1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * NVMe over Fabrics TCP target.
4 * Copyright (c) 2018 Lightbits Labs. All rights reserved.
5 */
6 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
7 #include <linux/module.h>
8 #include <linux/init.h>
9 #include <linux/slab.h>
10 #include <linux/err.h>
11 #include <linux/key.h>
12 #include <linux/nvme-tcp.h>
13 #include <linux/nvme-keyring.h>
14 #include <net/sock.h>
15 #include <net/tcp.h>
16 #include <net/tls.h>
17 #include <net/tls_prot.h>
18 #include <net/handshake.h>
19 #include <linux/inet.h>
20 #include <linux/llist.h>
21 #include <crypto/hash.h>
22 #include <trace/events/sock.h>
23
24 #include "nvmet.h"
25
26 #define NVMET_TCP_DEF_INLINE_DATA_SIZE (4 * PAGE_SIZE)
27 #define NVMET_TCP_MAXH2CDATA 0x400000 /* 16M arbitrary limit */
28 #define NVMET_TCP_BACKLOG 128
29
param_store_val(const char * str,int * val,int min,int max)30 static int param_store_val(const char *str, int *val, int min, int max)
31 {
32 int ret, new_val;
33
34 ret = kstrtoint(str, 10, &new_val);
35 if (ret)
36 return -EINVAL;
37
38 if (new_val < min || new_val > max)
39 return -EINVAL;
40
41 *val = new_val;
42 return 0;
43 }
44
set_params(const char * str,const struct kernel_param * kp)45 static int set_params(const char *str, const struct kernel_param *kp)
46 {
47 return param_store_val(str, kp->arg, 0, INT_MAX);
48 }
49
50 static const struct kernel_param_ops set_param_ops = {
51 .set = set_params,
52 .get = param_get_int,
53 };
54
55 /* Define the socket priority to use for connections were it is desirable
56 * that the NIC consider performing optimized packet processing or filtering.
57 * A non-zero value being sufficient to indicate general consideration of any
58 * possible optimization. Making it a module param allows for alternative
59 * values that may be unique for some NIC implementations.
60 */
61 static int so_priority;
62 device_param_cb(so_priority, &set_param_ops, &so_priority, 0644);
63 MODULE_PARM_DESC(so_priority, "nvmet tcp socket optimize priority: Default 0");
64
65 /* Define a time period (in usecs) that io_work() shall sample an activated
66 * queue before determining it to be idle. This optional module behavior
67 * can enable NIC solutions that support socket optimized packet processing
68 * using advanced interrupt moderation techniques.
69 */
70 static int idle_poll_period_usecs;
71 device_param_cb(idle_poll_period_usecs, &set_param_ops,
72 &idle_poll_period_usecs, 0644);
73 MODULE_PARM_DESC(idle_poll_period_usecs,
74 "nvmet tcp io_work poll till idle time period in usecs: Default 0");
75
76 #ifdef CONFIG_NVME_TARGET_TCP_TLS
77 /*
78 * TLS handshake timeout
79 */
80 static int tls_handshake_timeout = 10;
81 module_param(tls_handshake_timeout, int, 0644);
82 MODULE_PARM_DESC(tls_handshake_timeout,
83 "nvme TLS handshake timeout in seconds (default 10)");
84 #endif
85
86 #define NVMET_TCP_RECV_BUDGET 8
87 #define NVMET_TCP_SEND_BUDGET 8
88 #define NVMET_TCP_IO_WORK_BUDGET 64
89
90 enum nvmet_tcp_send_state {
91 NVMET_TCP_SEND_DATA_PDU,
92 NVMET_TCP_SEND_DATA,
93 NVMET_TCP_SEND_R2T,
94 NVMET_TCP_SEND_DDGST,
95 NVMET_TCP_SEND_RESPONSE
96 };
97
98 enum nvmet_tcp_recv_state {
99 NVMET_TCP_RECV_PDU,
100 NVMET_TCP_RECV_DATA,
101 NVMET_TCP_RECV_DDGST,
102 NVMET_TCP_RECV_ERR,
103 };
104
105 enum {
106 NVMET_TCP_F_INIT_FAILED = (1 << 0),
107 };
108
109 struct nvmet_tcp_cmd {
110 struct nvmet_tcp_queue *queue;
111 struct nvmet_req req;
112
113 struct nvme_tcp_cmd_pdu *cmd_pdu;
114 struct nvme_tcp_rsp_pdu *rsp_pdu;
115 struct nvme_tcp_data_pdu *data_pdu;
116 struct nvme_tcp_r2t_pdu *r2t_pdu;
117
118 u32 rbytes_done;
119 u32 wbytes_done;
120
121 u32 pdu_len;
122 u32 pdu_recv;
123 int sg_idx;
124 char recv_cbuf[CMSG_LEN(sizeof(char))];
125 struct msghdr recv_msg;
126 struct bio_vec *iov;
127 u32 flags;
128
129 struct list_head entry;
130 struct llist_node lentry;
131
132 /* send state */
133 u32 offset;
134 struct scatterlist *cur_sg;
135 enum nvmet_tcp_send_state state;
136
137 __le32 exp_ddgst;
138 __le32 recv_ddgst;
139 };
140
141 enum nvmet_tcp_queue_state {
142 NVMET_TCP_Q_CONNECTING,
143 NVMET_TCP_Q_TLS_HANDSHAKE,
144 NVMET_TCP_Q_LIVE,
145 NVMET_TCP_Q_DISCONNECTING,
146 NVMET_TCP_Q_FAILED,
147 };
148
149 struct nvmet_tcp_queue {
150 struct socket *sock;
151 struct nvmet_tcp_port *port;
152 struct work_struct io_work;
153 struct nvmet_cq nvme_cq;
154 struct nvmet_sq nvme_sq;
155 struct kref kref;
156
157 /* send state */
158 struct nvmet_tcp_cmd *cmds;
159 unsigned int nr_cmds;
160 struct list_head free_list;
161 struct llist_head resp_list;
162 struct list_head resp_send_list;
163 int send_list_len;
164 struct nvmet_tcp_cmd *snd_cmd;
165
166 /* recv state */
167 int offset;
168 int left;
169 enum nvmet_tcp_recv_state rcv_state;
170 struct nvmet_tcp_cmd *cmd;
171 union nvme_tcp_pdu pdu;
172
173 /* digest state */
174 bool hdr_digest;
175 bool data_digest;
176 struct ahash_request *snd_hash;
177 struct ahash_request *rcv_hash;
178
179 /* TLS state */
180 key_serial_t tls_pskid;
181 struct delayed_work tls_handshake_tmo_work;
182
183 unsigned long poll_end;
184
185 spinlock_t state_lock;
186 enum nvmet_tcp_queue_state state;
187
188 struct sockaddr_storage sockaddr;
189 struct sockaddr_storage sockaddr_peer;
190 struct work_struct release_work;
191
192 int idx;
193 struct list_head queue_list;
194
195 struct nvmet_tcp_cmd connect;
196
197 struct page_frag_cache pf_cache;
198
199 void (*data_ready)(struct sock *);
200 void (*state_change)(struct sock *);
201 void (*write_space)(struct sock *);
202 };
203
204 struct nvmet_tcp_port {
205 struct socket *sock;
206 struct work_struct accept_work;
207 struct nvmet_port *nport;
208 struct sockaddr_storage addr;
209 void (*data_ready)(struct sock *);
210 };
211
212 static DEFINE_IDA(nvmet_tcp_queue_ida);
213 static LIST_HEAD(nvmet_tcp_queue_list);
214 static DEFINE_MUTEX(nvmet_tcp_queue_mutex);
215
216 static struct workqueue_struct *nvmet_tcp_wq;
217 static const struct nvmet_fabrics_ops nvmet_tcp_ops;
218 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c);
219 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd);
220
nvmet_tcp_cmd_tag(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * cmd)221 static inline u16 nvmet_tcp_cmd_tag(struct nvmet_tcp_queue *queue,
222 struct nvmet_tcp_cmd *cmd)
223 {
224 if (unlikely(!queue->nr_cmds)) {
225 /* We didn't allocate cmds yet, send 0xffff */
226 return USHRT_MAX;
227 }
228
229 return cmd - queue->cmds;
230 }
231
nvmet_tcp_has_data_in(struct nvmet_tcp_cmd * cmd)232 static inline bool nvmet_tcp_has_data_in(struct nvmet_tcp_cmd *cmd)
233 {
234 return nvme_is_write(cmd->req.cmd) &&
235 cmd->rbytes_done < cmd->req.transfer_len;
236 }
237
nvmet_tcp_need_data_in(struct nvmet_tcp_cmd * cmd)238 static inline bool nvmet_tcp_need_data_in(struct nvmet_tcp_cmd *cmd)
239 {
240 return nvmet_tcp_has_data_in(cmd) && !cmd->req.cqe->status;
241 }
242
nvmet_tcp_need_data_out(struct nvmet_tcp_cmd * cmd)243 static inline bool nvmet_tcp_need_data_out(struct nvmet_tcp_cmd *cmd)
244 {
245 return !nvme_is_write(cmd->req.cmd) &&
246 cmd->req.transfer_len > 0 &&
247 !cmd->req.cqe->status;
248 }
249
nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd * cmd)250 static inline bool nvmet_tcp_has_inline_data(struct nvmet_tcp_cmd *cmd)
251 {
252 return nvme_is_write(cmd->req.cmd) && cmd->pdu_len &&
253 !cmd->rbytes_done;
254 }
255
256 static inline struct nvmet_tcp_cmd *
nvmet_tcp_get_cmd(struct nvmet_tcp_queue * queue)257 nvmet_tcp_get_cmd(struct nvmet_tcp_queue *queue)
258 {
259 struct nvmet_tcp_cmd *cmd;
260
261 cmd = list_first_entry_or_null(&queue->free_list,
262 struct nvmet_tcp_cmd, entry);
263 if (!cmd)
264 return NULL;
265 list_del_init(&cmd->entry);
266
267 cmd->rbytes_done = cmd->wbytes_done = 0;
268 cmd->pdu_len = 0;
269 cmd->pdu_recv = 0;
270 cmd->iov = NULL;
271 cmd->flags = 0;
272 return cmd;
273 }
274
nvmet_tcp_put_cmd(struct nvmet_tcp_cmd * cmd)275 static inline void nvmet_tcp_put_cmd(struct nvmet_tcp_cmd *cmd)
276 {
277 if (unlikely(cmd == &cmd->queue->connect))
278 return;
279
280 list_add_tail(&cmd->entry, &cmd->queue->free_list);
281 }
282
queue_cpu(struct nvmet_tcp_queue * queue)283 static inline int queue_cpu(struct nvmet_tcp_queue *queue)
284 {
285 return queue->sock->sk->sk_incoming_cpu;
286 }
287
nvmet_tcp_hdgst_len(struct nvmet_tcp_queue * queue)288 static inline u8 nvmet_tcp_hdgst_len(struct nvmet_tcp_queue *queue)
289 {
290 return queue->hdr_digest ? NVME_TCP_DIGEST_LENGTH : 0;
291 }
292
nvmet_tcp_ddgst_len(struct nvmet_tcp_queue * queue)293 static inline u8 nvmet_tcp_ddgst_len(struct nvmet_tcp_queue *queue)
294 {
295 return queue->data_digest ? NVME_TCP_DIGEST_LENGTH : 0;
296 }
297
nvmet_tcp_hdgst(struct ahash_request * hash,void * pdu,size_t len)298 static inline void nvmet_tcp_hdgst(struct ahash_request *hash,
299 void *pdu, size_t len)
300 {
301 struct scatterlist sg;
302
303 sg_init_one(&sg, pdu, len);
304 ahash_request_set_crypt(hash, &sg, pdu + len, len);
305 crypto_ahash_digest(hash);
306 }
307
nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue * queue,void * pdu,size_t len)308 static int nvmet_tcp_verify_hdgst(struct nvmet_tcp_queue *queue,
309 void *pdu, size_t len)
310 {
311 struct nvme_tcp_hdr *hdr = pdu;
312 __le32 recv_digest;
313 __le32 exp_digest;
314
315 if (unlikely(!(hdr->flags & NVME_TCP_F_HDGST))) {
316 pr_err("queue %d: header digest enabled but no header digest\n",
317 queue->idx);
318 return -EPROTO;
319 }
320
321 recv_digest = *(__le32 *)(pdu + hdr->hlen);
322 nvmet_tcp_hdgst(queue->rcv_hash, pdu, len);
323 exp_digest = *(__le32 *)(pdu + hdr->hlen);
324 if (recv_digest != exp_digest) {
325 pr_err("queue %d: header digest error: recv %#x expected %#x\n",
326 queue->idx, le32_to_cpu(recv_digest),
327 le32_to_cpu(exp_digest));
328 return -EPROTO;
329 }
330
331 return 0;
332 }
333
nvmet_tcp_check_ddgst(struct nvmet_tcp_queue * queue,void * pdu)334 static int nvmet_tcp_check_ddgst(struct nvmet_tcp_queue *queue, void *pdu)
335 {
336 struct nvme_tcp_hdr *hdr = pdu;
337 u8 digest_len = nvmet_tcp_hdgst_len(queue);
338 u32 len;
339
340 len = le32_to_cpu(hdr->plen) - hdr->hlen -
341 (hdr->flags & NVME_TCP_F_HDGST ? digest_len : 0);
342
343 if (unlikely(len && !(hdr->flags & NVME_TCP_F_DDGST))) {
344 pr_err("queue %d: data digest flag is cleared\n", queue->idx);
345 return -EPROTO;
346 }
347
348 return 0;
349 }
350
nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd * cmd)351 static void nvmet_tcp_free_cmd_buffers(struct nvmet_tcp_cmd *cmd)
352 {
353 kfree(cmd->iov);
354 sgl_free(cmd->req.sg);
355 cmd->iov = NULL;
356 cmd->req.sg = NULL;
357 }
358
nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd * cmd)359 static void nvmet_tcp_build_pdu_iovec(struct nvmet_tcp_cmd *cmd)
360 {
361 struct bio_vec *iov = cmd->iov;
362 struct scatterlist *sg;
363 u32 length, offset, sg_offset;
364 int nr_pages;
365
366 length = cmd->pdu_len;
367 nr_pages = DIV_ROUND_UP(length, PAGE_SIZE);
368 offset = cmd->rbytes_done;
369 cmd->sg_idx = offset / PAGE_SIZE;
370 sg_offset = offset % PAGE_SIZE;
371 sg = &cmd->req.sg[cmd->sg_idx];
372
373 while (length) {
374 u32 iov_len = min_t(u32, length, sg->length - sg_offset);
375
376 bvec_set_page(iov, sg_page(sg), iov_len,
377 sg->offset + sg_offset);
378
379 length -= iov_len;
380 sg = sg_next(sg);
381 iov++;
382 sg_offset = 0;
383 }
384
385 iov_iter_bvec(&cmd->recv_msg.msg_iter, ITER_DEST, cmd->iov,
386 nr_pages, cmd->pdu_len);
387 }
388
nvmet_tcp_fatal_error(struct nvmet_tcp_queue * queue)389 static void nvmet_tcp_fatal_error(struct nvmet_tcp_queue *queue)
390 {
391 queue->rcv_state = NVMET_TCP_RECV_ERR;
392 if (queue->nvme_sq.ctrl)
393 nvmet_ctrl_fatal_error(queue->nvme_sq.ctrl);
394 else
395 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
396 }
397
nvmet_tcp_socket_error(struct nvmet_tcp_queue * queue,int status)398 static void nvmet_tcp_socket_error(struct nvmet_tcp_queue *queue, int status)
399 {
400 queue->rcv_state = NVMET_TCP_RECV_ERR;
401 if (status == -EPIPE || status == -ECONNRESET)
402 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
403 else
404 nvmet_tcp_fatal_error(queue);
405 }
406
nvmet_tcp_map_data(struct nvmet_tcp_cmd * cmd)407 static int nvmet_tcp_map_data(struct nvmet_tcp_cmd *cmd)
408 {
409 struct nvme_sgl_desc *sgl = &cmd->req.cmd->common.dptr.sgl;
410 u32 len = le32_to_cpu(sgl->length);
411
412 if (!len)
413 return 0;
414
415 if (sgl->type == ((NVME_SGL_FMT_DATA_DESC << 4) |
416 NVME_SGL_FMT_OFFSET)) {
417 if (!nvme_is_write(cmd->req.cmd))
418 return NVME_SC_INVALID_FIELD | NVME_SC_DNR;
419
420 if (len > cmd->req.port->inline_data_size)
421 return NVME_SC_SGL_INVALID_OFFSET | NVME_SC_DNR;
422 cmd->pdu_len = len;
423 }
424 cmd->req.transfer_len += len;
425
426 cmd->req.sg = sgl_alloc(len, GFP_KERNEL, &cmd->req.sg_cnt);
427 if (!cmd->req.sg)
428 return NVME_SC_INTERNAL;
429 cmd->cur_sg = cmd->req.sg;
430
431 if (nvmet_tcp_has_data_in(cmd)) {
432 cmd->iov = kmalloc_array(cmd->req.sg_cnt,
433 sizeof(*cmd->iov), GFP_KERNEL);
434 if (!cmd->iov)
435 goto err;
436 }
437
438 return 0;
439 err:
440 nvmet_tcp_free_cmd_buffers(cmd);
441 return NVME_SC_INTERNAL;
442 }
443
nvmet_tcp_calc_ddgst(struct ahash_request * hash,struct nvmet_tcp_cmd * cmd)444 static void nvmet_tcp_calc_ddgst(struct ahash_request *hash,
445 struct nvmet_tcp_cmd *cmd)
446 {
447 ahash_request_set_crypt(hash, cmd->req.sg,
448 (void *)&cmd->exp_ddgst, cmd->req.transfer_len);
449 crypto_ahash_digest(hash);
450 }
451
nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd * cmd)452 static void nvmet_setup_c2h_data_pdu(struct nvmet_tcp_cmd *cmd)
453 {
454 struct nvme_tcp_data_pdu *pdu = cmd->data_pdu;
455 struct nvmet_tcp_queue *queue = cmd->queue;
456 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
457 u8 ddgst = nvmet_tcp_ddgst_len(cmd->queue);
458
459 cmd->offset = 0;
460 cmd->state = NVMET_TCP_SEND_DATA_PDU;
461
462 pdu->hdr.type = nvme_tcp_c2h_data;
463 pdu->hdr.flags = NVME_TCP_F_DATA_LAST | (queue->nvme_sq.sqhd_disabled ?
464 NVME_TCP_F_DATA_SUCCESS : 0);
465 pdu->hdr.hlen = sizeof(*pdu);
466 pdu->hdr.pdo = pdu->hdr.hlen + hdgst;
467 pdu->hdr.plen =
468 cpu_to_le32(pdu->hdr.hlen + hdgst +
469 cmd->req.transfer_len + ddgst);
470 pdu->command_id = cmd->req.cqe->command_id;
471 pdu->data_length = cpu_to_le32(cmd->req.transfer_len);
472 pdu->data_offset = cpu_to_le32(cmd->wbytes_done);
473
474 if (queue->data_digest) {
475 pdu->hdr.flags |= NVME_TCP_F_DDGST;
476 nvmet_tcp_calc_ddgst(queue->snd_hash, cmd);
477 }
478
479 if (cmd->queue->hdr_digest) {
480 pdu->hdr.flags |= NVME_TCP_F_HDGST;
481 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu));
482 }
483 }
484
nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd * cmd)485 static void nvmet_setup_r2t_pdu(struct nvmet_tcp_cmd *cmd)
486 {
487 struct nvme_tcp_r2t_pdu *pdu = cmd->r2t_pdu;
488 struct nvmet_tcp_queue *queue = cmd->queue;
489 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
490
491 cmd->offset = 0;
492 cmd->state = NVMET_TCP_SEND_R2T;
493
494 pdu->hdr.type = nvme_tcp_r2t;
495 pdu->hdr.flags = 0;
496 pdu->hdr.hlen = sizeof(*pdu);
497 pdu->hdr.pdo = 0;
498 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst);
499
500 pdu->command_id = cmd->req.cmd->common.command_id;
501 pdu->ttag = nvmet_tcp_cmd_tag(cmd->queue, cmd);
502 pdu->r2t_length = cpu_to_le32(cmd->req.transfer_len - cmd->rbytes_done);
503 pdu->r2t_offset = cpu_to_le32(cmd->rbytes_done);
504 if (cmd->queue->hdr_digest) {
505 pdu->hdr.flags |= NVME_TCP_F_HDGST;
506 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu));
507 }
508 }
509
nvmet_setup_response_pdu(struct nvmet_tcp_cmd * cmd)510 static void nvmet_setup_response_pdu(struct nvmet_tcp_cmd *cmd)
511 {
512 struct nvme_tcp_rsp_pdu *pdu = cmd->rsp_pdu;
513 struct nvmet_tcp_queue *queue = cmd->queue;
514 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
515
516 cmd->offset = 0;
517 cmd->state = NVMET_TCP_SEND_RESPONSE;
518
519 pdu->hdr.type = nvme_tcp_rsp;
520 pdu->hdr.flags = 0;
521 pdu->hdr.hlen = sizeof(*pdu);
522 pdu->hdr.pdo = 0;
523 pdu->hdr.plen = cpu_to_le32(pdu->hdr.hlen + hdgst);
524 if (cmd->queue->hdr_digest) {
525 pdu->hdr.flags |= NVME_TCP_F_HDGST;
526 nvmet_tcp_hdgst(queue->snd_hash, pdu, sizeof(*pdu));
527 }
528 }
529
nvmet_tcp_process_resp_list(struct nvmet_tcp_queue * queue)530 static void nvmet_tcp_process_resp_list(struct nvmet_tcp_queue *queue)
531 {
532 struct llist_node *node;
533 struct nvmet_tcp_cmd *cmd;
534
535 for (node = llist_del_all(&queue->resp_list); node; node = node->next) {
536 cmd = llist_entry(node, struct nvmet_tcp_cmd, lentry);
537 list_add(&cmd->entry, &queue->resp_send_list);
538 queue->send_list_len++;
539 }
540 }
541
nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue * queue)542 static struct nvmet_tcp_cmd *nvmet_tcp_fetch_cmd(struct nvmet_tcp_queue *queue)
543 {
544 queue->snd_cmd = list_first_entry_or_null(&queue->resp_send_list,
545 struct nvmet_tcp_cmd, entry);
546 if (!queue->snd_cmd) {
547 nvmet_tcp_process_resp_list(queue);
548 queue->snd_cmd =
549 list_first_entry_or_null(&queue->resp_send_list,
550 struct nvmet_tcp_cmd, entry);
551 if (unlikely(!queue->snd_cmd))
552 return NULL;
553 }
554
555 list_del_init(&queue->snd_cmd->entry);
556 queue->send_list_len--;
557
558 if (nvmet_tcp_need_data_out(queue->snd_cmd))
559 nvmet_setup_c2h_data_pdu(queue->snd_cmd);
560 else if (nvmet_tcp_need_data_in(queue->snd_cmd))
561 nvmet_setup_r2t_pdu(queue->snd_cmd);
562 else
563 nvmet_setup_response_pdu(queue->snd_cmd);
564
565 return queue->snd_cmd;
566 }
567
nvmet_tcp_queue_response(struct nvmet_req * req)568 static void nvmet_tcp_queue_response(struct nvmet_req *req)
569 {
570 struct nvmet_tcp_cmd *cmd =
571 container_of(req, struct nvmet_tcp_cmd, req);
572 struct nvmet_tcp_queue *queue = cmd->queue;
573 struct nvme_sgl_desc *sgl;
574 u32 len;
575
576 if (unlikely(cmd == queue->cmd)) {
577 sgl = &cmd->req.cmd->common.dptr.sgl;
578 len = le32_to_cpu(sgl->length);
579
580 /*
581 * Wait for inline data before processing the response.
582 * Avoid using helpers, this might happen before
583 * nvmet_req_init is completed.
584 */
585 if (queue->rcv_state == NVMET_TCP_RECV_PDU &&
586 len && len <= cmd->req.port->inline_data_size &&
587 nvme_is_write(cmd->req.cmd))
588 return;
589 }
590
591 llist_add(&cmd->lentry, &queue->resp_list);
592 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &cmd->queue->io_work);
593 }
594
nvmet_tcp_execute_request(struct nvmet_tcp_cmd * cmd)595 static void nvmet_tcp_execute_request(struct nvmet_tcp_cmd *cmd)
596 {
597 if (unlikely(cmd->flags & NVMET_TCP_F_INIT_FAILED))
598 nvmet_tcp_queue_response(&cmd->req);
599 else
600 cmd->req.execute(&cmd->req);
601 }
602
nvmet_try_send_data_pdu(struct nvmet_tcp_cmd * cmd)603 static int nvmet_try_send_data_pdu(struct nvmet_tcp_cmd *cmd)
604 {
605 struct msghdr msg = {
606 .msg_flags = MSG_DONTWAIT | MSG_MORE | MSG_SPLICE_PAGES,
607 };
608 struct bio_vec bvec;
609 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
610 int left = sizeof(*cmd->data_pdu) - cmd->offset + hdgst;
611 int ret;
612
613 bvec_set_virt(&bvec, (void *)cmd->data_pdu + cmd->offset, left);
614 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
615 ret = sock_sendmsg(cmd->queue->sock, &msg);
616 if (ret <= 0)
617 return ret;
618
619 cmd->offset += ret;
620 left -= ret;
621
622 if (left)
623 return -EAGAIN;
624
625 cmd->state = NVMET_TCP_SEND_DATA;
626 cmd->offset = 0;
627 return 1;
628 }
629
nvmet_try_send_data(struct nvmet_tcp_cmd * cmd,bool last_in_batch)630 static int nvmet_try_send_data(struct nvmet_tcp_cmd *cmd, bool last_in_batch)
631 {
632 struct nvmet_tcp_queue *queue = cmd->queue;
633 int ret;
634
635 while (cmd->cur_sg) {
636 struct msghdr msg = {
637 .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES,
638 };
639 struct page *page = sg_page(cmd->cur_sg);
640 struct bio_vec bvec;
641 u32 left = cmd->cur_sg->length - cmd->offset;
642
643 if ((!last_in_batch && cmd->queue->send_list_len) ||
644 cmd->wbytes_done + left < cmd->req.transfer_len ||
645 queue->data_digest || !queue->nvme_sq.sqhd_disabled)
646 msg.msg_flags |= MSG_MORE;
647
648 bvec_set_page(&bvec, page, left, cmd->offset);
649 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
650 ret = sock_sendmsg(cmd->queue->sock, &msg);
651 if (ret <= 0)
652 return ret;
653
654 cmd->offset += ret;
655 cmd->wbytes_done += ret;
656
657 /* Done with sg?*/
658 if (cmd->offset == cmd->cur_sg->length) {
659 cmd->cur_sg = sg_next(cmd->cur_sg);
660 cmd->offset = 0;
661 }
662 }
663
664 if (queue->data_digest) {
665 cmd->state = NVMET_TCP_SEND_DDGST;
666 cmd->offset = 0;
667 } else {
668 if (queue->nvme_sq.sqhd_disabled) {
669 cmd->queue->snd_cmd = NULL;
670 nvmet_tcp_put_cmd(cmd);
671 } else {
672 nvmet_setup_response_pdu(cmd);
673 }
674 }
675
676 if (queue->nvme_sq.sqhd_disabled)
677 nvmet_tcp_free_cmd_buffers(cmd);
678
679 return 1;
680
681 }
682
nvmet_try_send_response(struct nvmet_tcp_cmd * cmd,bool last_in_batch)683 static int nvmet_try_send_response(struct nvmet_tcp_cmd *cmd,
684 bool last_in_batch)
685 {
686 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, };
687 struct bio_vec bvec;
688 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
689 int left = sizeof(*cmd->rsp_pdu) - cmd->offset + hdgst;
690 int ret;
691
692 if (!last_in_batch && cmd->queue->send_list_len)
693 msg.msg_flags |= MSG_MORE;
694 else
695 msg.msg_flags |= MSG_EOR;
696
697 bvec_set_virt(&bvec, (void *)cmd->rsp_pdu + cmd->offset, left);
698 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
699 ret = sock_sendmsg(cmd->queue->sock, &msg);
700 if (ret <= 0)
701 return ret;
702 cmd->offset += ret;
703 left -= ret;
704
705 if (left)
706 return -EAGAIN;
707
708 nvmet_tcp_free_cmd_buffers(cmd);
709 cmd->queue->snd_cmd = NULL;
710 nvmet_tcp_put_cmd(cmd);
711 return 1;
712 }
713
nvmet_try_send_r2t(struct nvmet_tcp_cmd * cmd,bool last_in_batch)714 static int nvmet_try_send_r2t(struct nvmet_tcp_cmd *cmd, bool last_in_batch)
715 {
716 struct msghdr msg = { .msg_flags = MSG_DONTWAIT | MSG_SPLICE_PAGES, };
717 struct bio_vec bvec;
718 u8 hdgst = nvmet_tcp_hdgst_len(cmd->queue);
719 int left = sizeof(*cmd->r2t_pdu) - cmd->offset + hdgst;
720 int ret;
721
722 if (!last_in_batch && cmd->queue->send_list_len)
723 msg.msg_flags |= MSG_MORE;
724 else
725 msg.msg_flags |= MSG_EOR;
726
727 bvec_set_virt(&bvec, (void *)cmd->r2t_pdu + cmd->offset, left);
728 iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, left);
729 ret = sock_sendmsg(cmd->queue->sock, &msg);
730 if (ret <= 0)
731 return ret;
732 cmd->offset += ret;
733 left -= ret;
734
735 if (left)
736 return -EAGAIN;
737
738 cmd->queue->snd_cmd = NULL;
739 return 1;
740 }
741
nvmet_try_send_ddgst(struct nvmet_tcp_cmd * cmd,bool last_in_batch)742 static int nvmet_try_send_ddgst(struct nvmet_tcp_cmd *cmd, bool last_in_batch)
743 {
744 struct nvmet_tcp_queue *queue = cmd->queue;
745 int left = NVME_TCP_DIGEST_LENGTH - cmd->offset;
746 struct msghdr msg = { .msg_flags = MSG_DONTWAIT };
747 struct kvec iov = {
748 .iov_base = (u8 *)&cmd->exp_ddgst + cmd->offset,
749 .iov_len = left
750 };
751 int ret;
752
753 if (!last_in_batch && cmd->queue->send_list_len)
754 msg.msg_flags |= MSG_MORE;
755 else
756 msg.msg_flags |= MSG_EOR;
757
758 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len);
759 if (unlikely(ret <= 0))
760 return ret;
761
762 cmd->offset += ret;
763 left -= ret;
764
765 if (left)
766 return -EAGAIN;
767
768 if (queue->nvme_sq.sqhd_disabled) {
769 cmd->queue->snd_cmd = NULL;
770 nvmet_tcp_put_cmd(cmd);
771 } else {
772 nvmet_setup_response_pdu(cmd);
773 }
774 return 1;
775 }
776
nvmet_tcp_try_send_one(struct nvmet_tcp_queue * queue,bool last_in_batch)777 static int nvmet_tcp_try_send_one(struct nvmet_tcp_queue *queue,
778 bool last_in_batch)
779 {
780 struct nvmet_tcp_cmd *cmd = queue->snd_cmd;
781 int ret = 0;
782
783 if (!cmd || queue->state == NVMET_TCP_Q_DISCONNECTING) {
784 cmd = nvmet_tcp_fetch_cmd(queue);
785 if (unlikely(!cmd))
786 return 0;
787 }
788
789 if (cmd->state == NVMET_TCP_SEND_DATA_PDU) {
790 ret = nvmet_try_send_data_pdu(cmd);
791 if (ret <= 0)
792 goto done_send;
793 }
794
795 if (cmd->state == NVMET_TCP_SEND_DATA) {
796 ret = nvmet_try_send_data(cmd, last_in_batch);
797 if (ret <= 0)
798 goto done_send;
799 }
800
801 if (cmd->state == NVMET_TCP_SEND_DDGST) {
802 ret = nvmet_try_send_ddgst(cmd, last_in_batch);
803 if (ret <= 0)
804 goto done_send;
805 }
806
807 if (cmd->state == NVMET_TCP_SEND_R2T) {
808 ret = nvmet_try_send_r2t(cmd, last_in_batch);
809 if (ret <= 0)
810 goto done_send;
811 }
812
813 if (cmd->state == NVMET_TCP_SEND_RESPONSE)
814 ret = nvmet_try_send_response(cmd, last_in_batch);
815
816 done_send:
817 if (ret < 0) {
818 if (ret == -EAGAIN)
819 return 0;
820 return ret;
821 }
822
823 return 1;
824 }
825
nvmet_tcp_try_send(struct nvmet_tcp_queue * queue,int budget,int * sends)826 static int nvmet_tcp_try_send(struct nvmet_tcp_queue *queue,
827 int budget, int *sends)
828 {
829 int i, ret = 0;
830
831 for (i = 0; i < budget; i++) {
832 ret = nvmet_tcp_try_send_one(queue, i == budget - 1);
833 if (unlikely(ret < 0)) {
834 nvmet_tcp_socket_error(queue, ret);
835 goto done;
836 } else if (ret == 0) {
837 break;
838 }
839 (*sends)++;
840 }
841 done:
842 return ret;
843 }
844
nvmet_prepare_receive_pdu(struct nvmet_tcp_queue * queue)845 static void nvmet_prepare_receive_pdu(struct nvmet_tcp_queue *queue)
846 {
847 queue->offset = 0;
848 queue->left = sizeof(struct nvme_tcp_hdr);
849 queue->cmd = NULL;
850 queue->rcv_state = NVMET_TCP_RECV_PDU;
851 }
852
nvmet_tcp_free_crypto(struct nvmet_tcp_queue * queue)853 static void nvmet_tcp_free_crypto(struct nvmet_tcp_queue *queue)
854 {
855 struct crypto_ahash *tfm = crypto_ahash_reqtfm(queue->rcv_hash);
856
857 ahash_request_free(queue->rcv_hash);
858 ahash_request_free(queue->snd_hash);
859 crypto_free_ahash(tfm);
860 }
861
nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue * queue)862 static int nvmet_tcp_alloc_crypto(struct nvmet_tcp_queue *queue)
863 {
864 struct crypto_ahash *tfm;
865
866 tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC);
867 if (IS_ERR(tfm))
868 return PTR_ERR(tfm);
869
870 queue->snd_hash = ahash_request_alloc(tfm, GFP_KERNEL);
871 if (!queue->snd_hash)
872 goto free_tfm;
873 ahash_request_set_callback(queue->snd_hash, 0, NULL, NULL);
874
875 queue->rcv_hash = ahash_request_alloc(tfm, GFP_KERNEL);
876 if (!queue->rcv_hash)
877 goto free_snd_hash;
878 ahash_request_set_callback(queue->rcv_hash, 0, NULL, NULL);
879
880 return 0;
881 free_snd_hash:
882 ahash_request_free(queue->snd_hash);
883 free_tfm:
884 crypto_free_ahash(tfm);
885 return -ENOMEM;
886 }
887
888
nvmet_tcp_handle_icreq(struct nvmet_tcp_queue * queue)889 static int nvmet_tcp_handle_icreq(struct nvmet_tcp_queue *queue)
890 {
891 struct nvme_tcp_icreq_pdu *icreq = &queue->pdu.icreq;
892 struct nvme_tcp_icresp_pdu *icresp = &queue->pdu.icresp;
893 struct msghdr msg = {};
894 struct kvec iov;
895 int ret;
896
897 if (le32_to_cpu(icreq->hdr.plen) != sizeof(struct nvme_tcp_icreq_pdu)) {
898 pr_err("bad nvme-tcp pdu length (%d)\n",
899 le32_to_cpu(icreq->hdr.plen));
900 nvmet_tcp_fatal_error(queue);
901 }
902
903 if (icreq->pfv != NVME_TCP_PFV_1_0) {
904 pr_err("queue %d: bad pfv %d\n", queue->idx, icreq->pfv);
905 return -EPROTO;
906 }
907
908 if (icreq->hpda != 0) {
909 pr_err("queue %d: unsupported hpda %d\n", queue->idx,
910 icreq->hpda);
911 return -EPROTO;
912 }
913
914 queue->hdr_digest = !!(icreq->digest & NVME_TCP_HDR_DIGEST_ENABLE);
915 queue->data_digest = !!(icreq->digest & NVME_TCP_DATA_DIGEST_ENABLE);
916 if (queue->hdr_digest || queue->data_digest) {
917 ret = nvmet_tcp_alloc_crypto(queue);
918 if (ret)
919 return ret;
920 }
921
922 memset(icresp, 0, sizeof(*icresp));
923 icresp->hdr.type = nvme_tcp_icresp;
924 icresp->hdr.hlen = sizeof(*icresp);
925 icresp->hdr.pdo = 0;
926 icresp->hdr.plen = cpu_to_le32(icresp->hdr.hlen);
927 icresp->pfv = cpu_to_le16(NVME_TCP_PFV_1_0);
928 icresp->maxdata = cpu_to_le32(NVMET_TCP_MAXH2CDATA);
929 icresp->cpda = 0;
930 if (queue->hdr_digest)
931 icresp->digest |= NVME_TCP_HDR_DIGEST_ENABLE;
932 if (queue->data_digest)
933 icresp->digest |= NVME_TCP_DATA_DIGEST_ENABLE;
934
935 iov.iov_base = icresp;
936 iov.iov_len = sizeof(*icresp);
937 ret = kernel_sendmsg(queue->sock, &msg, &iov, 1, iov.iov_len);
938 if (ret < 0) {
939 queue->state = NVMET_TCP_Q_FAILED;
940 return ret; /* queue removal will cleanup */
941 }
942
943 queue->state = NVMET_TCP_Q_LIVE;
944 nvmet_prepare_receive_pdu(queue);
945 return 0;
946 }
947
nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * cmd,struct nvmet_req * req)948 static void nvmet_tcp_handle_req_failure(struct nvmet_tcp_queue *queue,
949 struct nvmet_tcp_cmd *cmd, struct nvmet_req *req)
950 {
951 size_t data_len = le32_to_cpu(req->cmd->common.dptr.sgl.length);
952 int ret;
953
954 /*
955 * This command has not been processed yet, hence we are trying to
956 * figure out if there is still pending data left to receive. If
957 * we don't, we can simply prepare for the next pdu and bail out,
958 * otherwise we will need to prepare a buffer and receive the
959 * stale data before continuing forward.
960 */
961 if (!nvme_is_write(cmd->req.cmd) || !data_len ||
962 data_len > cmd->req.port->inline_data_size) {
963 nvmet_prepare_receive_pdu(queue);
964 return;
965 }
966
967 ret = nvmet_tcp_map_data(cmd);
968 if (unlikely(ret)) {
969 pr_err("queue %d: failed to map data\n", queue->idx);
970 nvmet_tcp_fatal_error(queue);
971 return;
972 }
973
974 queue->rcv_state = NVMET_TCP_RECV_DATA;
975 nvmet_tcp_build_pdu_iovec(cmd);
976 cmd->flags |= NVMET_TCP_F_INIT_FAILED;
977 }
978
nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue * queue)979 static int nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue *queue)
980 {
981 struct nvme_tcp_data_pdu *data = &queue->pdu.data;
982 struct nvmet_tcp_cmd *cmd;
983 unsigned int exp_data_len;
984
985 if (likely(queue->nr_cmds)) {
986 if (unlikely(data->ttag >= queue->nr_cmds)) {
987 pr_err("queue %d: received out of bound ttag %u, nr_cmds %u\n",
988 queue->idx, data->ttag, queue->nr_cmds);
989 goto err_proto;
990 }
991 cmd = &queue->cmds[data->ttag];
992 } else {
993 cmd = &queue->connect;
994 }
995
996 if (le32_to_cpu(data->data_offset) != cmd->rbytes_done) {
997 pr_err("ttag %u unexpected data offset %u (expected %u)\n",
998 data->ttag, le32_to_cpu(data->data_offset),
999 cmd->rbytes_done);
1000 goto err_proto;
1001 }
1002
1003 exp_data_len = le32_to_cpu(data->hdr.plen) -
1004 nvmet_tcp_hdgst_len(queue) -
1005 nvmet_tcp_ddgst_len(queue) -
1006 sizeof(*data);
1007
1008 cmd->pdu_len = le32_to_cpu(data->data_length);
1009 if (unlikely(cmd->pdu_len != exp_data_len ||
1010 cmd->pdu_len == 0 ||
1011 cmd->pdu_len > NVMET_TCP_MAXH2CDATA)) {
1012 pr_err("H2CData PDU len %u is invalid\n", cmd->pdu_len);
1013 goto err_proto;
1014 }
1015 cmd->pdu_recv = 0;
1016 nvmet_tcp_build_pdu_iovec(cmd);
1017 queue->cmd = cmd;
1018 queue->rcv_state = NVMET_TCP_RECV_DATA;
1019
1020 return 0;
1021
1022 err_proto:
1023 /* FIXME: use proper transport errors */
1024 nvmet_tcp_fatal_error(queue);
1025 return -EPROTO;
1026 }
1027
nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue * queue)1028 static int nvmet_tcp_done_recv_pdu(struct nvmet_tcp_queue *queue)
1029 {
1030 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr;
1031 struct nvme_command *nvme_cmd = &queue->pdu.cmd.cmd;
1032 struct nvmet_req *req;
1033 int ret;
1034
1035 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) {
1036 if (hdr->type != nvme_tcp_icreq) {
1037 pr_err("unexpected pdu type (%d) before icreq\n",
1038 hdr->type);
1039 nvmet_tcp_fatal_error(queue);
1040 return -EPROTO;
1041 }
1042 return nvmet_tcp_handle_icreq(queue);
1043 }
1044
1045 if (unlikely(hdr->type == nvme_tcp_icreq)) {
1046 pr_err("queue %d: received icreq pdu in state %d\n",
1047 queue->idx, queue->state);
1048 nvmet_tcp_fatal_error(queue);
1049 return -EPROTO;
1050 }
1051
1052 if (hdr->type == nvme_tcp_h2c_data) {
1053 ret = nvmet_tcp_handle_h2c_data_pdu(queue);
1054 if (unlikely(ret))
1055 return ret;
1056 return 0;
1057 }
1058
1059 queue->cmd = nvmet_tcp_get_cmd(queue);
1060 if (unlikely(!queue->cmd)) {
1061 /* This should never happen */
1062 pr_err("queue %d: out of commands (%d) send_list_len: %d, opcode: %d",
1063 queue->idx, queue->nr_cmds, queue->send_list_len,
1064 nvme_cmd->common.opcode);
1065 nvmet_tcp_fatal_error(queue);
1066 return -ENOMEM;
1067 }
1068
1069 req = &queue->cmd->req;
1070 memcpy(req->cmd, nvme_cmd, sizeof(*nvme_cmd));
1071
1072 if (unlikely(!nvmet_req_init(req, &queue->nvme_cq,
1073 &queue->nvme_sq, &nvmet_tcp_ops))) {
1074 pr_err("failed cmd %p id %d opcode %d, data_len: %d\n",
1075 req->cmd, req->cmd->common.command_id,
1076 req->cmd->common.opcode,
1077 le32_to_cpu(req->cmd->common.dptr.sgl.length));
1078
1079 nvmet_tcp_handle_req_failure(queue, queue->cmd, req);
1080 return 0;
1081 }
1082
1083 ret = nvmet_tcp_map_data(queue->cmd);
1084 if (unlikely(ret)) {
1085 pr_err("queue %d: failed to map data\n", queue->idx);
1086 if (nvmet_tcp_has_inline_data(queue->cmd))
1087 nvmet_tcp_fatal_error(queue);
1088 else
1089 nvmet_req_complete(req, ret);
1090 ret = -EAGAIN;
1091 goto out;
1092 }
1093
1094 if (nvmet_tcp_need_data_in(queue->cmd)) {
1095 if (nvmet_tcp_has_inline_data(queue->cmd)) {
1096 queue->rcv_state = NVMET_TCP_RECV_DATA;
1097 nvmet_tcp_build_pdu_iovec(queue->cmd);
1098 return 0;
1099 }
1100 /* send back R2T */
1101 nvmet_tcp_queue_response(&queue->cmd->req);
1102 goto out;
1103 }
1104
1105 queue->cmd->req.execute(&queue->cmd->req);
1106 out:
1107 nvmet_prepare_receive_pdu(queue);
1108 return ret;
1109 }
1110
1111 static const u8 nvme_tcp_pdu_sizes[] = {
1112 [nvme_tcp_icreq] = sizeof(struct nvme_tcp_icreq_pdu),
1113 [nvme_tcp_cmd] = sizeof(struct nvme_tcp_cmd_pdu),
1114 [nvme_tcp_h2c_data] = sizeof(struct nvme_tcp_data_pdu),
1115 };
1116
nvmet_tcp_pdu_size(u8 type)1117 static inline u8 nvmet_tcp_pdu_size(u8 type)
1118 {
1119 size_t idx = type;
1120
1121 return (idx < ARRAY_SIZE(nvme_tcp_pdu_sizes) &&
1122 nvme_tcp_pdu_sizes[idx]) ?
1123 nvme_tcp_pdu_sizes[idx] : 0;
1124 }
1125
nvmet_tcp_pdu_valid(u8 type)1126 static inline bool nvmet_tcp_pdu_valid(u8 type)
1127 {
1128 switch (type) {
1129 case nvme_tcp_icreq:
1130 case nvme_tcp_cmd:
1131 case nvme_tcp_h2c_data:
1132 /* fallthru */
1133 return true;
1134 }
1135
1136 return false;
1137 }
1138
nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue * queue,struct msghdr * msg,char * cbuf)1139 static int nvmet_tcp_tls_record_ok(struct nvmet_tcp_queue *queue,
1140 struct msghdr *msg, char *cbuf)
1141 {
1142 struct cmsghdr *cmsg = (struct cmsghdr *)cbuf;
1143 u8 ctype, level, description;
1144 int ret = 0;
1145
1146 ctype = tls_get_record_type(queue->sock->sk, cmsg);
1147 switch (ctype) {
1148 case 0:
1149 break;
1150 case TLS_RECORD_TYPE_DATA:
1151 break;
1152 case TLS_RECORD_TYPE_ALERT:
1153 tls_alert_recv(queue->sock->sk, msg, &level, &description);
1154 if (level == TLS_ALERT_LEVEL_FATAL) {
1155 pr_err("queue %d: TLS Alert desc %u\n",
1156 queue->idx, description);
1157 ret = -ENOTCONN;
1158 } else {
1159 pr_warn("queue %d: TLS Alert desc %u\n",
1160 queue->idx, description);
1161 ret = -EAGAIN;
1162 }
1163 break;
1164 default:
1165 /* discard this record type */
1166 pr_err("queue %d: TLS record %d unhandled\n",
1167 queue->idx, ctype);
1168 ret = -EAGAIN;
1169 break;
1170 }
1171 return ret;
1172 }
1173
nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue * queue)1174 static int nvmet_tcp_try_recv_pdu(struct nvmet_tcp_queue *queue)
1175 {
1176 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr;
1177 int len, ret;
1178 struct kvec iov;
1179 char cbuf[CMSG_LEN(sizeof(char))] = {};
1180 struct msghdr msg = { .msg_flags = MSG_DONTWAIT };
1181
1182 recv:
1183 iov.iov_base = (void *)&queue->pdu + queue->offset;
1184 iov.iov_len = queue->left;
1185 if (queue->tls_pskid) {
1186 msg.msg_control = cbuf;
1187 msg.msg_controllen = sizeof(cbuf);
1188 }
1189 len = kernel_recvmsg(queue->sock, &msg, &iov, 1,
1190 iov.iov_len, msg.msg_flags);
1191 if (unlikely(len < 0))
1192 return len;
1193 if (queue->tls_pskid) {
1194 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf);
1195 if (ret < 0)
1196 return ret;
1197 }
1198
1199 queue->offset += len;
1200 queue->left -= len;
1201 if (queue->left)
1202 return -EAGAIN;
1203
1204 if (queue->offset == sizeof(struct nvme_tcp_hdr)) {
1205 u8 hdgst = nvmet_tcp_hdgst_len(queue);
1206
1207 if (unlikely(!nvmet_tcp_pdu_valid(hdr->type))) {
1208 pr_err("unexpected pdu type %d\n", hdr->type);
1209 nvmet_tcp_fatal_error(queue);
1210 return -EIO;
1211 }
1212
1213 if (unlikely(hdr->hlen != nvmet_tcp_pdu_size(hdr->type))) {
1214 pr_err("pdu %d bad hlen %d\n", hdr->type, hdr->hlen);
1215 return -EIO;
1216 }
1217
1218 queue->left = hdr->hlen - queue->offset + hdgst;
1219 goto recv;
1220 }
1221
1222 if (queue->hdr_digest &&
1223 nvmet_tcp_verify_hdgst(queue, &queue->pdu, hdr->hlen)) {
1224 nvmet_tcp_fatal_error(queue); /* fatal */
1225 return -EPROTO;
1226 }
1227
1228 if (queue->data_digest &&
1229 nvmet_tcp_check_ddgst(queue, &queue->pdu)) {
1230 nvmet_tcp_fatal_error(queue); /* fatal */
1231 return -EPROTO;
1232 }
1233
1234 return nvmet_tcp_done_recv_pdu(queue);
1235 }
1236
nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd * cmd)1237 static void nvmet_tcp_prep_recv_ddgst(struct nvmet_tcp_cmd *cmd)
1238 {
1239 struct nvmet_tcp_queue *queue = cmd->queue;
1240
1241 nvmet_tcp_calc_ddgst(queue->rcv_hash, cmd);
1242 queue->offset = 0;
1243 queue->left = NVME_TCP_DIGEST_LENGTH;
1244 queue->rcv_state = NVMET_TCP_RECV_DDGST;
1245 }
1246
nvmet_tcp_try_recv_data(struct nvmet_tcp_queue * queue)1247 static int nvmet_tcp_try_recv_data(struct nvmet_tcp_queue *queue)
1248 {
1249 struct nvmet_tcp_cmd *cmd = queue->cmd;
1250 int len, ret;
1251
1252 while (msg_data_left(&cmd->recv_msg)) {
1253 len = sock_recvmsg(cmd->queue->sock, &cmd->recv_msg,
1254 cmd->recv_msg.msg_flags);
1255 if (len <= 0)
1256 return len;
1257 if (queue->tls_pskid) {
1258 ret = nvmet_tcp_tls_record_ok(cmd->queue,
1259 &cmd->recv_msg, cmd->recv_cbuf);
1260 if (ret < 0)
1261 return ret;
1262 }
1263
1264 cmd->pdu_recv += len;
1265 cmd->rbytes_done += len;
1266 }
1267
1268 if (queue->data_digest) {
1269 nvmet_tcp_prep_recv_ddgst(cmd);
1270 return 0;
1271 }
1272
1273 if (cmd->rbytes_done == cmd->req.transfer_len)
1274 nvmet_tcp_execute_request(cmd);
1275
1276 nvmet_prepare_receive_pdu(queue);
1277 return 0;
1278 }
1279
nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue * queue)1280 static int nvmet_tcp_try_recv_ddgst(struct nvmet_tcp_queue *queue)
1281 {
1282 struct nvmet_tcp_cmd *cmd = queue->cmd;
1283 int ret, len;
1284 char cbuf[CMSG_LEN(sizeof(char))] = {};
1285 struct msghdr msg = { .msg_flags = MSG_DONTWAIT };
1286 struct kvec iov = {
1287 .iov_base = (void *)&cmd->recv_ddgst + queue->offset,
1288 .iov_len = queue->left
1289 };
1290
1291 if (queue->tls_pskid) {
1292 msg.msg_control = cbuf;
1293 msg.msg_controllen = sizeof(cbuf);
1294 }
1295 len = kernel_recvmsg(queue->sock, &msg, &iov, 1,
1296 iov.iov_len, msg.msg_flags);
1297 if (unlikely(len < 0))
1298 return len;
1299 if (queue->tls_pskid) {
1300 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf);
1301 if (ret < 0)
1302 return ret;
1303 }
1304
1305 queue->offset += len;
1306 queue->left -= len;
1307 if (queue->left)
1308 return -EAGAIN;
1309
1310 if (queue->data_digest && cmd->exp_ddgst != cmd->recv_ddgst) {
1311 pr_err("queue %d: cmd %d pdu (%d) data digest error: recv %#x expected %#x\n",
1312 queue->idx, cmd->req.cmd->common.command_id,
1313 queue->pdu.cmd.hdr.type, le32_to_cpu(cmd->recv_ddgst),
1314 le32_to_cpu(cmd->exp_ddgst));
1315 nvmet_req_uninit(&cmd->req);
1316 nvmet_tcp_free_cmd_buffers(cmd);
1317 nvmet_tcp_fatal_error(queue);
1318 ret = -EPROTO;
1319 goto out;
1320 }
1321
1322 if (cmd->rbytes_done == cmd->req.transfer_len)
1323 nvmet_tcp_execute_request(cmd);
1324
1325 ret = 0;
1326 out:
1327 nvmet_prepare_receive_pdu(queue);
1328 return ret;
1329 }
1330
nvmet_tcp_try_recv_one(struct nvmet_tcp_queue * queue)1331 static int nvmet_tcp_try_recv_one(struct nvmet_tcp_queue *queue)
1332 {
1333 int result = 0;
1334
1335 if (unlikely(queue->rcv_state == NVMET_TCP_RECV_ERR))
1336 return 0;
1337
1338 if (queue->rcv_state == NVMET_TCP_RECV_PDU) {
1339 result = nvmet_tcp_try_recv_pdu(queue);
1340 if (result != 0)
1341 goto done_recv;
1342 }
1343
1344 if (queue->rcv_state == NVMET_TCP_RECV_DATA) {
1345 result = nvmet_tcp_try_recv_data(queue);
1346 if (result != 0)
1347 goto done_recv;
1348 }
1349
1350 if (queue->rcv_state == NVMET_TCP_RECV_DDGST) {
1351 result = nvmet_tcp_try_recv_ddgst(queue);
1352 if (result != 0)
1353 goto done_recv;
1354 }
1355
1356 done_recv:
1357 if (result < 0) {
1358 if (result == -EAGAIN)
1359 return 0;
1360 return result;
1361 }
1362 return 1;
1363 }
1364
nvmet_tcp_try_recv(struct nvmet_tcp_queue * queue,int budget,int * recvs)1365 static int nvmet_tcp_try_recv(struct nvmet_tcp_queue *queue,
1366 int budget, int *recvs)
1367 {
1368 int i, ret = 0;
1369
1370 for (i = 0; i < budget; i++) {
1371 ret = nvmet_tcp_try_recv_one(queue);
1372 if (unlikely(ret < 0)) {
1373 nvmet_tcp_socket_error(queue, ret);
1374 goto done;
1375 } else if (ret == 0) {
1376 break;
1377 }
1378 (*recvs)++;
1379 }
1380 done:
1381 return ret;
1382 }
1383
nvmet_tcp_release_queue(struct kref * kref)1384 static void nvmet_tcp_release_queue(struct kref *kref)
1385 {
1386 struct nvmet_tcp_queue *queue =
1387 container_of(kref, struct nvmet_tcp_queue, kref);
1388
1389 WARN_ON(queue->state != NVMET_TCP_Q_DISCONNECTING);
1390 queue_work(nvmet_wq, &queue->release_work);
1391 }
1392
nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue * queue)1393 static void nvmet_tcp_schedule_release_queue(struct nvmet_tcp_queue *queue)
1394 {
1395 spin_lock_bh(&queue->state_lock);
1396 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
1397 /* Socket closed during handshake */
1398 tls_handshake_cancel(queue->sock->sk);
1399 }
1400 if (queue->state != NVMET_TCP_Q_DISCONNECTING) {
1401 queue->state = NVMET_TCP_Q_DISCONNECTING;
1402 kref_put(&queue->kref, nvmet_tcp_release_queue);
1403 }
1404 spin_unlock_bh(&queue->state_lock);
1405 }
1406
nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue * queue)1407 static inline void nvmet_tcp_arm_queue_deadline(struct nvmet_tcp_queue *queue)
1408 {
1409 queue->poll_end = jiffies + usecs_to_jiffies(idle_poll_period_usecs);
1410 }
1411
nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue * queue,int ops)1412 static bool nvmet_tcp_check_queue_deadline(struct nvmet_tcp_queue *queue,
1413 int ops)
1414 {
1415 if (!idle_poll_period_usecs)
1416 return false;
1417
1418 if (ops)
1419 nvmet_tcp_arm_queue_deadline(queue);
1420
1421 return !time_after(jiffies, queue->poll_end);
1422 }
1423
nvmet_tcp_io_work(struct work_struct * w)1424 static void nvmet_tcp_io_work(struct work_struct *w)
1425 {
1426 struct nvmet_tcp_queue *queue =
1427 container_of(w, struct nvmet_tcp_queue, io_work);
1428 bool pending;
1429 int ret, ops = 0;
1430
1431 do {
1432 pending = false;
1433
1434 ret = nvmet_tcp_try_recv(queue, NVMET_TCP_RECV_BUDGET, &ops);
1435 if (ret > 0)
1436 pending = true;
1437 else if (ret < 0)
1438 return;
1439
1440 ret = nvmet_tcp_try_send(queue, NVMET_TCP_SEND_BUDGET, &ops);
1441 if (ret > 0)
1442 pending = true;
1443 else if (ret < 0)
1444 return;
1445
1446 } while (pending && ops < NVMET_TCP_IO_WORK_BUDGET);
1447
1448 /*
1449 * Requeue the worker if idle deadline period is in progress or any
1450 * ops activity was recorded during the do-while loop above.
1451 */
1452 if (nvmet_tcp_check_queue_deadline(queue, ops) || pending)
1453 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work);
1454 }
1455
nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue * queue,struct nvmet_tcp_cmd * c)1456 static int nvmet_tcp_alloc_cmd(struct nvmet_tcp_queue *queue,
1457 struct nvmet_tcp_cmd *c)
1458 {
1459 u8 hdgst = nvmet_tcp_hdgst_len(queue);
1460
1461 c->queue = queue;
1462 c->req.port = queue->port->nport;
1463
1464 c->cmd_pdu = page_frag_alloc(&queue->pf_cache,
1465 sizeof(*c->cmd_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1466 if (!c->cmd_pdu)
1467 return -ENOMEM;
1468 c->req.cmd = &c->cmd_pdu->cmd;
1469
1470 c->rsp_pdu = page_frag_alloc(&queue->pf_cache,
1471 sizeof(*c->rsp_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1472 if (!c->rsp_pdu)
1473 goto out_free_cmd;
1474 c->req.cqe = &c->rsp_pdu->cqe;
1475
1476 c->data_pdu = page_frag_alloc(&queue->pf_cache,
1477 sizeof(*c->data_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1478 if (!c->data_pdu)
1479 goto out_free_rsp;
1480
1481 c->r2t_pdu = page_frag_alloc(&queue->pf_cache,
1482 sizeof(*c->r2t_pdu) + hdgst, GFP_KERNEL | __GFP_ZERO);
1483 if (!c->r2t_pdu)
1484 goto out_free_data;
1485
1486 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
1487 c->recv_msg.msg_control = c->recv_cbuf;
1488 c->recv_msg.msg_controllen = sizeof(c->recv_cbuf);
1489 }
1490 c->recv_msg.msg_flags = MSG_DONTWAIT | MSG_NOSIGNAL;
1491
1492 list_add_tail(&c->entry, &queue->free_list);
1493
1494 return 0;
1495 out_free_data:
1496 page_frag_free(c->data_pdu);
1497 out_free_rsp:
1498 page_frag_free(c->rsp_pdu);
1499 out_free_cmd:
1500 page_frag_free(c->cmd_pdu);
1501 return -ENOMEM;
1502 }
1503
nvmet_tcp_free_cmd(struct nvmet_tcp_cmd * c)1504 static void nvmet_tcp_free_cmd(struct nvmet_tcp_cmd *c)
1505 {
1506 page_frag_free(c->r2t_pdu);
1507 page_frag_free(c->data_pdu);
1508 page_frag_free(c->rsp_pdu);
1509 page_frag_free(c->cmd_pdu);
1510 }
1511
nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue * queue)1512 static int nvmet_tcp_alloc_cmds(struct nvmet_tcp_queue *queue)
1513 {
1514 struct nvmet_tcp_cmd *cmds;
1515 int i, ret = -EINVAL, nr_cmds = queue->nr_cmds;
1516
1517 cmds = kcalloc(nr_cmds, sizeof(struct nvmet_tcp_cmd), GFP_KERNEL);
1518 if (!cmds)
1519 goto out;
1520
1521 for (i = 0; i < nr_cmds; i++) {
1522 ret = nvmet_tcp_alloc_cmd(queue, cmds + i);
1523 if (ret)
1524 goto out_free;
1525 }
1526
1527 queue->cmds = cmds;
1528
1529 return 0;
1530 out_free:
1531 while (--i >= 0)
1532 nvmet_tcp_free_cmd(cmds + i);
1533 kfree(cmds);
1534 out:
1535 return ret;
1536 }
1537
nvmet_tcp_free_cmds(struct nvmet_tcp_queue * queue)1538 static void nvmet_tcp_free_cmds(struct nvmet_tcp_queue *queue)
1539 {
1540 struct nvmet_tcp_cmd *cmds = queue->cmds;
1541 int i;
1542
1543 for (i = 0; i < queue->nr_cmds; i++)
1544 nvmet_tcp_free_cmd(cmds + i);
1545
1546 nvmet_tcp_free_cmd(&queue->connect);
1547 kfree(cmds);
1548 }
1549
nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue * queue)1550 static void nvmet_tcp_restore_socket_callbacks(struct nvmet_tcp_queue *queue)
1551 {
1552 struct socket *sock = queue->sock;
1553
1554 write_lock_bh(&sock->sk->sk_callback_lock);
1555 sock->sk->sk_data_ready = queue->data_ready;
1556 sock->sk->sk_state_change = queue->state_change;
1557 sock->sk->sk_write_space = queue->write_space;
1558 sock->sk->sk_user_data = NULL;
1559 write_unlock_bh(&sock->sk->sk_callback_lock);
1560 }
1561
nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue * queue)1562 static void nvmet_tcp_uninit_data_in_cmds(struct nvmet_tcp_queue *queue)
1563 {
1564 struct nvmet_tcp_cmd *cmd = queue->cmds;
1565 int i;
1566
1567 for (i = 0; i < queue->nr_cmds; i++, cmd++) {
1568 if (nvmet_tcp_need_data_in(cmd))
1569 nvmet_req_uninit(&cmd->req);
1570 }
1571
1572 if (!queue->nr_cmds && nvmet_tcp_need_data_in(&queue->connect)) {
1573 /* failed in connect */
1574 nvmet_req_uninit(&queue->connect.req);
1575 }
1576 }
1577
nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue * queue)1578 static void nvmet_tcp_free_cmd_data_in_buffers(struct nvmet_tcp_queue *queue)
1579 {
1580 struct nvmet_tcp_cmd *cmd = queue->cmds;
1581 int i;
1582
1583 for (i = 0; i < queue->nr_cmds; i++, cmd++) {
1584 if (nvmet_tcp_need_data_in(cmd))
1585 nvmet_tcp_free_cmd_buffers(cmd);
1586 }
1587
1588 if (!queue->nr_cmds && nvmet_tcp_need_data_in(&queue->connect))
1589 nvmet_tcp_free_cmd_buffers(&queue->connect);
1590 }
1591
nvmet_tcp_release_queue_work(struct work_struct * w)1592 static void nvmet_tcp_release_queue_work(struct work_struct *w)
1593 {
1594 struct page *page;
1595 struct nvmet_tcp_queue *queue =
1596 container_of(w, struct nvmet_tcp_queue, release_work);
1597
1598 mutex_lock(&nvmet_tcp_queue_mutex);
1599 list_del_init(&queue->queue_list);
1600 mutex_unlock(&nvmet_tcp_queue_mutex);
1601
1602 nvmet_tcp_restore_socket_callbacks(queue);
1603 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work);
1604 cancel_work_sync(&queue->io_work);
1605 /* stop accepting incoming data */
1606 queue->rcv_state = NVMET_TCP_RECV_ERR;
1607
1608 nvmet_tcp_uninit_data_in_cmds(queue);
1609 nvmet_sq_destroy(&queue->nvme_sq);
1610 cancel_work_sync(&queue->io_work);
1611 nvmet_tcp_free_cmd_data_in_buffers(queue);
1612 /* ->sock will be released by fput() */
1613 fput(queue->sock->file);
1614 nvmet_tcp_free_cmds(queue);
1615 if (queue->hdr_digest || queue->data_digest)
1616 nvmet_tcp_free_crypto(queue);
1617 ida_free(&nvmet_tcp_queue_ida, queue->idx);
1618 page = virt_to_head_page(queue->pf_cache.va);
1619 __page_frag_cache_drain(page, queue->pf_cache.pagecnt_bias);
1620 kfree(queue);
1621 }
1622
nvmet_tcp_data_ready(struct sock * sk)1623 static void nvmet_tcp_data_ready(struct sock *sk)
1624 {
1625 struct nvmet_tcp_queue *queue;
1626
1627 trace_sk_data_ready(sk);
1628
1629 read_lock_bh(&sk->sk_callback_lock);
1630 queue = sk->sk_user_data;
1631 if (likely(queue)) {
1632 if (queue->data_ready)
1633 queue->data_ready(sk);
1634 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)
1635 queue_work_on(queue_cpu(queue), nvmet_tcp_wq,
1636 &queue->io_work);
1637 }
1638 read_unlock_bh(&sk->sk_callback_lock);
1639 }
1640
nvmet_tcp_write_space(struct sock * sk)1641 static void nvmet_tcp_write_space(struct sock *sk)
1642 {
1643 struct nvmet_tcp_queue *queue;
1644
1645 read_lock_bh(&sk->sk_callback_lock);
1646 queue = sk->sk_user_data;
1647 if (unlikely(!queue))
1648 goto out;
1649
1650 if (unlikely(queue->state == NVMET_TCP_Q_CONNECTING)) {
1651 queue->write_space(sk);
1652 goto out;
1653 }
1654
1655 if (sk_stream_is_writeable(sk)) {
1656 clear_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
1657 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work);
1658 }
1659 out:
1660 read_unlock_bh(&sk->sk_callback_lock);
1661 }
1662
nvmet_tcp_state_change(struct sock * sk)1663 static void nvmet_tcp_state_change(struct sock *sk)
1664 {
1665 struct nvmet_tcp_queue *queue;
1666
1667 read_lock_bh(&sk->sk_callback_lock);
1668 queue = sk->sk_user_data;
1669 if (!queue)
1670 goto done;
1671
1672 switch (sk->sk_state) {
1673 case TCP_FIN_WAIT2:
1674 case TCP_LAST_ACK:
1675 break;
1676 case TCP_FIN_WAIT1:
1677 case TCP_CLOSE_WAIT:
1678 case TCP_CLOSE:
1679 /* FALLTHRU */
1680 nvmet_tcp_schedule_release_queue(queue);
1681 break;
1682 default:
1683 pr_warn("queue %d unhandled state %d\n",
1684 queue->idx, sk->sk_state);
1685 }
1686 done:
1687 read_unlock_bh(&sk->sk_callback_lock);
1688 }
1689
nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue * queue)1690 static int nvmet_tcp_set_queue_sock(struct nvmet_tcp_queue *queue)
1691 {
1692 struct socket *sock = queue->sock;
1693 struct inet_sock *inet = inet_sk(sock->sk);
1694 int ret;
1695
1696 ret = kernel_getsockname(sock,
1697 (struct sockaddr *)&queue->sockaddr);
1698 if (ret < 0)
1699 return ret;
1700
1701 ret = kernel_getpeername(sock,
1702 (struct sockaddr *)&queue->sockaddr_peer);
1703 if (ret < 0)
1704 return ret;
1705
1706 /*
1707 * Cleanup whatever is sitting in the TCP transmit queue on socket
1708 * close. This is done to prevent stale data from being sent should
1709 * the network connection be restored before TCP times out.
1710 */
1711 sock_no_linger(sock->sk);
1712
1713 if (so_priority > 0)
1714 sock_set_priority(sock->sk, so_priority);
1715
1716 /* Set socket type of service */
1717 if (inet->rcv_tos > 0)
1718 ip_sock_set_tos(sock->sk, inet->rcv_tos);
1719
1720 ret = 0;
1721 write_lock_bh(&sock->sk->sk_callback_lock);
1722 if (sock->sk->sk_state != TCP_ESTABLISHED) {
1723 /*
1724 * If the socket is already closing, don't even start
1725 * consuming it
1726 */
1727 ret = -ENOTCONN;
1728 } else {
1729 sock->sk->sk_user_data = queue;
1730 queue->data_ready = sock->sk->sk_data_ready;
1731 sock->sk->sk_data_ready = nvmet_tcp_data_ready;
1732 queue->state_change = sock->sk->sk_state_change;
1733 sock->sk->sk_state_change = nvmet_tcp_state_change;
1734 queue->write_space = sock->sk->sk_write_space;
1735 sock->sk->sk_write_space = nvmet_tcp_write_space;
1736 if (idle_poll_period_usecs)
1737 nvmet_tcp_arm_queue_deadline(queue);
1738 queue_work_on(queue_cpu(queue), nvmet_tcp_wq, &queue->io_work);
1739 }
1740 write_unlock_bh(&sock->sk->sk_callback_lock);
1741
1742 return ret;
1743 }
1744
1745 #ifdef CONFIG_NVME_TARGET_TCP_TLS
nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue * queue)1746 static int nvmet_tcp_try_peek_pdu(struct nvmet_tcp_queue *queue)
1747 {
1748 struct nvme_tcp_hdr *hdr = &queue->pdu.cmd.hdr;
1749 int len, ret;
1750 struct kvec iov = {
1751 .iov_base = (u8 *)&queue->pdu + queue->offset,
1752 .iov_len = sizeof(struct nvme_tcp_hdr),
1753 };
1754 char cbuf[CMSG_LEN(sizeof(char))] = {};
1755 struct msghdr msg = {
1756 .msg_control = cbuf,
1757 .msg_controllen = sizeof(cbuf),
1758 .msg_flags = MSG_PEEK,
1759 };
1760
1761 if (nvmet_port_secure_channel_required(queue->port->nport))
1762 return 0;
1763
1764 len = kernel_recvmsg(queue->sock, &msg, &iov, 1,
1765 iov.iov_len, msg.msg_flags);
1766 if (unlikely(len < 0)) {
1767 pr_debug("queue %d: peek error %d\n",
1768 queue->idx, len);
1769 return len;
1770 }
1771
1772 ret = nvmet_tcp_tls_record_ok(queue, &msg, cbuf);
1773 if (ret < 0)
1774 return ret;
1775
1776 if (len < sizeof(struct nvme_tcp_hdr)) {
1777 pr_debug("queue %d: short read, %d bytes missing\n",
1778 queue->idx, (int)iov.iov_len - len);
1779 return -EAGAIN;
1780 }
1781 pr_debug("queue %d: hdr type %d hlen %d plen %d size %d\n",
1782 queue->idx, hdr->type, hdr->hlen, hdr->plen,
1783 (int)sizeof(struct nvme_tcp_icreq_pdu));
1784 if (hdr->type == nvme_tcp_icreq &&
1785 hdr->hlen == sizeof(struct nvme_tcp_icreq_pdu) &&
1786 hdr->plen == cpu_to_le32(sizeof(struct nvme_tcp_icreq_pdu))) {
1787 pr_debug("queue %d: icreq detected\n",
1788 queue->idx);
1789 return len;
1790 }
1791 return 0;
1792 }
1793
nvmet_tcp_tls_handshake_done(void * data,int status,key_serial_t peerid)1794 static void nvmet_tcp_tls_handshake_done(void *data, int status,
1795 key_serial_t peerid)
1796 {
1797 struct nvmet_tcp_queue *queue = data;
1798
1799 pr_debug("queue %d: TLS handshake done, key %x, status %d\n",
1800 queue->idx, peerid, status);
1801 spin_lock_bh(&queue->state_lock);
1802 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) {
1803 spin_unlock_bh(&queue->state_lock);
1804 return;
1805 }
1806 if (!status) {
1807 queue->tls_pskid = peerid;
1808 queue->state = NVMET_TCP_Q_CONNECTING;
1809 } else
1810 queue->state = NVMET_TCP_Q_FAILED;
1811 spin_unlock_bh(&queue->state_lock);
1812
1813 cancel_delayed_work_sync(&queue->tls_handshake_tmo_work);
1814 if (status)
1815 nvmet_tcp_schedule_release_queue(queue);
1816 else
1817 nvmet_tcp_set_queue_sock(queue);
1818 kref_put(&queue->kref, nvmet_tcp_release_queue);
1819 }
1820
nvmet_tcp_tls_handshake_timeout(struct work_struct * w)1821 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w)
1822 {
1823 struct nvmet_tcp_queue *queue = container_of(to_delayed_work(w),
1824 struct nvmet_tcp_queue, tls_handshake_tmo_work);
1825
1826 pr_warn("queue %d: TLS handshake timeout\n", queue->idx);
1827 /*
1828 * If tls_handshake_cancel() fails we've lost the race with
1829 * nvmet_tcp_tls_handshake_done() */
1830 if (!tls_handshake_cancel(queue->sock->sk))
1831 return;
1832 spin_lock_bh(&queue->state_lock);
1833 if (WARN_ON(queue->state != NVMET_TCP_Q_TLS_HANDSHAKE)) {
1834 spin_unlock_bh(&queue->state_lock);
1835 return;
1836 }
1837 queue->state = NVMET_TCP_Q_FAILED;
1838 spin_unlock_bh(&queue->state_lock);
1839 nvmet_tcp_schedule_release_queue(queue);
1840 kref_put(&queue->kref, nvmet_tcp_release_queue);
1841 }
1842
nvmet_tcp_tls_handshake(struct nvmet_tcp_queue * queue)1843 static int nvmet_tcp_tls_handshake(struct nvmet_tcp_queue *queue)
1844 {
1845 int ret = -EOPNOTSUPP;
1846 struct tls_handshake_args args;
1847
1848 if (queue->state != NVMET_TCP_Q_TLS_HANDSHAKE) {
1849 pr_warn("cannot start TLS in state %d\n", queue->state);
1850 return -EINVAL;
1851 }
1852
1853 kref_get(&queue->kref);
1854 pr_debug("queue %d: TLS ServerHello\n", queue->idx);
1855 memset(&args, 0, sizeof(args));
1856 args.ta_sock = queue->sock;
1857 args.ta_done = nvmet_tcp_tls_handshake_done;
1858 args.ta_data = queue;
1859 args.ta_keyring = key_serial(queue->port->nport->keyring);
1860 args.ta_timeout_ms = tls_handshake_timeout * 1000;
1861
1862 ret = tls_server_hello_psk(&args, GFP_KERNEL);
1863 if (ret) {
1864 kref_put(&queue->kref, nvmet_tcp_release_queue);
1865 pr_err("failed to start TLS, err=%d\n", ret);
1866 } else {
1867 queue_delayed_work(nvmet_wq, &queue->tls_handshake_tmo_work,
1868 tls_handshake_timeout * HZ);
1869 }
1870 return ret;
1871 }
1872 #else
nvmet_tcp_tls_handshake_timeout(struct work_struct * w)1873 static void nvmet_tcp_tls_handshake_timeout(struct work_struct *w) {}
1874 #endif
1875
nvmet_tcp_alloc_queue(struct nvmet_tcp_port * port,struct socket * newsock)1876 static void nvmet_tcp_alloc_queue(struct nvmet_tcp_port *port,
1877 struct socket *newsock)
1878 {
1879 struct nvmet_tcp_queue *queue;
1880 struct file *sock_file = NULL;
1881 int ret;
1882
1883 queue = kzalloc(sizeof(*queue), GFP_KERNEL);
1884 if (!queue) {
1885 ret = -ENOMEM;
1886 goto out_release;
1887 }
1888
1889 INIT_WORK(&queue->release_work, nvmet_tcp_release_queue_work);
1890 INIT_WORK(&queue->io_work, nvmet_tcp_io_work);
1891 kref_init(&queue->kref);
1892 queue->sock = newsock;
1893 queue->port = port;
1894 queue->nr_cmds = 0;
1895 spin_lock_init(&queue->state_lock);
1896 if (queue->port->nport->disc_addr.tsas.tcp.sectype ==
1897 NVMF_TCP_SECTYPE_TLS13)
1898 queue->state = NVMET_TCP_Q_TLS_HANDSHAKE;
1899 else
1900 queue->state = NVMET_TCP_Q_CONNECTING;
1901 INIT_LIST_HEAD(&queue->free_list);
1902 init_llist_head(&queue->resp_list);
1903 INIT_LIST_HEAD(&queue->resp_send_list);
1904
1905 sock_file = sock_alloc_file(queue->sock, O_CLOEXEC, NULL);
1906 if (IS_ERR(sock_file)) {
1907 ret = PTR_ERR(sock_file);
1908 goto out_free_queue;
1909 }
1910
1911 queue->idx = ida_alloc(&nvmet_tcp_queue_ida, GFP_KERNEL);
1912 if (queue->idx < 0) {
1913 ret = queue->idx;
1914 goto out_sock;
1915 }
1916
1917 ret = nvmet_tcp_alloc_cmd(queue, &queue->connect);
1918 if (ret)
1919 goto out_ida_remove;
1920
1921 ret = nvmet_sq_init(&queue->nvme_sq);
1922 if (ret)
1923 goto out_free_connect;
1924
1925 nvmet_prepare_receive_pdu(queue);
1926
1927 mutex_lock(&nvmet_tcp_queue_mutex);
1928 list_add_tail(&queue->queue_list, &nvmet_tcp_queue_list);
1929 mutex_unlock(&nvmet_tcp_queue_mutex);
1930
1931 INIT_DELAYED_WORK(&queue->tls_handshake_tmo_work,
1932 nvmet_tcp_tls_handshake_timeout);
1933 #ifdef CONFIG_NVME_TARGET_TCP_TLS
1934 if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
1935 struct sock *sk = queue->sock->sk;
1936
1937 /* Restore the default callbacks before starting upcall */
1938 read_lock_bh(&sk->sk_callback_lock);
1939 sk->sk_user_data = NULL;
1940 sk->sk_data_ready = port->data_ready;
1941 read_unlock_bh(&sk->sk_callback_lock);
1942 if (!nvmet_tcp_try_peek_pdu(queue)) {
1943 if (!nvmet_tcp_tls_handshake(queue))
1944 return;
1945 /* TLS handshake failed, terminate the connection */
1946 goto out_destroy_sq;
1947 }
1948 /* Not a TLS connection, continue with normal processing */
1949 queue->state = NVMET_TCP_Q_CONNECTING;
1950 }
1951 #endif
1952
1953 ret = nvmet_tcp_set_queue_sock(queue);
1954 if (ret)
1955 goto out_destroy_sq;
1956
1957 return;
1958 out_destroy_sq:
1959 mutex_lock(&nvmet_tcp_queue_mutex);
1960 list_del_init(&queue->queue_list);
1961 mutex_unlock(&nvmet_tcp_queue_mutex);
1962 nvmet_sq_destroy(&queue->nvme_sq);
1963 out_free_connect:
1964 nvmet_tcp_free_cmd(&queue->connect);
1965 out_ida_remove:
1966 ida_free(&nvmet_tcp_queue_ida, queue->idx);
1967 out_sock:
1968 fput(queue->sock->file);
1969 out_free_queue:
1970 kfree(queue);
1971 out_release:
1972 pr_err("failed to allocate queue, error %d\n", ret);
1973 if (!sock_file)
1974 sock_release(newsock);
1975 }
1976
nvmet_tcp_accept_work(struct work_struct * w)1977 static void nvmet_tcp_accept_work(struct work_struct *w)
1978 {
1979 struct nvmet_tcp_port *port =
1980 container_of(w, struct nvmet_tcp_port, accept_work);
1981 struct socket *newsock;
1982 int ret;
1983
1984 while (true) {
1985 ret = kernel_accept(port->sock, &newsock, O_NONBLOCK);
1986 if (ret < 0) {
1987 if (ret != -EAGAIN)
1988 pr_warn("failed to accept err=%d\n", ret);
1989 return;
1990 }
1991 nvmet_tcp_alloc_queue(port, newsock);
1992 }
1993 }
1994
nvmet_tcp_listen_data_ready(struct sock * sk)1995 static void nvmet_tcp_listen_data_ready(struct sock *sk)
1996 {
1997 struct nvmet_tcp_port *port;
1998
1999 trace_sk_data_ready(sk);
2000
2001 read_lock_bh(&sk->sk_callback_lock);
2002 port = sk->sk_user_data;
2003 if (!port)
2004 goto out;
2005
2006 if (sk->sk_state == TCP_LISTEN)
2007 queue_work(nvmet_wq, &port->accept_work);
2008 out:
2009 read_unlock_bh(&sk->sk_callback_lock);
2010 }
2011
nvmet_tcp_add_port(struct nvmet_port * nport)2012 static int nvmet_tcp_add_port(struct nvmet_port *nport)
2013 {
2014 struct nvmet_tcp_port *port;
2015 __kernel_sa_family_t af;
2016 int ret;
2017
2018 port = kzalloc(sizeof(*port), GFP_KERNEL);
2019 if (!port)
2020 return -ENOMEM;
2021
2022 switch (nport->disc_addr.adrfam) {
2023 case NVMF_ADDR_FAMILY_IP4:
2024 af = AF_INET;
2025 break;
2026 case NVMF_ADDR_FAMILY_IP6:
2027 af = AF_INET6;
2028 break;
2029 default:
2030 pr_err("address family %d not supported\n",
2031 nport->disc_addr.adrfam);
2032 ret = -EINVAL;
2033 goto err_port;
2034 }
2035
2036 ret = inet_pton_with_scope(&init_net, af, nport->disc_addr.traddr,
2037 nport->disc_addr.trsvcid, &port->addr);
2038 if (ret) {
2039 pr_err("malformed ip/port passed: %s:%s\n",
2040 nport->disc_addr.traddr, nport->disc_addr.trsvcid);
2041 goto err_port;
2042 }
2043
2044 port->nport = nport;
2045 INIT_WORK(&port->accept_work, nvmet_tcp_accept_work);
2046 if (port->nport->inline_data_size < 0)
2047 port->nport->inline_data_size = NVMET_TCP_DEF_INLINE_DATA_SIZE;
2048
2049 ret = sock_create(port->addr.ss_family, SOCK_STREAM,
2050 IPPROTO_TCP, &port->sock);
2051 if (ret) {
2052 pr_err("failed to create a socket\n");
2053 goto err_port;
2054 }
2055
2056 port->sock->sk->sk_user_data = port;
2057 port->data_ready = port->sock->sk->sk_data_ready;
2058 port->sock->sk->sk_data_ready = nvmet_tcp_listen_data_ready;
2059 sock_set_reuseaddr(port->sock->sk);
2060 tcp_sock_set_nodelay(port->sock->sk);
2061 if (so_priority > 0)
2062 sock_set_priority(port->sock->sk, so_priority);
2063
2064 ret = kernel_bind(port->sock, (struct sockaddr *)&port->addr,
2065 sizeof(port->addr));
2066 if (ret) {
2067 pr_err("failed to bind port socket %d\n", ret);
2068 goto err_sock;
2069 }
2070
2071 ret = kernel_listen(port->sock, NVMET_TCP_BACKLOG);
2072 if (ret) {
2073 pr_err("failed to listen %d on port sock\n", ret);
2074 goto err_sock;
2075 }
2076
2077 nport->priv = port;
2078 pr_info("enabling port %d (%pISpc)\n",
2079 le16_to_cpu(nport->disc_addr.portid), &port->addr);
2080
2081 return 0;
2082
2083 err_sock:
2084 sock_release(port->sock);
2085 err_port:
2086 kfree(port);
2087 return ret;
2088 }
2089
nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port * port)2090 static void nvmet_tcp_destroy_port_queues(struct nvmet_tcp_port *port)
2091 {
2092 struct nvmet_tcp_queue *queue;
2093
2094 mutex_lock(&nvmet_tcp_queue_mutex);
2095 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list)
2096 if (queue->port == port)
2097 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
2098 mutex_unlock(&nvmet_tcp_queue_mutex);
2099 }
2100
nvmet_tcp_remove_port(struct nvmet_port * nport)2101 static void nvmet_tcp_remove_port(struct nvmet_port *nport)
2102 {
2103 struct nvmet_tcp_port *port = nport->priv;
2104
2105 write_lock_bh(&port->sock->sk->sk_callback_lock);
2106 port->sock->sk->sk_data_ready = port->data_ready;
2107 port->sock->sk->sk_user_data = NULL;
2108 write_unlock_bh(&port->sock->sk->sk_callback_lock);
2109 cancel_work_sync(&port->accept_work);
2110 /*
2111 * Destroy the remaining queues, which are not belong to any
2112 * controller yet.
2113 */
2114 nvmet_tcp_destroy_port_queues(port);
2115
2116 sock_release(port->sock);
2117 kfree(port);
2118 }
2119
nvmet_tcp_delete_ctrl(struct nvmet_ctrl * ctrl)2120 static void nvmet_tcp_delete_ctrl(struct nvmet_ctrl *ctrl)
2121 {
2122 struct nvmet_tcp_queue *queue;
2123
2124 mutex_lock(&nvmet_tcp_queue_mutex);
2125 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list)
2126 if (queue->nvme_sq.ctrl == ctrl)
2127 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
2128 mutex_unlock(&nvmet_tcp_queue_mutex);
2129 }
2130
nvmet_tcp_install_queue(struct nvmet_sq * sq)2131 static u16 nvmet_tcp_install_queue(struct nvmet_sq *sq)
2132 {
2133 struct nvmet_tcp_queue *queue =
2134 container_of(sq, struct nvmet_tcp_queue, nvme_sq);
2135
2136 if (sq->qid == 0) {
2137 struct nvmet_tcp_queue *q;
2138 int pending = 0;
2139
2140 /* Check for pending controller teardown */
2141 mutex_lock(&nvmet_tcp_queue_mutex);
2142 list_for_each_entry(q, &nvmet_tcp_queue_list, queue_list) {
2143 if (q->nvme_sq.ctrl == sq->ctrl &&
2144 q->state == NVMET_TCP_Q_DISCONNECTING)
2145 pending++;
2146 }
2147 mutex_unlock(&nvmet_tcp_queue_mutex);
2148 if (pending > NVMET_TCP_BACKLOG)
2149 return NVME_SC_CONNECT_CTRL_BUSY;
2150 }
2151
2152 queue->nr_cmds = sq->size * 2;
2153 if (nvmet_tcp_alloc_cmds(queue))
2154 return NVME_SC_INTERNAL;
2155 return 0;
2156 }
2157
nvmet_tcp_disc_port_addr(struct nvmet_req * req,struct nvmet_port * nport,char * traddr)2158 static void nvmet_tcp_disc_port_addr(struct nvmet_req *req,
2159 struct nvmet_port *nport, char *traddr)
2160 {
2161 struct nvmet_tcp_port *port = nport->priv;
2162
2163 if (inet_addr_is_any((struct sockaddr *)&port->addr)) {
2164 struct nvmet_tcp_cmd *cmd =
2165 container_of(req, struct nvmet_tcp_cmd, req);
2166 struct nvmet_tcp_queue *queue = cmd->queue;
2167
2168 sprintf(traddr, "%pISc", (struct sockaddr *)&queue->sockaddr);
2169 } else {
2170 memcpy(traddr, nport->disc_addr.traddr, NVMF_TRADDR_SIZE);
2171 }
2172 }
2173
2174 static const struct nvmet_fabrics_ops nvmet_tcp_ops = {
2175 .owner = THIS_MODULE,
2176 .type = NVMF_TRTYPE_TCP,
2177 .msdbd = 1,
2178 .add_port = nvmet_tcp_add_port,
2179 .remove_port = nvmet_tcp_remove_port,
2180 .queue_response = nvmet_tcp_queue_response,
2181 .delete_ctrl = nvmet_tcp_delete_ctrl,
2182 .install_queue = nvmet_tcp_install_queue,
2183 .disc_traddr = nvmet_tcp_disc_port_addr,
2184 };
2185
nvmet_tcp_init(void)2186 static int __init nvmet_tcp_init(void)
2187 {
2188 int ret;
2189
2190 nvmet_tcp_wq = alloc_workqueue("nvmet_tcp_wq",
2191 WQ_MEM_RECLAIM | WQ_HIGHPRI, 0);
2192 if (!nvmet_tcp_wq)
2193 return -ENOMEM;
2194
2195 ret = nvmet_register_transport(&nvmet_tcp_ops);
2196 if (ret)
2197 goto err;
2198
2199 return 0;
2200 err:
2201 destroy_workqueue(nvmet_tcp_wq);
2202 return ret;
2203 }
2204
nvmet_tcp_exit(void)2205 static void __exit nvmet_tcp_exit(void)
2206 {
2207 struct nvmet_tcp_queue *queue;
2208
2209 nvmet_unregister_transport(&nvmet_tcp_ops);
2210
2211 flush_workqueue(nvmet_wq);
2212 mutex_lock(&nvmet_tcp_queue_mutex);
2213 list_for_each_entry(queue, &nvmet_tcp_queue_list, queue_list)
2214 kernel_sock_shutdown(queue->sock, SHUT_RDWR);
2215 mutex_unlock(&nvmet_tcp_queue_mutex);
2216 flush_workqueue(nvmet_wq);
2217
2218 destroy_workqueue(nvmet_tcp_wq);
2219 ida_destroy(&nvmet_tcp_queue_ida);
2220 }
2221
2222 module_init(nvmet_tcp_init);
2223 module_exit(nvmet_tcp_exit);
2224
2225 MODULE_DESCRIPTION("NVMe target TCP transport driver");
2226 MODULE_LICENSE("GPL v2");
2227 MODULE_ALIAS("nvmet-transport-3"); /* 3 == NVMF_TRTYPE_TCP */
2228