iscsi: delete global PG tag check from SendTargets
In the Appendix C. SendTargets Operation in the iSCSI Specification (RFC7143), there is the following description: In a Discovery session, a target MUST return all path information (IP address-port pairs and Target Portal Group Tags) for the targets on the target Network Entity that the requesting initiator is authorized to access. However no description such that Target Portal Group Tag is used to check authorization of the requesting initiator. Moreover, according to the iSCSI Specification (RFC7143), Target Portal Group Tag is unique within an iSCSI Target Node. Tarrget Portal Group Tag identifies a portal group within an iSCSI node. However, current SPDK uses Target Portal Group Tag to check authorization of the requesting initiator by mistake. This implementation does not have any compatibility with other storage. Hence delete the code related with Target Portal Group Tag from SendTargets function. Change-Id: If4b79f0d8fe8f5892a798e4f6716045fd18cf0a4 Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com> Reviewed-on: https://review.gerrithub.io/383660 Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com> Reviewed-by: Jim Harris <james.r.harris@intel.com> Reviewed-by: Ben Walker <benjamin.walker@intel.com> Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
This commit is contained in:
Shuhei Matsumoto
Daniel Verkamp
parent
335fb0e85f
commit
92a6988676
@ -234,26 +234,14 @@ spdk_iscsi_tgt_node_access(struct spdk_iscsi_conn *conn,
|
||||
}
|
||||
|
||||
static int
|
||||
spdk_iscsi_tgt_node_visible(struct spdk_iscsi_tgt_node *target, const char *iqn, int pg_tag)
|
||||
spdk_iscsi_tgt_node_visible(struct spdk_iscsi_tgt_node *target, const char *iqn)
|
||||
{
|
||||
struct spdk_iscsi_init_grp *igp;
|
||||
int match_pg_tag;
|
||||
int i, j;
|
||||
|
||||
if (target == NULL || iqn == NULL)
|
||||
return 0;
|
||||
/* pg_tag exist map? */
|
||||
match_pg_tag = 0;
|
||||
for (i = 0; i < target->maxmap; i++) {
|
||||
if (target->map[i].pg->tag == pg_tag) {
|
||||
match_pg_tag = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (match_pg_tag == 0) {
|
||||
/* cat't access from pg_tag */
|
||||
return 0;
|
||||
}
|
||||
|
||||
for (i = 0; i < target->maxmap; i++) {
|
||||
/* iqn is initiator group? */
|
||||
igp = target->map[i].ig;
|
||||
@ -276,50 +264,6 @@ spdk_iscsi_tgt_node_visible(struct spdk_iscsi_tgt_node *target, const char *iqn,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
spdk_iscsi_portal_grp_is_visible(struct spdk_iscsi_tgt_node *target,
|
||||
const char *iqn, int pg_tag)
|
||||
{
|
||||
struct spdk_iscsi_init_grp *igp;
|
||||
int match_idx;
|
||||
int i, j;
|
||||
|
||||
if (target == NULL || iqn == NULL)
|
||||
return 0;
|
||||
match_idx = -1;
|
||||
for (i = 0; i < target->maxmap; i++) {
|
||||
if (target->map[i].pg->tag == pg_tag) {
|
||||
match_idx = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (match_idx < 0) {
|
||||
/* cant't find pg_tag */
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* iqn is initiator group? */
|
||||
igp = target->map[match_idx].ig;
|
||||
SPDK_DEBUGLOG(SPDK_TRACE_ISCSI, "iqn=%s, pg=%d, ig=%d\n", iqn, pg_tag, igp->tag);
|
||||
|
||||
for (j = 0; j < igp->ninitiators; j++) {
|
||||
if (igp->initiators[j][0] == '!'
|
||||
&& (strcasecmp(&igp->initiators[j][1], "ALL") == 0
|
||||
|| strcasecmp(&igp->initiators[j][1], iqn) == 0)) {
|
||||
/* NG */
|
||||
return 0;
|
||||
}
|
||||
if (strcasecmp(igp->initiators[j], "ALL") == 0
|
||||
|| strcasecmp(igp->initiators[j], iqn) == 0) {
|
||||
/* OK iqn, no check addr */
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
/* NG */
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
spdk_iscsi_send_tgts(struct spdk_iscsi_conn *conn, const char *iiqn,
|
||||
const char *iaddr, const char *tiqn, uint8_t *data, int alloc_len,
|
||||
@ -363,8 +307,7 @@ spdk_iscsi_send_tgts(struct spdk_iscsi_conn *conn, const char *iiqn,
|
||||
&& strcasecmp(tiqn, target->name) != 0) {
|
||||
continue;
|
||||
}
|
||||
rc = spdk_iscsi_tgt_node_visible(target, iiqn,
|
||||
conn->pg_tag);
|
||||
rc = spdk_iscsi_tgt_node_visible(target, iiqn);
|
||||
if (rc == 0) {
|
||||
continue;
|
||||
}
|
||||
@ -382,14 +325,6 @@ spdk_iscsi_send_tgts(struct spdk_iscsi_conn *conn, const char *iiqn,
|
||||
goto skip_pg_tag;
|
||||
}
|
||||
}
|
||||
rc = spdk_iscsi_portal_grp_is_visible(target, iiqn, pg_tag);
|
||||
if (rc == 0) {
|
||||
SPDK_DEBUGLOG(SPDK_TRACE_ISCSI,
|
||||
"SKIP pg=%d, iqn=%s for %s from %s (%s)\n",
|
||||
pg_tag, tiqn, target->name, iiqn, iaddr);
|
||||
goto skip_pg_tag;
|
||||
}
|
||||
|
||||
/* write to data */
|
||||
TAILQ_FOREACH(pg, &g_spdk_iscsi.pg_head, tailq) {
|
||||
if (pg->tag != pg_tag)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user