]> git.proxmox.com Git - mirror_qemu.git/blame - nbd/server.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nbd: Create struct for tracking export info
[mirror_qemu.git] / nbd / server.c
CommitLineData
75818250 1/*
b626b51a 2 * Copyright (C) 2016 Red Hat, Inc.
7a5ca864
FB		 3 * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws>
4 *
798bfe00 5 * Network Block Device Server Side
7a5ca864
FB		 6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; under version 2 of the License.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
8167ee88 17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
75818250 18 */
7a5ca864 19
d38ea87a 20#include "qemu/osdep.h"
da34e65c 21#include "qapi/error.h"
9588463e 22#include "trace.h"
798bfe00 23#include "nbd-internal.h"
ca441480
PB		 24
25static int system_errno_to_nbd_errno(int err)
26{
27 switch (err) {
28 case 0:
29 return NBD_SUCCESS;
30 case EPERM:
c0301fcc 31 case EROFS:
ca441480
PB		 32 return NBD_EPERM;
33 case EIO:
34 return NBD_EIO;
35 case ENOMEM:
36 return NBD_ENOMEM;
37#ifdef EDQUOT
38 case EDQUOT:
39#endif
40 case EFBIG:
41 case ENOSPC:
42 return NBD_ENOSPC;
b6f5d3b5
EB		 43 case ESHUTDOWN:
44 return NBD_ESHUTDOWN;
ca441480
PB		 45 case EINVAL:
46 default:
47 return NBD_EINVAL;
48 }
49}
50
9a304d29
PB		 51/* Definitions for opaque data types */
52
315f78ab 53typedef struct NBDRequestData NBDRequestData;
9a304d29 54
315f78ab
EB		 55struct NBDRequestData {
56 QSIMPLEQ_ENTRY(NBDRequestData) entry;
9a304d29
PB		 57 NBDClient *client;
58 uint8_t *data;
29b6c3b3 59 bool complete;
9a304d29
PB		 60};
61
62struct NBDExport {
2c8d9f06 63 int refcount;
0ddf08db
PB		 64 void (*close)(NBDExport *exp);
65
aadf99a7 66 BlockBackend *blk;
ee0a19ec 67 char *name;
b1a75b33 68 char *description;
9a304d29
PB		 69 off_t dev_offset;
70 off_t size;
7423f417 71 uint16_t nbdflags;
4b9441f6 72 QTAILQ_HEAD(, NBDClient) clients;
ee0a19ec 73 QTAILQ_ENTRY(NBDExport) next;
958c717d
HR		 74
75 AioContext *ctx;
741cc431 76
cd7fca95 77 BlockBackend *eject_notifier_blk;
741cc431 78 Notifier eject_notifier;
9a304d29
PB		 79};
80
ee0a19ec
PB		 81static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports);
82
9a304d29
PB		 83struct NBDClient {
84 int refcount;
0c9390d9 85 void (*close_fn)(NBDClient *client, bool negotiated);
9a304d29 86
c203c59a 87 bool no_zeroes;
9a304d29 88 NBDExport *exp;
f95910fe
DB		 89 QCryptoTLSCreds *tlscreds;
90 char *tlsaclname;
1c778ef7
DB		 91 QIOChannelSocket *sioc; /* The underlying data channel */
92 QIOChannel *ioc; /* The current I/O channel which may differ (eg TLS) */
9a304d29
PB		 93
94 Coroutine *recv_coroutine;
95
96 CoMutex send_lock;
97 Coroutine *send_coroutine;
98
4b9441f6 99 QTAILQ_ENTRY(NBDClient) next;
9a304d29 100 int nb_requests;
ff2b68aa 101 bool closing;
9a304d29
PB		 102};
103
7a5ca864
FB		 104/* That's all folks */
105
ff82911c 106static void nbd_client_receive_next_request(NBDClient *client);
958c717d 107
6b8c01e7 108/* Basic flow for negotiation
7a5ca864
FB		 109
110 Server Client
7a5ca864 111 Negotiate
6b8c01e7
PB		 112
113 or
114
115 Server Client
116 Negotiate #1
117 Option
118 Negotiate #2
119
120 ----
121
122 followed by
123
124 Server Client
7a5ca864
FB		 125 Request
126 Response
127 Request
128 Response
129 ...
130 ...
131 Request (type == 2)
6b8c01e7 132
7a5ca864
FB		 133*/
134
526e5c65
EB		 135/* Send a reply header, including length, but no payload.
136 * Return -errno on error, 0 on success. */
137static int nbd_negotiate_send_rep_len(QIOChannel *ioc, uint32_t type,
2fd2c840 138 uint32_t opt, uint32_t len, Error **errp)
6b8c01e7 139{
6b8c01e7 140 uint64_t magic;
6b8c01e7 141
9588463e 142 trace_nbd_negotiate_send_rep_len(opt, type, len);
f95910fe 143
f5076b5a 144 magic = cpu_to_be64(NBD_REP_MAGIC);
2fd2c840
VSO		 145 if (nbd_write(ioc, &magic, sizeof(magic), errp) < 0) {
146 error_prepend(errp, "write failed (rep magic): ");
f5076b5a 147 return -EINVAL;
6b8c01e7 148 }
2fd2c840 149
f5076b5a 150 opt = cpu_to_be32(opt);
2fd2c840
VSO		 151 if (nbd_write(ioc, &opt, sizeof(opt), errp) < 0) {
152 error_prepend(errp, "write failed (rep opt): ");
f5076b5a 153 return -EINVAL;
6b8c01e7 154 }
2fd2c840 155
f5076b5a 156 type = cpu_to_be32(type);
2fd2c840
VSO		 157 if (nbd_write(ioc, &type, sizeof(type), errp) < 0) {
158 error_prepend(errp, "write failed (rep type): ");
f5076b5a 159 return -EINVAL;
6b8c01e7 160 }
2fd2c840 161
526e5c65 162 len = cpu_to_be32(len);
2fd2c840
VSO		 163 if (nbd_write(ioc, &len, sizeof(len), errp) < 0) {
164 error_prepend(errp, "write failed (rep data length): ");
f5076b5a 165 return -EINVAL;
6b8c01e7 166 }
f5076b5a
HB		 167 return 0;
168}
6b8c01e7 169
526e5c65
EB		 170/* Send a reply header with default 0 length.
171 * Return -errno on error, 0 on success. */
2fd2c840
VSO		 172static int nbd_negotiate_send_rep(QIOChannel *ioc, uint32_t type, uint32_t opt,
173 Error **errp)
526e5c65 174{
2fd2c840 175 return nbd_negotiate_send_rep_len(ioc, type, opt, 0, errp);
526e5c65
EB		 176}
177
36683283
EB		 178/* Send an error reply.
179 * Return -errno on error, 0 on success. */
2fd2c840 180static int GCC_FMT_ATTR(5, 6)
36683283 181nbd_negotiate_send_rep_err(QIOChannel *ioc, uint32_t type,
2fd2c840 182 uint32_t opt, Error **errp, const char *fmt, ...)
36683283
EB		 183{
184 va_list va;
185 char *msg;
186 int ret;
187 size_t len;
188
189 va_start(va, fmt);
190 msg = g_strdup_vprintf(fmt, va);
191 va_end(va);
192 len = strlen(msg);
193 assert(len < 4096);
9588463e 194 trace_nbd_negotiate_send_rep_err(msg);
2fd2c840 195 ret = nbd_negotiate_send_rep_len(ioc, type, opt, len, errp);
36683283
EB		 196 if (ret < 0) {
197 goto out;
198 }
2fd2c840
VSO		 199 if (nbd_write(ioc, msg, len, errp) < 0) {
200 error_prepend(errp, "write failed (error message): ");
36683283
EB		 201 ret = -EIO;
202 } else {
203 ret = 0;
204 }
2fd2c840 205
36683283
EB		 206out:
207 g_free(msg);
208 return ret;
209}
210
526e5c65
EB		 211/* Send a single NBD_REP_SERVER reply to NBD_OPT_LIST, including payload.
212 * Return -errno on error, 0 on success. */
2fd2c840
VSO		 213static int nbd_negotiate_send_rep_list(QIOChannel *ioc, NBDExport *exp,
214 Error **errp)
32d7d2e0 215{
b1a75b33 216 size_t name_len, desc_len;
526e5c65 217 uint32_t len;
b1a75b33
EB		 218 const char *name = exp->name ? exp->name : "";
219 const char *desc = exp->description ? exp->description : "";
2e5c9ad6 220 int ret;
32d7d2e0 221
9588463e 222 trace_nbd_negotiate_send_rep_list(name, desc);
b1a75b33
EB		 223 name_len = strlen(name);
224 desc_len = strlen(desc);
526e5c65 225 len = name_len + desc_len + sizeof(len);
2fd2c840
VSO		 226 ret = nbd_negotiate_send_rep_len(ioc, NBD_REP_SERVER, NBD_OPT_LIST, len,
227 errp);
2e5c9ad6
VSO		 228 if (ret < 0) {
229 return ret;
32d7d2e0 230 }
526e5c65 231
32d7d2e0 232 len = cpu_to_be32(name_len);
2fd2c840
VSO		 233 if (nbd_write(ioc, &len, sizeof(len), errp) < 0) {
234 error_prepend(errp, "write failed (name length): ");
b1a75b33
EB		 235 return -EINVAL;
236 }
2fd2c840
VSO		 237
238 if (nbd_write(ioc, name, name_len, errp) < 0) {
239 error_prepend(errp, "write failed (name buffer): ");
32d7d2e0
HB		 240 return -EINVAL;
241 }
2fd2c840
VSO		 242
243 if (nbd_write(ioc, desc, desc_len, errp) < 0) {
244 error_prepend(errp, "write failed (description buffer): ");
32d7d2e0
HB		 245 return -EINVAL;
246 }
2fd2c840 247
32d7d2e0
HB		 248 return 0;
249}
250
526e5c65
EB		 251/* Process the NBD_OPT_LIST command, with a potential series of replies.
252 * Return -errno on error, 0 on success. */
2fd2c840
VSO		 253static int nbd_negotiate_handle_list(NBDClient *client, uint32_t length,
254 Error **errp)
32d7d2e0 255{
32d7d2e0
HB		 256 NBDExport *exp;
257
32d7d2e0 258 if (length) {
2fd2c840 259 if (nbd_drop(client->ioc, length, errp) < 0) {
0379f474
HR		 260 return -EIO;
261 }
36683283
EB		 262 return nbd_negotiate_send_rep_err(client->ioc,
263 NBD_REP_ERR_INVALID, NBD_OPT_LIST,
2fd2c840 264 errp,
36683283 265 "OPT_LIST should not have length");
32d7d2e0
HB		 266 }
267
268 /* For each export, send a NBD_REP_SERVER reply. */
269 QTAILQ_FOREACH(exp, &exports, next) {
2fd2c840 270 if (nbd_negotiate_send_rep_list(client->ioc, exp, errp)) {
32d7d2e0
HB		 271 return -EINVAL;
272 }
273 }
274 /* Finish with a NBD_REP_ACK. */
2fd2c840 275 return nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, NBD_OPT_LIST, errp);
32d7d2e0
HB		 276}
277
2fd2c840
VSO		 278static int nbd_negotiate_handle_export_name(NBDClient *client, uint32_t length,
279 Error **errp)
f5076b5a 280{
943cec86 281 char name[NBD_MAX_NAME_SIZE + 1];
6b8c01e7 282
f5076b5a
HB		 283 /* Client sends:
284 [20 .. xx] export name (length bytes)
285 */
9588463e 286 trace_nbd_negotiate_handle_export_name();
943cec86 287 if (length >= sizeof(name)) {
2fd2c840 288 error_setg(errp, "Bad length received");
d9faeed8 289 return -EINVAL;
6b8c01e7 290 }
2fd2c840
VSO		 291 if (nbd_read(client->ioc, name, length, errp) < 0) {
292 error_prepend(errp, "read failed: ");
d9faeed8 293 return -EINVAL;
6b8c01e7
PB		 294 }
295 name[length] = '\0';
296
9588463e 297 trace_nbd_negotiate_handle_export_name_request(name);
9344e5f5 298
6b8c01e7
PB		 299 client->exp = nbd_export_find(name);
300 if (!client->exp) {
2fd2c840 301 error_setg(errp, "export not found");
d9faeed8 302 return -EINVAL;
6b8c01e7
PB		 303 }
304
305 QTAILQ_INSERT_TAIL(&client->exp->clients, client, next);
306 nbd_export_get(client->exp);
d9faeed8
VSO		 307
308 return 0;
6b8c01e7
PB		 309}
310
36683283
EB		 311/* Handle NBD_OPT_STARTTLS. Return NULL to drop connection, or else the
312 * new channel for all further (now-encrypted) communication. */
f95910fe 313static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
2fd2c840
VSO		 314 uint32_t length,
315 Error **errp)
f95910fe
DB		 316{
317 QIOChannel *ioc;
318 QIOChannelTLS *tioc;
319 struct NBDTLSHandshakeData data = { 0 };
320
9588463e 321 trace_nbd_negotiate_handle_starttls();
f95910fe
DB		 322 ioc = client->ioc;
323 if (length) {
2fd2c840 324 if (nbd_drop(ioc, length, errp) < 0) {
f95910fe
DB		 325 return NULL;
326 }
36683283 327 nbd_negotiate_send_rep_err(ioc, NBD_REP_ERR_INVALID, NBD_OPT_STARTTLS,
2fd2c840 328 errp,
36683283 329 "OPT_STARTTLS should not have length");
f95910fe
DB		 330 return NULL;
331 }
332
63d5ef86 333 if (nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK,
2fd2c840 334 NBD_OPT_STARTTLS, errp) < 0) {
63d5ef86
EB		 335 return NULL;
336 }
f95910fe
DB		 337
338 tioc = qio_channel_tls_new_server(ioc,
339 client->tlscreds,
340 client->tlsaclname,
2fd2c840 341 errp);
f95910fe
DB		 342 if (!tioc) {
343 return NULL;
344 }
345
0d73f725 346 qio_channel_set_name(QIO_CHANNEL(tioc), "nbd-server-tls");
9588463e 347 trace_nbd_negotiate_handle_starttls_handshake();
f95910fe
DB		 348 data.loop = g_main_loop_new(g_main_context_default(), FALSE);
349 qio_channel_tls_handshake(tioc,
350 nbd_tls_handshake,
351 &data,
352 NULL);
353
354 if (!data.complete) {
355 g_main_loop_run(data.loop);
356 }
357 g_main_loop_unref(data.loop);
358 if (data.error) {
359 object_unref(OBJECT(tioc));
2fd2c840 360 error_propagate(errp, data.error);
f95910fe
DB		 361 return NULL;
362 }
363
364 return QIO_CHANNEL(tioc);
365}
366
1e120ffe
VSO		 367/* nbd_negotiate_options
368 * Process all NBD_OPT_* client option commands.
369 * Return:
2fd2c840
VSO		 370 * -errno on error, errp is set
371 * 0 on successful negotiation, errp is not set
372 * 1 if client sent NBD_OPT_ABORT, i.e. on valid disconnect,
373 * errp is not set
1e120ffe 374 */
2fd2c840 375static int nbd_negotiate_options(NBDClient *client, Error **errp)
f5076b5a 376{
9c122ada 377 uint32_t flags;
26afa868 378 bool fixedNewstyle = false;
2fd2c840 379 Error *local_err = NULL;
9c122ada
HR		 380
381 /* Client sends:
382 [ 0 .. 3] client flags
383
384 [ 0 .. 7] NBD_OPTS_MAGIC
385 [ 8 .. 11] NBD option
386 [12 .. 15] Data length
387 ... Rest of request
388
389 [ 0 .. 7] NBD_OPTS_MAGIC
390 [ 8 .. 11] Second NBD option
391 [12 .. 15] Data length
392 ... Rest of request
393 */
394
2fd2c840
VSO		 395 if (nbd_read(client->ioc, &flags, sizeof(flags), errp) < 0) {
396 error_prepend(errp, "read failed: ");
9c122ada
HR		 397 return -EIO;
398 }
9588463e 399 trace_nbd_negotiate_options_flags();
9c122ada 400 be32_to_cpus(&flags);
26afa868 401 if (flags & NBD_FLAG_C_FIXED_NEWSTYLE) {
9588463e 402 trace_nbd_negotiate_options_newstyle();
26afa868
DB		 403 fixedNewstyle = true;
404 flags &= ~NBD_FLAG_C_FIXED_NEWSTYLE;
405 }
c203c59a 406 if (flags & NBD_FLAG_C_NO_ZEROES) {
9588463e 407 trace_nbd_negotiate_options_no_zeroes();
c203c59a
EB		 408 client->no_zeroes = true;
409 flags &= ~NBD_FLAG_C_NO_ZEROES;
410 }
26afa868 411 if (flags != 0) {
2fd2c840 412 error_setg(errp, "Unknown client flags 0x%" PRIx32 " received", flags);
9c122ada
HR		 413 return -EIO;
414 }
415
f5076b5a 416 while (1) {
9c122ada 417 int ret;
7f9039cd 418 uint32_t option, length;
f5076b5a
HB		 419 uint64_t magic;
420
2fd2c840
VSO		 421 if (nbd_read(client->ioc, &magic, sizeof(magic), errp) < 0) {
422 error_prepend(errp, "read failed: ");
f5076b5a
HB		 423 return -EINVAL;
424 }
9588463e
VSO		 425 magic = be64_to_cpu(magic);
426 trace_nbd_negotiate_options_check_magic(magic);
427 if (magic != NBD_OPTS_MAGIC) {
2fd2c840 428 error_setg(errp, "Bad magic received");
f5076b5a
HB		 429 return -EINVAL;
430 }
431
7f9039cd
VSO		 432 if (nbd_read(client->ioc, &option,
433 sizeof(option), errp) < 0) {
2fd2c840 434 error_prepend(errp, "read failed: ");
f5076b5a
HB		 435 return -EINVAL;
436 }
7f9039cd 437 option = be32_to_cpu(option);
f5076b5a 438
2fd2c840
VSO		 439 if (nbd_read(client->ioc, &length, sizeof(length), errp) < 0) {
440 error_prepend(errp, "read failed: ");
f5076b5a
HB		 441 return -EINVAL;
442 }
443 length = be32_to_cpu(length);
444
9588463e 445 trace_nbd_negotiate_options_check_option(option);
f95910fe
DB		 446 if (client->tlscreds &&
447 client->ioc == (QIOChannel *)client->sioc) {
448 QIOChannel *tioc;
449 if (!fixedNewstyle) {
7f9039cd 450 error_setg(errp, "Unsupported option 0x%" PRIx32, option);
f95910fe
DB		 451 return -EINVAL;
452 }
7f9039cd 453 switch (option) {
f95910fe 454 case NBD_OPT_STARTTLS:
2fd2c840 455 tioc = nbd_negotiate_handle_starttls(client, length, errp);
f95910fe
DB		 456 if (!tioc) {
457 return -EIO;
458 }
459 object_unref(OBJECT(client->ioc));
460 client->ioc = QIO_CHANNEL(tioc);
461 break;
462
d1129a8a
EB		 463 case NBD_OPT_EXPORT_NAME:
464 /* No way to return an error to client, so drop connection */
2fd2c840 465 error_setg(errp, "Option 0x%x not permitted before TLS",
7f9039cd 466 option);
d1129a8a
EB		 467 return -EINVAL;
468
f95910fe 469 default:
2fd2c840 470 if (nbd_drop(client->ioc, length, errp) < 0) {
d1129a8a
EB		 471 return -EIO;
472 }
36683283
EB		 473 ret = nbd_negotiate_send_rep_err(client->ioc,
474 NBD_REP_ERR_TLS_REQD,
7f9039cd 475 option, errp,
36683283
EB		 476 "Option 0x%" PRIx32
477 "not permitted before TLS",
7f9039cd 478 option);
63d5ef86
EB		 479 if (ret < 0) {
480 return ret;
481 }
b6f5d3b5 482 /* Let the client keep trying, unless they asked to quit */
7f9039cd 483 if (option == NBD_OPT_ABORT) {
1e120ffe 484 return 1;
b6f5d3b5 485 }
d1129a8a 486 break;
f95910fe
DB		 487 }
488 } else if (fixedNewstyle) {
7f9039cd 489 switch (option) {
26afa868 490 case NBD_OPT_LIST:
2fd2c840 491 ret = nbd_negotiate_handle_list(client, length, errp);
26afa868
DB		 492 if (ret < 0) {
493 return ret;
494 }
495 break;
496
497 case NBD_OPT_ABORT:
b6f5d3b5
EB		 498 /* NBD spec says we must try to reply before
499 * disconnecting, but that we must also tolerate
500 * guests that don't wait for our reply. */
7f9039cd 501 nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, option,
2fd2c840
VSO		 502 &local_err);
503
504 if (local_err != NULL) {
9588463e
VSO		 505 const char *error = error_get_pretty(local_err);
506 trace_nbd_opt_abort_reply_failed(error);
2fd2c840
VSO		 507 error_free(local_err);
508 }
509
1e120ffe 510 return 1;
26afa868
DB		 511
512 case NBD_OPT_EXPORT_NAME:
2fd2c840 513 return nbd_negotiate_handle_export_name(client, length, errp);
26afa868 514
f95910fe 515 case NBD_OPT_STARTTLS:
2fd2c840 516 if (nbd_drop(client->ioc, length, errp) < 0) {
d1129a8a
EB		 517 return -EIO;
518 }
f95910fe 519 if (client->tlscreds) {
36683283
EB		 520 ret = nbd_negotiate_send_rep_err(client->ioc,
521 NBD_REP_ERR_INVALID,
7f9039cd 522 option, errp,
36683283 523 "TLS already enabled");
f95910fe 524 } else {
36683283
EB		 525 ret = nbd_negotiate_send_rep_err(client->ioc,
526 NBD_REP_ERR_POLICY,
7f9039cd 527 option, errp,
36683283 528 "TLS not configured");
63d5ef86
EB		 529 }
530 if (ret < 0) {
531 return ret;
f95910fe 532 }
d1129a8a 533 break;
26afa868 534 default:
2fd2c840 535 if (nbd_drop(client->ioc, length, errp) < 0) {
156f6a10
EB		 536 return -EIO;
537 }
36683283
EB		 538 ret = nbd_negotiate_send_rep_err(client->ioc,
539 NBD_REP_ERR_UNSUP,
7f9039cd 540 option, errp,
36683283
EB		 541 "Unsupported option 0x%"
542 PRIx32,
7f9039cd 543 option);
63d5ef86
EB		 544 if (ret < 0) {
545 return ret;
546 }
156f6a10 547 break;
26afa868
DB		 548 }
549 } else {
550 /*
551 * If broken new-style we should drop the connection
552 * for anything except NBD_OPT_EXPORT_NAME
553 */
7f9039cd 554 switch (option) {
26afa868 555 case NBD_OPT_EXPORT_NAME:
2fd2c840 556 return nbd_negotiate_handle_export_name(client, length, errp);
26afa868
DB		 557
558 default:
7f9039cd 559 error_setg(errp, "Unsupported option 0x%" PRIx32, option);
26afa868 560 return -EINVAL;
32d7d2e0 561 }
f5076b5a
HB		 562 }
563 }
564}
565
1e120ffe
VSO		 566/* nbd_negotiate
567 * Return:
2fd2c840
VSO		 568 * -errno on error, errp is set
569 * 0 on successful negotiation, errp is not set
570 * 1 if client sent NBD_OPT_ABORT, i.e. on valid disconnect,
571 * errp is not set
1e120ffe 572 */
2fd2c840 573static coroutine_fn int nbd_negotiate(NBDClient *client, Error **errp)
7a5ca864 574{
b2e3d87f 575 char buf[8 + 8 + 8 + 128];
2e5c9ad6 576 int ret;
7423f417 577 const uint16_t myflags = (NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM |
1f4d6d18
EB		 578 NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA |
579 NBD_FLAG_SEND_WRITE_ZEROES);
f95910fe 580 bool oldStyle;
c203c59a 581 size_t len;
b2e3d87f 582
f95910fe 583 /* Old style negotiation header without options
6b8c01e7
PB		 584 [ 0 .. 7] passwd ("NBDMAGIC")
585 [ 8 .. 15] magic (NBD_CLIENT_MAGIC)
b2e3d87f 586 [16 .. 23] size
6b8c01e7 587 [24 .. 25] server flags (0)
5672ee54 588 [26 .. 27] export flags
6b8c01e7
PB		 589 [28 .. 151] reserved (0)
590
f95910fe 591 New style negotiation header with options
6b8c01e7
PB		 592 [ 0 .. 7] passwd ("NBDMAGIC")
593 [ 8 .. 15] magic (NBD_OPTS_MAGIC)
594 [16 .. 17] server flags (0)
f95910fe 595 ....options sent....
6b8c01e7
PB		 596 [18 .. 25] size
597 [26 .. 27] export flags
c203c59a 598 [28 .. 151] reserved (0, omit if no_zeroes)
b2e3d87f
NT		 599 */
600
1c778ef7 601 qio_channel_set_blocking(client->ioc, false, NULL);
185b4338 602
9588463e 603 trace_nbd_negotiate_begin();
8ffaaba0 604 memset(buf, 0, sizeof(buf));
b2e3d87f 605 memcpy(buf, "NBDMAGIC", 8);
f95910fe
DB		 606
607 oldStyle = client->exp != NULL && !client->tlscreds;
608 if (oldStyle) {
9588463e
VSO		 609 trace_nbd_negotiate_old_style(client->exp->size,
610 client->exp->nbdflags | myflags);
667ad26f
JS		 611 stq_be_p(buf + 8, NBD_CLIENT_MAGIC);
612 stq_be_p(buf + 16, client->exp->size);
613 stw_be_p(buf + 26, client->exp->nbdflags | myflags);
b2e3d87f 614
2fd2c840
VSO		 615 if (nbd_write(client->ioc, buf, sizeof(buf), errp) < 0) {
616 error_prepend(errp, "write failed: ");
d9faeed8 617 return -EINVAL;
6b8c01e7
PB		 618 }
619 } else {
76ff081d
VSO		 620 stq_be_p(buf + 8, NBD_OPTS_MAGIC);
621 stw_be_p(buf + 16, NBD_FLAG_FIXED_NEWSTYLE | NBD_FLAG_NO_ZEROES);
622
2fd2c840
VSO		 623 if (nbd_write(client->ioc, buf, 18, errp) < 0) {
624 error_prepend(errp, "write failed: ");
d9faeed8 625 return -EINVAL;
6b8c01e7 626 }
2fd2c840 627 ret = nbd_negotiate_options(client, errp);
2e5c9ad6 628 if (ret != 0) {
2fd2c840
VSO		 629 if (ret < 0) {
630 error_prepend(errp, "option negotiation failed: ");
631 }
2e5c9ad6 632 return ret;
6b8c01e7
PB		 633 }
634
9588463e
VSO		 635 trace_nbd_negotiate_new_style_size_flags(
636 client->exp->size, client->exp->nbdflags | myflags);
667ad26f
JS		 637 stq_be_p(buf + 18, client->exp->size);
638 stw_be_p(buf + 26, client->exp->nbdflags | myflags);
c203c59a 639 len = client->no_zeroes ? 10 : sizeof(buf) - 18;
2fd2c840 640 ret = nbd_write(client->ioc, buf + 18, len, errp);
2e5c9ad6 641 if (ret < 0) {
2fd2c840 642 error_prepend(errp, "write failed: ");
2e5c9ad6 643 return ret;
6b8c01e7 644 }
b2e3d87f
NT		 645 }
646
9588463e 647 trace_nbd_negotiate_success();
d9faeed8
VSO		 648
649 return 0;
7a5ca864
FB		 650}
651
2fd2c840
VSO		 652static int nbd_receive_request(QIOChannel *ioc, NBDRequest *request,
653 Error **errp)
75818250 654{
fa26c26b 655 uint8_t buf[NBD_REQUEST_SIZE];
b2e3d87f 656 uint32_t magic;
a0dc63a6 657 int ret;
b2e3d87f 658
2fd2c840 659 ret = nbd_read(ioc, buf, sizeof(buf), errp);
185b4338
PB		 660 if (ret < 0) {
661 return ret;
662 }
663
b2e3d87f
NT		 664 /* Request
665 [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
b626b51a
EB		 666 [ 4 .. 5] flags (NBD_CMD_FLAG_FUA, ...)
667 [ 6 .. 7] type (NBD_CMD_READ, ...)
b2e3d87f
NT		 668 [ 8 .. 15] handle
669 [16 .. 23] from
670 [24 .. 27] len
671 */
672
773dce3c 673 magic = ldl_be_p(buf);
b626b51a
EB		 674 request->flags = lduw_be_p(buf + 4);
675 request->type = lduw_be_p(buf + 6);
773dce3c
PM		 676 request->handle = ldq_be_p(buf + 8);
677 request->from = ldq_be_p(buf + 16);
678 request->len = ldl_be_p(buf + 24);
b2e3d87f 679
9588463e
VSO		 680 trace_nbd_receive_request(magic, request->flags, request->type,
681 request->from, request->len);
b2e3d87f
NT		 682
683 if (magic != NBD_REQUEST_MAGIC) {
2fd2c840 684 error_setg(errp, "invalid magic (got 0x%" PRIx32 ")", magic);
185b4338 685 return -EINVAL;
b2e3d87f
NT		 686 }
687 return 0;
75818250
TS		 688}
689
c7b97282 690static int nbd_send_reply(QIOChannel *ioc, NBDReply *reply, Error **errp)
75818250 691{
fa26c26b 692 uint8_t buf[NBD_REPLY_SIZE];
b2e3d87f 693
ca441480
PB		 694 reply->error = system_errno_to_nbd_errno(reply->error);
695
9588463e 696 trace_nbd_send_reply(reply->error, reply->handle);
7548fe31 697
b2e3d87f
NT		 698 /* Reply
699 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
700 [ 4 .. 7] error (0 == no error)
701 [ 7 .. 15] handle
702 */
667ad26f
JS		 703 stl_be_p(buf, NBD_REPLY_MAGIC);
704 stl_be_p(buf + 4, reply->error);
705 stq_be_p(buf + 8, reply->handle);
b2e3d87f 706
c7b97282 707 return nbd_write(ioc, buf, sizeof(buf), errp);
75818250 708}
7a5ca864 709
41996e38
PB		 710#define MAX_NBD_REQUESTS 16
711
ce33967a 712void nbd_client_get(NBDClient *client)
1743b515
PB		 713{
714 client->refcount++;
715}
716
ce33967a 717void nbd_client_put(NBDClient *client)
1743b515
PB		 718{
719 if (--client->refcount == 0) {
ff2b68aa 720 /* The last reference should be dropped by client->close,
f53a829b 721 * which is called by client_close.
ff2b68aa
PB		 722 */
723 assert(client->closing);
724
ff82911c 725 qio_channel_detach_aio_context(client->ioc);
1c778ef7
DB		 726 object_unref(OBJECT(client->sioc));
727 object_unref(OBJECT(client->ioc));
f95910fe
DB		 728 if (client->tlscreds) {
729 object_unref(OBJECT(client->tlscreds));
730 }
731 g_free(client->tlsaclname);
6b8c01e7
PB		 732 if (client->exp) {
733 QTAILQ_REMOVE(&client->exp->clients, client, next);
734 nbd_export_put(client->exp);
735 }
1743b515
PB		 736 g_free(client);
737 }
738}
739
0c9390d9 740static void client_close(NBDClient *client, bool negotiated)
1743b515 741{
ff2b68aa
PB		 742 if (client->closing) {
743 return;
744 }
745
746 client->closing = true;
747
748 /* Force requests to finish. They will drop their own references,
749 * then we'll close the socket and free the NBDClient.
750 */
1c778ef7
DB		 751 qio_channel_shutdown(client->ioc, QIO_CHANNEL_SHUTDOWN_BOTH,
752 NULL);
ff2b68aa
PB		 753
754 /* Also tell the client, so that they release their reference. */
0c9390d9
EB		 755 if (client->close_fn) {
756 client->close_fn(client, negotiated);
1743b515 757 }
1743b515
PB		 758}
759
315f78ab 760static NBDRequestData *nbd_request_get(NBDClient *client)
d9a73806 761{
315f78ab 762 NBDRequestData *req;
72deddc5 763
41996e38
PB		 764 assert(client->nb_requests <= MAX_NBD_REQUESTS - 1);
765 client->nb_requests++;
766
315f78ab 767 req = g_new0(NBDRequestData, 1);
72deddc5
PB		 768 nbd_client_get(client);
769 req->client = client;
d9a73806
PB		 770 return req;
771}
772
315f78ab 773static void nbd_request_put(NBDRequestData *req)
d9a73806 774{
72deddc5 775 NBDClient *client = req->client;
e1adb27a 776
2d821488
SH		 777 if (req->data) {
778 qemu_vfree(req->data);
779 }
1729404c 780 g_free(req);
e1adb27a 781
958c717d 782 client->nb_requests--;
ff82911c
PB		 783 nbd_client_receive_next_request(client);
784
72deddc5 785 nbd_client_put(client);
d9a73806
PB		 786}
787
aadf99a7 788static void blk_aio_attached(AioContext *ctx, void *opaque)
f2149281
HR		 789{
790 NBDExport *exp = opaque;
791 NBDClient *client;
792
9588463e 793 trace_nbd_blk_aio_attached(exp->name, ctx);
f2149281
HR		 794
795 exp->ctx = ctx;
796
797 QTAILQ_FOREACH(client, &exp->clients, next) {
ff82911c
PB		 798 qio_channel_attach_aio_context(client->ioc, ctx);
799 if (client->recv_coroutine) {
800 aio_co_schedule(ctx, client->recv_coroutine);
801 }
802 if (client->send_coroutine) {
803 aio_co_schedule(ctx, client->send_coroutine);
804 }
f2149281
HR		 805 }
806}
807
aadf99a7 808static void blk_aio_detach(void *opaque)
f2149281
HR		 809{
810 NBDExport *exp = opaque;
811 NBDClient *client;
812
9588463e 813 trace_nbd_blk_aio_detach(exp->name, exp->ctx);
f2149281
HR		 814
815 QTAILQ_FOREACH(client, &exp->clients, next) {
ff82911c 816 qio_channel_detach_aio_context(client->ioc);
f2149281
HR		 817 }
818
819 exp->ctx = NULL;
820}
821
741cc431
HR		 822static void nbd_eject_notifier(Notifier *n, void *data)
823{
824 NBDExport *exp = container_of(n, NBDExport, eject_notifier);
825 nbd_export_close(exp);
826}
827
cd7fca95 828NBDExport *nbd_export_new(BlockDriverState *bs, off_t dev_offset, off_t size,
7423f417 829 uint16_t nbdflags, void (*close)(NBDExport *),
cd7fca95 830 bool writethrough, BlockBackend *on_eject_blk,
98f44bbe 831 Error **errp)
af49bbbe 832{
cd7fca95 833 BlockBackend *blk;
af49bbbe 834 NBDExport *exp = g_malloc0(sizeof(NBDExport));
8a7ce4f9 835 uint64_t perm;
d7086422 836 int ret;
cd7fca95 837
8a7ce4f9
KW		 838 /* Don't allow resize while the NBD server is running, otherwise we don't
839 * care what happens with the node. */
840 perm = BLK_PERM_CONSISTENT_READ;
841 if ((nbdflags & NBD_FLAG_READ_ONLY) == 0) {
842 perm |= BLK_PERM_WRITE;
843 }
844 blk = blk_new(perm, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED |
845 BLK_PERM_WRITE | BLK_PERM_GRAPH_MOD);
d7086422
KW		 846 ret = blk_insert_bs(blk, bs, errp);
847 if (ret < 0) {
848 goto fail;
849 }
cd7fca95
KW		 850 blk_set_enable_write_cache(blk, !writethrough);
851
2c8d9f06 852 exp->refcount = 1;
4b9441f6 853 QTAILQ_INIT(&exp->clients);
aadf99a7 854 exp->blk = blk;
af49bbbe
PB		 855 exp->dev_offset = dev_offset;
856 exp->nbdflags = nbdflags;
98f44bbe
HR		 857 exp->size = size < 0 ? blk_getlength(blk) : size;
858 if (exp->size < 0) {
859 error_setg_errno(errp, -exp->size,
860 "Failed to determine the NBD export's length");
861 goto fail;
862 }
863 exp->size -= exp->size % BDRV_SECTOR_SIZE;
864
0ddf08db 865 exp->close = close;
aadf99a7 866 exp->ctx = blk_get_aio_context(blk);
aadf99a7 867 blk_add_aio_context_notifier(blk, blk_aio_attached, blk_aio_detach, exp);
741cc431 868
cd7fca95
KW		 869 if (on_eject_blk) {
870 blk_ref(on_eject_blk);
871 exp->eject_notifier_blk = on_eject_blk;
872 exp->eject_notifier.notify = nbd_eject_notifier;
873 blk_add_remove_bs_notifier(on_eject_blk, &exp->eject_notifier);
874 }
741cc431 875
7ea2d269
AK		 876 /*
877 * NBD exports are used for non-shared storage migration. Make sure
04c01a5c 878 * that BDRV_O_INACTIVE is cleared and the image is ready for write
7ea2d269
AK		 879 * access since the export could be available before migration handover.
880 */
e5f3e12e 881 aio_context_acquire(exp->ctx);
aadf99a7 882 blk_invalidate_cache(blk, NULL);
e5f3e12e 883 aio_context_release(exp->ctx);
af49bbbe 884 return exp;
98f44bbe
HR		 885
886fail:
cd7fca95 887 blk_unref(blk);
98f44bbe
HR		 888 g_free(exp);
889 return NULL;
af49bbbe
PB		 890}
891
ee0a19ec
PB		 892NBDExport *nbd_export_find(const char *name)
893{
894 NBDExport *exp;
895 QTAILQ_FOREACH(exp, &exports, next) {
896 if (strcmp(name, exp->name) == 0) {
897 return exp;
898 }
899 }
900
901 return NULL;
902}
903
904void nbd_export_set_name(NBDExport *exp, const char *name)
905{
906 if (exp->name == name) {
907 return;
908 }
909
910 nbd_export_get(exp);
911 if (exp->name != NULL) {
912 g_free(exp->name);
913 exp->name = NULL;
914 QTAILQ_REMOVE(&exports, exp, next);
915 nbd_export_put(exp);
916 }
917 if (name != NULL) {
918 nbd_export_get(exp);
919 exp->name = g_strdup(name);
920 QTAILQ_INSERT_TAIL(&exports, exp, next);
921 }
922 nbd_export_put(exp);
923}
924
b1a75b33
EB		 925void nbd_export_set_description(NBDExport *exp, const char *description)
926{
927 g_free(exp->description);
928 exp->description = g_strdup(description);
929}
930
af49bbbe
PB		 931void nbd_export_close(NBDExport *exp)
932{
4b9441f6 933 NBDClient *client, *next;
2c8d9f06 934
4b9441f6
PB		 935 nbd_export_get(exp);
936 QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) {
0c9390d9 937 client_close(client, true);
4b9441f6 938 }
125afda8 939 nbd_export_set_name(exp, NULL);
b1a75b33 940 nbd_export_set_description(exp, NULL);
4b9441f6 941 nbd_export_put(exp);
2c8d9f06
PB		 942}
943
944void nbd_export_get(NBDExport *exp)
945{
946 assert(exp->refcount > 0);
947 exp->refcount++;
948}
949
950void nbd_export_put(NBDExport *exp)
951{
952 assert(exp->refcount > 0);
953 if (exp->refcount == 1) {
954 nbd_export_close(exp);
d9a73806
PB		 955 }
956
2c8d9f06 957 if (--exp->refcount == 0) {
ee0a19ec 958 assert(exp->name == NULL);
b1a75b33 959 assert(exp->description == NULL);
ee0a19ec 960
0ddf08db
PB		 961 if (exp->close) {
962 exp->close(exp);
963 }
964
d6268348 965 if (exp->blk) {
cd7fca95
KW		 966 if (exp->eject_notifier_blk) {
967 notifier_remove(&exp->eject_notifier);
968 blk_unref(exp->eject_notifier_blk);
969 }
d6268348
WC		 970 blk_remove_aio_context_notifier(exp->blk, blk_aio_attached,
971 blk_aio_detach, exp);
972 blk_unref(exp->blk);
973 exp->blk = NULL;
974 }
975
2c8d9f06
PB		 976 g_free(exp);
977 }
af49bbbe
PB		 978}
979
e140177d 980BlockBackend *nbd_export_get_blockdev(NBDExport *exp)
125afda8 981{
aadf99a7 982 return exp->blk;
125afda8
PB		 983}
984
ee0a19ec
PB		 985void nbd_export_close_all(void)
986{
987 NBDExport *exp, *next;
988
989 QTAILQ_FOREACH_SAFE(exp, &exports, next, next) {
990 nbd_export_close(exp);
ee0a19ec
PB		 991 }
992}
993
c7b97282
VSO		 994static int nbd_co_send_reply(NBDRequestData *req, NBDReply *reply, int len,
995 Error **errp)
22045592 996{
72deddc5 997 NBDClient *client = req->client;
2e5c9ad6 998 int ret;
22045592 999
1c778ef7 1000 g_assert(qemu_in_coroutine());
6fb2b972 1001
9588463e 1002 trace_nbd_co_send_reply(reply->handle, reply->error, len);
6fb2b972 1003
262db388 1004 qemu_co_mutex_lock(&client->send_lock);
262db388
PB		 1005 client->send_coroutine = qemu_coroutine_self();
1006
22045592 1007 if (!len) {
c7b97282 1008 ret = nbd_send_reply(client->ioc, reply, errp);
22045592 1009 } else {
1c778ef7 1010 qio_channel_set_cork(client->ioc, true);
c7b97282 1011 ret = nbd_send_reply(client->ioc, reply, errp);
2e5c9ad6 1012 if (ret == 0) {
c7b97282 1013 ret = nbd_write(client->ioc, req->data, len, errp);
2e5c9ad6
VSO		 1014 if (ret < 0) {
1015 ret = -EIO;
22045592
PB		 1016 }
1017 }
1c778ef7 1018 qio_channel_set_cork(client->ioc, false);
22045592 1019 }
262db388
PB		 1020
1021 client->send_coroutine = NULL;
262db388 1022 qemu_co_mutex_unlock(&client->send_lock);
2e5c9ad6 1023 return ret;
22045592
PB		 1024}
1025
2a6e128b
VSO		 1026/* nbd_co_receive_request
1027 * Collect a client request. Return 0 if request looks valid, -EIO to drop
1028 * connection right away, and any other negative value to report an error to
1029 * the client (although the caller may still need to disconnect after reporting
1030 * the error).
1031 */
2fd2c840
VSO		 1032static int nbd_co_receive_request(NBDRequestData *req, NBDRequest *request,
1033 Error **errp)
a030b347 1034{
72deddc5 1035 NBDClient *client = req->client;
a030b347 1036
1c778ef7 1037 g_assert(qemu_in_coroutine());
ff82911c 1038 assert(client->recv_coroutine == qemu_coroutine_self());
2fd2c840 1039 if (nbd_receive_request(client->ioc, request, errp) < 0) {
ee898b87 1040 return -EIO;
a030b347
PB		 1041 }
1042
9588463e 1043 trace_nbd_co_receive_request_decode_type(request->handle, request->type);
29b6c3b3 1044
b626b51a 1045 if (request->type != NBD_CMD_WRITE) {
29b6c3b3
EB		 1046 /* No payload, we are ready to read the next request. */
1047 req->complete = true;
1048 }
1049
b626b51a 1050 if (request->type == NBD_CMD_DISC) {
29b6c3b3
EB		 1051 /* Special case: we're going to disconnect without a reply,
1052 * whether or not flags, from, or len are bogus */
ee898b87 1053 return -EIO;
29b6c3b3
EB		 1054 }
1055
1056 /* Check for sanity in the parameters, part 1. Defer as many
1057 * checks as possible until after reading any NBD_CMD_WRITE
1058 * payload, so we can try and keep the connection alive. */
a030b347 1059 if ((request->from + request->len) < request->from) {
2fd2c840
VSO		 1060 error_setg(errp,
1061 "integer overflow detected, you're probably being attacked");
ee898b87 1062 return -EINVAL;
a030b347
PB		 1063 }
1064
b626b51a 1065 if (request->type == NBD_CMD_READ || request->type == NBD_CMD_WRITE) {
eb38c3b6 1066 if (request->len > NBD_MAX_BUFFER_SIZE) {
2fd2c840
VSO		 1067 error_setg(errp, "len (%" PRIu32" ) is larger than max len (%u)",
1068 request->len, NBD_MAX_BUFFER_SIZE);
ee898b87 1069 return -EINVAL;
eb38c3b6
PB		 1070 }
1071
f1c17521
PB		 1072 req->data = blk_try_blockalign(client->exp->blk, request->len);
1073 if (req->data == NULL) {
2fd2c840 1074 error_setg(errp, "No memory");
ee898b87 1075 return -ENOMEM;
f1c17521 1076 }
2d821488 1077 }
b626b51a 1078 if (request->type == NBD_CMD_WRITE) {
2fd2c840
VSO		 1079 if (nbd_read(client->ioc, req->data, request->len, errp) < 0) {
1080 error_prepend(errp, "reading from socket failed: ");
ee898b87 1081 return -EIO;
a030b347 1082 }
29b6c3b3 1083 req->complete = true;
6fb2b972 1084
9588463e
VSO		 1085 trace_nbd_co_receive_request_payload_received(request->handle,
1086 request->len);
a030b347 1087 }
29b6c3b3
EB		 1088
1089 /* Sanity checks, part 2. */
1090 if (request->from + request->len > client->exp->size) {
2fd2c840
VSO		 1091 error_setg(errp, "operation past EOF; From: %" PRIu64 ", Len: %" PRIu32
1092 ", Size: %" PRIu64, request->from, request->len,
1093 (uint64_t)client->exp->size);
ee898b87 1094 return request->type == NBD_CMD_WRITE ? -ENOSPC : -EINVAL;
29b6c3b3 1095 }
1f4d6d18 1096 if (request->flags & ~(NBD_CMD_FLAG_FUA | NBD_CMD_FLAG_NO_HOLE)) {
2fd2c840 1097 error_setg(errp, "unsupported flags (got 0x%x)", request->flags);
ee898b87 1098 return -EINVAL;
ab7c548e 1099 }
1f4d6d18
EB		 1100 if (request->type != NBD_CMD_WRITE_ZEROES &&
1101 (request->flags & NBD_CMD_FLAG_NO_HOLE)) {
2fd2c840 1102 error_setg(errp, "unexpected flags (got 0x%x)", request->flags);
ee898b87 1103 return -EINVAL;
1f4d6d18 1104 }
29b6c3b3 1105
ee898b87 1106 return 0;
a030b347
PB		 1107}
1108
ff82911c
PB		 1109/* Owns a reference to the NBDClient passed as opaque. */
1110static coroutine_fn void nbd_trip(void *opaque)
75818250 1111{
262db388 1112 NBDClient *client = opaque;
1743b515 1113 NBDExport *exp = client->exp;
315f78ab 1114 NBDRequestData *req;
ff82911c 1115 NBDRequest request = { 0 }; /* GCC thinks it can be used uninitialized */
ed2dd912 1116 NBDReply reply;
a0dc63a6 1117 int ret;
a0c30369 1118 int flags;
8c372a02 1119 int reply_data_len = 0;
2fd2c840 1120 Error *local_err = NULL;
b2e3d87f 1121
9588463e 1122 trace_nbd_trip();
ff2b68aa 1123 if (client->closing) {
ff82911c 1124 nbd_client_put(client);
ff2b68aa
PB		 1125 return;
1126 }
b2e3d87f 1127
ff2b68aa 1128 req = nbd_request_get(client);
2fd2c840 1129 ret = nbd_co_receive_request(req, &request, &local_err);
ee898b87
VSO		 1130 client->recv_coroutine = NULL;
1131 nbd_client_receive_next_request(client);
a030b347 1132 if (ret == -EIO) {
8c372a02 1133 goto disconnect;
a030b347 1134 }
b2e3d87f 1135
fae69416
PB		 1136 reply.handle = request.handle;
1137 reply.error = 0;
1138
a030b347
PB		 1139 if (ret < 0) {
1140 reply.error = -ret;
8c372a02 1141 goto reply;
b2e3d87f 1142 }
b2e3d87f 1143
d6268348
WC		 1144 if (client->closing) {
1145 /*
1146 * The client may be closed when we are blocked in
1147 * nbd_co_receive_request()
1148 */
1149 goto done;
1150 }
1151
b626b51a 1152 switch (request.type) {
b2e3d87f 1153 case NBD_CMD_READ:
b626b51a
EB		 1154 /* XXX: NBD Protocol only documents use of FUA with WRITE */
1155 if (request.flags & NBD_CMD_FLAG_FUA) {
aadf99a7 1156 ret = blk_co_flush(exp->blk);
e25ceb76 1157 if (ret < 0) {
2fd2c840 1158 error_setg_errno(&local_err, -ret, "flush failed");
e25ceb76 1159 reply.error = -ret;
8c372a02 1160 break;
e25ceb76
PB		 1161 }
1162 }
1163
df7b97ff
EB		 1164 ret = blk_pread(exp->blk, request.from + exp->dev_offset,
1165 req->data, request.len);
adcf6302 1166 if (ret < 0) {
2fd2c840 1167 error_setg_errno(&local_err, -ret, "reading from file failed");
adcf6302 1168 reply.error = -ret;
8c372a02 1169 break;
b2e3d87f 1170 }
b2e3d87f 1171
8c372a02 1172 reply_data_len = request.len;
8c372a02 1173
b2e3d87f
NT		 1174 break;
1175 case NBD_CMD_WRITE:
af49bbbe 1176 if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
fae69416 1177 reply.error = EROFS;
8c372a02 1178 break;
fae69416
PB		 1179 }
1180
a0c30369 1181 flags = 0;
b626b51a 1182 if (request.flags & NBD_CMD_FLAG_FUA) {
a0c30369
EB		 1183 flags |= BDRV_REQ_FUA;
1184 }
df7b97ff 1185 ret = blk_pwrite(exp->blk, request.from + exp->dev_offset,
a0c30369 1186 req->data, request.len, flags);
fae69416 1187 if (ret < 0) {
2fd2c840 1188 error_setg_errno(&local_err, -ret, "writing to file failed");
fae69416 1189 reply.error = -ret;
fae69416 1190 }
b2e3d87f 1191
1f4d6d18 1192 break;
1f4d6d18 1193 case NBD_CMD_WRITE_ZEROES:
1f4d6d18 1194 if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
2fd2c840 1195 error_setg(&local_err, "Server is read-only, return error");
1f4d6d18 1196 reply.error = EROFS;
8c372a02 1197 break;
1f4d6d18
EB		 1198 }
1199
1f4d6d18
EB		 1200 flags = 0;
1201 if (request.flags & NBD_CMD_FLAG_FUA) {
1202 flags |= BDRV_REQ_FUA;
1203 }
1204 if (!(request.flags & NBD_CMD_FLAG_NO_HOLE)) {
1205 flags |= BDRV_REQ_MAY_UNMAP;
1206 }
1207 ret = blk_pwrite_zeroes(exp->blk, request.from + exp->dev_offset,
1208 request.len, flags);
1209 if (ret < 0) {
2fd2c840 1210 error_setg_errno(&local_err, -ret, "writing to file failed");
1f4d6d18 1211 reply.error = -ret;
1f4d6d18
EB		 1212 }
1213
b2e3d87f
NT		 1214 break;
1215 case NBD_CMD_DISC:
29b6c3b3
EB		 1216 /* unreachable, thanks to special case in nbd_co_receive_request() */
1217 abort();
1218
1486d04a 1219 case NBD_CMD_FLUSH:
aadf99a7 1220 ret = blk_co_flush(exp->blk);
1486d04a 1221 if (ret < 0) {
2fd2c840 1222 error_setg_errno(&local_err, -ret, "flush failed");
1486d04a
PB		 1223 reply.error = -ret;
1224 }
8c372a02 1225
7a706633
PB		 1226 break;
1227 case NBD_CMD_TRIM:
1c6c4bb7
EB		 1228 ret = blk_co_pdiscard(exp->blk, request.from + exp->dev_offset,
1229 request.len);
1230 if (ret < 0) {
2fd2c840 1231 error_setg_errno(&local_err, -ret, "discard failed");
1c6c4bb7 1232 reply.error = -ret;
7a706633 1233 }
8c372a02 1234
1486d04a 1235 break;
b2e3d87f 1236 default:
2fd2c840
VSO		 1237 error_setg(&local_err, "invalid request type (%" PRIu32 ") received",
1238 request.type);
8b2f0abf 1239 reply.error = EINVAL;
8c372a02
VSO		 1240 }
1241
1242reply:
2fd2c840
VSO		 1243 if (local_err) {
1244 /* If we are here local_err is not fatal error, already stored in
1245 * reply.error */
1246 error_report_err(local_err);
1247 local_err = NULL;
1248 }
1249
c7b97282
VSO		 1250 if (nbd_co_send_reply(req, &reply, reply_data_len, &local_err) < 0) {
1251 error_prepend(&local_err, "Failed to send reply: ");
2fd2c840
VSO		 1252 goto disconnect;
1253 }
1254
8c372a02
VSO		 1255 /* We must disconnect after NBD_CMD_WRITE if we did not
1256 * read the payload.
1257 */
2fd2c840
VSO		 1258 if (!req->complete) {
1259 error_setg(&local_err, "Request handling failed in intermediate state");
8c372a02 1260 goto disconnect;
b2e3d87f
NT		 1261 }
1262
7fe7b68b 1263done:
262db388 1264 nbd_request_put(req);
ff82911c 1265 nbd_client_put(client);
262db388
PB		 1266 return;
1267
8c372a02 1268disconnect:
2fd2c840
VSO		 1269 if (local_err) {
1270 error_reportf_err(local_err, "Disconnect client, due to: ");
1271 }
72deddc5 1272 nbd_request_put(req);
0c9390d9 1273 client_close(client, true);
ff82911c 1274 nbd_client_put(client);
7a5ca864 1275}
af49bbbe 1276
ff82911c 1277static void nbd_client_receive_next_request(NBDClient *client)
958c717d 1278{
ff82911c
PB		 1279 if (!client->recv_coroutine && client->nb_requests < MAX_NBD_REQUESTS) {
1280 nbd_client_get(client);
1281 client->recv_coroutine = qemu_coroutine_create(nbd_trip, client);
1282 aio_co_schedule(client->exp->ctx, client->recv_coroutine);
958c717d
HR		 1283 }
1284}
1285
1a6245a5
FZ		 1286static coroutine_fn void nbd_co_client_start(void *opaque)
1287{
c84087f2 1288 NBDClient *client = opaque;
1a6245a5 1289 NBDExport *exp = client->exp;
2fd2c840 1290 Error *local_err = NULL;
1a6245a5
FZ		 1291
1292 if (exp) {
1293 nbd_export_get(exp);
df8ad9f1 1294 QTAILQ_INSERT_TAIL(&exp->clients, client, next);
1a6245a5 1295 }
df8ad9f1
EB		 1296 qemu_co_mutex_init(&client->send_lock);
1297
2fd2c840
VSO		 1298 if (nbd_negotiate(client, &local_err)) {
1299 if (local_err) {
1300 error_report_err(local_err);
1301 }
0c9390d9 1302 client_close(client, false);
c84087f2 1303 return;
1a6245a5 1304 }
ff82911c
PB		 1305
1306 nbd_client_receive_next_request(client);
1a6245a5
FZ		 1307}
1308
0c9390d9
EB		 1309/*
1310 * Create a new client listener on the given export @exp, using the
1311 * given channel @sioc. Begin servicing it in a coroutine. When the
1312 * connection closes, call @close_fn with an indication of whether the
1313 * client completed negotiation.
1314 */
1c778ef7
DB		 1315void nbd_client_new(NBDExport *exp,
1316 QIOChannelSocket *sioc,
f95910fe
DB		 1317 QCryptoTLSCreds *tlscreds,
1318 const char *tlsaclname,
0c9390d9 1319 void (*close_fn)(NBDClient *, bool))
af49bbbe 1320{
1743b515 1321 NBDClient *client;
c84087f2 1322 Coroutine *co;
1a6245a5 1323
1743b515
PB		 1324 client = g_malloc0(sizeof(NBDClient));
1325 client->refcount = 1;
1326 client->exp = exp;
f95910fe
DB		 1327 client->tlscreds = tlscreds;
1328 if (tlscreds) {
1329 object_ref(OBJECT(client->tlscreds));
1330 }
1331 client->tlsaclname = g_strdup(tlsaclname);
1c778ef7
DB		 1332 client->sioc = sioc;
1333 object_ref(OBJECT(client->sioc));
1334 client->ioc = QIO_CHANNEL(sioc);
1335 object_ref(OBJECT(client->ioc));
0c9390d9 1336 client->close_fn = close_fn;
2c8d9f06 1337
c84087f2
VSO		 1338 co = qemu_coroutine_create(nbd_co_client_start, client);
1339 qemu_coroutine_enter(co);
af49bbbe 1340}
QEMU mirror