state %d substate %d\n", csg, substate));
1639 rc = VERR_PARSE_ERROR;
1640 break;
1641 }
1642 break;
1643 case ISCSI_LOGIN_STATUS_CLASS_REDIRECTION:
1644 const char *pcszTargetRedir;
1645
1646 /* Target has moved to some other location, as indicated in the TargetAddress key. */
1647 rc = iscsiTextGetKeyValue(bBuf, aISCSIRes[1].cbSeg, "TargetAddress", &pcszTargetRedir);
1648 if (RT_FAILURE(rc))
1649 {
1650 rc = VERR_PARSE_ERROR;
1651 break;
1652 }
1653 if (pImage->pszTargetAddress)
1654 RTMemFree(pImage->pszTargetAddress);
1655 {
1656 size_t cb = strlen(pcszTargetRedir) + 1;
1657 pImage->pszTargetAddress = (char *)RTMemAlloc(cb);
1658 if (!pImage->pszTargetAddress)
1659 {
1660 rc = VERR_NO_MEMORY;
1661 break;
1662 }
1663 memcpy(pImage->pszTargetAddress, pcszTargetRedir, cb);
1664 }
1665 rc = VINF_TRY_AGAIN;
1666 break;
1667 case ISCSI_LOGIN_STATUS_CLASS_INITIATOR_ERROR:
1668 {
1669 LogRel(("iSCSI: login to target failed with: %s\n",
1670 iscsiGetLoginErrorDetail((RT_N2H_U32(aResBHS[9]) >> 16) & 0xff)));
1671 iscsiTransportClose(pImage);
1672 rc = VERR_IO_GEN_FAILURE;
1673 break;
1674 }
1675 case ISCSI_LOGIN_STATUS_CLASS_TARGET_ERROR:
1676 iscsiTransportClose(pImage);
1677 rc = VINF_EOF;
1678 break;
1679 default:
1680 rc = VERR_PARSE_ERROR;
1681 }
1682
1683 if (RT_FAILURE(rc) || rc == VINF_TRY_AGAIN)
1684 break;
1685
1686 if (csg == 3)
1687 {
1688 /*
1689 * Finished login, continuing with Full Feature Phase.
1690 */
1691 rc = VINF_SUCCESS;
1692 break;
1693 }
1694 }
1695 else
1696 AssertMsgFailed(("%s: ignoring unexpected PDU with first word = %#08x\n", __FUNCTION__, RT_N2H_U32(aResBHS[0])));
1697 }
1698 else
1699 break;
1700 } while (true);
1701
1702 if ( RT_FAILURE(rc)
1703 && rc != VERR_TRY_AGAIN)
1704 {
1705 /*
1706 * Dump the last request and response of we are supposed to do so and there is a request
1707 * or response.
1708 */
1709 if (cnISCSIReq)
1710 iscsiDumpPacket(pImage, aISCSIReq, cnISCSIReq, VINF_SUCCESS, true /* fRequest */);
1711
1712 if (cnISCSIRes)
1713 iscsiDumpPacket(pImage, (PISCSIREQ)aISCSIRes, cnISCSIRes, rc, false /* fRequest */);
1714
1715 /*
1716 * Close connection to target.
1717 */
1718 iscsiTransportClose(pImage);
1719 pImage->state = ISCSISTATE_FREE;
1720 }
1721 else if (rc == VINF_SUCCESS)
1722 pImage->state = ISCSISTATE_NORMAL;
1723
1724 return rc;
1725}
1726
1727/**
1728 * Attach to an iSCSI target. Performs all operations necessary to enter
1729 * Full Feature Phase.
1730 *
1731 * @returns VBox status code.
1732 * @param pvUser The iSCSI connection state to be used as opaque user data.
1733 */
1734static DECLCALLBACK(int) iscsiAttach(void *pvUser)
1735{
1736 int rc = VINF_SUCCESS;
1737 unsigned cRetries = 5;
1738 PISCSIIMAGE pImage = (PISCSIIMAGE)pvUser;
1739
1740 LogFlowFunc(("entering\n"));
1741
1742 Assert(pImage->state == ISCSISTATE_FREE);
1743
1744 /*
1745 * If there were too many logins without any successful I/O just fail
1746 * and assume the target is not working properly.
1747 */
1748 if (ASMAtomicReadU32(&pImage->cLoginsSinceIo) == 3)
1749 return VERR_BROKEN_PIPE;
1750
1751 RTSemMutexRequest(pImage->Mutex, RT_INDEFINITE_WAIT);
1752
1753 /* Make 100% sure the connection isn't reused for a new login. */
1754 iscsiTransportClose(pImage);
1755
1756 /* Try to log in a few number of times. */
1757 while (cRetries > 0)
1758 {
1759 rc = iscsiLogin(pImage);
1760 if (rc == VINF_SUCCESS) /* Login succeeded, continue with full feature phase. */
1761 break;
1762 else if (rc == VERR_TRY_AGAIN) /* Lost connection during receive. */
1763 cRetries--;
1764 else if (RT_FAILURE(rc))
1765 break;
1766 else /* For redirects try again. */
1767 AssertMsg(rc == VINF_TRY_AGAIN, ("Unexpected status code %Rrc\n", rc));
1768 }
1769
1770 if (RT_SUCCESS(rc))
1771 ASMAtomicIncU32(&pImage->cLoginsSinceIo);
1772
1773 RTSemMutexRelease(pImage->Mutex);
1774
1775 LogFlowFunc(("returning %Rrc\n", rc));
1776 LogRel(("iSCSI: login to target %s %s (%Rrc)\n", pImage->pszTargetName, RT_SUCCESS(rc) ? "successful" : "failed", rc));
1777 return rc;
1778}
1779
1780
1781/**
1782 * Detach from an iSCSI target.
1783 *
1784 * @returns VBox status code.
1785 * @param pvUser The iSCSI connection state to be used as opaque user data.
1786 */
1787static DECLCALLBACK(int) iscsiDetach(void *pvUser)
1788{
1789 int rc;
1790 uint32_t itt;
1791 uint32_t cnISCSIReq = 0;
1792 ISCSIREQ aISCSIReq[4];
1793 uint32_t aReqBHS[12];
1794 PISCSIIMAGE pImage = (PISCSIIMAGE)pvUser;
1795
1796 LogFlowFunc(("entering\n"));
1797
1798 RTSemMutexRequest(pImage->Mutex, RT_INDEFINITE_WAIT);
1799
1800 if (pImage->state != ISCSISTATE_FREE && pImage->state != ISCSISTATE_IN_LOGOUT)
1801 {
1802 pImage->state = ISCSISTATE_IN_LOGOUT;
1803
1804 /*
1805 * Send logout request to target.
1806 */
1807 itt = iscsiNewITT(pImage);
1808 aReqBHS[0] = RT_H2N_U32(ISCSI_FINAL_BIT | ISCSIOP_LOGOUT_REQ); /* I=0,F=1,Reason=close session */
1809 aReqBHS[1] = RT_H2N_U32(0); /* TotalAHSLength=0,DataSementLength=0 */
1810 aReqBHS[2] = 0; /* reserved */
1811 aReqBHS[3] = 0; /* reserved */
1812 aReqBHS[4] = itt;
1813 aReqBHS[5] = 0; /* reserved */
1814 aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
1815 aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
1816 aReqBHS[8] = 0; /* reserved */
1817 aReqBHS[9] = 0; /* reserved */
1818 aReqBHS[10] = 0; /* reserved */
1819 aReqBHS[11] = 0; /* reserved */
1820 pImage->CmdSN++;
1821
1822 aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
1823 aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
1824 cnISCSIReq++;
1825
1826 rc = iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_NO_REATTACH);
1827 if (RT_SUCCESS(rc))
1828 {
1829 /*
1830 * Read logout response from target.
1831 */
1832 ISCSIRES aISCSIRes;
1833 uint32_t aResBHS[12];
1834
1835 aISCSIRes.pvSeg = aResBHS;
1836 aISCSIRes.cbSeg = sizeof(aResBHS);
1837 rc = iscsiRecvPDU(pImage, itt, &aISCSIRes, 1, ISCSIPDU_NO_REATTACH);
1838 if (RT_SUCCESS(rc))
1839 {
1840 if (RT_N2H_U32(aResBHS[0]) != (ISCSI_FINAL_BIT | ISCSIOP_LOGOUT_RES))
1841 AssertMsgFailed(("iSCSI Logout response invalid\n"));
1842 }
1843 else
1844 AssertMsgFailed(("iSCSI Logout response error, rc=%Rrc\n", rc));
1845 }
1846 else
1847 AssertMsgFailed(("Could not send iSCSI Logout request, rc=%Rrc\n", rc));
1848 }
1849
1850 if (pImage->state != ISCSISTATE_FREE)
1851 {
1852 /*
1853 * Close connection to target.
1854 */
1855 rc = iscsiTransportClose(pImage);
1856 if (RT_FAILURE(rc))
1857 AssertMsgFailed(("Could not close connection to target, rc=%Rrc\n", rc));
1858 }
1859
1860 pImage->state = ISCSISTATE_FREE;
1861
1862 RTSemMutexRelease(pImage->Mutex);
1863
1864 LogFlowFunc(("leaving\n"));
1865 LogRel(("iSCSI: logout to target %s\n", pImage->pszTargetName));
1866 return VINF_SUCCESS;
1867}
1868
1869
1870/**
1871 * Perform a command on an iSCSI target. Target must be already in
1872 * Full Feature Phase.
1873 *
1874 * @returns VBox status code.
1875 * @param pImage The iSCSI connection state to be used.
1876 * @param pRequest Command descriptor. Contains all information about
1877 * the command, its transfer directions and pointers
1878 * to the buffer(s) used for transferring data and
1879 * status information.
1880 */
1881static int iscsiCommand(PISCSIIMAGE pImage, PSCSIREQ pRequest)
1882{
1883 int rc;
1884 uint32_t itt;
1885 uint32_t cbData;
1886 uint32_t cnISCSIReq = 0;
1887 ISCSIREQ aISCSIReq[4];
1888 uint32_t aReqBHS[12];
1889
1890 uint32_t *pDst = NULL;
1891 size_t cbBufLength;
1892 uint32_t aStatus[256]; /**< Plenty of buffer for status information. */
1893 uint32_t ExpDataSN = 0;
1894 bool final = false;
1895
1896
1897 LogFlowFunc(("entering, CmdSN=%d\n", pImage->CmdSN));
1898
1899 Assert(pRequest->enmXfer != SCSIXFER_TO_FROM_TARGET); /**< @todo not yet supported, would require AHS. */
1900 Assert(pRequest->cbI2TData <= 0xffffff); /* larger transfers would require R2T support. */
1901 Assert(pRequest->cbCDB <= 16); /* would cause buffer overrun below. */
1902
1903 /* If not in normal state, then the transport connection was dropped. Try
1904 * to reestablish by logging in, the target might be responsive again. */
1905 if (pImage->state == ISCSISTATE_FREE)
1906 rc = iscsiAttach(pImage);
1907
1908 /* If still not in normal state, then the underlying transport connection
1909 * cannot be established. Get out before bad things happen (and make
1910 * sure the caller suspends the VM again). */
1911 if (pImage->state == ISCSISTATE_NORMAL)
1912 {
1913 /*
1914 * Send SCSI command to target with all I2T data included.
1915 */
1916 cbData = 0;
1917 if (pRequest->enmXfer == SCSIXFER_FROM_TARGET)
1918 cbData = (uint32_t)pRequest->cbT2IData;
1919 else
1920 cbData = (uint32_t)pRequest->cbI2TData;
1921
1922 RTSemMutexRequest(pImage->Mutex, RT_INDEFINITE_WAIT);
1923
1924 itt = iscsiNewITT(pImage);
1925 memset(aReqBHS, 0, sizeof(aReqBHS));
1926 aReqBHS[0] = RT_H2N_U32( ISCSI_FINAL_BIT | ISCSI_TASK_ATTR_SIMPLE | ISCSIOP_SCSI_CMD
1927 | (pRequest->enmXfer << 21)); /* I=0,F=1,Attr=Simple */
1928 aReqBHS[1] = RT_H2N_U32(0x00000000 | ((uint32_t)pRequest->cbI2TData & 0xffffff)); /* TotalAHSLength=0 */
1929 aReqBHS[2] = RT_H2N_U32(pImage->LUN >> 32);
1930 aReqBHS[3] = RT_H2N_U32(pImage->LUN & 0xffffffff);
1931 aReqBHS[4] = itt;
1932 aReqBHS[5] = RT_H2N_U32(cbData);
1933 aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
1934 aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
1935 memcpy(aReqBHS + 8, pRequest->abCDB, pRequest->cbCDB);
1936 pImage->CmdSN++;
1937
1938 aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
1939 aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
1940 cnISCSIReq++;
1941
1942 if ( pRequest->enmXfer == SCSIXFER_TO_TARGET
1943 || pRequest->enmXfer == SCSIXFER_TO_FROM_TARGET)
1944 {
1945 Assert(pRequest->cI2TSegs == 1);
1946 aISCSIReq[cnISCSIReq].pcvSeg = pRequest->paI2TSegs[0].pvSeg;
1947 aISCSIReq[cnISCSIReq].cbSeg = pRequest->paI2TSegs[0].cbSeg; /* Padding done by transport. */
1948 cnISCSIReq++;
1949 }
1950
1951 rc = iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_DEFAULT);
1952 if (RT_SUCCESS(rc))
1953 {
1954 /* Place SCSI request in queue. */
1955 pImage->paCurrReq = aISCSIReq;
1956 pImage->cnCurrReq = cnISCSIReq;
1957
1958 /*
1959 * Read SCSI response/data in PDUs from target.
1960 */
1961 if ( pRequest->enmXfer == SCSIXFER_FROM_TARGET
1962 || pRequest->enmXfer == SCSIXFER_TO_FROM_TARGET)
1963 {
1964 Assert(pRequest->cT2ISegs == 1);
1965 pDst = (uint32_t *)pRequest->paT2ISegs[0].pvSeg;
1966 cbBufLength = pRequest->paT2ISegs[0].cbSeg;
1967 }
1968 else
1969 cbBufLength = 0;
1970
1971 do
1972 {
1973 uint32_t cnISCSIRes = 0;
1974 ISCSIRES aISCSIRes[4];
1975 uint32_t aResBHS[12];
1976
1977 aISCSIRes[cnISCSIRes].pvSeg = aResBHS;
1978 aISCSIRes[cnISCSIRes].cbSeg = sizeof(aResBHS);
1979 cnISCSIRes++;
1980 if (cbBufLength != 0 &&
1981 ( pRequest->enmXfer == SCSIXFER_FROM_TARGET
1982 || pRequest->enmXfer == SCSIXFER_TO_FROM_TARGET))
1983 {
1984 aISCSIRes[cnISCSIRes].pvSeg = pDst;
1985 aISCSIRes[cnISCSIRes].cbSeg = cbBufLength;
1986 cnISCSIRes++;
1987 }
1988 /* Always reserve space for the status - it's impossible to tell
1989 * beforehand whether this will be the final PDU or not. */
1990 aISCSIRes[cnISCSIRes].pvSeg = aStatus;
1991 aISCSIRes[cnISCSIRes].cbSeg = sizeof(aStatus);
1992 cnISCSIRes++;
1993
1994 rc = iscsiRecvPDU(pImage, itt, aISCSIRes, cnISCSIRes, ISCSIPDU_DEFAULT);
1995 if (RT_FAILURE(rc))
1996 break;
1997
1998 final = !!(RT_N2H_U32(aResBHS[0]) & ISCSI_FINAL_BIT);
1999 ISCSIOPCODE cmd = (ISCSIOPCODE)(RT_N2H_U32(aResBHS[0]) & ISCSIOP_MASK);
2000 if (cmd == ISCSIOP_SCSI_RES)
2001 {
2002 /* This is the final PDU which delivers the status (and may be omitted if
2003 * the last Data-In PDU included successful completion status). Note
2004 * that ExpStatSN has been bumped already in iscsiRecvPDU. */
2005 if (!final || ((RT_N2H_U32(aResBHS[0]) & 0x0000ff00) != 0) || (RT_N2H_U32(aResBHS[6]) != pImage->ExpStatSN - 1))
2006 {
2007 /* SCSI Response in the wrong place or with a (target) failure. */
2008 rc = VERR_PARSE_ERROR;
2009 break;
2010 }
2011 /* The following is a bit tricky, as in error situations we may
2012 * get the status only instead of the result data plus optional
2013 * status. Thus the status may have ended up partially in the
2014 * data area. */
2015 pRequest->status = RT_N2H_U32(aResBHS[0]) & 0x000000ff;
2016 cbData = RT_N2H_U32(aResBHS[1]) & 0x00ffffff;
2017 if (cbData >= 2)
2018 {
2019 uint32_t cbStat = RT_N2H_U32(((uint32_t *)aISCSIRes[1].pvSeg)[0]) >> 16;
2020 if (cbStat + 2 > cbData)
2021 {
2022 rc = VERR_BUFFER_OVERFLOW;
2023 break;
2024 }
2025 /* Truncate sense data if it doesn't fit into the buffer. */
2026 pRequest->cbSense = RT_MIN(cbStat, pRequest->cbSense);
2027 memcpy(pRequest->abSense,
2028 ((const char *)aISCSIRes[1].pvSeg) + 2,
2029 RT_MIN(aISCSIRes[1].cbSeg - 2, pRequest->cbSense));
2030 if ( cnISCSIRes > 2 && aISCSIRes[2].cbSeg
2031 && (ssize_t)pRequest->cbSense - aISCSIRes[1].cbSeg + 2 > 0)
2032 {
2033 memcpy((char *)pRequest->abSense + aISCSIRes[1].cbSeg - 2,
2034 aISCSIRes[2].pvSeg,
2035 pRequest->cbSense - aISCSIRes[1].cbSeg + 2);
2036 }
2037 }
2038 else if (cbData == 1)
2039 {
2040 rc = VERR_PARSE_ERROR;
2041 break;
2042 }
2043 else
2044 pRequest->cbSense = 0;
2045 break;
2046 }
2047 else if (cmd == ISCSIOP_SCSI_DATA_IN)
2048 {
2049 /* A Data-In PDU carries some data that needs to be added to the received
2050 * data in response to the command. There may be both partial and complete
2051 * Data-In PDUs, so collect data until the status is included or the status
2052 * is sent in a separate SCSI Result frame (see above). */
2053 if (final && aISCSIRes[2].cbSeg != 0)
2054 {
2055 /* The received PDU is partially stored in the buffer for status.
2056 * Must not happen under normal circumstances and is a target error. */
2057 rc = VERR_BUFFER_OVERFLOW;
2058 break;
2059 }
2060 uint32_t len = RT_N2H_U32(aResBHS[1]) & 0x00ffffff;
2061 pDst = (uint32_t *)((char *)pDst + len);
2062 cbBufLength -= len;
2063 ExpDataSN++;
2064 if (final && (RT_N2H_U32(aResBHS[0]) & ISCSI_STATUS_BIT) != 0)
2065 {
2066 pRequest->status = RT_N2H_U32(aResBHS[0]) & 0x000000ff;
2067 pRequest->cbSense = 0;
2068 break;
2069 }
2070 }
2071 else
2072 {
2073 rc = VERR_PARSE_ERROR;
2074 break;
2075 }
2076 } while (true);
2077
2078 /* Remove SCSI request from queue. */
2079 pImage->paCurrReq = NULL;
2080 pImage->cnCurrReq = 0;
2081 }
2082
2083 if (rc == VERR_TIMEOUT)
2084 {
2085 /* Drop connection in case the target plays dead. Much better than
2086 * delaying the next requests until the timed out command actually
2087 * finishes. Also keep in mind that command shouldn't take longer than
2088 * about 30-40 seconds, or the guest will lose its patience. */
2089 iscsiTransportClose(pImage);
2090 pImage->state = ISCSISTATE_FREE;
2091 rc = VERR_BROKEN_PIPE;
2092 }
2093 RTSemMutexRelease(pImage->Mutex);
2094 }
2095 else
2096 rc = VERR_NET_CONNECTION_REFUSED;
2097
2098 if (RT_SUCCESS(rc))
2099 ASMAtomicWriteU32(&pImage->cLoginsSinceIo, 0);
2100 LogFlowFunc(("returns %Rrc\n", rc));
2101 return rc;
2102}
2103
2104
2105/**
2106 * Generate a new Initiator Task Tag.
2107 *
2108 * @returns Initiator Task Tag.
2109 * @param pImage The iSCSI connection state to be used.
2110 */
2111static uint32_t iscsiNewITT(PISCSIIMAGE pImage)
2112{
2113 uint32_t next_itt;
2114
2115 next_itt = pImage->ITT++;
2116 if (pImage->ITT == ISCSI_TASK_TAG_RSVD)
2117 pImage->ITT = 0;
2118 return RT_H2N_U32(next_itt);
2119}
2120
2121
2122/**
2123 * Send an iSCSI request. The request can consist of several segments, which
2124 * are padded to 4 byte boundaries and concatenated.
2125 *
2126 * @returns VBOX status
2127 * @param pImage The iSCSI connection state to be used.
2128 * @param paReq Pointer to array of iSCSI request sections.
2129 * @param cnReq Number of valid iSCSI request sections in the array.
2130 * @param uFlags Flags controlling the exact send semantics.
2131 */
2132static int iscsiSendPDU(PISCSIIMAGE pImage, PISCSIREQ paReq, uint32_t cnReq,
2133 uint32_t uFlags)
2134{
2135 int rc = VINF_SUCCESS;
2136 /** @todo return VERR_VD_ISCSI_INVALID_STATE in the appropriate situations,
2137 * needs cleaning up of timeout/disconnect handling a bit, as otherwise
2138 * too many incorrect errors are signalled. */
2139 Assert(cnReq >= 1);
2140 Assert(paReq[0].cbSeg >= ISCSI_BHS_SIZE);
2141
2142 for (uint32_t i = 0; i < pImage->cISCSIRetries; i++)
2143 {
2144 rc = iscsiTransportWrite(pImage, paReq, cnReq);
2145 if (RT_SUCCESS(rc))
2146 break;
2147 if ( (uFlags & ISCSIPDU_NO_REATTACH)
2148 || (rc != VERR_BROKEN_PIPE && rc != VERR_NET_CONNECTION_REFUSED))
2149 break;
2150 /* No point in reestablishing the connection for a logout */
2151 if (pImage->state == ISCSISTATE_IN_LOGOUT)
2152 break;
2153 RTThreadSleep(500);
2154 if (pImage->state != ISCSISTATE_IN_LOGIN)
2155 {
2156 /* Attempt to re-login when a connection fails, but only when not
2157 * currently logging in. */
2158 rc = iscsiAttach(pImage);
2159 if (RT_FAILURE(rc))
2160 break;
2161 }
2162 }
2163 return rc;
2164}
2165
2166
2167/**
2168 * Wait for an iSCSI response with a matching Initiator Target Tag. The response is
2169 * split into several segments, as requested by the caller-provided buffer specification.
2170 * Remember that the response can be split into several PDUs by the sender, so make
2171 * sure that all parts are collected and processed appropriately by the caller.
2172 *
2173 * @returns VBOX status
2174 * @param pImage The iSCSI connection state to be used.
2175 * @param itt The initiator task tag.
2176 * @param paRes Pointer to array of iSCSI response sections.
2177 * @param cnRes Number of valid iSCSI response sections in the array.
2178 * @param fRecvFlags PDU receive flags.
2179 */
2180static int iscsiRecvPDU(PISCSIIMAGE pImage, uint32_t itt, PISCSIRES paRes, uint32_t cnRes,
2181 uint32_t fRecvFlags)
2182{
2183 int rc = VINF_SUCCESS;
2184 ISCSIRES aResBuf;
2185
2186 for (uint32_t i = 0; i < pImage->cISCSIRetries; i++)
2187 {
2188 aResBuf.pvSeg = pImage->pvRecvPDUBuf;
2189 aResBuf.cbSeg = pImage->cbRecvPDUBuf;
2190 rc = iscsiTransportRead(pImage, &aResBuf, 1);
2191 if (RT_FAILURE(rc))
2192 {
2193 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
2194 {
2195 /* No point in reestablishing the connection for a logout */
2196 if (pImage->state == ISCSISTATE_IN_LOGOUT)
2197 break;
2198 /* Connection broken while waiting for a response - wait a while and
2199 * try to restart by re-sending the original request (if any).
2200 * This also handles the connection reestablishment (login etc.). */
2201 RTThreadSleep(500);
2202 if ( pImage->state != ISCSISTATE_IN_LOGIN
2203 && !(fRecvFlags & ISCSIPDU_NO_REATTACH))
2204 {
2205 /* Attempt to re-login when a connection fails, but only when not
2206 * currently logging in. */
2207 rc = iscsiAttach(pImage);
2208 if (RT_FAILURE(rc))
2209 break;
2210
2211 if (pImage->paCurrReq != NULL)
2212 {
2213 rc = iscsiSendPDU(pImage, pImage->paCurrReq, pImage->cnCurrReq, ISCSIPDU_DEFAULT);
2214 if (RT_FAILURE(rc))
2215 break;
2216 }
2217 }
2218 }
2219 else
2220 {
2221 /* Signal other errors (VERR_BUFFER_OVERFLOW etc.) to the caller. */
2222 break;
2223 }
2224 }
2225 else
2226 {
2227 ISCSIOPCODE cmd;
2228 const uint32_t *pcvResSeg = (const uint32_t *)aResBuf.pvSeg;
2229
2230 /* Check whether the received PDU is valid, and update the internal state of
2231 * the iSCSI connection/session. */
2232 rc = iscsiValidatePDU(&aResBuf, 1);
2233 if (RT_FAILURE(rc))
2234 {
2235 iscsiDumpPacket(pImage, (PISCSIREQ)&aResBuf, 1, rc, false /* fRequest */);
2236 continue;
2237 }
2238 cmd = (ISCSIOPCODE)(RT_N2H_U32(pcvResSeg[0]) & ISCSIOP_MASK);
2239 switch (cmd)
2240 {
2241 case ISCSIOP_SCSI_RES:
2242 case ISCSIOP_SCSI_TASKMGMT_RES:
2243 case ISCSIOP_SCSI_DATA_IN:
2244 case ISCSIOP_R2T:
2245 case ISCSIOP_ASYN_MSG:
2246 case ISCSIOP_TEXT_RES:
2247 case ISCSIOP_LOGIN_RES:
2248 case ISCSIOP_LOGOUT_RES:
2249 case ISCSIOP_REJECT:
2250 case ISCSIOP_NOP_IN:
2251 if (serial_number_less(pImage->MaxCmdSN, RT_N2H_U32(pcvResSeg[8])))
2252 pImage->MaxCmdSN = RT_N2H_U32(pcvResSeg[8]);
2253 if (serial_number_less(pImage->ExpCmdSN, RT_N2H_U32(pcvResSeg[7])))
2254 pImage->ExpCmdSN = RT_N2H_U32(pcvResSeg[7]);
2255 break;
2256 default:
2257 rc = VERR_PARSE_ERROR;
2258 iscsiDumpPacket(pImage, (PISCSIREQ)&aResBuf, 1, rc, false /* fRequest */);
2259 }
2260 if (RT_FAILURE(rc))
2261 continue;
2262 if ( !pImage->FirstRecvPDU
2263 && (cmd != ISCSIOP_SCSI_DATA_IN || (RT_N2H_U32(pcvResSeg[0]) & ISCSI_STATUS_BIT))
2264 && ( cmd != ISCSIOP_LOGIN_RES
2265 || (ISCSILOGINSTATUSCLASS)((RT_N2H_U32(pcvResSeg[9]) >> 24) == ISCSI_LOGIN_STATUS_CLASS_SUCCESS)))
2266 {
2267 if (pImage->ExpStatSN == RT_N2H_U32(pcvResSeg[6]))
2268 {
2269 /* StatSN counter is not advanced on R2T and on a target SN update NOP-In. */
2270 if ( (cmd != ISCSIOP_R2T)
2271 && ((cmd != ISCSIOP_NOP_IN) || (RT_N2H_U32(pcvResSeg[4]) != ISCSI_TASK_TAG_RSVD)))
2272 pImage->ExpStatSN++;
2273 }
2274 else
2275 {
2276 rc = VERR_PARSE_ERROR;
2277 iscsiDumpPacket(pImage, (PISCSIREQ)&aResBuf, 1, rc, false /* fRequest */);
2278 continue;
2279 }
2280 }
2281 /* Finally check whether the received PDU matches what the caller wants. */
2282 if ( itt == pcvResSeg[4]
2283 && itt != ISCSI_TASK_TAG_RSVD)
2284 {
2285 /* Copy received PDU (one segment) to caller-provided buffers. */
2286 uint32_t j;
2287 size_t cbSeg;
2288 const uint8_t *pSrc;
2289
2290 pSrc = (const uint8_t *)aResBuf.pvSeg;
2291 cbSeg = aResBuf.cbSeg;
2292 for (j = 0; j < cnRes; j++)
2293 {
2294 if (cbSeg > paRes[j].cbSeg)
2295 {
2296 memcpy(paRes[j].pvSeg, pSrc, paRes[j].cbSeg);
2297 pSrc += paRes[j].cbSeg;
2298 cbSeg -= paRes[j].cbSeg;
2299 }
2300 else
2301 {
2302 memcpy(paRes[j].pvSeg, pSrc, cbSeg);
2303 paRes[j].cbSeg = cbSeg;
2304 cbSeg = 0;
2305 break;
2306 }
2307 }
2308 if (cbSeg != 0)
2309 {
2310 rc = VERR_BUFFER_OVERFLOW;
2311 break;
2312 }
2313 for (j++; j < cnRes; j++)
2314 paRes[j].cbSeg = 0;
2315 break;
2316 }
2317 else if ( cmd == ISCSIOP_NOP_IN
2318 && RT_N2H_U32(pcvResSeg[5]) != ISCSI_TASK_TAG_RSVD)
2319 {
2320 uint32_t cnISCSIReq;
2321 ISCSIREQ aISCSIReq[4];
2322 uint32_t aReqBHS[12];
2323
2324 aReqBHS[0] = RT_H2N_U32(ISCSI_IMMEDIATE_DELIVERY_BIT | ISCSI_FINAL_BIT | ISCSIOP_NOP_OUT);
2325 aReqBHS[1] = RT_H2N_U32(0); /* TotalAHSLength=0,DataSementLength=0 */
2326 aReqBHS[2] = pcvResSeg[2]; /* copy LUN from NOP-In */
2327 aReqBHS[3] = pcvResSeg[3]; /* copy LUN from NOP-In */
2328 aReqBHS[4] = RT_H2N_U32(ISCSI_TASK_TAG_RSVD); /* ITT, reply */
2329 aReqBHS[5] = pcvResSeg[5]; /* copy TTT from NOP-In */
2330 aReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
2331 aReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
2332 aReqBHS[8] = 0; /* reserved */
2333 aReqBHS[9] = 0; /* reserved */
2334 aReqBHS[10] = 0; /* reserved */
2335 aReqBHS[11] = 0; /* reserved */
2336
2337 cnISCSIReq = 0;
2338 aISCSIReq[cnISCSIReq].pcvSeg = aReqBHS;
2339 aISCSIReq[cnISCSIReq].cbSeg = sizeof(aReqBHS);
2340 cnISCSIReq++;
2341
2342 iscsiSendPDU(pImage, aISCSIReq, cnISCSIReq, ISCSIPDU_NO_REATTACH);
2343 /* Break if the caller wanted to process the NOP-in only. */
2344 if (itt == ISCSI_TASK_TAG_RSVD)
2345 break;
2346 }
2347 }
2348 }
2349
2350 LogFlowFunc(("returns rc=%Rrc\n", rc));
2351 return rc;
2352}
2353
2354
2355/**
2356 * Reset the PDU buffer
2357 *
2358 * @param pImage The iSCSI connection state to be used.
2359 */
2360static void iscsiRecvPDUReset(PISCSIIMAGE pImage)
2361{
2362 pImage->cbRecvPDUResidual = ISCSI_BHS_SIZE;
2363 pImage->fRecvPDUBHS = true;
2364 pImage->pbRecvPDUBufCur = (uint8_t *)pImage->pvRecvPDUBuf;
2365}
2366
2367static void iscsiPDUTxAdd(PISCSIIMAGE pImage, PISCSIPDUTX pIScsiPDUTx, bool fFront)
2368{
2369 if (!fFront)
2370 {
2371 /* Insert PDU at the tail of the list. */
2372 if (!pImage->pIScsiPDUTxHead)
2373 pImage->pIScsiPDUTxHead = pIScsiPDUTx;
2374 else
2375 pImage->pIScsiPDUTxTail->pNext = pIScsiPDUTx;
2376 pImage->pIScsiPDUTxTail = pIScsiPDUTx;
2377 }
2378 else
2379 {
2380 /* Insert PDU at the beginning of the list. */
2381 pIScsiPDUTx->pNext = pImage->pIScsiPDUTxHead;
2382 pImage->pIScsiPDUTxHead = pIScsiPDUTx;
2383 if (!pImage->pIScsiPDUTxTail)
2384 pImage->pIScsiPDUTxTail = pIScsiPDUTx;
2385 }
2386}
2387
2388/**
2389 * Receives a PDU in a non blocking way.
2390 *
2391 * @returns VBOX status code.
2392 * @param pImage The iSCSI connection state to be used.
2393 */
2394static int iscsiRecvPDUAsync(PISCSIIMAGE pImage)
2395{
2396 size_t cbActuallyRead = 0;
2397 int rc = VINF_SUCCESS;
2398
2399 LogFlowFunc(("pImage=%#p\n", pImage));
2400
2401 /* Check if we are in the middle of a PDU receive. */
2402 if (pImage->cbRecvPDUResidual == 0)
2403 {
2404 /*
2405 * We are receiving a new PDU, don't read more than the BHS initially
2406 * until we know the real size of the PDU.
2407 */
2408 iscsiRecvPDUReset(pImage);
2409 LogFlow(("Receiving new PDU\n"));
2410 }
2411
2412 rc = pImage->pIfNet->pfnReadNB(pImage->Socket, pImage->pbRecvPDUBufCur,
2413 pImage->cbRecvPDUResidual, &cbActuallyRead);
2414 if (RT_SUCCESS(rc) && cbActuallyRead == 0)
2415 rc = VERR_BROKEN_PIPE;
2416
2417 if (RT_SUCCESS(rc))
2418 {
2419 LogFlow(("Received %zu bytes\n", cbActuallyRead));
2420 pImage->cbRecvPDUResidual -= cbActuallyRead;
2421 pImage->pbRecvPDUBufCur += cbActuallyRead;
2422
2423 /* Check if we received everything we wanted. */
2424 if ( !pImage->cbRecvPDUResidual
2425 && pImage->fRecvPDUBHS)
2426 {
2427 size_t cbAHSLength, cbDataLength;
2428
2429 /* If we were reading the BHS first get the actual PDU size now. */
2430 uint32_t word1 = RT_N2H_U32(((uint32_t *)(pImage->pvRecvPDUBuf))[1]);
2431 cbAHSLength = (word1 & 0xff000000) >> 24;
2432 cbAHSLength = ((cbAHSLength - 1) | 3) + 1; /* Add padding. */
2433 cbDataLength = word1 & 0x00ffffff;
2434 cbDataLength = ((cbDataLength - 1) | 3) + 1; /* Add padding. */
2435 pImage->cbRecvPDUResidual = cbAHSLength + cbDataLength;
2436 pImage->fRecvPDUBHS = false; /* Start receiving the rest of the PDU. */
2437 }
2438
2439 if (!pImage->cbRecvPDUResidual)
2440 {
2441 /* We received the complete PDU with or without any payload now. */
2442 LogFlow(("Received complete PDU\n"));
2443 ISCSIRES aResBuf;
2444 aResBuf.pvSeg = pImage->pvRecvPDUBuf;
2445 aResBuf.cbSeg = pImage->cbRecvPDUBuf;
2446 rc = iscsiRecvPDUProcess(pImage, &aResBuf, 1);
2447 }
2448 }
2449 else
2450 LogFlowFunc(("Reading from the socket returned with rc=%Rrc\n", rc));
2451
2452 return rc;
2453}
2454
2455static int iscsiSendPDUAsync(PISCSIIMAGE pImage)
2456{
2457 size_t cbSent = 0;
2458 int rc = VINF_SUCCESS;
2459
2460 LogFlowFunc(("pImage=%#p\n", pImage));
2461
2462 do
2463 {
2464 /*
2465 * If there is no PDU active, get the first one from the list.
2466 * Check that we are allowed to transfer the PDU by comparing the
2467 * command sequence number and the maximum sequence number allowed by the target.
2468 */
2469 if (!pImage->pIScsiPDUTxCur)
2470 {
2471 if ( !pImage->pIScsiPDUTxHead
2472 || serial_number_greater(pImage->pIScsiPDUTxHead->CmdSN, pImage->MaxCmdSN))
2473 break;
2474
2475 pImage->pIScsiPDUTxCur = pImage->pIScsiPDUTxHead;
2476 pImage->pIScsiPDUTxHead = pImage->pIScsiPDUTxCur->pNext;
2477 if (!pImage->pIScsiPDUTxHead)
2478 pImage->pIScsiPDUTxTail = NULL;
2479 }
2480
2481 /* Send as much as we can. */
2482 rc = pImage->pIfNet->pfnSgWriteNB(pImage->Socket, &pImage->pIScsiPDUTxCur->SgBuf, &cbSent);
2483 LogFlow(("SgWriteNB returned rc=%Rrc cbSent=%zu\n", rc, cbSent));
2484 if (RT_SUCCESS(rc))
2485 {
2486 LogFlow(("Sent %zu bytes for PDU %#p\n", cbSent, pImage->pIScsiPDUTxCur));
2487 pImage->pIScsiPDUTxCur->cbSgLeft -= cbSent;
2488 RTSgBufAdvance(&pImage->pIScsiPDUTxCur->SgBuf, cbSent);
2489 if (!pImage->pIScsiPDUTxCur->cbSgLeft)
2490 {
2491 /* PDU completed, free it and place the command on the waiting for response list. */
2492 if (pImage->pIScsiPDUTxCur->pIScsiCmd)
2493 {
2494 LogFlow(("Sent complete PDU, placing on waiting list\n"));
2495 iscsiCmdInsert(pImage, pImage->pIScsiPDUTxCur->pIScsiCmd);
2496 }
2497 RTMemFree(pImage->pIScsiPDUTxCur);
2498 pImage->pIScsiPDUTxCur = NULL;
2499 }
2500 }
2501 } while ( RT_SUCCESS(rc)
2502 && !pImage->pIScsiPDUTxCur);
2503
2504 if (rc == VERR_TRY_AGAIN)
2505 rc = VINF_SUCCESS;
2506
2507 /* Add the write poll flag if we still have something to send, clear it otherwise. */
2508 if (pImage->pIScsiPDUTxCur)
2509 pImage->fPollEvents |= VD_INTERFACETCPNET_EVT_WRITE;
2510 else
2511 pImage->fPollEvents &= ~VD_INTERFACETCPNET_EVT_WRITE;
2512
2513 LogFlowFunc(("rc=%Rrc pIScsiPDUTxCur=%#p\n", rc, pImage->pIScsiPDUTxCur));
2514 return rc;
2515}
2516
2517/**
2518 * Process a received PDU.
2519 *
2520 * @return VBOX status code.
2521 * @param pImage The iSCSI connection state to be used.
2522 * @param paRes Pointer to the array of iSCSI response sections.
2523 * @param cnRes Number of valid iSCSI response sections in the array.
2524 */
2525static int iscsiRecvPDUProcess(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes)
2526{
2527 int rc = VINF_SUCCESS;
2528
2529 LogFlowFunc(("pImage=%#p paRes=%#p cnRes=%u\n", pImage, paRes, cnRes));
2530
2531 /* Validate the PDU first. */
2532 rc = iscsiValidatePDU(paRes, cnRes);
2533 if (RT_SUCCESS(rc))
2534 {
2535 ISCSIOPCODE cmd;
2536 const uint32_t *pcvResSeg = (const uint32_t *)paRes[0].pvSeg;
2537
2538 Assert(paRes[0].cbSeg > 9 * sizeof(uint32_t));
2539
2540 do
2541 {
2542 cmd = (ISCSIOPCODE)(RT_N2H_U32(pcvResSeg[0]) & ISCSIOP_MASK);
2543 switch (cmd)
2544 {
2545 case ISCSIOP_SCSI_RES:
2546 case ISCSIOP_SCSI_TASKMGMT_RES:
2547 case ISCSIOP_SCSI_DATA_IN:
2548 case ISCSIOP_R2T:
2549 case ISCSIOP_ASYN_MSG:
2550 case ISCSIOP_TEXT_RES:
2551 case ISCSIOP_LOGIN_RES:
2552 case ISCSIOP_LOGOUT_RES:
2553 case ISCSIOP_REJECT:
2554 case ISCSIOP_NOP_IN:
2555 if (serial_number_less(pImage->MaxCmdSN, RT_N2H_U32(pcvResSeg[8])))
2556 pImage->MaxCmdSN = RT_N2H_U32(pcvResSeg[8]);
2557 if (serial_number_less(pImage->ExpCmdSN, RT_N2H_U32(pcvResSeg[7])))
2558 pImage->ExpCmdSN = RT_N2H_U32(pcvResSeg[7]);
2559 break;
2560 default:
2561 rc = VERR_PARSE_ERROR;
2562 iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2563 }
2564
2565 if (RT_FAILURE(rc))
2566 break;
2567
2568 if ( !pImage->FirstRecvPDU
2569 && (cmd != ISCSIOP_SCSI_DATA_IN || (RT_N2H_U32(pcvResSeg[0]) & ISCSI_STATUS_BIT)))
2570 {
2571 if (pImage->ExpStatSN == RT_N2H_U32(pcvResSeg[6]))
2572 {
2573 /* StatSN counter is not advanced on R2T and on a target SN update NOP-In. */
2574 if ( (cmd != ISCSIOP_R2T)
2575 && ((cmd != ISCSIOP_NOP_IN) || (RT_N2H_U32(pcvResSeg[4]) != ISCSI_TASK_TAG_RSVD)))
2576 pImage->ExpStatSN++;
2577 }
2578 else
2579 {
2580 rc = VERR_PARSE_ERROR;
2581 iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2582 break;
2583 }
2584 }
2585
2586 if (pcvResSeg[4] != ISCSI_TASK_TAG_RSVD)
2587 {
2588 /*
2589 * This is a response from the target for a request from the initiator.
2590 * Get the request and update its state.
2591 */
2592 rc = iscsiRecvPDUUpdateRequest(pImage, paRes, cnRes);
2593 /* Try to send more PDUs now that we updated the MaxCmdSN field */
2594 if ( RT_SUCCESS(rc)
2595 && !pImage->pIScsiPDUTxCur)
2596 rc = iscsiSendPDUAsync(pImage);
2597 }
2598 else
2599 {
2600 /* This is a target initiated request (we handle only NOP-In request at the moment). */
2601 if ( cmd == ISCSIOP_NOP_IN
2602 && RT_N2H_U32(pcvResSeg[5]) != ISCSI_TASK_TAG_RSVD)
2603 {
2604 PISCSIPDUTX pIScsiPDUTx;
2605 uint32_t cnISCSIReq;
2606 uint32_t *paReqBHS;
2607
2608 LogFlowFunc(("Sending NOP-Out\n"));
2609
2610 /* Allocate a new PDU initialize it and put onto the waiting list. */
2611 pIScsiPDUTx = (PISCSIPDUTX)RTMemAllocZ(sizeof(ISCSIPDUTX));
2612 if (!pIScsiPDUTx)
2613 {
2614 rc = VERR_NO_MEMORY;
2615 break;
2616 }
2617 paReqBHS = &pIScsiPDUTx->aBHS[0];
2618 paReqBHS[0] = RT_H2N_U32(ISCSI_IMMEDIATE_DELIVERY_BIT | ISCSI_FINAL_BIT | ISCSIOP_NOP_OUT);
2619 paReqBHS[1] = RT_H2N_U32(0); /* TotalAHSLength=0,DataSementLength=0 */
2620 paReqBHS[2] = pcvResSeg[2]; /* copy LUN from NOP-In */
2621 paReqBHS[3] = pcvResSeg[3]; /* copy LUN from NOP-In */
2622 paReqBHS[4] = RT_H2N_U32(ISCSI_TASK_TAG_RSVD); /* ITT, reply */
2623 paReqBHS[5] = pcvResSeg[5]; /* copy TTT from NOP-In */
2624 paReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
2625 paReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
2626 paReqBHS[8] = 0; /* reserved */
2627 paReqBHS[9] = 0; /* reserved */
2628 paReqBHS[10] = 0; /* reserved */
2629 paReqBHS[11] = 0; /* reserved */
2630
2631 cnISCSIReq = 0;
2632 pIScsiPDUTx->aISCSIReq[cnISCSIReq].pvSeg = paReqBHS;
2633 pIScsiPDUTx->aISCSIReq[cnISCSIReq].cbSeg = sizeof(pIScsiPDUTx->aBHS);
2634 cnISCSIReq++;
2635 pIScsiPDUTx->cbSgLeft = sizeof(pIScsiPDUTx->aBHS);
2636 RTSgBufInit(&pIScsiPDUTx->SgBuf, pIScsiPDUTx->aISCSIReq, cnISCSIReq);
2637
2638 /*
2639 * Link the PDU to the list.
2640 * Insert at the front of the list to send the response as soon as possible
2641 * to avoid frequent reconnects for a slow connection when there are many PDUs
2642 * waiting.
2643 */
2644 iscsiPDUTxAdd(pImage, pIScsiPDUTx, true /* fFront */);
2645
2646 /* Start transfer of a PDU if there is no one active at the moment. */
2647 if (!pImage->pIScsiPDUTxCur)
2648 rc = iscsiSendPDUAsync(pImage);
2649 }
2650 }
2651 } while (0);
2652 }
2653 else
2654 iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2655
2656 return rc;
2657}
2658
2659/**
2660 * Check the static (not dependent on the connection/session state) validity of an iSCSI response PDU.
2661 *
2662 * @returns VBOX status
2663 * @param paRes Pointer to array of iSCSI response sections.
2664 * @param cnRes Number of valid iSCSI response sections in the array.
2665 */
2666static int iscsiValidatePDU(PISCSIRES paRes, uint32_t cnRes)
2667{
2668 RT_NOREF1(cnRes);
2669 const uint32_t *pcrgResBHS;
2670 uint32_t hw0;
2671 Assert(cnRes >= 1);
2672 Assert(paRes[0].cbSeg >= ISCSI_BHS_SIZE);
2673
2674 LogFlowFunc(("paRes=%#p cnRes=%u\n", paRes, cnRes));
2675
2676 pcrgResBHS = (const uint32_t *)(paRes[0].pvSeg);
2677 hw0 = RT_N2H_U32(pcrgResBHS[0]);
2678 switch (hw0 & ISCSIOP_MASK)
2679 {
2680 case ISCSIOP_NOP_IN:
2681 /* NOP-In responses must not be split into several PDUs nor it may contain
2682 * ping data for target-initiated pings nor may both task tags be valid task tags. */
2683 if ( (hw0 & ISCSI_FINAL_BIT) == 0
2684 || ( RT_N2H_U32(pcrgResBHS[4]) == ISCSI_TASK_TAG_RSVD
2685 && RT_N2H_U32(pcrgResBHS[1]) != 0)
2686 || ( RT_N2H_U32(pcrgResBHS[4]) != ISCSI_TASK_TAG_RSVD
2687 && RT_N2H_U32(pcrgResBHS[5]) != ISCSI_TASK_TAG_RSVD))
2688 return VERR_PARSE_ERROR;
2689 break;
2690 case ISCSIOP_SCSI_RES:
2691 /* SCSI responses must not be split into several PDUs nor must the residual
2692 * bits be contradicting each other nor may the residual bits be set for PDUs
2693 * containing anything else but a completed command response. Underflow
2694 * is no reason for declaring a PDU as invalid, as the target may choose
2695 * to return less data than we assume to get. */
2696 if ( (hw0 & ISCSI_FINAL_BIT) == 0
2697 || ((hw0 & ISCSI_BI_READ_RESIDUAL_OVFL_BIT) && (hw0 & ISCSI_BI_READ_RESIDUAL_UNFL_BIT))
2698 || ((hw0 & ISCSI_RESIDUAL_OVFL_BIT) && (hw0 & ISCSI_RESIDUAL_UNFL_BIT))
2699 || ( ((hw0 & ISCSI_SCSI_RESPONSE_MASK) == 0)
2700 && ((hw0 & ISCSI_SCSI_STATUS_MASK) == SCSI_STATUS_OK)
2701 && (hw0 & ( ISCSI_BI_READ_RESIDUAL_OVFL_BIT | ISCSI_BI_READ_RESIDUAL_UNFL_BIT
2702 | ISCSI_RESIDUAL_OVFL_BIT))))
2703 return VERR_PARSE_ERROR;
2704 else
2705 LogFlowFunc(("good SCSI response, first word %#08x\n", RT_N2H_U32(pcrgResBHS[0])));
2706 break;
2707 case ISCSIOP_LOGIN_RES:
2708 /* Login responses must not contain contradicting transit and continue bits. */
2709 if ((hw0 & ISCSI_CONTINUE_BIT) && ((hw0 & ISCSI_TRANSIT_BIT) != 0))
2710 return VERR_PARSE_ERROR;
2711 break;
2712 case ISCSIOP_TEXT_RES:
2713 /* Text responses must not contain contradicting final and continue bits nor
2714 * may the final bit be set for PDUs containing a target transfer tag other than
2715 * the reserved transfer tag (and vice versa). */
2716 if ( (((hw0 & ISCSI_CONTINUE_BIT) && (hw0 & ISCSI_FINAL_BIT) != 0))
2717 || (((hw0 & ISCSI_FINAL_BIT) && (RT_N2H_U32(pcrgResBHS[5]) != ISCSI_TASK_TAG_RSVD)))
2718 || (((hw0 & ISCSI_FINAL_BIT) == 0) && (RT_N2H_U32(pcrgResBHS[5]) == ISCSI_TASK_TAG_RSVD)))
2719 return VERR_PARSE_ERROR;
2720 break;
2721 case ISCSIOP_SCSI_DATA_IN:
2722 /* SCSI Data-in responses must not contain contradicting residual bits when
2723 * status bit is set. */
2724 if ((hw0 & ISCSI_STATUS_BIT) && (hw0 & ISCSI_RESIDUAL_OVFL_BIT) && (hw0 & ISCSI_RESIDUAL_UNFL_BIT))
2725 return VERR_PARSE_ERROR;
2726 break;
2727 case ISCSIOP_LOGOUT_RES:
2728 /* Logout responses must not have the final bit unset and may not contain any
2729 * data or additional header segments. */
2730 if ( ((hw0 & ISCSI_FINAL_BIT) == 0)
2731 || (RT_N2H_U32(pcrgResBHS[1]) != 0))
2732 return VERR_PARSE_ERROR;
2733 break;
2734 case ISCSIOP_ASYN_MSG:
2735 /* Asynchronous Messages must not have the final bit unset and may not contain
2736 * an initiator task tag. */
2737 if ( ((hw0 & ISCSI_FINAL_BIT) == 0)
2738 || (RT_N2H_U32(pcrgResBHS[4]) != ISCSI_TASK_TAG_RSVD))
2739 return VERR_PARSE_ERROR;
2740 break;
2741 case ISCSIOP_SCSI_TASKMGMT_RES:
2742 case ISCSIOP_R2T:
2743 case ISCSIOP_REJECT:
2744 default:
2745 /* Do some logging, ignore PDU. */
2746 LogFlowFunc(("ignore unhandled PDU, first word %#08x\n", RT_N2H_U32(pcrgResBHS[0])));
2747 return VERR_PARSE_ERROR;
2748 }
2749 /* A target must not send PDUs with MaxCmdSN less than ExpCmdSN-1. */
2750
2751 if (serial_number_less(RT_N2H_U32(pcrgResBHS[8]), RT_N2H_U32(pcrgResBHS[7])-1))
2752 return VERR_PARSE_ERROR;
2753
2754 return VINF_SUCCESS;
2755}
2756
2757
2758/**
2759 * Prepares a PDU to transfer for the given command and adds it to the list.
2760 */
2761static int iscsiPDUTxPrepare(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd)
2762{
2763 int rc = VINF_SUCCESS;
2764 uint32_t *paReqBHS;
2765 size_t cbData = 0;
2766 size_t cbSegs = 0;
2767 PSCSIREQ pScsiReq;
2768 PISCSIPDUTX pIScsiPDU = NULL;
2769
2770 LogFlowFunc(("pImage=%#p pIScsiCmd=%#p\n", pImage, pIScsiCmd));
2771
2772 Assert(pIScsiCmd->enmCmdType == ISCSICMDTYPE_REQ);
2773
2774 pIScsiCmd->Itt = iscsiNewITT(pImage);
2775 pScsiReq = pIScsiCmd->CmdType.ScsiReq.pScsiReq;
2776
2777 if (pScsiReq->cT2ISegs)
2778 RTSgBufInit(&pScsiReq->SgBufT2I, pScsiReq->paT2ISegs, pScsiReq->cT2ISegs);
2779
2780 /*
2781 * Allocate twice as much entries as required for padding (worst case).
2782 * The additional segment is for the BHS.
2783 */
2784 size_t cI2TSegs = 2*(pScsiReq->cI2TSegs + 1);
2785 pIScsiPDU = (PISCSIPDUTX)RTMemAllocZ(RT_UOFFSETOF_DYN(ISCSIPDUTX, aISCSIReq[cI2TSegs]));
2786 if (!pIScsiPDU)
2787 return VERR_NO_MEMORY;
2788
2789 pIScsiPDU->pIScsiCmd = pIScsiCmd;
2790
2791 if (pScsiReq->enmXfer == SCSIXFER_FROM_TARGET)
2792 cbData = (uint32_t)pScsiReq->cbT2IData;
2793 else
2794 cbData = (uint32_t)pScsiReq->cbI2TData;
2795
2796 paReqBHS = pIScsiPDU->aBHS;
2797
2798 /* Setup the BHS. */
2799 paReqBHS[0] = RT_H2N_U32( ISCSI_FINAL_BIT | ISCSI_TASK_ATTR_SIMPLE | ISCSIOP_SCSI_CMD
2800 | (pScsiReq->enmXfer << 21)); /* I=0,F=1,Attr=Simple */
2801 paReqBHS[1] = RT_H2N_U32(0x00000000 | ((uint32_t)pScsiReq->cbI2TData & 0xffffff)); /* TotalAHSLength=0 */
2802 paReqBHS[2] = RT_H2N_U32(pImage->LUN >> 32);
2803 paReqBHS[3] = RT_H2N_U32(pImage->LUN & 0xffffffff);
2804 paReqBHS[4] = pIScsiCmd->Itt;
2805 paReqBHS[5] = RT_H2N_U32((uint32_t)cbData); Assert((uint32_t)cbData == cbData);
2806 paReqBHS[6] = RT_H2N_U32(pImage->CmdSN);
2807 paReqBHS[7] = RT_H2N_U32(pImage->ExpStatSN);
2808 memcpy(paReqBHS + 8, pScsiReq->abCDB, pScsiReq->cbCDB);
2809
2810 pIScsiPDU->CmdSN = pImage->CmdSN;
2811 pImage->CmdSN++;
2812
2813 /* Setup the S/G buffers. */
2814 uint32_t cnISCSIReq = 0;
2815 pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg = sizeof(pIScsiPDU->aBHS);
2816 pIScsiPDU->aISCSIReq[cnISCSIReq].pvSeg = pIScsiPDU->aBHS;
2817 cnISCSIReq++;
2818 cbSegs = sizeof(pIScsiPDU->aBHS);
2819 /* Padding is not necessary for the BHS. */
2820
2821 if (pScsiReq->cbI2TData)
2822 {
2823 for (unsigned cSeg = 0; cSeg < pScsiReq->cI2TSegs; cSeg++)
2824 {
2825 Assert(cnISCSIReq < cI2TSegs);
2826 pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg = pScsiReq->paI2TSegs[cSeg].cbSeg;
2827 pIScsiPDU->aISCSIReq[cnISCSIReq].pvSeg = pScsiReq->paI2TSegs[cSeg].pvSeg;
2828 cbSegs += pScsiReq->paI2TSegs[cSeg].cbSeg;
2829 cnISCSIReq++;
2830
2831 /* Add padding if necessary. */
2832 if (pScsiReq->paI2TSegs[cSeg].cbSeg & 3)
2833 {
2834 Assert(cnISCSIReq < cI2TSegs);
2835 pIScsiPDU->aISCSIReq[cnISCSIReq].pvSeg = &pImage->aPadding[0];
2836 pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg = 4 - (pScsiReq->paI2TSegs[cSeg].cbSeg & 3);
2837 cbSegs += pIScsiPDU->aISCSIReq[cnISCSIReq].cbSeg;
2838 cnISCSIReq++;
2839 }
2840 }
2841 }
2842
2843 pIScsiPDU->cISCSIReq = cnISCSIReq;
2844 pIScsiPDU->cbSgLeft = cbSegs;
2845 RTSgBufInit(&pIScsiPDU->SgBuf, pIScsiPDU->aISCSIReq, cnISCSIReq);
2846
2847 /* Link the PDU to the list. */
2848 iscsiPDUTxAdd(pImage, pIScsiPDU, false /* fFront */);
2849
2850 /* Start transfer of a PDU if there is no one active at the moment. */
2851 if (!pImage->pIScsiPDUTxCur)
2852 rc = iscsiSendPDUAsync(pImage);
2853
2854 return rc;
2855}
2856
2857
2858/**
2859 * Updates the state of a request from the PDU we received.
2860 *
2861 * @return VBox status code.
2862 * @param pImage iSCSI connection state to use.
2863 * @param paRes Pointer to array of iSCSI response sections.
2864 * @param cnRes Number of valid iSCSI response sections in the array.
2865 */
2866static int iscsiRecvPDUUpdateRequest(PISCSIIMAGE pImage, PISCSIRES paRes, uint32_t cnRes)
2867{
2868 int rc = VINF_SUCCESS;
2869 PISCSICMD pIScsiCmd;
2870 uint32_t *paResBHS;
2871
2872 LogFlowFunc(("pImage=%#p paRes=%#p cnRes=%u\n", pImage, paRes, cnRes));
2873
2874 Assert(cnRes == 1);
2875 Assert(paRes[0].cbSeg >= ISCSI_BHS_SIZE);
2876
2877 paResBHS = (uint32_t *)paRes[0].pvSeg;
2878
2879 pIScsiCmd = iscsiCmdGetFromItt(pImage, paResBHS[4]);
2880
2881 if (pIScsiCmd)
2882 {
2883 bool final = false;
2884 PSCSIREQ pScsiReq;
2885
2886 LogFlow(("Found SCSI command %#p for Itt=%#u\n", pIScsiCmd, paResBHS[4]));
2887
2888 Assert(pIScsiCmd->enmCmdType == ISCSICMDTYPE_REQ);
2889 pScsiReq = pIScsiCmd->CmdType.ScsiReq.pScsiReq;
2890
2891 final = !!(RT_N2H_U32(paResBHS[0]) & ISCSI_FINAL_BIT);
2892 ISCSIOPCODE cmd = (ISCSIOPCODE)(RT_N2H_U32(paResBHS[0]) & ISCSIOP_MASK);
2893 if (cmd == ISCSIOP_SCSI_RES)
2894 {
2895 /* This is the final PDU which delivers the status (and may be omitted if
2896 * the last Data-In PDU included successful completion status). Note
2897 * that ExpStatSN has been bumped already in iscsiRecvPDU. */
2898 if (!final || ((RT_N2H_U32(paResBHS[0]) & 0x0000ff00) != 0) || (RT_N2H_U32(paResBHS[6]) != pImage->ExpStatSN - 1))
2899 {
2900 /* SCSI Response in the wrong place or with a (target) failure. */
2901 LogFlow(("Wrong ExpStatSN value in PDU\n"));
2902 rc = VERR_PARSE_ERROR;
2903 }
2904 else
2905 {
2906 pScsiReq->status = RT_N2H_U32(paResBHS[0]) & 0x000000ff;
2907 size_t cbData = RT_N2H_U32(paResBHS[1]) & 0x00ffffff;
2908 void *pvSense = (uint8_t *)paRes[0].pvSeg + ISCSI_BHS_SIZE;
2909
2910 if (cbData >= 2)
2911 {
2912 uint32_t cbStat = RT_N2H_U32(((uint32_t *)pvSense)[0]) >> 16;
2913 if (cbStat + 2 > cbData)
2914 {
2915 rc = VERR_BUFFER_OVERFLOW;
2916 }
2917 else
2918 {
2919 /* Truncate sense data if it doesn't fit into the buffer. */
2920 pScsiReq->cbSense = RT_MIN(cbStat, pScsiReq->cbSense);
2921 memcpy(pScsiReq->abSense, (uint8_t *)pvSense + 2,
2922 RT_MIN(paRes[0].cbSeg - ISCSI_BHS_SIZE - 2, pScsiReq->cbSense));
2923 }
2924 }
2925 else if (cbData == 1)
2926 rc = VERR_PARSE_ERROR;
2927 else
2928 pScsiReq->cbSense = 0;
2929 }
2930 iscsiCmdComplete(pImage, pIScsiCmd, rc);
2931 }
2932 else if (cmd == ISCSIOP_SCSI_DATA_IN)
2933 {
2934 /* A Data-In PDU carries some data that needs to be added to the received
2935 * data in response to the command. There may be both partial and complete
2936 * Data-In PDUs, so collect data until the status is included or the status
2937 * is sent in a separate SCSI Result frame (see above). */
2938 size_t cbData = RT_N2H_U32(paResBHS[1]) & 0x00ffffff;
2939 void *pvData = (uint8_t *)paRes[0].pvSeg + ISCSI_BHS_SIZE;
2940
2941 if (final && cbData > pScsiReq->cbT2IData)
2942 {
2943 /* The received PDU is bigger than what we requested.
2944 * Must not happen under normal circumstances and is a target error. */
2945 rc = VERR_BUFFER_OVERFLOW;
2946 }
2947 else
2948 {
2949 /* Copy data from the received PDU into the T2I segments. */
2950 size_t cbCopied = RTSgBufCopyFromBuf(&pScsiReq->SgBufT2I, pvData, cbData);
2951 Assert(cbCopied == cbData); NOREF(cbCopied);
2952
2953 if (final && (RT_N2H_U32(paResBHS[0]) & ISCSI_STATUS_BIT) != 0)
2954 {
2955 pScsiReq->status = RT_N2H_U32(paResBHS[0]) & 0x000000ff;
2956 pScsiReq->cbSense = 0;
2957 iscsiCmdComplete(pImage, pIScsiCmd, VINF_SUCCESS);
2958 }
2959 }
2960 }
2961 else
2962 rc = VERR_PARSE_ERROR;
2963 }
2964
2965 /* Log any errors here but ignore the PDU. */
2966 if (RT_FAILURE(rc))
2967 {
2968 LogRel(("iSCSI: Received malformed PDU from target %s (rc=%Rrc), ignoring\n", pImage->pszTargetName, rc));
2969 iscsiDumpPacket(pImage, (PISCSIREQ)paRes, cnRes, rc, false /* fRequest */);
2970 rc = VINF_SUCCESS;
2971 }
2972
2973 return rc;
2974}
2975
2976/**
2977 * Appends a key-value pair to the buffer. Normal ASCII strings (cbValue == 0) and large binary values
2978 * of a given length (cbValue > 0) are directly supported. Other value types must be converted to ASCII
2979 * by the caller. Strings must be in UTF-8 encoding.
2980 *
2981 * @returns VBOX status
2982 * @param pbBuf Pointer to the key-value buffer.
2983 * @param cbBuf Length of the key-value buffer.
2984 * @param pcbBufCurr Currently used portion of the key-value buffer.
2985 * @param pcszKey Pointer to a string containing the key.
2986 * @param pcszValue Pointer to either a string containing the value or to a large binary value.
2987 * @param cbValue Length of the binary value if applicable.
2988 */
2989static int iscsiTextAddKeyValue(uint8_t *pbBuf, size_t cbBuf, size_t *pcbBufCurr, const char *pcszKey,
2990 const char *pcszValue, size_t cbValue)
2991{
2992 size_t cbBufTmp = *pcbBufCurr;
2993 size_t cbKey = strlen(pcszKey);
2994 size_t cbValueEnc;
2995 uint8_t *pbCurr;
2996
2997 if (cbValue == 0)
2998 cbValueEnc = strlen(pcszValue);
2999 else
3000 cbValueEnc = cbValue * 2 + 2; /* 2 hex bytes per byte, 2 bytes prefix */
3001
3002 if (cbBuf < cbBufTmp + cbKey + 1 + cbValueEnc + 1)
3003 {
3004 /* Buffer would overflow, signal error. */
3005 return VERR_BUFFER_OVERFLOW;
3006 }
3007
3008 /*
3009 * Append a key=value pair (zero terminated string) to the end of the buffer.
3010 */
3011 pbCurr = pbBuf + cbBufTmp;
3012 memcpy(pbCurr, pcszKey, cbKey);
3013 pbCurr += cbKey;
3014 *pbCurr++ = '=';
3015 if (cbValue == 0)
3016 {
3017 memcpy(pbCurr, pcszValue, cbValueEnc);
3018 pbCurr += cbValueEnc;
3019 }
3020 else
3021 {
3022 *pbCurr++ = '0';
3023 *pbCurr++ = 'x';
3024 for (uint32_t i = 0; i < cbValue; i++)
3025 {
3026 uint8_t b;
3027 b = pcszValue[i];
3028 *pbCurr++ = NUM_2_HEX(b >> 4);
3029 *pbCurr++ = NUM_2_HEX(b & 0xf);
3030 }
3031 }
3032 *pbCurr = '\0';
3033 *pcbBufCurr = cbBufTmp + cbKey + 1 + cbValueEnc + 1;
3034
3035 return VINF_SUCCESS;
3036}
3037
3038
3039/**
3040 * Retrieve the value for a given key from the key=value buffer.
3041 *
3042 * @returns VBox status code.
3043 * @param pbBuf Buffer containing key=value pairs.
3044 * @param cbBuf Length of buffer with key=value pairs.
3045 * @param pcszKey Pointer to key for which to retrieve the value.
3046 * @param ppcszValue Pointer to value string pointer.
3047 */
3048static int iscsiTextGetKeyValue(const uint8_t *pbBuf, size_t cbBuf, const char *pcszKey, const char **ppcszValue)
3049{
3050 size_t cbKey = strlen(pcszKey);
3051
3052 while (cbBuf != 0)
3053 {
3054 size_t cbKeyValNull = strlen((const char *)pbBuf) + 1;
3055
3056 if (strncmp(pcszKey, (const char *)pbBuf, cbKey) == 0 && pbBuf[cbKey] == '=')
3057 {
3058 *ppcszValue = (const char *)(pbBuf + cbKey + 1);
3059 return VINF_SUCCESS;
3060 }
3061 pbBuf += cbKeyValNull;
3062 cbBuf -= cbKeyValNull;
3063 }
3064 return VERR_INVALID_NAME;
3065}
3066
3067
3068/**
3069 * Convert a long-binary value from a value string to the binary representation.
3070 *
3071 * @returns VBOX status
3072 * @param pcszValue Pointer to a string containing the textual value representation.
3073 * @param pbValue Pointer to the value buffer for the binary value.
3074 * @param pcbValue In: length of value buffer, out: actual length of binary value.
3075 */
3076static int iscsiStrToBinary(const char *pcszValue, uint8_t *pbValue, size_t *pcbValue)
3077{
3078 size_t cbValue = *pcbValue;
3079 char c1, c2, c3, c4;
3080 Assert(cbValue >= 1);
3081
3082 if (strlen(pcszValue) < 3)
3083 return VERR_PARSE_ERROR;
3084 if (*pcszValue++ != '0')
3085 return VERR_PARSE_ERROR;
3086 switch (*pcszValue++)
3087 {
3088 case 'x':
3089 case 'X':
3090 if (strlen(pcszValue) & 1)
3091 {
3092 c1 = *pcszValue++;
3093 *pbValue++ = HEX_2_NUM(c1);
3094 cbValue--;
3095 }
3096 while (*pcszValue != '\0')
3097 {
3098 if (cbValue == 0)
3099 return VERR_BUFFER_OVERFLOW;
3100 c1 = *pcszValue++;
3101 if ((c1 < '0' || c1 > '9') && (c1 < 'a' || c1 > 'f') && (c1 < 'A' || c1 > 'F'))
3102 return VERR_PARSE_ERROR;
3103 c2 = *pcszValue++;
3104 if ((c2 < '0' || c2 > '9') && (c2 < 'a' || c2 > 'f') && (c2 < 'A' || c2 > 'F'))
3105 return VERR_PARSE_ERROR;
3106 *pbValue++ = (HEX_2_NUM(c1) << 4) | HEX_2_NUM(c2);
3107 cbValue--;
3108 }
3109 *pcbValue -= cbValue;
3110 break;
3111 case 'b':
3112 case 'B':
3113 if ((strlen(pcszValue) & 3) != 0)
3114 return VERR_PARSE_ERROR;
3115 while (*pcszValue != '\0')
3116 {
3117 uint32_t temp;
3118 if (cbValue == 0)
3119 return VERR_BUFFER_OVERFLOW;
3120 c1 = *pcszValue++;
3121 if ((c1 < 'A' || c1 > 'Z') && (c1 < 'a' || c1 >'z') && (c1 < '0' || c1 > '9') && (c1 != '+') && (c1 != '/'))
3122 return VERR_PARSE_ERROR;
3123 c2 = *pcszValue++;
3124 if ((c2 < 'A' || c2 > 'Z') && (c2 < 'a' || c2 >'z') && (c2 < '0' || c2 > '9') && (c2 != '+') && (c2 != '/'))
3125 return VERR_PARSE_ERROR;
3126 c3 = *pcszValue++;
3127 if ((c3 < 'A' || c3 > 'Z') && (c3 < 'a' || c3 >'z') && (c3 < '0' || c3 > '9') && (c3 != '+') && (c3 != '/') && (c3 != '='))
3128 return VERR_PARSE_ERROR;
3129 c4 = *pcszValue++;
3130 if ( (c3 == '=' && c4 != '=')
3131 || ((c4 < 'A' || c4 > 'Z') && (c4 < 'a' || c4 >'z') && (c4 < '0' || c4 > '9') && (c4 != '+') && (c4 != '/') && (c4 != '=')))
3132 return VERR_PARSE_ERROR;
3133 temp = (B64_2_NUM(c1) << 18) | (B64_2_NUM(c2) << 12);
3134 if (c3 == '=') {
3135 if (*pcszValue != '\0')
3136 return VERR_PARSE_ERROR;
3137 *pbValue++ = temp >> 16;
3138 cbValue--;
3139 } else {
3140 temp |= B64_2_NUM(c3) << 6;
3141 if (c4 == '=') {
3142 if (*pcszValue != '\0')
3143 return VERR_PARSE_ERROR;
3144 if (cbValue < 2)
3145 return VERR_BUFFER_OVERFLOW;
3146 *pbValue++ = temp >> 16;
3147 *pbValue++ = (temp >> 8) & 0xff;
3148 cbValue -= 2;
3149 }
3150 else
3151 {
3152 temp |= B64_2_NUM(c4);
3153 if (cbValue < 3)
3154 return VERR_BUFFER_OVERFLOW;
3155 *pbValue++ = temp >> 16;
3156 *pbValue++ = (temp >> 8) & 0xff;
3157 *pbValue++ = temp & 0xff;
3158 cbValue -= 3;
3159 }
3160 }
3161 }
3162 *pcbValue -= cbValue;
3163 break;
3164 default:
3165 return VERR_PARSE_ERROR;
3166 }
3167 return VINF_SUCCESS;
3168}
3169
3170
3171/**
3172 * Retrieve the relevant parameter values and update the initiator state.
3173 *
3174 * @returns VBox status code.
3175 * @param pImage Current iSCSI initiator state.
3176 * @param pbBuf Buffer containing key=value pairs.
3177 * @param cbBuf Length of buffer with key=value pairs.
3178 */
3179static int iscsiUpdateParameters(PISCSIIMAGE pImage, const uint8_t *pbBuf, size_t cbBuf)
3180{
3181 int rc;
3182 const char *pcszMaxRecvDataSegmentLength = NULL;
3183 const char *pcszMaxBurstLength = NULL;
3184 const char *pcszFirstBurstLength = NULL;
3185 rc = iscsiTextGetKeyValue(pbBuf, cbBuf, "MaxRecvDataSegmentLength", &pcszMaxRecvDataSegmentLength);
3186 if (rc == VERR_INVALID_NAME)
3187 rc = VINF_SUCCESS;
3188 if (RT_FAILURE(rc))
3189 return VERR_PARSE_ERROR;
3190 rc = iscsiTextGetKeyValue(pbBuf, cbBuf, "MaxBurstLength", &pcszMaxBurstLength);
3191 if (rc == VERR_INVALID_NAME)
3192 rc = VINF_SUCCESS;
3193 if (RT_FAILURE(rc))
3194 return VERR_PARSE_ERROR;
3195 rc = iscsiTextGetKeyValue(pbBuf, cbBuf, "FirstBurstLength", &pcszFirstBurstLength);
3196 if (rc == VERR_INVALID_NAME)
3197 rc = VINF_SUCCESS;
3198 if (RT_FAILURE(rc))
3199 return VERR_PARSE_ERROR;
3200 if (pcszMaxRecvDataSegmentLength)
3201 {
3202 uint32_t cb = pImage->cbSendDataLength;
3203 rc = RTStrToUInt32Full(pcszMaxRecvDataSegmentLength, 0, &cb);
3204 AssertRC(rc);
3205 pImage->cbSendDataLength = RT_MIN(pImage->cbSendDataLength, cb);
3206 }
3207 if (pcszMaxBurstLength)
3208 {
3209 uint32_t cb = pImage->cbSendDataLength;
3210 rc = RTStrToUInt32Full(pcszMaxBurstLength, 0, &cb);
3211 AssertRC(rc);
3212 pImage->cbSendDataLength = RT_MIN(pImage->cbSendDataLength, cb);
3213 }
3214 if (pcszFirstBurstLength)
3215 {
3216 uint32_t cb = pImage->cbSendDataLength;
3217 rc = RTStrToUInt32Full(pcszFirstBurstLength, 0, &cb);
3218 AssertRC(rc);
3219 pImage->cbSendDataLength = RT_MIN(pImage->cbSendDataLength, cb);
3220 }
3221 return VINF_SUCCESS;
3222}
3223
3224
3225static bool serial_number_less(uint32_t s1, uint32_t s2)
3226{
3227 return (s1 < s2 && s2 - s1 < 0x80000000) || (s1 > s2 && s1 - s2 > 0x80000000);
3228}
3229
3230static bool serial_number_greater(uint32_t s1, uint32_t s2)
3231{
3232 return (s1 < s2 && s2 - s1 > 0x80000000) || (s1 > s2 && s1 - s2 < 0x80000000);
3233}
3234
3235
3236#ifdef IMPLEMENT_TARGET_AUTH
3237static void chap_md5_generate_challenge(uint8_t *pbChallenge, size_t *pcbChallenge)
3238{
3239 uint8_t cbChallenge;
3240
3241 cbChallenge = RTrand_U8(CHAP_MD5_CHALLENGE_MIN, CHAP_MD5_CHALLENGE_MAX);
3242 RTrand_bytes(pbChallenge, cbChallenge);
3243 *pcbChallenge = cbChallenge;
3244}
3245#endif
3246
3247
3248static void chap_md5_compute_response(uint8_t *pbResponse, uint8_t id, const uint8_t *pbChallenge, size_t cbChallenge,
3249 const uint8_t *pbSecret, size_t cbSecret)
3250{
3251 RTMD5CONTEXT ctx;
3252 uint8_t bId;
3253
3254 bId = id;
3255 RTMd5Init(&ctx);
3256 RTMd5Update(&ctx, &bId, 1);
3257 RTMd5Update(&ctx, pbSecret, cbSecret);
3258 RTMd5Update(&ctx, pbChallenge, cbChallenge);
3259 RTMd5Final(pbResponse, &ctx);
3260}
3261
3262/**
3263 * Internal. - Wrapper around the extended select callback of the net interface.
3264 */
3265DECLINLINE(int) iscsiIoThreadWait(PISCSIIMAGE pImage, RTMSINTERVAL cMillies, uint32_t fEvents, uint32_t *pfEvents)
3266{
3267 return pImage->pIfNet->pfnSelectOneEx(pImage->Socket, fEvents, pfEvents, cMillies);
3268}
3269
3270/**
3271 * Internal. - Pokes a thread waiting for I/O.
3272 */
3273DECLINLINE(int) iscsiIoThreadPoke(PISCSIIMAGE pImage)
3274{
3275 return pImage->pIfNet->pfnPoke(pImage->Socket);
3276}
3277
3278/**
3279 * Internal. - Get the next request from the queue.
3280 */
3281DECLINLINE(PISCSICMD) iscsiCmdGet(PISCSIIMAGE pImage)
3282{
3283 int rc;
3284 PISCSICMD pIScsiCmd = NULL;
3285
3286 rc = RTSemMutexRequest(pImage->MutexReqQueue, RT_INDEFINITE_WAIT);
3287 AssertRC(rc);
3288
3289 pIScsiCmd = pImage->pScsiReqQueue;
3290 if (pIScsiCmd)
3291 {
3292 pImage->pScsiReqQueue = pIScsiCmd->pNext;
3293 pIScsiCmd->pNext = NULL;
3294 }
3295
3296 rc = RTSemMutexRelease(pImage->MutexReqQueue);
3297 AssertRC(rc);
3298
3299 return pIScsiCmd;
3300}
3301
3302
3303/**
3304 * Internal. - Adds the given command to the queue.
3305 */
3306DECLINLINE(int) iscsiCmdPut(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd)
3307{
3308 int rc = RTSemMutexRequest(pImage->MutexReqQueue, RT_INDEFINITE_WAIT);
3309 AssertRC(rc);
3310
3311 pIScsiCmd->pNext = pImage->pScsiReqQueue;
3312 pImage->pScsiReqQueue = pIScsiCmd;
3313
3314 rc = RTSemMutexRelease(pImage->MutexReqQueue);
3315 AssertRC(rc);
3316
3317 iscsiIoThreadPoke(pImage);
3318
3319 return rc;
3320}
3321
3322/**
3323 * Internal. - Completes the request with the appropriate action.
3324 * Synchronous requests are completed with waking up the thread
3325 * and asynchronous ones by continuing the associated I/O context.
3326 */
3327static void iscsiCmdComplete(PISCSIIMAGE pImage, PISCSICMD pIScsiCmd, int rcCmd)
3328{
3329 LogFlowFunc(("pImage=%#p pIScsiCmd=%#p rcCmd=%Rrc\n", pImage, pIScsiCmd, rcCmd));
3330
3331 /* Remove from the table first. */
3332 iscsiCmdRemove(pImage, pIScsiCmd->Itt);
3333
3334 /* Call completion callback. */
3335 pIScsiCmd->pfnComplete(pImage, rcCmd, pIScsiCmd->pvUser);
3336
3337 /* Free command structure. */
3338#ifdef DEBUG
3339 memset(pIScsiCmd, 0xff, sizeof(ISCSICMD));
3340#endif
3341 RTMemFree(pIScsiCmd);
3342}
3343
3344/**
3345 * Clears all RX/TX PDU states and returns the command for the current
3346 * pending TX PDU if existing.
3347 *
3348 * @returns Pointer to the iSCSI command for the current PDU transmitted or NULL
3349 * if none is waiting.
3350 * @param pImage iSCSI connection state.
3351 */
3352static PISCSICMD iscsiPDURxTxClear(PISCSIIMAGE pImage)
3353{
3354 PISCSICMD pIScsiCmdHead = NULL;
3355 PISCSIPDUTX pIScsiPDUTx = NULL;
3356
3357 /* Reset PDU we are receiving. */
3358 iscsiRecvPDUReset(pImage);
3359
3360 /*
3361 * Abort all PDUs we are about to transmit,
3362 * the command need a new Itt if the relogin is successful.
3363 */
3364 while (pImage->pIScsiPDUTxHead)
3365 {
3366 pIScsiPDUTx = pImage->pIScsiPDUTxHead;
3367 pImage->pIScsiPDUTxHead = pIScsiPDUTx->pNext;
3368
3369 PISCSICMD pIScsiCmd = pIScsiPDUTx->pIScsiCmd;
3370 if (pIScsiCmd)
3371 {
3372 /* Place on command list. */
3373 pIScsiCmd->pNext = pIScsiCmdHead;
3374 pIScsiCmdHead = pIScsiCmd;
3375 }
3376 RTMemFree(pIScsiPDUTx);
3377 }
3378
3379 /* Clear the tail pointer (safety precaution). */
3380 pImage->pIScsiPDUTxTail = NULL;
3381
3382 /* Clear the current PDU too. */
3383 if (pImage->pIScsiPDUTxCur)
3384 {
3385 pIScsiPDUTx = pImage->pIScsiPDUTxCur;
3386
3387 pImage->pIScsiPDUTxCur = NULL;
3388 PISCSICMD pIScsiCmd = pIScsiPDUTx->pIScsiCmd;
3389 if (pIScsiCmd)
3390 {
3391 pIScsiCmd->pNext = pIScsiCmdHead;
3392 pIScsiCmdHead = pIScsiCmd;
3393 }
3394 RTMemFree(pIScsiPDUTx);
3395 }
3396
3397 return pIScsiCmdHead;
3398}
3399
3400/**
3401 * Rests the iSCSI connection state and returns a list of iSCSI commands pending
3402 * when this was called.
3403 *
3404 * @returns Pointer to the head of the pending iSCSI command list.
3405 * @param pImage iSCSI connection state.
3406 */
3407static PISCSICMD iscsiReset(PISCSIIMAGE pImage)
3408{
3409 PISCSICMD pIScsiCmdHead = NULL;
3410 PISCSICMD pIScsiCmdCur = NULL;
3411
3412 /* Clear all in flight PDUs. */
3413 pIScsiCmdHead = iscsiPDURxTxClear(pImage);
3414
3415 /*
3416 * Get all commands which are waiting for a response
3417 * They need to be resend too after a successful reconnect.
3418 */
3419 PISCSICMD pIScsiCmd = iscsiCmdRemoveAll(pImage);
3420 if (pIScsiCmd)
3421 {
3422 pIScsiCmdCur = pIScsiCmd;
3423 while (pIScsiCmdCur->pNext)
3424 pIScsiCmdCur = pIScsiCmdCur->pNext;
3425
3426 /*
3427 * Place them in front of the list because they are the oldest requests
3428 * and need to be processed first to minimize the risk to time out.
3429 */
3430 pIScsiCmdCur->pNext = pIScsiCmdHead;
3431 pIScsiCmdHead = pIScsiCmd;
3432 }
3433
3434 return pIScsiCmdHead;
3435}
3436
3437/**
3438 * Reattaches the to the target after an error aborting
3439 * pending commands and resending them.
3440 *
3441 * @param pImage iSCSI connection state.
3442 */
3443static void iscsiReattach(PISCSIIMAGE pImage)
3444{
3445 /* Close connection. */
3446 iscsiTransportClose(pImage);
3447 pImage->state = ISCSISTATE_FREE;
3448
3449 /* Reset the state and get the currently pending commands. */
3450 PISCSICMD pIScsiCmdHead = iscsiReset(pImage);
3451
3452 /* Try to attach. */
3453 int rc = iscsiAttach(pImage);
3454 if (RT_SUCCESS(rc))
3455 {
3456 /* Phew, we have a connection again.
3457 * Prepare new PDUs for the aborted commands.
3458 */
3459 while (pIScsiCmdHead)
3460 {
3461 PISCSICMD pIScsiCmd = pIScsiCmdHead;
3462 pIScsiCmdHead = pIScsiCmdHead->pNext;
3463
3464 pIScsiCmd->pNext = NULL;
3465
3466 rc = iscsiPDUTxPrepare(pImage, pIScsiCmd);
3467 if (RT_FAILURE(rc))
3468 break;
3469 }
3470
3471 if (RT_FAILURE(rc))
3472 {
3473 /* Another error, just give up and report an error. */
3474 PISCSICMD pIScsiCmd = iscsiReset(pImage);
3475
3476 /* Concatenate both lists together so we can abort all requests below. */
3477 if (pIScsiCmd)
3478 {
3479 PISCSICMD pIScsiCmdCur = pIScsiCmd;
3480 while (pIScsiCmdCur->pNext)
3481 pIScsiCmdCur = pIScsiCmdCur->pNext;
3482
3483 pIScsiCmdCur->pNext = pIScsiCmdHead;
3484 pIScsiCmdHead = pIScsiCmd;
3485 }
3486 }
3487 }
3488
3489 if (RT_FAILURE(rc))
3490 {
3491 /*
3492 * Still no luck, complete commands with error so the caller
3493 * has a chance to inform the user and maybe resend the command.
3494 */
3495 while (pIScsiCmdHead)
3496 {
3497 PISCSICMD pIScsiCmd = pIScsiCmdHead;
3498 pIScsiCmdHead = pIScsiCmdHead->pNext;
3499
3500 iscsiCmdComplete(pImage, pIScsiCmd, VERR_BROKEN_PIPE);
3501 }
3502 }
3503}
3504
3505/**
3506 * Internal. Main iSCSI I/O worker.
3507 */
3508static DECLCALLBACK(int) iscsiIoThreadWorker(RTTHREAD hThreadSelf, void *pvUser)
3509{
3510 RT_NOREF1(hThreadSelf);
3511 PISCSIIMAGE pImage = (PISCSIIMAGE)pvUser;
3512
3513 /* Initialize the initial event mask. */
3514 pImage->fPollEvents = VD_INTERFACETCPNET_EVT_READ | VD_INTERFACETCPNET_EVT_ERROR;
3515
3516 while (pImage->fRunning)
3517 {
3518 uint32_t fEvents;
3519 int rc;
3520
3521 fEvents = 0;
3522
3523 /* Wait for work or for data from the target. */
3524 RTMSINTERVAL msWait;
3525
3526 if (pImage->cCmdsWaiting)
3527 {
3528 pImage->fPollEvents &= ~VD_INTERFACETCPNET_HINT_INTERRUPT;
3529 msWait = pImage->uReadTimeout;
3530 }
3531 else
3532 {
3533 pImage->fPollEvents |= VD_INTERFACETCPNET_HINT_INTERRUPT;
3534 msWait = RT_INDEFINITE_WAIT;
3535 }
3536
3537 LogFlow(("Waiting for events fPollEvents=%#x\n", pImage->fPollEvents));
3538 rc = iscsiIoThreadWait(pImage, msWait, pImage->fPollEvents, &fEvents);
3539 if (rc == VERR_INTERRUPTED)
3540 {
3541 /* Check the queue. */
3542 PISCSICMD pIScsiCmd = iscsiCmdGet(pImage);
3543
3544 while (pIScsiCmd)
3545 {
3546 switch (pIScsiCmd->enmCmdType)
3547 {
3548 case ISCSICMDTYPE_REQ:
3549 {
3550 if ( !iscsiIsClientConnected(pImage)
3551 && pImage->fTryReconnect)
3552 {
3553 pImage->fTryReconnect = false;
3554 iscsiReattach(pImage);
3555 }
3556
3557 /* If there is no connection complete the command with an error. */
3558 if (RT_LIKELY(iscsiIsClientConnected(pImage)))
3559 {
3560 rc = iscsiPDUTxPrepare(pImage, pIScsiCmd);
3561 if (RT_FAILURE(rc))
3562 iscsiReattach(pImage);
3563 }
3564 else
3565 iscsiCmdComplete(pImage, pIScsiCmd, VERR_NET_CONNECTION_REFUSED);
3566 break;
3567 }
3568 case ISCSICMDTYPE_EXEC:
3569 {
3570 rc = pIScsiCmd->CmdType.Exec.pfnExec(pIScsiCmd->CmdType.Exec.pvUser);
3571 iscsiCmdComplete(pImage, pIScsiCmd, rc);
3572 break;
3573 }
3574 default:
3575 AssertMsgFailed(("Invalid command type %d\n", pIScsiCmd->enmCmdType));
3576 }
3577
3578 pIScsiCmd = iscsiCmdGet(pImage);
3579 }
3580 }
3581 else if (rc == VERR_TIMEOUT && pImage->cCmdsWaiting)
3582 {
3583 /*
3584 * We are waiting for a response from the target but
3585 * it didn't answered yet.
3586 * We assume the connection is broken and try to reconnect.
3587 */
3588 LogFlow(("Timed out while waiting for an answer from the target, reconnecting\n"));
3589 iscsiReattach(pImage);
3590 }
3591 else if (RT_SUCCESS(rc) || rc == VERR_TIMEOUT)
3592 {
3593 Assert(pImage->state == ISCSISTATE_NORMAL);
3594 LogFlow(("Got socket events %#x\n", fEvents));
3595
3596 if (fEvents & VD_INTERFACETCPNET_EVT_READ)
3597 {
3598 /* Continue or start a new PDU receive task */
3599 LogFlow(("There is data on the socket\n"));
3600 rc = iscsiRecvPDUAsync(pImage);
3601 if (rc == VERR_BROKEN_PIPE)
3602 iscsiReattach(pImage);
3603 else if (RT_FAILURE(rc))
3604 iscsiLogRel(pImage, "iSCSI: Handling incoming request failed %Rrc\n", rc);
3605 }
3606
3607 if (fEvents & VD_INTERFACETCPNET_EVT_WRITE)
3608 {
3609 LogFlow(("The socket is writable\n"));
3610 rc = iscsiSendPDUAsync(pImage);
3611 if (RT_FAILURE(rc))
3612 {
3613 /*
3614 * Something unexpected happened, log the error and try to reset everything
3615 * by reattaching to the target.
3616 */
3617 iscsiLogRel(pImage, "iSCSI: Sending PDU failed %Rrc\n", rc);
3618 iscsiReattach(pImage);
3619 }
3620 }
3621
3622 if (fEvents & VD_INTERFACETCPNET_EVT_ERROR)
3623 {
3624 LogFlow(("An error ocurred\n"));
3625 iscsiReattach(pImage);
3626 }
3627 }
3628 else
3629 iscsiLogRel(pImage, "iSCSI: Waiting for I/O failed rc=%Rrc\n", rc);
3630 }
3631
3632 return VINF_SUCCESS;
3633}
3634
3635/**
3636 * Internal. - Enqueues a request asynchronously.
3637 */
3638static int iscsiCommandAsync(PISCSIIMAGE pImage, PSCSIREQ pScsiReq,
3639 PFNISCSICMDCOMPLETED pfnComplete, void *pvUser)
3640{
3641 int rc;
3642
3643 if (pImage->fExtendedSelectSupported)
3644 {
3645 PISCSICMD pIScsiCmd = (PISCSICMD)RTMemAllocZ(sizeof(ISCSICMD));
3646 if (!pIScsiCmd)
3647 return VERR_NO_MEMORY;
3648
3649 /* Init the command structure. */
3650 pIScsiCmd->pNext = NULL;
3651 pIScsiCmd->enmCmdType = ISCSICMDTYPE_REQ;
3652 pIScsiCmd->pfnComplete = pfnComplete;
3653 pIScsiCmd->pvUser = pvUser;
3654 pIScsiCmd->CmdType.ScsiReq.pScsiReq = pScsiReq;
3655
3656 rc = iscsiCmdPut(pImage, pIScsiCmd);
3657 if (RT_FAILURE(rc))
3658 RTMemFree(pIScsiCmd);
3659 }
3660 else
3661 rc = VERR_NOT_SUPPORTED;
3662
3663 return rc;
3664}
3665
3666static DECLCALLBACK(void) iscsiCommandCompleteSync(PISCSIIMAGE pImage, int rcReq, void *pvUser)
3667{
3668 RT_NOREF1(pImage);
3669 PISCSICMDSYNC pIScsiCmdSync = (PISCSICMDSYNC)pvUser;
3670
3671 pIScsiCmdSync->rcCmd = rcReq;
3672 int rc = RTSemEventSignal(pIScsiCmdSync->EventSem);
3673 AssertRC(rc);
3674}
3675
3676/**
3677 * Internal. - Enqueues a request in a synchronous fashion
3678 * i.e. returns when the request completed.
3679 */
3680static int iscsiCommandSync(PISCSIIMAGE pImage, PSCSIREQ pScsiReq, bool fRetry, int rcSense)
3681{
3682 int rc;
3683
3684 if (pImage->fExtendedSelectSupported)
3685 {
3686 ISCSICMDSYNC IScsiCmdSync;
3687
3688 /* Create event semaphore. */
3689 rc = RTSemEventCreate(&IScsiCmdSync.EventSem);
3690 if (RT_FAILURE(rc))
3691 return rc;
3692
3693 if (fRetry)
3694 {
3695 for (unsigned i = 0; i < 10; i++)
3696 {
3697 rc = iscsiCommandAsync(pImage, pScsiReq, iscsiCommandCompleteSync, &IScsiCmdSync);
3698 if (RT_FAILURE(rc))
3699 break;
3700
3701 rc = RTSemEventWait(IScsiCmdSync.EventSem, RT_INDEFINITE_WAIT);
3702 AssertRC(rc);
3703 rc = IScsiCmdSync.rcCmd;
3704
3705 if ( (RT_SUCCESS(rc) && !pScsiReq->cbSense)
3706 || RT_FAILURE(rc))
3707 break;
3708 rc = rcSense;
3709 }
3710 }
3711 else
3712 {
3713 rc = iscsiCommandAsync(pImage, pScsiReq, iscsiCommandCompleteSync, &IScsiCmdSync);
3714 if (RT_SUCCESS(rc))
3715 {
3716 rc = RTSemEventWait(IScsiCmdSync.EventSem, RT_INDEFINITE_WAIT);
3717 AssertRC(rc);
3718 rc = IScsiCmdSync.rcCmd;
3719
3720 if (RT_FAILURE(rc) || pScsiReq->cbSense > 0)
3721 rc = rcSense;
3722 }
3723 }
3724
3725 RTSemEventDestroy(IScsiCmdSync.EventSem);
3726 }
3727 else
3728 {
3729 if (fRetry)
3730 {
3731 rc = VINF_SUCCESS; /* (MSC incorrectly thinks it can be uninitialized) */
3732 for (unsigned i = 0; i < 10; i++)
3733 {
3734 rc = iscsiCommand(pImage, pScsiReq);
3735 if ( (RT_SUCCESS(rc) && !pScsiReq->cbSense)
3736 || RT_FAILURE(rc))
3737 break;
3738 rc = rcSense;
3739 }
3740 }
3741 else
3742 {
3743 rc = iscsiCommand(pImage, pScsiReq);
3744 if (RT_FAILURE(rc) || pScsiReq->cbSense > 0)
3745 rc = rcSense;
3746 }
3747 }
3748
3749 return rc;
3750}
3751
3752
3753/**
3754 * Internal. - Executes a given function in a synchronous fashion
3755 * on the I/O thread if available.
3756 */
3757static int iscsiExecSync(PISCSIIMAGE pImage, PFNISCSIEXEC pfnExec, void *pvUser)
3758{
3759 int rc;
3760
3761 if (pImage->fExtendedSelectSupported)
3762 {
3763 ISCSICMDSYNC IScsiCmdSync;
3764 PISCSICMD pIScsiCmd = (PISCSICMD)RTMemAllocZ(sizeof(ISCSICMD));
3765 if (!pIScsiCmd)
3766 return VERR_NO_MEMORY;
3767
3768 /* Create event semaphore. */
3769 rc = RTSemEventCreate(&IScsiCmdSync.EventSem);
3770 if (RT_FAILURE(rc))
3771 {
3772 RTMemFree(pIScsiCmd);
3773 return rc;
3774 }
3775
3776 /* Init the command structure. */
3777 pIScsiCmd->pNext = NULL;
3778 pIScsiCmd->enmCmdType = ISCSICMDTYPE_EXEC;
3779 pIScsiCmd->pfnComplete = iscsiCommandCompleteSync;
3780 pIScsiCmd->pvUser = &IScsiCmdSync;
3781 pIScsiCmd->CmdType.Exec.pfnExec = pfnExec;
3782 pIScsiCmd->CmdType.Exec.pvUser = pvUser;
3783
3784 rc = iscsiCmdPut(pImage, pIScsiCmd);
3785 if (RT_FAILURE(rc))
3786 RTMemFree(pIScsiCmd);
3787 else
3788 {
3789 rc = RTSemEventWait(IScsiCmdSync.EventSem, RT_INDEFINITE_WAIT);
3790 AssertRC(rc);
3791 rc = IScsiCmdSync.rcCmd;
3792 }
3793
3794 RTSemEventDestroy(IScsiCmdSync.EventSem);
3795 }
3796 else
3797 {
3798 /* No I/O thread, execute in the current thread. */
3799 rc = pfnExec(pvUser);
3800 }
3801
3802 return rc;
3803}
3804
3805
3806static DECLCALLBACK(void) iscsiCommandAsyncComplete(PISCSIIMAGE pImage, int rcReq, void *pvUser)
3807{
3808 bool fComplete = true;
3809 size_t cbTransfered = 0;
3810 PSCSIREQ pScsiReq = (PSCSIREQ)pvUser;
3811
3812 if (RT_SUCCESS(rcReq))
3813 ASMAtomicWriteU32(&pImage->cLoginsSinceIo, 0);
3814
3815 if ( RT_SUCCESS(rcReq)
3816 && pScsiReq->cbSense > 0)
3817 {
3818 /* Try again if possible. */
3819 if (pScsiReq->cSenseRetries > 0)
3820 {
3821 pScsiReq->cSenseRetries--;
3822 pScsiReq->cbSense = sizeof(pScsiReq->abSense);
3823 int rc = iscsiCommandAsync(pImage, pScsiReq, iscsiCommandAsyncComplete, pScsiReq);
3824 if (RT_SUCCESS(rc))
3825 fComplete = false;
3826 else
3827 rcReq = pScsiReq->rcSense;
3828 }
3829 else
3830 rcReq = pScsiReq->rcSense;
3831 }
3832
3833 if (fComplete)
3834 {
3835 if (pScsiReq->enmXfer == SCSIXFER_FROM_TARGET)
3836 cbTransfered = pScsiReq->cbT2IData;
3837 else if (pScsiReq->enmXfer == SCSIXFER_TO_TARGET)
3838 cbTransfered = pScsiReq->cbI2TData;
3839 else
3840 AssertMsg(pScsiReq->enmXfer == SCSIXFER_NONE, ("To/From transfers are not supported yet\n"));
3841
3842 /* Continue I/O context. */
3843 pImage->pIfIo->pfnIoCtxCompleted(pImage->pIfIo->Core.pvUser,
3844 pScsiReq->pIoCtx, rcReq,
3845 cbTransfered);
3846
3847 RTMemFree(pScsiReq);
3848 }
3849}
3850
3851
3852/**
3853 * Internal. Free all allocated space for representing an image, and optionally
3854 * delete the image from disk.
3855 */
3856static int iscsiFreeImage(PISCSIIMAGE pImage, bool fDelete)
3857{
3858 int rc = VINF_SUCCESS;
3859 Assert(!fDelete); NOREF(fDelete); /* This MUST be false, the flag isn't supported. */
3860
3861 /* Freeing a never allocated image (e.g. because the open failed) is
3862 * not signalled as an error. After all nothing bad happens. */
3863 if (pImage)
3864 {
3865 if (pImage->Mutex != NIL_RTSEMMUTEX)
3866 {
3867 /* Detaching only makes sense when the mutex is there. Otherwise the
3868 * failure happened long before we could attach to the target. */
3869 iscsiExecSync(pImage, iscsiDetach, pImage);
3870 RTSemMutexDestroy(pImage->Mutex);
3871 pImage->Mutex = NIL_RTSEMMUTEX;
3872 }
3873 if (pImage->hThreadIo != NIL_RTTHREAD)
3874 {
3875 ASMAtomicXchgBool(&pImage->fRunning, false);
3876 rc = iscsiIoThreadPoke(pImage);
3877 AssertRC(rc);
3878
3879 /* Wait for the thread to terminate. */
3880 rc = RTThreadWait(pImage->hThreadIo, RT_INDEFINITE_WAIT, NULL);
3881 AssertRC(rc);
3882 }
3883 /* Destroy the socket. */
3884 if (pImage->Socket != NIL_VDSOCKET)
3885 {
3886 pImage->pIfNet->pfnSocketDestroy(pImage->Socket);
3887 }
3888 if (pImage->MutexReqQueue != NIL_RTSEMMUTEX)
3889 {
3890 RTSemMutexDestroy(pImage->MutexReqQueue);
3891 pImage->MutexReqQueue = NIL_RTSEMMUTEX;
3892 }
3893 if (pImage->pszTargetName)
3894 {
3895 RTMemFree(pImage->pszTargetName);
3896 pImage->pszTargetName = NULL;
3897 }
3898 if (pImage->pszTargetAddress)
3899 {
3900 RTMemFree(pImage->pszTargetAddress);
3901 pImage->pszTargetAddress = NULL;
3902 }
3903 if (pImage->pszInitiatorName)
3904 {
3905 if (pImage->fAutomaticInitiatorName)
3906 RTStrFree(pImage->pszInitiatorName);
3907 else
3908 RTMemFree(pImage->pszInitiatorName);
3909 pImage->pszInitiatorName = NULL;
3910 }
3911 if (pImage->pszInitiatorUsername)
3912 {
3913 RTMemFree(pImage->pszInitiatorUsername);
3914 pImage->pszInitiatorUsername = NULL;
3915 }
3916 if (pImage->pbInitiatorSecret)
3917 {
3918 RTMemFree(pImage->pbInitiatorSecret);
3919 pImage->pbInitiatorSecret = NULL;
3920 }
3921 if (pImage->pszTargetUsername)
3922 {
3923 RTMemFree(pImage->pszTargetUsername);
3924 pImage->pszTargetUsername = NULL;
3925 }
3926 if (pImage->pbTargetSecret)
3927 {
3928 RTMemFree(pImage->pbTargetSecret);
3929 pImage->pbTargetSecret = NULL;
3930 }
3931 if (pImage->pvRecvPDUBuf)
3932 {
3933 RTMemFree(pImage->pvRecvPDUBuf);
3934 pImage->pvRecvPDUBuf = NULL;
3935 }
3936 if (pImage->pszHostname)
3937 {
3938 RTMemFree(pImage->pszHostname);
3939 pImage->pszHostname = NULL;
3940 }
3941
3942 pImage->cbRecvPDUResidual = 0;
3943 }
3944
3945 LogFlowFunc(("returns %Rrc\n", rc));
3946 return rc;
3947}
3948
3949/**
3950 * Inits the basic iSCSI image state, allocating vital resources.
3951 *
3952 * @returns VBox status code.
3953 * @param pImage The iSCSI image instance.
3954 */
3955static int iscsiOpenImageInit(PISCSIIMAGE pImage)
3956{
3957 int rc = VINF_SUCCESS;
3958
3959 /* Get error signalling interface. */
3960 pImage->pIfError = VDIfErrorGet(pImage->pVDIfsDisk);
3961
3962 /* Get TCP network stack interface. */
3963 pImage->pIfNet = VDIfTcpNetGet(pImage->pVDIfsImage);
3964 if (pImage->pIfNet)
3965 {
3966 /* Get configuration interface. */
3967 pImage->pIfConfig = VDIfConfigGet(pImage->pVDIfsImage);
3968 if (pImage->pIfConfig)
3969 {
3970 /* Get I/O interface. */
3971 pImage->pIfIo = VDIfIoIntGet(pImage->pVDIfsImage);
3972 if (pImage->pIfIo)
3973 {
3974 /* This ISID will be adjusted later to make it unique on this host. */
3975 pImage->pszHostname = NULL;
3976 pImage->uPort = 0;
3977 pImage->Socket = NIL_VDSOCKET;
3978 pImage->ISID = 0x800000000000ULL | 0x001234560000ULL;
3979 pImage->cISCSIRetries = 10;
3980 pImage->state = ISCSISTATE_FREE;
3981 pImage->cLoginsSinceIo = 0;
3982 pImage->Mutex = NIL_RTSEMMUTEX;
3983 pImage->MutexReqQueue = NIL_RTSEMMUTEX;
3984 pImage->pszInitiatorUsername = NULL;
3985 pImage->pbInitiatorSecret = NULL;
3986 pImage->cbInitiatorSecret = 0;
3987 pImage->pszTargetUsername = NULL;
3988 pImage->pbTargetSecret = NULL;
3989 pImage->cbTargetSecret = 0;
3990
3991 memset(pImage->aCmdsWaiting, 0, sizeof(pImage->aCmdsWaiting));
3992 pImage->cbRecvPDUResidual = 0;
3993
3994 pImage->pvRecvPDUBuf = RTMemAlloc(ISCSI_RECV_PDU_BUFFER_SIZE);
3995 pImage->cbRecvPDUBuf = ISCSI_RECV_PDU_BUFFER_SIZE;
3996 if (!pImage->pvRecvPDUBuf)
3997 rc = VERR_NO_MEMORY;
3998
3999 if (RT_SUCCESS(rc))
4000 rc = RTSemMutexCreate(&pImage->Mutex);
4001 if (RT_SUCCESS(rc))
4002 rc = RTSemMutexCreate(&pImage->MutexReqQueue);
4003 }
4004 else
4005 rc = vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_INTERFACE,
4006 RT_SRC_POS, N_("iSCSI: I/O interface missing"));
4007 }
4008 else
4009 rc = vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_INTERFACE,
4010 RT_SRC_POS, N_("iSCSI: configuration interface missing"));
4011 }
4012 else
4013 rc = vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_INTERFACE,
4014 RT_SRC_POS, N_("iSCSI: TCP network stack interface missing"));
4015
4016 return rc;
4017}
4018
4019/**
4020 * Parses the user supplied config before opening the connection to the target.
4021 *
4022 * @returns VBox status code.
4023 * @param pImage The iSCSI image instance.
4024 */
4025static int iscsiOpenImageParseCfg(PISCSIIMAGE pImage)
4026{
4027 char *pszLUN = NULL, *pszLUNInitial = NULL;
4028 bool fLunEncoded = false;
4029 uint32_t uWriteSplitDef = 0;
4030 uint32_t uTimeoutDef = 0;
4031 uint64_t uCfgTmp = 0;
4032 bool fHostIPDef = false;
4033 bool fDumpMalformedPacketsDef = false;
4034
4035 int rc = RTStrToUInt32Full(s_iscsiConfigDefaultWriteSplit, 0, &uWriteSplitDef);
4036 AssertRC(rc);
4037 rc = RTStrToUInt32Full(s_iscsiConfigDefaultTimeout, 0, &uTimeoutDef);
4038 AssertRC(rc);
4039 rc = RTStrToUInt64Full(s_iscsiConfigDefaultHostIPStack, 0, &uCfgTmp);
4040 AssertRC(rc);
4041 fHostIPDef = RT_BOOL(uCfgTmp);
4042 rc = RTStrToUInt64Full(s_iscsiConfigDefaultDumpMalformedPackets, 0, &uCfgTmp);
4043 AssertRC(rc);
4044 fDumpMalformedPacketsDef = RT_BOOL(uCfgTmp);
4045
4046 /* Validate configuration, detect unknown keys. */
4047 if (!VDCFGAreKeysValid(pImage->pIfConfig,
4048 "TargetName\0"
4049 "InitiatorName\0"
4050 "LUN\0"
4051 "TargetAddress\0"
4052 "InitiatorUsername\0"
4053 "InitiatorSecret\0"
4054 "InitiatorSecretEncrypted\0"
4055 "TargetUsername\0"
4056 "TargetSecret\0"
4057 "WriteSplit\0"
4058 "Timeout\0"
4059 "HostIPStack\0"
4060 "DumpMalformedPackets\0"))
4061 return vdIfError(pImage->pIfError, VERR_VD_UNKNOWN_CFG_VALUES, RT_SRC_POS, N_("iSCSI: configuration error: unknown configuration keys present"));
4062
4063 /* Query the iSCSI upper level configuration. */
4064 rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "TargetName", &pImage->pszTargetName);
4065 if (RT_FAILURE(rc))
4066 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetName as string"));
4067
4068 rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "InitiatorName", &pImage->pszInitiatorName);
4069 if (rc == VERR_CFGM_VALUE_NOT_FOUND || rc == VERR_CFGM_NO_PARENT)
4070 pImage->fAutomaticInitiatorName = true;
4071 else if (RT_FAILURE(rc))
4072 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read InitiatorName as string"));
4073
4074 rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "LUN", &pszLUN);
4075 if (rc == VERR_CFGM_VALUE_NOT_FOUND || rc == VERR_CFGM_NO_PARENT)
4076 {
4077 rc = VINF_SUCCESS;
4078 pImage->fAutomaticLUN = true;
4079 }
4080 else if (RT_FAILURE(rc))
4081 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read LUN as string"));
4082
4083 if (pImage->fAutomaticLUN)
4084 pImage->LUN = 0; /* Default to LUN 0. */
4085 else
4086 {
4087 pszLUNInitial = pszLUN;
4088 if (!strncmp(pszLUN, "enc", 3))
4089 {
4090 fLunEncoded = true;
4091 pszLUN += 3;
4092 }
4093 rc = RTStrToUInt64Full(pszLUN, 0, &pImage->LUN);
4094 if (RT_FAILURE(rc))
4095 rc = vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to convert LUN to integer"));
4096
4097 RTMemFree(pszLUNInitial);
4098 }
4099 if (RT_SUCCESS(rc) && !fLunEncoded)
4100 {
4101 if (pImage->LUN <= 255)
4102 pImage->LUN = pImage->LUN << 48; /* uses peripheral device addressing method */
4103 else if (pImage->LUN <= 16383)
4104 pImage->LUN = (pImage->LUN << 48) | RT_BIT_64(62); /* uses flat space addressing method */
4105 else
4106 rc = vdIfError(pImage->pIfError, VERR_OUT_OF_RANGE, RT_SRC_POS, N_("iSCSI: configuration error: LUN number out of range (0-16383)"));
4107 }
4108
4109 if (RT_FAILURE(rc))
4110 return rc;
4111
4112 rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "TargetAddress", &pImage->pszTargetAddress);
4113 if (RT_FAILURE(rc))
4114 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetAddress as string"));
4115
4116 rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "InitiatorUsername", &pImage->pszInitiatorUsername);
4117 if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4118 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read InitiatorUsername as string"));
4119
4120 rc = VDCFGQueryBytesAlloc(pImage->pIfConfig, "InitiatorSecret",
4121 (void **)&pImage->pbInitiatorSecret, &pImage->cbInitiatorSecret);
4122 if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4123 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read InitiatorSecret as byte string"));
4124
4125 void *pvInitiatorSecretEncrypted;
4126 size_t cbInitiatorSecretEncrypted;
4127 rc = VDCFGQueryBytesAlloc(pImage->pIfConfig, "InitiatorSecretEncrypted",
4128 &pvInitiatorSecretEncrypted, &cbInitiatorSecretEncrypted);
4129 if (RT_SUCCESS(rc))
4130 {
4131 RTMemFree(pvInitiatorSecretEncrypted);
4132 if (!pImage->pbInitiatorSecret)
4133 {
4134 /* we have an encrypted initiator secret but not an unencrypted one */
4135 return vdIfError(pImage->pIfError, VERR_VD_ISCSI_SECRET_ENCRYPTED, RT_SRC_POS, N_("iSCSI: initiator secret not decrypted"));
4136 }
4137 }
4138
4139 rc = VDCFGQueryStringAlloc(pImage->pIfConfig, "TargetUsername", &pImage->pszTargetUsername);
4140 if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4141 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetUsername as string"));
4142
4143 rc = VDCFGQueryBytesAlloc(pImage->pIfConfig, "TargetSecret",
4144 (void **)&pImage->pbTargetSecret, &pImage->cbTargetSecret);
4145 if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND && rc != VERR_CFGM_NO_PARENT)
4146 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read TargetSecret as byte string"));
4147
4148 rc = VDCFGQueryU32Def(pImage->pIfConfig, "WriteSplit", &pImage->cbWriteSplit, uWriteSplitDef);
4149 if (RT_FAILURE(rc))
4150 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read WriteSplit as U32"));
4151
4152 /* Query the iSCSI lower level configuration. */
4153 rc = VDCFGQueryU32Def(pImage->pIfConfig, "Timeout", &pImage->uReadTimeout, uTimeoutDef);
4154 if (RT_FAILURE(rc))
4155 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read Timeout as U32"));
4156
4157 rc = VDCFGQueryBoolDef(pImage->pIfConfig, "HostIPStack", &pImage->fHostIP, fHostIPDef);
4158 if (RT_FAILURE(rc))
4159 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read HostIPStack as boolean"));
4160
4161 rc = VDCFGQueryBoolDef(pImage->pIfConfig, "DumpMalformedPackets",
4162 &pImage->fDumpMalformedPackets, fDumpMalformedPacketsDef);
4163 if (RT_FAILURE(rc))
4164 return vdIfError(pImage->pIfError, rc, RT_SRC_POS, N_("iSCSI: configuration error: failed to read DumpMalformedPackets as boolean"));
4165
4166 return VINF_SUCCESS;
4167}
4168
4169/**
4170 * Creates the necessary socket structure.
4171 *
4172 * @returns VBox status code.
4173 * @param pImage The iSCSI image instance.
4174 */
4175static int iscsiOpenImageSocketCreate(PISCSIIMAGE pImage)
4176{
4177 /* Create the socket structure. */
4178 int rc = pImage->pIfNet->pfnSocketCreate(VD_INTERFACETCPNET_CONNECT_EXTENDED_SELECT,
4179 &pImage->Socket);
4180 if (RT_SUCCESS(rc))
4181 {
4182 pImage->fExtendedSelectSupported = true;
4183 pImage->fRunning = true;
4184 rc = RTThreadCreate(&pImage->hThreadIo, iscsiIoThreadWorker, pImage, 0,
4185 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "iSCSI-Io");
4186 if (RT_FAILURE(rc))
4187 LogFunc(("Creating iSCSI I/O thread failed rc=%Rrc\n", rc));
4188 }
4189 else if (rc == VERR_NOT_SUPPORTED)
4190 {
4191 /* Async I/O is not supported without extended select. */
4192 if ((pImage->uOpenFlags & VD_OPEN_FLAGS_ASYNC_IO))
4193 LogFunc(("Extended select is not supported by the interface but async I/O is requested -> %Rrc\n", rc));
4194 else
4195 {
4196 pImage->fExtendedSelectSupported = false;
4197 rc = pImage->pIfNet->pfnSocketCreate(0, &pImage->Socket);
4198 }
4199 }
4200
4201 if (RT_FAILURE(rc))
4202 LogFunc(("Creating socket failed -> %Rrc\n", rc));
4203
4204 return rc;
4205}
4206
4207/**
4208 * Issues a REPORT LUNS to the target.
4209 *
4210 * @returns VBox status code.
4211 * @param pImage The iSCSI image instance.
4212 */
4213static int iscsiOpenImageReportLuns(PISCSIIMAGE pImage)
4214{
4215 SCSIREQ sr;
4216 RTSGSEG DataSeg;
4217 uint8_t rlundata[16];
4218
4219 /*
4220 * Inquire available LUNs.
4221 */
4222 RT_ZERO(sr.abCDB);
4223 sr.abCDB[0] = SCSI_REPORT_LUNS;
4224 sr.abCDB[1] = 0; /* reserved */
4225 sr.abCDB[2] = 0; /* reserved */
4226 sr.abCDB[3] = 0; /* reserved */
4227 sr.abCDB[4] = 0; /* reserved */
4228 sr.abCDB[5] = 0; /* reserved */
4229 sr.abCDB[6] = sizeof(rlundata) >> 24;
4230 sr.abCDB[7] = (sizeof(rlundata) >> 16) & 0xff;
4231 sr.abCDB[8] = (sizeof(rlundata) >> 8) & 0xff;
4232 sr.abCDB[9] = sizeof(rlundata) & 0xff;
4233 sr.abCDB[10] = 0; /* reserved */
4234 sr.abCDB[11] = 0; /* control */
4235
4236 DataSeg.pvSeg = rlundata;
4237 DataSeg.cbSeg = sizeof(rlundata);
4238
4239 sr.enmXfer = SCSIXFER_FROM_TARGET;
4240 sr.cbCDB = 12;
4241 sr.cbI2TData = 0;
4242 sr.paI2TSegs = NULL;
4243 sr.cI2TSegs = 0;
4244 sr.cbT2IData = DataSeg.cbSeg;
4245 sr.paT2ISegs = &DataSeg;
4246 sr.cT2ISegs = 1;
4247 sr.cbSense = sizeof(sr.abSense);
4248 int rc = iscsiCommandSync(pImage, &sr, false, VERR_INVALID_STATE);
4249 if (RT_FAILURE(rc))
4250 LogRel(("iSCSI: Could not get LUN info for target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4251
4252 /* If there is a single LUN on the target, then either verify that it matches the explicitly
4253 * configured LUN, or just use it if a LUN was not configured (defaulted to 0). For multi-LUN targets,
4254 * require a correctly configured LUN.
4255 */
4256 uint32_t cbLuns = (rlundata[0] << 24) | (rlundata[1] << 16) | (rlundata[2] << 8) | rlundata[3];
4257 unsigned cLuns = cbLuns / 8;
4258
4259 /* Dig out the first LUN. */
4260 uint64_t uTgtLun = 0;
4261 if ((rlundata[8] & 0xc0) == 0)
4262 {
4263 /* Single-byte LUN in 0-255 range. */
4264 uTgtLun = rlundata[9];
4265 }
4266 else if ((rlundata[8] & 0xc0) == 0x40)
4267 {
4268 /* Two-byte LUN in 256-16383 range. */
4269 uTgtLun = rlundata[9] | ((rlundata[8] & 0x3f) << 8);
4270 uTgtLun = (uTgtLun << 48) | RT_BIT_64(62);
4271 }
4272 else
4273 rc = vdIfError(pImage->pIfError, VERR_OUT_OF_RANGE, RT_SRC_POS, N_("iSCSI: Reported LUN number out of range (0-16383)"));
4274 if (RT_FAILURE(rc))
4275 return rc;
4276
4277 LogRel(("iSCSI: %u LUN(s), first LUN %RX64\n", cLuns, uTgtLun));
4278
4279 /* Convert the LUN back into the 64-bit format. */
4280 if (uTgtLun <= 255)
4281 uTgtLun = uTgtLun << 48;
4282 else
4283 {
4284 Assert(uTgtLun <= 16383);
4285 uTgtLun = (uTgtLun << 48) | RT_BIT_64(62);
4286 }
4287
4288 if (cLuns == 1)
4289 {
4290 /* NB: It is valid to have a single LUN other than zero, at least in SPC-3. */
4291 if (pImage->fAutomaticLUN)
4292 pImage->LUN = uTgtLun;
4293 else if (pImage->LUN != uTgtLun)
4294 rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE, RT_SRC_POS, N_("iSCSI: configuration error: Configured LUN does not match what target provides"));
4295 }
4296
4297 return rc;
4298}
4299
4300/**
4301 * Issues the INQUIRY command to the target and checks for the correct device type.
4302 *
4303 * @returns VBox status code.
4304 * @param pImage The iSCSI image instance.
4305 */
4306static int iscsiOpenImageInquiry(PISCSIIMAGE pImage)
4307{
4308 SCSIREQ sr;
4309 RTSGSEG DataSeg;
4310 uint8_t data8[8];
4311
4312 /*
4313 * Inquire device characteristics - no tapes, scanners etc., please.
4314 */
4315 RT_ZERO(sr.abCDB);
4316 sr.abCDB[0] = SCSI_INQUIRY;
4317 sr.abCDB[1] = 0; /* reserved */
4318 sr.abCDB[2] = 0; /* reserved */
4319 sr.abCDB[3] = 0; /* reserved */
4320 sr.abCDB[4] = sizeof(data8);
4321 sr.abCDB[5] = 0; /* control */
4322
4323 DataSeg.pvSeg = data8;
4324 DataSeg.cbSeg = sizeof(data8);
4325
4326 sr.enmXfer = SCSIXFER_FROM_TARGET;
4327 sr.cbCDB = 6;
4328 sr.cbI2TData = 0;
4329 sr.paI2TSegs = NULL;
4330 sr.cI2TSegs = 0;
4331 sr.cbT2IData = DataSeg.cbSeg;
4332 sr.paT2ISegs = &DataSeg;
4333 sr.cT2ISegs = 1;
4334 sr.cbSense = sizeof(sr.abSense);
4335 int rc = iscsiCommandSync(pImage, &sr, true /* fRetry */, VERR_INVALID_STATE);
4336 if (RT_SUCCESS(rc))
4337 {
4338 uint8_t devType = (sr.cbT2IData > 0) ? data8[0] & SCSI_DEVTYPE_MASK : 255;
4339 if (devType == SCSI_DEVTYPE_DISK)
4340 {
4341 uint8_t uCmdQueue = (sr.cbT2IData >= 8) ? data8[7] & SCSI_INQUIRY_CMDQUE_MASK : 0;
4342 if (uCmdQueue > 0)
4343 pImage->fCmdQueuingSupported = true;
4344 else if (pImage->uOpenFlags & VD_OPEN_FLAGS_ASYNC_IO)
4345 rc = VERR_NOT_SUPPORTED;
4346 else
4347 LogRel(("iSCSI: target address %s, target name %s, %s command queuing\n",
4348 pImage->pszTargetAddress, pImage->pszTargetName,
4349 pImage->fCmdQueuingSupported ? "supports" : "doesn't support"));
4350 }
4351 else
4352 {
4353 rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE,
4354 RT_SRC_POS, N_("iSCSI: target address %s, target name %s, SCSI LUN %lld reports device type=%u"),
4355 pImage->pszTargetAddress, pImage->pszTargetName,
4356 pImage->LUN, devType);
4357 LogRel(("iSCSI: Unsupported SCSI peripheral device type %d for target %s\n", devType & SCSI_DEVTYPE_MASK, pImage->pszTargetName));
4358 }
4359 }
4360 else
4361 LogRel(("iSCSI: Could not get INQUIRY info for target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4362
4363 return rc;
4364}
4365
4366/**
4367 * Checks that the target allows write access if the caller requested it.
4368 *
4369 * @returns VBox status code.
4370 * @param pImage The iSCSI image instance.
4371 */
4372static int iscsiOpenImageCheckWriteAccess(PISCSIIMAGE pImage)
4373{
4374 SCSIREQ sr;
4375 RTSGSEG DataSeg;
4376 uint8_t data4[4];
4377
4378 /*
4379 * Query write disable bit in the device specific parameter entry in the
4380 * mode parameter header. Refuse read/write opening of read only disks.
4381 */
4382 RT_ZERO(sr.abCDB);
4383 sr.abCDB[0] = SCSI_MODE_SENSE_6;
4384 sr.abCDB[1] = 0; /* dbd=0/reserved */
4385 sr.abCDB[2] = 0x3f; /* pc=0/page code=0x3f, ask for all pages */
4386 sr.abCDB[3] = 0; /* subpage code=0, return everything in page_0 format */
4387 sr.abCDB[4] = sizeof(data4); /* allocation length=4 */
4388 sr.abCDB[5] = 0; /* control */
4389
4390 DataSeg.pvSeg = data4;
4391 DataSeg.cbSeg = sizeof(data4);
4392
4393 sr.enmXfer = SCSIXFER_FROM_TARGET;
4394 sr.cbCDB = 6;
4395 sr.cbI2TData = 0;
4396 sr.paI2TSegs = NULL;
4397 sr.cI2TSegs = 0;
4398 sr.cbT2IData = DataSeg.cbSeg;
4399 sr.paT2ISegs = &DataSeg;
4400 sr.cT2ISegs = 1;
4401 sr.cbSense = sizeof(sr.abSense);
4402 int rc = iscsiCommandSync(pImage, &sr, true /* fRetry */, VERR_INVALID_STATE);
4403 if (RT_SUCCESS(rc))
4404 {
4405 pImage->fTargetReadOnly = !!(data4[2] & 0x80);
4406 if (!(pImage->uOpenFlags & VD_OPEN_FLAGS_READONLY) && pImage->fTargetReadOnly)
4407 rc = VERR_VD_IMAGE_READ_ONLY;
4408 }
4409 else
4410 LogRel(("iSCSI: Could not get MODE SENSE info for target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4411
4412 return rc;
4413}
4414
4415/**
4416 * Queries the media and sector size of the target.
4417 *
4418 * @returns VBox status code.
4419 * @param pImage The iSCSI image instance.
4420 */
4421static int iscsiOpenImageQueryTargetSizes(PISCSIIMAGE pImage)
4422{
4423 SCSIREQ sr;
4424 RTSGSEG DataSeg;
4425 uint8_t data12[12];
4426
4427 /*
4428 * Determine sector size and capacity of the volume immediately.
4429 */
4430 RT_ZERO(data12);
4431 RT_ZERO(sr.abCDB);
4432 sr.abCDB[0] = SCSI_SERVICE_ACTION_IN_16;
4433 sr.abCDB[1] = SCSI_SVC_ACTION_IN_READ_CAPACITY_16; /* subcommand */
4434 sr.abCDB[10+3] = sizeof(data12); /* allocation length (dword) */
4435
4436 DataSeg.pvSeg = data12;
4437 DataSeg.cbSeg = sizeof(data12);
4438
4439 sr.enmXfer = SCSIXFER_FROM_TARGET;
4440 sr.cbCDB = 16;
4441 sr.cbI2TData = 0;
4442 sr.paI2TSegs = NULL;
4443 sr.cI2TSegs = 0;
4444 sr.cbT2IData = DataSeg.cbSeg;
4445 sr.paT2ISegs = &DataSeg;
4446 sr.cT2ISegs = 1;
4447 sr.cbSense = sizeof(sr.abSense);
4448
4449 int rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4450 if (RT_SUCCESS(rc))
4451 {
4452 bool fEnd = false;
4453 uint8_t cMaxRetries = 10;
4454 do
4455 {
4456 switch (sr.status)
4457 {
4458 case SCSI_STATUS_OK:
4459 {
4460 pImage->cVolume = RT_BE2H_U64(*(uint64_t *)&data12[0]);
4461 pImage->cVolume++;
4462 pImage->cbSector = RT_BE2H_U32(*(uint32_t *)&data12[8]);
4463 pImage->cbSize = pImage->cVolume * pImage->cbSector;
4464 if (pImage->cVolume == 0 || pImage->cbSize < pImage->cVolume)
4465 {
4466 rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE,
4467 RT_SRC_POS, N_("iSCSI: target address %s, target name %s, SCSI LUN %lld reports media sector count=%llu sector size=%u"),
4468 pImage->pszTargetAddress, pImage->pszTargetName,
4469 pImage->LUN, pImage->cVolume, pImage->cbSector);
4470 }
4471 fEnd = true;
4472 break;
4473 }
4474 case SCSI_STATUS_CHECK_CONDITION:
4475 {
4476 if((sr.abSense[2] & 0x0f) == SCSI_SENSE_UNIT_ATTENTION)
4477 {
4478 if( sr.abSense[12] == SCSI_ASC_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED
4479 && sr.abSense[13] == SCSI_ASCQ_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED)
4480 {
4481 /** @todo for future: prepare and send command "REQUEST SENSE" which will
4482 * return the status of target and will clear any unit attention
4483 * condition that it reports */
4484 rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4485 if (RT_FAILURE(rc))
4486 fEnd = true;
4487 cMaxRetries--;
4488 break;
4489 }
4490 }
4491 break;
4492 }
4493 default:
4494 {
4495 rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4496 if (RT_FAILURE(rc))
4497 fEnd = true;
4498 cMaxRetries--;
4499 break;
4500 }
4501 }
4502 if (!cMaxRetries)
4503 fEnd = true;
4504 } while(!fEnd);
4505 }
4506 else
4507 {
4508 uint8_t data8[8];
4509
4510 RT_ZERO(data8);
4511 sr.abCDB[0] = SCSI_READ_CAPACITY;
4512 sr.abCDB[1] = 0; /* reserved */
4513 sr.abCDB[2] = 0; /* reserved */
4514 sr.abCDB[3] = 0; /* reserved */
4515 sr.abCDB[4] = 0; /* reserved */
4516 sr.abCDB[5] = 0; /* reserved */
4517 sr.abCDB[6] = 0; /* reserved */
4518 sr.abCDB[7] = 0; /* reserved */
4519 sr.abCDB[8] = 0; /* reserved */
4520 sr.abCDB[9] = 0; /* control */
4521
4522 DataSeg.pvSeg = data8;
4523 DataSeg.cbSeg = sizeof(data8);
4524
4525 sr.enmXfer = SCSIXFER_FROM_TARGET;
4526 sr.cbCDB = 10;
4527 sr.cbI2TData = 0;
4528 sr.paI2TSegs = NULL;
4529 sr.cI2TSegs = 0;
4530 sr.cbT2IData = DataSeg.cbSeg;
4531 sr.paT2ISegs = &DataSeg;
4532 sr.cT2ISegs = 1;
4533 sr.cbSense = sizeof(sr.abSense);
4534 rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4535 if (RT_SUCCESS(rc))
4536 {
4537 bool fEnd = false;
4538 uint8_t cMaxRetries = 10;
4539 do
4540 {
4541 switch (sr.status)
4542 {
4543 case SCSI_STATUS_OK:
4544 {
4545 pImage->cVolume = (data8[0] << 24) | (data8[1] << 16) | (data8[2] << 8) | data8[3];
4546 pImage->cVolume++;
4547 pImage->cbSector = (data8[4] << 24) | (data8[5] << 16) | (data8[6] << 8) | data8[7];
4548 pImage->cbSize = pImage->cVolume * pImage->cbSector;
4549 if (pImage->cVolume == 0)
4550 {
4551 rc = vdIfError(pImage->pIfError, VERR_VD_ISCSI_INVALID_TYPE,
4552 RT_SRC_POS, N_("iSCSI: fallback capacity detection for target address %s, target name %s, SCSI LUN %lld reports media sector count=%llu sector size=%u"),
4553 pImage->pszTargetAddress, pImage->pszTargetName,
4554 pImage->LUN, pImage->cVolume, pImage->cbSector);
4555 }
4556
4557 fEnd = true;
4558 break;
4559 }
4560 case SCSI_STATUS_CHECK_CONDITION:
4561 {
4562 if((sr.abSense[2] & 0x0f) == SCSI_SENSE_UNIT_ATTENTION)
4563 {
4564 if( sr.abSense[12] == SCSI_ASC_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED
4565 && sr.abSense[13] == SCSI_ASCQ_POWER_ON_RESET_BUS_DEVICE_RESET_OCCURRED)
4566 {
4567 /** @todo for future: prepare and send command "REQUEST SENSE" which will
4568 * return the status of target and will clear any unit attention
4569 * condition that it reports */
4570 rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4571 if (RT_FAILURE(rc))
4572 fEnd = true;
4573 cMaxRetries--;
4574 break;
4575
4576 }
4577 }
4578 break;
4579 }
4580 default:
4581 {
4582 rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4583 if (RT_FAILURE(rc))
4584 fEnd = true;
4585 cMaxRetries--;
4586 break;
4587 }
4588 }
4589 if (!cMaxRetries)
4590 fEnd = true;
4591 } while(!fEnd);
4592 }
4593 else
4594 LogRel(("iSCSI: Could not determine capacity of target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4595 }
4596
4597 return rc;
4598}
4599
4600/**
4601 * Queries the state of the read/write caches and tries to enable them if disabled.
4602 *
4603 * @returns VBox status code.
4604 * @param pImage The iSCSI image instance.
4605 */
4606static int iscsiOpenImageEnableReadWriteCache(PISCSIIMAGE pImage)
4607{
4608 /*
4609 * Check the read and write cache bits.
4610 * Try to enable the cache if it is disabled.
4611 *
4612 * We already checked that this is a block access device. No need
4613 * to do it again.
4614 */
4615 SCSIREQ sr;
4616 RTSGSEG DataSeg;
4617 uint8_t aCachingModePage[32];
4618
4619 memset(aCachingModePage, '\0', sizeof(aCachingModePage));
4620 sr.abCDB[0] = SCSI_MODE_SENSE_6;
4621 sr.abCDB[1] = 0;
4622 sr.abCDB[2] = (0x00 << 6) | (0x08 & 0x3f); /* Current values and caching mode page */
4623 sr.abCDB[3] = 0; /* Sub page code. */
4624 sr.abCDB[4] = sizeof(aCachingModePage) & 0xff;
4625 sr.abCDB[5] = 0;
4626
4627 DataSeg.pvSeg = aCachingModePage;
4628 DataSeg.cbSeg = sizeof(aCachingModePage);
4629
4630 sr.enmXfer = SCSIXFER_FROM_TARGET;
4631 sr.cbCDB = 6;
4632 sr.cbI2TData = 0;
4633 sr.paI2TSegs = NULL;
4634 sr.cI2TSegs = 0;
4635 sr.cbT2IData = DataSeg.cbSeg;
4636 sr.paT2ISegs = &DataSeg;
4637 sr.cT2ISegs = 1;
4638 sr.cbSense = sizeof(sr.abSense);
4639 int rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4640 if ( RT_SUCCESS(rc)
4641 && (sr.status == SCSI_STATUS_OK)
4642 && (aCachingModePage[0] >= 15)
4643 && (aCachingModePage[4 + aCachingModePage[3]] & 0x3f) == 0x08
4644 && (aCachingModePage[4 + aCachingModePage[3] + 1] > 3))
4645 {
4646 uint32_t Offset = 4 + aCachingModePage[3];
4647 /*
4648 * Check if the read and/or the write cache is disabled.
4649 * The write cache is disabled if bit 2 (WCE) is zero and
4650 * the read cache is disabled if bit 0 (RCD) is set.
4651 */
4652 if (!ASMBitTest(&aCachingModePage[Offset + 2], 2) || ASMBitTest(&aCachingModePage[Offset + 2], 0))
4653 {
4654 /*
4655 * Write Cache Enable (WCE) bit is zero or the Read Cache Disable (RCD) is one
4656 * So one of the caches is disabled. Enable both caches.
4657 * The rest is unchanged.
4658 */
4659 ASMBitSet(&aCachingModePage[Offset + 2], 2);
4660 ASMBitClear(&aCachingModePage[Offset + 2], 0);
4661
4662 sr.abCDB[0] = SCSI_MODE_SELECT_6;
4663 sr.abCDB[1] = 0; /* Don't write the page into NV RAM. */
4664 sr.abCDB[2] = 0;
4665 sr.abCDB[3] = 0;
4666 sr.abCDB[4] = sizeof(aCachingModePage) & 0xff;
4667 sr.abCDB[5] = 0;
4668
4669 DataSeg.pvSeg = aCachingModePage;
4670 DataSeg.cbSeg = sizeof(aCachingModePage);
4671
4672 sr.enmXfer = SCSIXFER_TO_TARGET;
4673 sr.cbCDB = 6;
4674 sr.cbI2TData = DataSeg.cbSeg;
4675 sr.paI2TSegs = &DataSeg;
4676 sr.cI2TSegs = 1;
4677 sr.cbT2IData = 0;
4678 sr.paT2ISegs = NULL;
4679 sr.cT2ISegs = 0;
4680 sr.cbSense = sizeof(sr.abSense);
4681 sr.status = 0;
4682 rc = iscsiCommandSync(pImage, &sr, false /* fRetry */, VINF_SUCCESS);
4683 if ( RT_SUCCESS(rc)
4684 && (sr.status == SCSI_STATUS_OK))
4685 LogRel(("iSCSI: Enabled read and write cache of target %s\n", pImage->pszTargetName));
4686 else
4687 {
4688 /* Log failures but continue. */
4689 LogRel(("iSCSI: Could not enable read and write cache of target %s, rc=%Rrc status=%#x\n",
4690 pImage->pszTargetName, rc, sr.status));
4691 LogRel(("iSCSI: Sense:\n%.*Rhxd\n", sr.cbSense, sr.abSense));
4692 rc = VINF_SUCCESS;
4693 }
4694 }
4695 }
4696 else
4697 {
4698 /* Log errors but continue. */
4699 LogRel(("iSCSI: Could not check write cache of target %s, rc=%Rrc, got mode page %#x\n", pImage->pszTargetName, rc, aCachingModePage[0] & 0x3f));
4700 LogRel(("iSCSI: Sense:\n%.*Rhxd\n", sr.cbSense, sr.abSense));
4701 rc = VINF_SUCCESS;
4702 }
4703
4704 return rc;
4705}
4706
4707/**
4708 * Internal: Open an image, constructing all necessary data structures.
4709 */
4710static int iscsiOpenImage(PISCSIIMAGE pImage, unsigned uOpenFlags)
4711{
4712 pImage->uOpenFlags = uOpenFlags;
4713
4714 int rc = iscsiOpenImageInit(pImage);
4715 if (RT_SUCCESS(rc))
4716 rc = iscsiOpenImageParseCfg(pImage);
4717
4718 if (RT_SUCCESS(rc))
4719 {
4720 /* Don't actually establish iSCSI transport connection if this is just an
4721 * open to query the image information and the host IP stack isn't used.
4722 * Even trying is rather useless, as in this context the InTnet IP stack
4723 * isn't present. Returning dummies is the best possible result anyway. */
4724 if ((uOpenFlags & VD_OPEN_FLAGS_INFO) && !pImage->fHostIP)
4725 LogFunc(("Not opening the transport connection as IntNet IP stack is not available. Will return dummies\n"));
4726 else
4727 {
4728 rc = iscsiOpenImageSocketCreate(pImage);
4729 if (RT_SUCCESS(rc))
4730 {
4731 /*
4732 * Attach to the iSCSI target. This implicitly establishes the iSCSI
4733 * transport connection.
4734 */
4735 rc = iscsiExecSync(pImage, iscsiAttach, pImage);
4736 if (RT_SUCCESS(rc))
4737 {
4738 LogFlowFunc(("target '%s' opened successfully\n", pImage->pszTargetName));
4739
4740 rc = iscsiOpenImageReportLuns(pImage);
4741 if (RT_SUCCESS(rc))
4742 rc = iscsiOpenImageInquiry(pImage);
4743 if (RT_SUCCESS(rc))
4744 rc = iscsiOpenImageCheckWriteAccess(pImage);
4745 if (RT_SUCCESS(rc))
4746 rc = iscsiOpenImageQueryTargetSizes(pImage);
4747 if (RT_SUCCESS(rc))
4748 rc = iscsiOpenImageEnableReadWriteCache(pImage);
4749 }
4750 else
4751 LogRel(("iSCSI: could not open target %s, rc=%Rrc\n", pImage->pszTargetName, rc));
4752 }
4753 }
4754 }
4755
4756 if (RT_SUCCESS(rc))
4757 {
4758 PVDREGIONDESC pRegion = &pImage->RegionList.aRegions[0];
4759 pImage->RegionList.fFlags = 0;
4760 pImage->RegionList.cRegions = 1;
4761
4762 pRegion->offRegion = 0; /* Disk start. */
4763 pRegion->cbBlock = pImage->cbSector;
4764 pRegion->enmDataForm = VDREGIONDATAFORM_RAW;
4765 pRegion->enmMetadataForm = VDREGIONMETADATAFORM_NONE;
4766 pRegion->cbData = pImage->cbSector;
4767 pRegion->cbMetadata = 0;
4768 pRegion->cRegionBlocksOrBytes = pImage->cbSize;
4769 }
4770 else
4771 iscsiFreeImage(pImage, false);
4772 return rc;
4773}
4774
4775
4776/** @copydoc VDIMAGEBACKEND::pfnProbe */
4777static DECLCALLBACK(int) iscsiProbe(const char *pszFilename, PVDINTERFACE pVDIfsDisk,
4778 PVDINTERFACE pVDIfsImage, VDTYPE enmDesiredType, VDTYPE *penmType)
4779{
4780 RT_NOREF(pszFilename, pVDIfsDisk, pVDIfsImage, enmDesiredType, penmType);
4781 LogFlowFunc(("pszFilename=\"%s\"\n", pszFilename));
4782
4783 /* iSCSI images can't be checked for validity this way, as the filename
4784 * just can't supply enough configuration information. */
4785 int rc = VERR_VD_ISCSI_INVALID_HEADER;
4786
4787 LogFlowFunc(("returns %Rrc\n", rc));
4788 return rc;
4789}
4790
4791/** @copydoc VDIMAGEBACKEND::pfnOpen */
4792static DECLCALLBACK(int) iscsiOpen(const char *pszFilename, unsigned uOpenFlags,
4793 PVDINTERFACE pVDIfsDisk, PVDINTERFACE pVDIfsImage,
4794 VDTYPE enmType, void **ppBackendData)
4795{
4796 RT_NOREF1(enmType); /**< @todo r=klaus make use of the type info. */
4797
4798 LogFlowFunc(("pszFilename=\"%s\" uOpenFlags=%#x pVDIfsDisk=%#p pVDIfsImage=%#p enmType=%u ppBackendData=%#p\n",
4799 pszFilename, uOpenFlags, pVDIfsDisk, pVDIfsImage, enmType, ppBackendData));
4800 int rc;
4801
4802 /* Check open flags. All valid flags are supported. */
4803 AssertReturn(!(uOpenFlags & ~VD_OPEN_FLAGS_MASK), VERR_INVALID_PARAMETER);
4804 AssertPtrReturn(pszFilename, VERR_INVALID_POINTER);
4805 AssertReturn(*pszFilename != '\0', VERR_INVALID_PARAMETER);
4806
4807 PISCSIIMAGE pImage = (PISCSIIMAGE)RTMemAllocZ(RT_UOFFSETOF(ISCSIIMAGE, RegionList.aRegions[1]));
4808 if (RT_LIKELY(pImage))
4809 {
4810 pImage->pszFilename = pszFilename;
4811 pImage->pszInitiatorName = NULL;
4812 pImage->pszTargetName = NULL;
4813 pImage->pszTargetAddress = NULL;
4814 pImage->pszInitiatorUsername = NULL;
4815 pImage->pbInitiatorSecret = NULL;
4816 pImage->pszTargetUsername = NULL;
4817 pImage->pbTargetSecret = NULL;
4818 pImage->paCurrReq = NULL;
4819 pImage->pvRecvPDUBuf = NULL;
4820 pImage->pszHostname = NULL;
4821 pImage->pVDIfsDisk = pVDIfsDisk;
4822 pImage->pVDIfsImage = pVDIfsImage;
4823 pImage->cLogRelErrors = 0;
4824
4825 rc = iscsiOpenImage(pImage, uOpenFlags);
4826 if (RT_SUCCESS(rc))
4827 {
4828 LogFlowFunc(("target %s cVolume %d, cbSector %d\n", pImage->pszTargetName, pImage->cVolume, pImage->cbSector));
4829 LogRel(("iSCSI: target address %s, target name %s, SCSI LUN %lld\n", pImage->pszTargetAddress, pImage->pszTargetName, pImage->LUN));
4830 *ppBackendData = pImage;
4831 }
4832 else
4833 RTMemFree(pImage);
4834 }
4835 else
4836 rc = VERR_NO_MEMORY;
4837
4838 LogFlowFunc(("returns %Rrc (pBackendData=%#p)\n", rc, *ppBackendData));
4839 return rc;
4840}
4841
4842/** @copydoc VDIMAGEBACKEND::pfnCreate */
4843static DECLCALLBACK(int) iscsiCreate(const char *pszFilename, uint64_t cbSize,
4844 unsigned uImageFlags, const char *pszComment,
4845 PCVDGEOMETRY pPCHSGeometry, PCVDGEOMETRY pLCHSGeometry,
4846 PCRTUUID pUuid, unsigned uOpenFlags,
4847 unsigned uPercentStart, unsigned uPercentSpan,
4848 PVDINTERFACE pVDIfsDisk, PVDINTERFACE pVDIfsImage,
4849 PVDINTERFACE pVDIfsOperation, VDTYPE enmType,
4850 void **ppBackendData)
4851{
4852 RT_NOREF8(pszFilename, cbSize, uImageFlags, pszComment, pPCHSGeometry, pLCHSGeometry, pUuid, uOpenFlags);
4853 RT_NOREF7(uPercentStart, uPercentSpan, pVDIfsDisk, pVDIfsImage, pVDIfsOperation, enmType, ppBackendData);
4854 LogFlowFunc(("pszFilename=\"%s\" cbSize=%llu uImageFlags=%#x pszComment=\"%s\" pPCHSGeometry=%#p pLCHSGeometry=%#p Uuid=%RTuuid uOpenFlags=%#x uPercentStart=%u uPercentSpan=%u pVDIfsDisk=%#p pVDIfsImage=%#p pVDIfsOperation=%#p enmType=%u ppBackendData=%#p",
4855 pszFilename, cbSize, uImageFlags, pszComment, pPCHSGeometry, pLCHSGeometry, pUuid, uOpenFlags, uPercentStart, uPercentSpan, pVDIfsDisk, pVDIfsImage, pVDIfsOperation, enmType, ppBackendData));
4856 int rc = VERR_NOT_SUPPORTED;
4857
4858 LogFlowFunc(("returns %Rrc (pBackendData=%#p)\n", rc, *ppBackendData));
4859 return rc;
4860}
4861
4862/** @copydoc VDIMAGEBACKEND::pfnClose */
4863static DECLCALLBACK(int) iscsiClose(void *pBackendData, bool fDelete)
4864{
4865 LogFlowFunc(("pBackendData=%#p fDelete=%d\n", pBackendData, fDelete));
4866 PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
4867 int rc;
4868
4869 Assert(!fDelete); /* This flag is unsupported. */
4870
4871 rc = iscsiFreeImage(pImage, fDelete);
4872 RTMemFree(pImage);
4873
4874 LogFlowFunc(("returns %Rrc\n", rc));
4875 return rc;
4876}
4877
4878/** @copydoc VDIMAGEBACKEND::pfnRead */
4879static DECLCALLBACK(int) iscsiRead(void *pBackendData, uint64_t uOffset, size_t cbToRead,
4880 PVDIOCTX pIoCtx, size_t *pcbActuallyRead)
4881{
4882 PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
4883 int rc = VINF_SUCCESS;
4884
4885 LogFlowFunc(("pBackendData=%p uOffset=%#llx pIoCtx=%#p cbToRead=%u pcbActuallyRead=%p\n",
4886 pBackendData, uOffset, pIoCtx, cbToRead, pcbActuallyRead));
4887
4888 if ( uOffset + cbToRead > pImage->cbSize
4889 || cbToRead == 0)
4890 return VERR_INVALID_PARAMETER;
4891
4892 /*
4893 * Clip read size to a value which is supported by the target.
4894 */
4895 cbToRead = RT_MIN(cbToRead, pImage->cbRecvDataLength);
4896
4897 unsigned cT2ISegs = 0;
4898 size_t cbSegs = 0;
4899
4900 /* Get the number of segments. */
4901 cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
4902 NULL, &cT2ISegs, cbToRead);
4903 Assert(cbSegs == cbToRead);
4904
4905 PSCSIREQ pReq = (PSCSIREQ)RTMemAllocZ(RT_UOFFSETOF_DYN(SCSIREQ, aSegs[cT2ISegs]));
4906 if (RT_LIKELY(pReq))
4907 {
4908 uint64_t lba;
4909 uint16_t tls;
4910 uint8_t *pbCDB = &pReq->abCDB[0];
4911 size_t cbCDB;
4912
4913 lba = uOffset / pImage->cbSector;
4914 tls = (uint16_t)(cbToRead / pImage->cbSector);
4915
4916 cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
4917 &pReq->aSegs[0],
4918 &cT2ISegs, cbToRead);
4919 Assert(cbSegs == cbToRead);
4920
4921 if (pImage->cVolume < _4G)
4922 {
4923 cbCDB = 10;
4924 pbCDB[0] = SCSI_READ_10;
4925 pbCDB[1] = 0; /* reserved */
4926 pbCDB[2] = (lba >> 24) & 0xff;
4927 pbCDB[3] = (lba >> 16) & 0xff;
4928 pbCDB[4] = (lba >> 8) & 0xff;
4929 pbCDB[5] = lba & 0xff;
4930 pbCDB[6] = 0; /* reserved */
4931 pbCDB[7] = (tls >> 8) & 0xff;
4932 pbCDB[8] = tls & 0xff;
4933 pbCDB[9] = 0; /* control */
4934 }
4935 else
4936 {
4937 cbCDB = 16;
4938 pbCDB[0] = SCSI_READ_16;
4939 pbCDB[1] = 0; /* reserved */
4940 pbCDB[2] = (lba >> 56) & 0xff;
4941 pbCDB[3] = (lba >> 48) & 0xff;
4942 pbCDB[4] = (lba >> 40) & 0xff;
4943 pbCDB[5] = (lba >> 32) & 0xff;
4944 pbCDB[6] = (lba >> 24) & 0xff;
4945 pbCDB[7] = (lba >> 16) & 0xff;
4946 pbCDB[8] = (lba >> 8) & 0xff;
4947 pbCDB[9] = lba & 0xff;
4948 pbCDB[10] = 0; /* tls unused */
4949 pbCDB[11] = 0; /* tls unused */
4950 pbCDB[12] = (tls >> 8) & 0xff;
4951 pbCDB[13] = tls & 0xff;
4952 pbCDB[14] = 0; /* reserved */
4953 pbCDB[15] = 0; /* reserved */
4954 }
4955
4956 pReq->enmXfer = SCSIXFER_FROM_TARGET;
4957 pReq->cbCDB = cbCDB;
4958 pReq->cbI2TData = 0;
4959 pReq->paI2TSegs = NULL;
4960 pReq->cI2TSegs = 0;
4961 pReq->cbT2IData = cbToRead;
4962 pReq->paT2ISegs = &pReq->aSegs[pReq->cI2TSegs];
4963 pReq->cbSense = sizeof(pReq->abSense);
4964 pReq->cT2ISegs = cT2ISegs;
4965 pReq->pIoCtx = pIoCtx;
4966 pReq->cSenseRetries = 10;
4967 pReq->rcSense = VERR_READ_ERROR;
4968
4969 if (vdIfIoIntIoCtxIsSynchronous(pImage->pIfIo, pIoCtx))
4970 {
4971 rc = iscsiCommandSync(pImage, pReq, true, VERR_READ_ERROR);
4972 if (RT_FAILURE(rc))
4973 {
4974 LogFlow(("iscsiCommandSync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
4975 *pcbActuallyRead = 0;
4976 }
4977 else
4978 *pcbActuallyRead = pReq->cbT2IData;
4979 }
4980 else
4981 {
4982 rc = iscsiCommandAsync(pImage, pReq, iscsiCommandAsyncComplete, pReq);
4983 if (RT_FAILURE(rc))
4984 AssertMsgFailed(("iscsiCommandAsync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
4985 else
4986 {
4987 *pcbActuallyRead = cbToRead;
4988 return VERR_VD_IOCTX_HALT; /* Halt the I/O context until further notification from the I/O thread. */
4989 }
4990 }
4991
4992 RTMemFree(pReq);
4993 }
4994 else
4995 rc = VERR_NO_MEMORY;
4996
4997 LogFlowFunc(("returns rc=%Rrc\n", rc));
4998 return rc;
4999}
5000
5001/** @copydoc VDIMAGEBACKEND::pfnWrite */
5002static DECLCALLBACK(int) iscsiWrite(void *pBackendData, uint64_t uOffset, size_t cbToWrite,
5003 PVDIOCTX pIoCtx, size_t *pcbWriteProcess, size_t *pcbPreRead,
5004 size_t *pcbPostRead, unsigned fWrite)
5005{
5006 RT_NOREF3(pcbPreRead, pcbPostRead, fWrite);
5007 LogFlowFunc(("pBackendData=%p uOffset=%llu pIoCtx=%#p cbToWrite=%u pcbWriteProcess=%p pcbPreRead=%p pcbPostRead=%p fWrite=%u\n",
5008 pBackendData, uOffset, pIoCtx, cbToWrite, pcbWriteProcess, pcbPreRead, pcbPostRead, fWrite));
5009 PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5010 int rc = VINF_SUCCESS;
5011
5012 AssertPtr(pImage);
5013 Assert(uOffset % 512 == 0);
5014 Assert(cbToWrite % 512 == 0);
5015
5016 if (uOffset + cbToWrite > pImage->cbSize)
5017 return VERR_INVALID_PARAMETER;
5018
5019 /*
5020 * Clip read size to a value which is supported by the target.
5021 */
5022 cbToWrite = RT_MIN(cbToWrite, pImage->cbSendDataLength);
5023
5024 unsigned cI2TSegs = 0;
5025 size_t cbSegs = 0;
5026
5027 /* Get the number of segments. */
5028 cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
5029 NULL, &cI2TSegs, cbToWrite);
5030 Assert(cbSegs == cbToWrite);
5031
5032 PSCSIREQ pReq = (PSCSIREQ)RTMemAllocZ(RT_UOFFSETOF_DYN(SCSIREQ, aSegs[cI2TSegs]));
5033 if (RT_LIKELY(pReq))
5034 {
5035 uint64_t lba;
5036 uint16_t tls;
5037 uint8_t *pbCDB = &pReq->abCDB[0];
5038 size_t cbCDB;
5039
5040 lba = uOffset / pImage->cbSector;
5041 tls = (uint16_t)(cbToWrite / pImage->cbSector);
5042
5043 cbSegs = pImage->pIfIo->pfnIoCtxSegArrayCreate(pImage->pIfIo->Core.pvUser, pIoCtx,
5044 &pReq->aSegs[0],
5045 &cI2TSegs, cbToWrite);
5046 Assert(cbSegs == cbToWrite);
5047
5048 if (pImage->cVolume < _4G)
5049 {
5050 cbCDB = 10;
5051 pbCDB[0] = SCSI_WRITE_10;
5052 pbCDB[1] = 0; /* reserved */
5053 pbCDB[2] = (lba >> 24) & 0xff;
5054 pbCDB[3] = (lba >> 16) & 0xff;
5055 pbCDB[4] = (lba >> 8) & 0xff;
5056 pbCDB[5] = lba & 0xff;
5057 pbCDB[6] = 0; /* reserved */
5058 pbCDB[7] = (tls >> 8) & 0xff;
5059 pbCDB[8] = tls & 0xff;
5060 pbCDB[9] = 0; /* control */
5061 }
5062 else
5063 {
5064 cbCDB = 16;
5065 pbCDB[0] = SCSI_WRITE_16;
5066 pbCDB[1] = 0; /* reserved */
5067 pbCDB[2] = (lba >> 56) & 0xff;
5068 pbCDB[3] = (lba >> 48) & 0xff;
5069 pbCDB[4] = (lba >> 40) & 0xff;
5070 pbCDB[5] = (lba >> 32) & 0xff;
5071 pbCDB[6] = (lba >> 24) & 0xff;
5072 pbCDB[7] = (lba >> 16) & 0xff;
5073 pbCDB[8] = (lba >> 8) & 0xff;
5074 pbCDB[9] = lba & 0xff;
5075 pbCDB[10] = 0; /* tls unused */
5076 pbCDB[11] = 0; /* tls unused */
5077 pbCDB[12] = (tls >> 8) & 0xff;
5078 pbCDB[13] = tls & 0xff;
5079 pbCDB[14] = 0; /* reserved */
5080 pbCDB[15] = 0; /* reserved */
5081 }
5082
5083 pReq->enmXfer = SCSIXFER_TO_TARGET;
5084 pReq->cbCDB = cbCDB;
5085 pReq->cbI2TData = cbToWrite;
5086 pReq->paI2TSegs = &pReq->aSegs[0];
5087 pReq->cI2TSegs = cI2TSegs;
5088 pReq->cbT2IData = 0;
5089 pReq->paT2ISegs = NULL;
5090 pReq->cT2ISegs = 0;
5091 pReq->cbSense = sizeof(pReq->abSense);
5092 pReq->pIoCtx = pIoCtx;
5093 pReq->cSenseRetries = 10;
5094 pReq->rcSense = VERR_WRITE_ERROR;
5095
5096 if (vdIfIoIntIoCtxIsSynchronous(pImage->pIfIo, pIoCtx))
5097 {
5098 rc = iscsiCommandSync(pImage, pReq, true, VERR_WRITE_ERROR);
5099 if (RT_FAILURE(rc))
5100 {
5101 LogFlow(("iscsiCommandSync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
5102 *pcbWriteProcess = 0;
5103 }
5104 else
5105 *pcbWriteProcess = cbToWrite;
5106 }
5107 else
5108 {
5109 rc = iscsiCommandAsync(pImage, pReq, iscsiCommandAsyncComplete, pReq);
5110 if (RT_FAILURE(rc))
5111 AssertMsgFailed(("iscsiCommandAsync(%s, %#llx) -> %Rrc\n", pImage->pszTargetName, uOffset, rc));
5112 else
5113 {
5114 *pcbWriteProcess = cbToWrite;
5115 return VERR_VD_IOCTX_HALT; /* Halt the I/O context until further notification from the I/O thread. */
5116 }
5117 }
5118
5119 RTMemFree(pReq);
5120 }
5121 else
5122 rc = VERR_NO_MEMORY;
5123
5124 LogFlowFunc(("returns rc=%Rrc\n", rc));
5125 return rc;
5126}
5127
5128/** @copydoc VDIMAGEBACKEND::pfnFlush */
5129static DECLCALLBACK(int) iscsiFlush(void *pBackendData, PVDIOCTX pIoCtx)
5130{
5131 LogFlowFunc(("pBackendData=%p pIoCtx=%#p\n", pBackendData, pIoCtx));
5132 PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5133 int rc = VINF_SUCCESS;
5134
5135 PSCSIREQ pReq = (PSCSIREQ)RTMemAllocZ(sizeof(SCSIREQ));
5136 if (RT_LIKELY(pReq))
5137 {
5138 uint8_t *pbCDB = &pReq->abCDB[0];
5139
5140 pbCDB[0] = SCSI_SYNCHRONIZE_CACHE;
5141 pbCDB[1] = 0; /* reserved */
5142 pbCDB[2] = 0; /* reserved */
5143 pbCDB[3] = 0; /* reserved */
5144 pbCDB[4] = 0; /* reserved */
5145 pbCDB[5] = 0; /* reserved */
5146 pbCDB[6] = 0; /* reserved */
5147 pbCDB[7] = 0; /* reserved */
5148 pbCDB[8] = 0; /* reserved */
5149 pbCDB[9] = 0; /* control */
5150
5151 pReq->enmXfer = SCSIXFER_NONE;
5152 pReq->cbCDB = 10;
5153 pReq->cbI2TData = 0;
5154 pReq->paI2TSegs = NULL;
5155 pReq->cI2TSegs = 0;
5156 pReq->cbT2IData = 0;
5157 pReq->paT2ISegs = NULL;
5158 pReq->cT2ISegs = 0;
5159 pReq->cbSense = sizeof(pReq->abSense);
5160 pReq->pIoCtx = pIoCtx;
5161 pReq->cSenseRetries = 0;
5162 pReq->rcSense = VINF_SUCCESS;
5163
5164 if (vdIfIoIntIoCtxIsSynchronous(pImage->pIfIo, pIoCtx))
5165 {
5166 rc = iscsiCommandSync(pImage, pReq, false, VINF_SUCCESS);
5167 if (RT_FAILURE(rc))
5168 AssertMsgFailed(("iscsiCommand(%s) -> %Rrc\n", pImage->pszTargetName, rc));
5169 }
5170 else
5171 {
5172 rc = iscsiCommandAsync(pImage, pReq, iscsiCommandAsyncComplete, pReq);
5173 if (RT_FAILURE(rc))
5174 AssertMsgFailed(("iscsiCommand(%s) -> %Rrc\n", pImage->pszTargetName, rc));
5175 else
5176 return VERR_VD_IOCTX_HALT; /* Halt the I/O context until further notification from the I/O thread. */
5177 }
5178
5179 RTMemFree(pReq);
5180 }
5181 else
5182 rc = VERR_NO_MEMORY;
5183
5184 LogFlowFunc(("returns rc=%Rrc\n", rc));
5185 return rc;
5186}
5187
5188/** @copydoc VDIMAGEBACKEND::pfnGetVersion */
5189static DECLCALLBACK(unsigned) iscsiGetVersion(void *pBackendData)
5190{
5191 LogFlowFunc(("pBackendData=%#p\n", pBackendData));
5192 PISCSIIMAGE pImage = (PISCSIIMAGE)pBackendData;
5193
5194 AssertPtr(pImage);
5195 RT_NOREF1(pImage);
5196
5197 return 0;
5198}
5199
5200/** @copydoc VDIMAGEBACKEND::pfnGetFileSize */
5201static DECLCALLBACK(uint64_t) is