Commit Graph

310702 Commits

Author SHA1 Message Date
Roland Dreier
bc187ea6c3 target: Check sess_tearing_down in target_get_sess_cmd()
Target core code assumes that target_splice_sess_cmd_list() has set
sess_tearing_down and moved the list of pending commands to
sess_wait_list, no more commands will be added to the session; if any
are added, nothing keeps the se_session from being freed while the
command is still in flight, which e.g. leads to use-after-free of
se_cmd->se_sess in target_release_cmd_kref().

To enforce this invariant, put a check of sess_tearing_down inside of
sess_cmd_lock in target_get_sess_cmd(); any checks before this are
racy and can lead to the use-after-free described above.  For example,
the qla_target check in qlt_do_work() checks sess_tearing_down from
work thread context but then drops all locks before calling
target_submit_cmd() (as it must, since that is a sleeping function).

However, since no locks are held, anything can happen with respect to
the session it has looked up -- although it does correctly get
sess_kref within its lock, so the memory won't be freed while
target_submit_cmd() is actually running, nothing stops eg an ACL from
being dropped and calling ->shutdown_session() (which calls into
target_splice_sess_cmd_list()) before we get to target_get_sess_cmd().
Once this happens, the se_session memory can be freed as soon as
target_submit_cmd() returns and qlt_do_work() drops its reference,
even though we've just added a command to sess_cmd_list.

To prevent this use-after-free, check sess_tearing_down inside of
sess_cmd_lock right before target_get_sess_cmd() adds a command to
sess_cmd_list; this is synchronized with target_splice_sess_cmd_list()
so that every command is either waited for or not added to the queue.

(nab: Keep target_submit_cmd() returning void for now..)

Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:26 -07:00
Roland Dreier
7c78b8de26 sbp-target: Consolidate duplicated error path code in sbp_handle_command()
Cc: Chris Boot <bootc@bootc.net>
Cc: Stefan Richter <stefanr@s5r6.in-berlin.de>
Signed-off-by: Roland Dreier <roland@purestorage.com>
2012-07-16 17:35:26 -07:00
Roland Dreier
669ab62c9d target: Un-export target_get_sess_cmd()
There are no in-tree users of target_get_sess_cmd() outside of
target_core_transport.c.  Any new code should use the higher-level
target_submit_cmd() interface.  So let's un-export target_get_sess_cmd()
and make it static to the one file where it's actually used.

(nab: Fix up minor fuzz to for-next)

Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:25 -07:00
Roland Dreier
b46e34a672 qla2xxx: Get rid of redundant qla_tgt_sess.tearing_down
The only place that sets qla_tgt_sess.tearing_down calls
target_splice_sess_cmd_list() immediately afterwards, without dropping
the lock it holds.  That function sets se_session.sess_tearing_down,
so we can get rid of the qla_target-specific flag, and in the one
place that looks at the qla_tgt_sess.tearing_down flag just test
se_session.sess_tearing_down instead.

Cc: Chad Dupuis <chad.dupuis@qlogic.com>
Cc: Arun Easi <arun.easi@qlogic.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:25 -07:00
Nicholas Bellinger
77d4c74506 target: Make core_disable_device_list_for_node use pre-refactoring lock ordering
So after kicking around commit 547ac4c9c90 around a bit more, a tcm_qla2xxx LUN
unlink OP has generated the following warning:

[   50.386625] qla2xxx [0000:07:00.0]-00af:0: Performing ISP error recovery - ha=ffff880263774000.
[   70.572988] qla2xxx [0000:07:00.0]-8038:0: Cable is unplugged...
[  126.527531] ------------[ cut here ]------------
[  126.532677] WARNING: at kernel/softirq.c:159 local_bh_enable_ip+0x41/0x8c()
[  126.540433] Hardware name: S5520HC
[  126.544248] Modules linked in: tcm_vhost ib_srpt ib_cm ib_sa ib_mad ib_core tcm_qla2xxx tcm_loop tcm_fc libfc iscsi_target_mod target_core_pscsi target_core_file target_core_iblock target_core_mod configfs ipv6 iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_round_robin dm_multipath scsi_dh loop i2c_i801 kvm_intel kvm crc32c_intel i2c_core microcode joydev button iomemory_vsl(O) pcspkr ext3 jbd uhci_hcd lpfc ata_piix libata ehci_hcd qla2xxx mlx4_core scsi_transport_fc scsi_tgt igb [last unloaded: scsi_wait_scan]
[  126.595567] Pid: 3283, comm: unlink Tainted: G           O 3.5.0-rc2+ #33
[  126.603128] Call Trace:
[  126.605853]  [<ffffffff81026b91>] ? warn_slowpath_common+0x78/0x8c
[  126.612737]  [<ffffffff8102c342>] ? local_bh_enable_ip+0x41/0x8c
[  126.619433]  [<ffffffffa03582a2>] ? core_disable_device_list_for_node+0x70/0xe3 [target_core_mod]
[  126.629323]  [<ffffffffa035849f>] ? core_clear_lun_from_tpg+0x88/0xeb [target_core_mod]
[  126.638244]  [<ffffffffa0362ec1>] ? core_tpg_post_dellun+0x17/0x48 [target_core_mod]
[  126.646873]  [<ffffffffa03575ee>] ? core_dev_del_lun+0x26/0x8c [target_core_mod]
[  126.655114]  [<ffffffff810bcbd1>] ? dput+0x27/0x154
[  126.660549]  [<ffffffffa0359aa0>] ? target_fabric_port_unlink+0x3b/0x41 [target_core_mod]
[  126.669661]  [<ffffffffa034a698>] ? configfs_unlink+0xfc/0x14a [configfs]
[  126.677224]  [<ffffffff810b5979>] ? vfs_unlink+0x58/0xb7
[  126.683141]  [<ffffffff810b6ef3>] ? do_unlinkat+0xbb/0x142
[  126.689253]  [<ffffffff81330c75>] ? page_fault+0x25/0x30
[  126.695170]  [<ffffffff81335df9>] ? system_call_fastpath+0x16/0x1b
[  126.702053] ---[ end trace 2f8e5b0a9ec797ef ]---
[  126.756336] qla2xxx [0000:07:00.0]-00af:0: Performing ISP error recovery - ha=ffff880263774000.
[  146.942414] qla2xxx [0000:07:00.0]-8038:0: Cable is unplugged...

So this warning triggered because device_list disable logic is now
holding nacl->device_list_lock w/ spin_lock_irqsave before obtaining
port->sep_alua_lock with only spin_lock_bh..

The original disable logic obtains *deve ahead of dropping the entry
from deve->alua_port_list and then obtains ->device_list_lock to do the
remaining work.  Also, I'm pretty sure this particular warning is being
generated by a demo-mode session in tcm_qla2xxx, and not by explicit
NodeACL MappedLUNs.  The Initiator MappedLUNs are already protected by a
seperate configfs symlink reference back se_lun->lun_group, and the
demo-mode se_node_acl (and associated ->device_list[]) is released
during se_portal_group->tpg_group shutdown.

The following patch drops the extra functional change to disable logic
in commit 547ac4c9c90

Cc: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:24 -07:00
Andy Grover
e80ac6c4cc target: refactor core_update_device_list_for_node()
Code was almost entirely divided based on value of bool param "enable".

Split it into two functions.

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:24 -07:00
Andy Grover
cdf88a2fe3 target: Eliminate else using boolean logic
Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:23 -07:00
Andy Grover
617a0c2eb3 target: Misc retval cleanups
Bubble-up retval from iscsi_update_param_value() and
iscsit_ta_authentication().

Other very small retval cleanups.

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:23 -07:00
Andy Grover
2dca673b46 target: Remove hba param from core_dev_add_lun
Only used in a debugprint, and function signature is cleaner now.

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:22 -07:00
Andy Grover
ee1b1b9c3d target: Remove unneeded double parentheses
Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:22 -07:00
Christoph Hellwig
af8772926f target: replace the processing thread with a TMR work queue
The last functionality of the target processing thread is offloading possibly
long running task management requests from the submitter context.  To keep
TMR semantics the same we need a single threaded ordered queue, which can
be provided by a per-device workqueue with the right flags.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:21 -07:00
Christoph Hellwig
f314643751 target: remove transport_generic_handle_cdb_map
Remove this command submission path which is not used by any in-tree driver.
This also removes the now unused new_cmd_map fabtric method, which a few
drivers implemented despite never calling transport_generic_handle_cdb_map.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:21 -07:00
Christoph Hellwig
7a6f0a1ea5 target: simply fabric driver queue full processing
There is no need to schedule the delayed processing in a workqueue that
offloads it to the target processing thread.  Instead execute it directly
from the workqueue.  There will be a lot of future work in this area,
which I'd likfe to defer for now as it is not nessecary for getting rid
of the target processing thread.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:20 -07:00
Christoph Hellwig
1389533ef9 target: remove transport_generic_handle_data
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:20 -07:00
Christoph Hellwig
b8b22533fe tcm_fc: Offload WRITE I/O backend submission to tpg workqueue
Defer the write processing to the internal to be able to use
target_execute_cmd.  I'm not even entirely sure the calling code requires
this due to the convoluted structure in libfc, but let's be safe for now.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Mark Rustad <mark.d.rustad@intel.com>
Cc: Kiran Patil <Kiran.patil@intel.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:19 -07:00
Christoph Hellwig
43381ce8bb tcm_qla2xxx: Offload WRITE I/O backend submission to tcm_qla2xxx wq
Defer the whole tcm_qla2xxx_handle_data call instead of just the error
path to the qla2xxx-internal workqueue.  Also remove the useless lock around
the CMD_T_ABORTED check.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Roland Dreier <roland@purestorage.com>
Cc: Giridhar Malavali <giridhar.malavali@qlogic.com>
Cc: tcm-qla2xxx@qlogic.com
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:19 -07:00
Christoph Hellwig
e672a47fd9 srpt: use target_execute_cmd for WRITEs in srpt_handle_rdma_comp
srpt_handle_rdma_comp is called from kthread context and thus can execute
target_execute_cmd directly.  srpt_abort_cmd sets the CMD_T_LUN_STOP
flag directly, and thus the abuse of transport_generic_handle_data can be
replaced with an opencoded variant of that code path.  I'm still not happy
about a fabric driver poking into target core internals like this, but
let's defer the bigger architecture changes for now.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:18 -07:00
Christoph Hellwig
67441b68fa iscsit: use target_execute_cmd for WRITEs
All three callers of transport_generic_handle_data are from user context
and can use target_execute_cmd directly to handle the backend I/O submission
of WRITE I/O.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:18 -07:00
Christoph Hellwig
c3196f0cf0 target: merge transport_generic_write_pending into transport_generic_new_cmd
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:17 -07:00
Christoph Hellwig
d59a02b4eb target: call transport_check_aborted_status from target_execute_cmd
When we call target_execute_cmd for write commands the command has been
on the state list before an abort might have come in before
target_execute_cmd.  Call transport_check_aborted_status to deal with
this case.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:16 -07:00
Christoph Hellwig
70baf0ab3b target: remove transport_generic_process_write
Just call target_execute_cmd directly.  Also, convert loopback, sbp,
usb-gadget to use the newly exported target_execute_cmd().

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:16 -07:00
Christoph Hellwig
f7113a47e2 target: split transport_cmd_check_stop
Inline the transport_off == 0 case into target_execute_cmd to simplify
the function for the remaining cases.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:15 -07:00
Sachin Kamat
e852768719 tcm_qla2xxx: Remove duplicate header file inclusion
ctype.h and string.h header files were included more than once.

Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:15 -07:00
Nicholas Bellinger
182a9e2cef Revert "target: Do not special-case loop and iscsi fabric module loads"
Existing lio_dump.py code expects this to be in place for /iscsi.

Revert for now to avoid userspace breakage in lio-utils

This reverts commit fd88a785f9ac5d6be437c528571ccd85cdf2d493.

Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:14 -07:00
Christoph Hellwig
14150a6bbe target: move unmap to struct spc_ops
Having all the unmap payload parsing in the backed is a bit ugly, but until
more drivers support it and we can find a good interface for all of them
that seems the way to go.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:35:14 -07:00
Christoph Hellwig
6f974e8ce7 target: move write_same to struct spc_ops
Add spc_ops->execute_write_same() caller for ->execute_cmd() setup,
and update IBLOCK backends to use it.

(nab: add export of spc_get_write_same_sectors symbol)
(roland: Carry forward: Fix range calculation in WRITE SAME emulation
         when num blocks == 0)

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:34:41 -07:00
Christoph Hellwig
ad67f0d9e6 target: move sync_cache to struct spc_ops
Add spc_ops->execute_sync_cache() caller for ->execute_cmd() setup,
and update IBLOCK + FILEIO backends to use it.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:12 -07:00
Christoph Hellwig
0c2ad7d113 target: add struct spc_ops + initial ->execute_rw pointer usage
Remove the execute_cmd method in struct se_subsystem_api, and always use the
one directly in struct se_cmd.  To make life simpler for SBC virtual backends
a struct spc_ops that is passed to sbc_parse_cmd is added.  For now it
only contains an execute_rw member, but more will follow with the subsequent
commits.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:12 -07:00
Christoph Hellwig
e1306bdab3 target: remove dead SCF_ flags
Remove the dead SCF_SE_ALLOW_EOO and SCF_DELAYED_CMD_FROM_SAM_ATTR
from se_cmd_flags_table.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:12 -07:00
Roland Dreier
c75660c5e4 target/iscsi: Remove dead code in lio_get_tpg_from_tpg_item()
It's got no callers...

Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:11 -07:00
Andy Grover
44bfd01850 target/iblock: Add parameter to specify read-only devices
see https://bugzilla.redhat.com/show_bug.cgi?id=818855

Adds a parameter so read-only block devices may be registered as
LIO backstores.

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:11 -07:00
Andy Grover
7acd570706 target: Do not special-case loop and iscsi fabric module loads
These modules, along with other fabrics, should be loaded as-needed by
the LIO userspace tools.

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:11 -07:00
Christoph Hellwig
9f3eb93eaf target: move ref_cmd from the generic se_tmr_req into iscsi code
Also remove the unused ref_task_lun field in struct se_tmr_req.

(nab: Add missing TASK_REASSIGN ref_lun vs. ref_cmd orig_fe_lun checks
      in iscsit_tmr_task_reassign)

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:11 -07:00
Christoph Hellwig
5f41a31d0a target: remove the execute list
Since "target: Drop se_device TCQ queue_depth usage from I/O path" we always
submit all commands (or back then, tasks) from __transport_execute_tasks.

That means the the execute list has lots its purpose, as we can simply
submit the commands that are restarted in transport_complete_task_attr
directly while we walk the list.  In fact doing so also solves a race
in the way it currently walks to delayed_cmd_list as well.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:29:11 -07:00
Nicholas Bellinger
a3785c8740 target/pscsi: Only emulate REPORT_LUNS for passthrough
This patch changes back the pSCSI backend to follow pre 3.6-queue code to
passthrough SPC-3 persistent reservations + SPC-2 legacy reservation
handling to the underlying LLD / physical hardware.

For folks who really need this for their own SPC-3 emulation logic, avoid
changing the functionality of this beyond what is exported for REPORT_LUNS
for existing code, and to avoid problems with SPC-3 PR/ALUA as INQUIRY
EVPD=0x83 emulation needs to be in place in order for this to work as
expected with spc_parse_cdb() code..

Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:28:40 -07:00
Nicholas Bellinger
eba2ca4505 target: Move MAINTENANCE_[IN,OUT] from pscsi_parse_cdb -> spc_parse_cdb
The MAINTENANCE_[IN,OUT] CDB parsing required for generic ALUA emulation
needs to be in spc_parse_cdb() to function for virtual TYPE_DISK exports,
instead of in backend pscsi_parse_cdb() code used only for passthrough ops.

Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:28:40 -07:00
Christoph Hellwig
3d6d72014f target: move transport_generic_prepare_cdb into pscsi
The virtual drivers don't need to clear cdb fields they never look at, so move
this code into the pscsi backend.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:28:40 -07:00
Christoph Hellwig
1fd032ee10 target: move code for CDB emulation
Move the existing code in target_core_cdb.c into the files for the command
sets that the emulations implement.

(roland + nab: Squash patch: Fix range calculation in WRITE SAME emulation
 when num blocks == 0s)

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:27:45 -07:00
Christoph Hellwig
d6e0175cf3 target: add a parse_cdb method to the backend drivers
Instead of trying to handle all SCSI command sets in one function
(transport_generic_cmd_sequencer) call out to the backend driver to perform
this functionality.  For pSCSI a copy of the existing code is used, but for
all virtual backends we can use a new parse_sbc_cdb helper is used to
provide a simple SBC emulation.

For now this setups means a fair amount of duplication between pSCSI and the
SBC library, but patches later in this series will sort out that problem.

(nab: Fix up build failure in target_core_pscsi.c)

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:25:56 -07:00
Christoph Hellwig
88455ec4be target: split parsing of SPC commands into a separate helper
(nab: Add EXPORT_SYMBOL usage for spc_parse_cdb)

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:25:56 -07:00
Christoph Hellwig
9b3b804101 target: split overflow and underflow checks into a helper
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:25:55 -07:00
Christoph Hellwig
64f1db38c6 target: remove control CDB flags
We don't need three flags to classifiy the CDB as we can check for a NULL S/G
list for a dataless command, and can infer from the absence of the data flag
that we deal with a control CDB.  Also remove the _SG_IO from the data CDB
flag as all I/O is dont on S/G lists now.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:25:55 -07:00
Christoph Hellwig
cb4f4d3c73 target: move unrelated code out of transport_generic_cmd_sequencer
Move all code not related to cdb parsing from transport_generic_cmd_sequencer
into target_setup_cmd_from_cdb.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:25:55 -07:00
Roland Dreier
1765fe5edc target: Fix range calculation in WRITE SAME emulation when num blocks == 0
When NUMBER OF LOGICAL BLOCKS is 0, WRITE SAME is supposed to write
all the blocks from the specified LBA through the end of the device.
However, dev->transport->get_blocks(dev) (perhaps confusingly) returns
the last valid LBA rather than the number of blocks, so the correct
number of blocks to write starting with lba is

dev->transport->get_blocks(dev) - lba + 1

(nab: Backport roland's for-3.6 patch to for-3.5)

Signed-off-by: Roland Dreier <roland@purestorage.com>
Cc: Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 17:10:17 -07:00
Roland Dreier
d35212f3ca target: Clean up returning errors in PR handling code
- instead of (PTR_ERR(file) < 0) just use IS_ERR(file)
 - return -EINVAL instead of EINVAL
 - all other error returns in target_scsi3_emulate_pr_out() use
   "goto out" -- get rid of the one remaining straight "return."

Signed-off-by: Roland Dreier <roland@purestorage.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-16 16:42:40 -07:00
Mark Rustad
3cc5d2a6b9 tcm_fc: Fix crash seen with aborts and large reads
This patch fixes a crash seen when large reads have their exchange
aborted by either timing out or being reset. Because the exchange
abort results in the seq pointer being set to NULL, because the
sequence is no longer valid, it must not be dereferenced. This
patch changes the function ft_get_task_tag to return ~0 if it is
unable to get the tag for this reason. Because the get_task_tag
interface provides no means of returning an error, this seems
like the best way to fix this issue at the moment.

Signed-off-by: Mark Rustad <mark.d.rustad@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-14 15:17:29 -07:00
Alan Cox
4f1d0f1971 qla2xxx: print the right array elements in qlt_async_event
Based upon Alan's patch from Coverity scan id 793583, these debug
messages in qlt_async_event() should be starting from byte 0, which is
always the Asynchronous Event Status Code from the parent switch statement.

Also, rename reason_code -> login_code following the language used in
2500 FW spec for Port Database Changed (0x8014) -> Port Database Changed
Event Mailbox Register for mailbox[2].

Signed-off-by: Alan Cox <alan@linux.intel.com>
Cc: Chad Dupuis <chad.dupuis@qlogic.com>
Cc: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-06 13:09:23 -07:00
Mark Rustad
863555be0c tcm_fc: Resolve suspicious RCU usage warnings
Use rcu_dereference_protected to tell rcu that the ft_lport_lock
is held during ft_lport_create. This resolved "suspicious RCU usage"
warnings when debugging options are turned on.

Signed-off-by: Mark Rustad <mark.d.rustad@intel.com>
Tested-by: Ross Brattain <ross.b.brattain@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-07-06 12:52:09 -07:00
Sachin Kamat
5134de2815 qla2xxx: Remove version.h header file inclusion
version.h header file is no longer required for qla_target code.

Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-06-12 21:25:50 -07:00
Roland Dreier
d4f75b567b tcm_qla2xxx: Handle malformed wwn strings properly
If we make a variable an unsigned int and then expect it to be < 0 on
a bad character, we're going to have a bad time.  Fix the tcm_qla2xxx
code to actually notice if hex_to_bin() returns a negative variable.

This was detected by the compiler warning:

    scsi/qla2xxx/tcm_qla2xxx.c: In function ‘tcm_qla2xxx_npiv_extract_wwn’:
    scsi/qla2xxx/tcm_qla2xxx.c:148:3: warning: comparison of unsigned expression >= 0 is always true [-Wtype-limits]

Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2012-06-12 20:15:49 -07:00