The results of access control procedure for login in the
spdk_iscsi_tgt_node_access() is defined in the following table:
+------------------------------+
|iscsi name |netmask |result |
+------------------------------+
+------------------------------+
|denied |- |denied |
+------------------------------+
|allowed |allowed |allowed |
+------------------------------+
|allowed |denied |next IG |
+------------------------------+
|not found |- |next IG |
+------------------------------+
However current implementation have redundant repetition in the
spdk_iscsi_tgt_node_access() and the above definition is not
visible. Hence refactor spdk_iscsi_tgt_node_access().
Besides refactor spdk_iscsi_tgt_node_allow_iscsi_name() because
it has redundant repetition too.
Add UT code for these changes.
Change-Id: If06d87c1246c85439ee0482149bd887a7b53b169
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-on: https://review.gerrithub.io/379935
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
Naming rule of access control of iSCSI target does not reveal its
intention. Hence change it before refactoring to avoid unnecessary
repeated procedure.
Change-Id: I4064ec0a5a2b52244b6de3958ee2ab41342d1a57
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-on: https://review.gerrithub.io/381248
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
To add initiators to an existing target, manage name and netmask
of initiator group by linked list. It is not easy for array to
detect duplication and change configuration.
Change-Id: Id9e77740e24ac309a33d8de1be37663681160d94
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-on: https://review.gerrithub.io/379932
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Ziye Yang <optimistyzy@gmail.com>
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
The following functions returns 1 and 0 for succcess and error,
respectively:
- spdk_iscsi_tgt_node_allow_ipv6()
- spdk_iscsi_tgt_node_allow_ipv4()
- spdk_iscsi_tgt_node_allow_netmask()
- spdk_iscsi_tgt_node_access()
Using bool for this purpose will avoid our misunderstanding.
Change-Id: I927876e0503c0eee5364e829a4713f9a345996f6
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-on: https://review.gerrithub.io/383664
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
spdk_iscsi_tgt_node_access() (in lib/iscsi/tgt_node.c) regards
empty netmask of IG as ALL (allow all initiator's IP address).
However any user cannot create IG whose netmask is empty by both
JSON-RPC and config file. Instead user can create IG whose
netmask is ALL.
The code to regard empty netmask of IG as ALL never run in production.
Hence delete the code and add UT to confirm the fix.
Change-Id: Ib7206d0986db9093cfb6b36191be26293ff6c67a
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-on: https://review.gerrithub.io/382920
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Ziye Yang <optimistyzy@gmail.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
the function of spdk_iscsi_find_init_grp() is duplicated with
of spdk_iscsi_init_grp_find_by_tag(). The later one should be kept.
Hence delete former one.
Change-Id: I8d397648bd400550445de49c8a7731f0932f5324
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-on: https://review.gerrithub.io/381244
Reviewed-by: John Kariuki <John.K.Kariuki@intel.com>
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
This variable was misleading and unnecessary. Replaced all it's
occurences with SPDK_SCSI_DEV_MAX_LUN.
Change-Id: Iaaf9ed5efb60f9a89585121d2fbec7b43c3723e9
Signed-off-by: Dariusz Stojaczyk <dariuszx.stojaczyk@intel.com>
Reviewed-on: https://review.gerrithub.io/368115
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Pawel Wodkowski <pawelx.wodkowski@intel.com>
Reviewed-by: Daniel Verkamp <daniel.verkamp@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Change-Id: Ibe282aa67de22e062de9d88c3b157c766be9dfae
Signed-off-by: Daniel Verkamp <daniel.verkamp@intel.com>
Reviewed-on: https://review.gerrithub.io/366910
Tested-by: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
