]>
Commit | Line | Data |
---|---|---|
75818250 | 1 | /* |
b626b51a | 2 | * Copyright (C) 2016 Red Hat, Inc. |
7a5ca864 FB |
3 | * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws> |
4 | * | |
798bfe00 | 5 | * Network Block Device Server Side |
7a5ca864 FB |
6 | * |
7 | * This program is free software; you can redistribute it and/or modify | |
8 | * it under the terms of the GNU General Public License as published by | |
9 | * the Free Software Foundation; under version 2 of the License. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
8167ee88 | 17 | * along with this program; if not, see <http://www.gnu.org/licenses/>. |
75818250 | 18 | */ |
7a5ca864 | 19 | |
d38ea87a | 20 | #include "qemu/osdep.h" |
da34e65c | 21 | #include "qapi/error.h" |
798bfe00 | 22 | #include "nbd-internal.h" |
ca441480 PB |
23 | |
24 | static int system_errno_to_nbd_errno(int err) | |
25 | { | |
26 | switch (err) { | |
27 | case 0: | |
28 | return NBD_SUCCESS; | |
29 | case EPERM: | |
c0301fcc | 30 | case EROFS: |
ca441480 PB |
31 | return NBD_EPERM; |
32 | case EIO: | |
33 | return NBD_EIO; | |
34 | case ENOMEM: | |
35 | return NBD_ENOMEM; | |
36 | #ifdef EDQUOT | |
37 | case EDQUOT: | |
38 | #endif | |
39 | case EFBIG: | |
40 | case ENOSPC: | |
41 | return NBD_ENOSPC; | |
b6f5d3b5 EB |
42 | case ESHUTDOWN: |
43 | return NBD_ESHUTDOWN; | |
ca441480 PB |
44 | case EINVAL: |
45 | default: | |
46 | return NBD_EINVAL; | |
47 | } | |
48 | } | |
49 | ||
9a304d29 PB |
50 | /* Definitions for opaque data types */ |
51 | ||
315f78ab | 52 | typedef struct NBDRequestData NBDRequestData; |
9a304d29 | 53 | |
315f78ab EB |
54 | struct NBDRequestData { |
55 | QSIMPLEQ_ENTRY(NBDRequestData) entry; | |
9a304d29 PB |
56 | NBDClient *client; |
57 | uint8_t *data; | |
29b6c3b3 | 58 | bool complete; |
9a304d29 PB |
59 | }; |
60 | ||
61 | struct NBDExport { | |
2c8d9f06 | 62 | int refcount; |
0ddf08db PB |
63 | void (*close)(NBDExport *exp); |
64 | ||
aadf99a7 | 65 | BlockBackend *blk; |
ee0a19ec | 66 | char *name; |
b1a75b33 | 67 | char *description; |
9a304d29 PB |
68 | off_t dev_offset; |
69 | off_t size; | |
7423f417 | 70 | uint16_t nbdflags; |
4b9441f6 | 71 | QTAILQ_HEAD(, NBDClient) clients; |
ee0a19ec | 72 | QTAILQ_ENTRY(NBDExport) next; |
958c717d HR |
73 | |
74 | AioContext *ctx; | |
741cc431 | 75 | |
cd7fca95 | 76 | BlockBackend *eject_notifier_blk; |
741cc431 | 77 | Notifier eject_notifier; |
9a304d29 PB |
78 | }; |
79 | ||
ee0a19ec PB |
80 | static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports); |
81 | ||
9a304d29 PB |
82 | struct NBDClient { |
83 | int refcount; | |
0c9390d9 | 84 | void (*close_fn)(NBDClient *client, bool negotiated); |
9a304d29 | 85 | |
c203c59a | 86 | bool no_zeroes; |
9a304d29 | 87 | NBDExport *exp; |
f95910fe DB |
88 | QCryptoTLSCreds *tlscreds; |
89 | char *tlsaclname; | |
1c778ef7 DB |
90 | QIOChannelSocket *sioc; /* The underlying data channel */ |
91 | QIOChannel *ioc; /* The current I/O channel which may differ (eg TLS) */ | |
9a304d29 PB |
92 | |
93 | Coroutine *recv_coroutine; | |
94 | ||
95 | CoMutex send_lock; | |
96 | Coroutine *send_coroutine; | |
97 | ||
4b9441f6 | 98 | QTAILQ_ENTRY(NBDClient) next; |
9a304d29 | 99 | int nb_requests; |
ff2b68aa | 100 | bool closing; |
9a304d29 PB |
101 | }; |
102 | ||
7a5ca864 FB |
103 | /* That's all folks */ |
104 | ||
ff82911c | 105 | static void nbd_client_receive_next_request(NBDClient *client); |
958c717d | 106 | |
6b8c01e7 | 107 | /* Basic flow for negotiation |
7a5ca864 FB |
108 | |
109 | Server Client | |
7a5ca864 | 110 | Negotiate |
6b8c01e7 PB |
111 | |
112 | or | |
113 | ||
114 | Server Client | |
115 | Negotiate #1 | |
116 | Option | |
117 | Negotiate #2 | |
118 | ||
119 | ---- | |
120 | ||
121 | followed by | |
122 | ||
123 | Server Client | |
7a5ca864 FB |
124 | Request |
125 | Response | |
126 | Request | |
127 | Response | |
128 | ... | |
129 | ... | |
130 | Request (type == 2) | |
6b8c01e7 | 131 | |
7a5ca864 FB |
132 | */ |
133 | ||
526e5c65 EB |
134 | /* Send a reply header, including length, but no payload. |
135 | * Return -errno on error, 0 on success. */ | |
136 | static int nbd_negotiate_send_rep_len(QIOChannel *ioc, uint32_t type, | |
137 | uint32_t opt, uint32_t len) | |
6b8c01e7 | 138 | { |
6b8c01e7 | 139 | uint64_t magic; |
6b8c01e7 | 140 | |
526e5c65 EB |
141 | TRACE("Reply opt=%" PRIx32 " type=%" PRIx32 " len=%" PRIu32, |
142 | type, opt, len); | |
f95910fe | 143 | |
f5076b5a | 144 | magic = cpu_to_be64(NBD_REP_MAGIC); |
2b0bbc4f | 145 | if (nbd_write(ioc, &magic, sizeof(magic), NULL) < 0) { |
f5076b5a HB |
146 | LOG("write failed (rep magic)"); |
147 | return -EINVAL; | |
6b8c01e7 | 148 | } |
f5076b5a | 149 | opt = cpu_to_be32(opt); |
2b0bbc4f | 150 | if (nbd_write(ioc, &opt, sizeof(opt), NULL) < 0) { |
f5076b5a HB |
151 | LOG("write failed (rep opt)"); |
152 | return -EINVAL; | |
6b8c01e7 | 153 | } |
f5076b5a | 154 | type = cpu_to_be32(type); |
2b0bbc4f | 155 | if (nbd_write(ioc, &type, sizeof(type), NULL) < 0) { |
f5076b5a HB |
156 | LOG("write failed (rep type)"); |
157 | return -EINVAL; | |
6b8c01e7 | 158 | } |
526e5c65 | 159 | len = cpu_to_be32(len); |
2b0bbc4f | 160 | if (nbd_write(ioc, &len, sizeof(len), NULL) < 0) { |
f5076b5a HB |
161 | LOG("write failed (rep data length)"); |
162 | return -EINVAL; | |
6b8c01e7 | 163 | } |
f5076b5a HB |
164 | return 0; |
165 | } | |
6b8c01e7 | 166 | |
526e5c65 EB |
167 | /* Send a reply header with default 0 length. |
168 | * Return -errno on error, 0 on success. */ | |
169 | static int nbd_negotiate_send_rep(QIOChannel *ioc, uint32_t type, uint32_t opt) | |
170 | { | |
171 | return nbd_negotiate_send_rep_len(ioc, type, opt, 0); | |
172 | } | |
173 | ||
36683283 EB |
174 | /* Send an error reply. |
175 | * Return -errno on error, 0 on success. */ | |
176 | static int GCC_FMT_ATTR(4, 5) | |
177 | nbd_negotiate_send_rep_err(QIOChannel *ioc, uint32_t type, | |
178 | uint32_t opt, const char *fmt, ...) | |
179 | { | |
180 | va_list va; | |
181 | char *msg; | |
182 | int ret; | |
183 | size_t len; | |
184 | ||
185 | va_start(va, fmt); | |
186 | msg = g_strdup_vprintf(fmt, va); | |
187 | va_end(va); | |
188 | len = strlen(msg); | |
189 | assert(len < 4096); | |
190 | TRACE("sending error message \"%s\"", msg); | |
191 | ret = nbd_negotiate_send_rep_len(ioc, type, opt, len); | |
192 | if (ret < 0) { | |
193 | goto out; | |
194 | } | |
2b0bbc4f | 195 | if (nbd_write(ioc, msg, len, NULL) < 0) { |
36683283 EB |
196 | LOG("write failed (error message)"); |
197 | ret = -EIO; | |
198 | } else { | |
199 | ret = 0; | |
200 | } | |
201 | out: | |
202 | g_free(msg); | |
203 | return ret; | |
204 | } | |
205 | ||
526e5c65 EB |
206 | /* Send a single NBD_REP_SERVER reply to NBD_OPT_LIST, including payload. |
207 | * Return -errno on error, 0 on success. */ | |
1c778ef7 | 208 | static int nbd_negotiate_send_rep_list(QIOChannel *ioc, NBDExport *exp) |
32d7d2e0 | 209 | { |
b1a75b33 | 210 | size_t name_len, desc_len; |
526e5c65 | 211 | uint32_t len; |
b1a75b33 EB |
212 | const char *name = exp->name ? exp->name : ""; |
213 | const char *desc = exp->description ? exp->description : ""; | |
526e5c65 | 214 | int rc; |
32d7d2e0 | 215 | |
b1a75b33 EB |
216 | TRACE("Advertising export name '%s' description '%s'", name, desc); |
217 | name_len = strlen(name); | |
218 | desc_len = strlen(desc); | |
526e5c65 EB |
219 | len = name_len + desc_len + sizeof(len); |
220 | rc = nbd_negotiate_send_rep_len(ioc, NBD_REP_SERVER, NBD_OPT_LIST, len); | |
221 | if (rc < 0) { | |
222 | return rc; | |
32d7d2e0 | 223 | } |
526e5c65 | 224 | |
32d7d2e0 | 225 | len = cpu_to_be32(name_len); |
2b0bbc4f | 226 | if (nbd_write(ioc, &len, sizeof(len), NULL) < 0) { |
b1a75b33 EB |
227 | LOG("write failed (name length)"); |
228 | return -EINVAL; | |
229 | } | |
2b0bbc4f | 230 | if (nbd_write(ioc, name, name_len, NULL) < 0) { |
b1a75b33 | 231 | LOG("write failed (name buffer)"); |
32d7d2e0 HB |
232 | return -EINVAL; |
233 | } | |
2b0bbc4f | 234 | if (nbd_write(ioc, desc, desc_len, NULL) < 0) { |
b1a75b33 | 235 | LOG("write failed (description buffer)"); |
32d7d2e0 HB |
236 | return -EINVAL; |
237 | } | |
238 | return 0; | |
239 | } | |
240 | ||
526e5c65 EB |
241 | /* Process the NBD_OPT_LIST command, with a potential series of replies. |
242 | * Return -errno on error, 0 on success. */ | |
1a6245a5 | 243 | static int nbd_negotiate_handle_list(NBDClient *client, uint32_t length) |
32d7d2e0 | 244 | { |
32d7d2e0 HB |
245 | NBDExport *exp; |
246 | ||
32d7d2e0 | 247 | if (length) { |
2b0bbc4f | 248 | if (nbd_drop(client->ioc, length, NULL) < 0) { |
0379f474 HR |
249 | return -EIO; |
250 | } | |
36683283 EB |
251 | return nbd_negotiate_send_rep_err(client->ioc, |
252 | NBD_REP_ERR_INVALID, NBD_OPT_LIST, | |
253 | "OPT_LIST should not have length"); | |
32d7d2e0 HB |
254 | } |
255 | ||
256 | /* For each export, send a NBD_REP_SERVER reply. */ | |
257 | QTAILQ_FOREACH(exp, &exports, next) { | |
1c778ef7 | 258 | if (nbd_negotiate_send_rep_list(client->ioc, exp)) { |
32d7d2e0 HB |
259 | return -EINVAL; |
260 | } | |
261 | } | |
262 | /* Finish with a NBD_REP_ACK. */ | |
1c778ef7 | 263 | return nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, NBD_OPT_LIST); |
32d7d2e0 HB |
264 | } |
265 | ||
1a6245a5 | 266 | static int nbd_negotiate_handle_export_name(NBDClient *client, uint32_t length) |
f5076b5a | 267 | { |
1c778ef7 | 268 | int rc = -EINVAL; |
943cec86 | 269 | char name[NBD_MAX_NAME_SIZE + 1]; |
6b8c01e7 | 270 | |
f5076b5a HB |
271 | /* Client sends: |
272 | [20 .. xx] export name (length bytes) | |
273 | */ | |
6b8c01e7 | 274 | TRACE("Checking length"); |
943cec86 | 275 | if (length >= sizeof(name)) { |
6b8c01e7 PB |
276 | LOG("Bad length received"); |
277 | goto fail; | |
278 | } | |
2b0bbc4f | 279 | if (nbd_read(client->ioc, name, length, NULL) < 0) { |
6b8c01e7 PB |
280 | LOG("read failed"); |
281 | goto fail; | |
282 | } | |
283 | name[length] = '\0'; | |
284 | ||
9344e5f5 DB |
285 | TRACE("Client requested export '%s'", name); |
286 | ||
6b8c01e7 PB |
287 | client->exp = nbd_export_find(name); |
288 | if (!client->exp) { | |
289 | LOG("export not found"); | |
290 | goto fail; | |
291 | } | |
292 | ||
293 | QTAILQ_INSERT_TAIL(&client->exp->clients, client, next); | |
294 | nbd_export_get(client->exp); | |
6b8c01e7 PB |
295 | rc = 0; |
296 | fail: | |
297 | return rc; | |
298 | } | |
299 | ||
36683283 EB |
300 | /* Handle NBD_OPT_STARTTLS. Return NULL to drop connection, or else the |
301 | * new channel for all further (now-encrypted) communication. */ | |
f95910fe DB |
302 | static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client, |
303 | uint32_t length) | |
304 | { | |
305 | QIOChannel *ioc; | |
306 | QIOChannelTLS *tioc; | |
307 | struct NBDTLSHandshakeData data = { 0 }; | |
308 | ||
309 | TRACE("Setting up TLS"); | |
310 | ioc = client->ioc; | |
311 | if (length) { | |
2b0bbc4f | 312 | if (nbd_drop(ioc, length, NULL) < 0) { |
f95910fe DB |
313 | return NULL; |
314 | } | |
36683283 EB |
315 | nbd_negotiate_send_rep_err(ioc, NBD_REP_ERR_INVALID, NBD_OPT_STARTTLS, |
316 | "OPT_STARTTLS should not have length"); | |
f95910fe DB |
317 | return NULL; |
318 | } | |
319 | ||
63d5ef86 EB |
320 | if (nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, |
321 | NBD_OPT_STARTTLS) < 0) { | |
322 | return NULL; | |
323 | } | |
f95910fe DB |
324 | |
325 | tioc = qio_channel_tls_new_server(ioc, | |
326 | client->tlscreds, | |
327 | client->tlsaclname, | |
328 | NULL); | |
329 | if (!tioc) { | |
330 | return NULL; | |
331 | } | |
332 | ||
0d73f725 | 333 | qio_channel_set_name(QIO_CHANNEL(tioc), "nbd-server-tls"); |
f95910fe DB |
334 | TRACE("Starting TLS handshake"); |
335 | data.loop = g_main_loop_new(g_main_context_default(), FALSE); | |
336 | qio_channel_tls_handshake(tioc, | |
337 | nbd_tls_handshake, | |
338 | &data, | |
339 | NULL); | |
340 | ||
341 | if (!data.complete) { | |
342 | g_main_loop_run(data.loop); | |
343 | } | |
344 | g_main_loop_unref(data.loop); | |
345 | if (data.error) { | |
346 | object_unref(OBJECT(tioc)); | |
347 | error_free(data.error); | |
348 | return NULL; | |
349 | } | |
350 | ||
351 | return QIO_CHANNEL(tioc); | |
352 | } | |
353 | ||
354 | ||
526e5c65 EB |
355 | /* Process all NBD_OPT_* client option commands. |
356 | * Return -errno on error, 0 on success. */ | |
1a6245a5 | 357 | static int nbd_negotiate_options(NBDClient *client) |
f5076b5a | 358 | { |
9c122ada | 359 | uint32_t flags; |
26afa868 | 360 | bool fixedNewstyle = false; |
9c122ada HR |
361 | |
362 | /* Client sends: | |
363 | [ 0 .. 3] client flags | |
364 | ||
365 | [ 0 .. 7] NBD_OPTS_MAGIC | |
366 | [ 8 .. 11] NBD option | |
367 | [12 .. 15] Data length | |
368 | ... Rest of request | |
369 | ||
370 | [ 0 .. 7] NBD_OPTS_MAGIC | |
371 | [ 8 .. 11] Second NBD option | |
372 | [12 .. 15] Data length | |
373 | ... Rest of request | |
374 | */ | |
375 | ||
2b0bbc4f | 376 | if (nbd_read(client->ioc, &flags, sizeof(flags), NULL) < 0) { |
9c122ada HR |
377 | LOG("read failed"); |
378 | return -EIO; | |
379 | } | |
380 | TRACE("Checking client flags"); | |
381 | be32_to_cpus(&flags); | |
26afa868 | 382 | if (flags & NBD_FLAG_C_FIXED_NEWSTYLE) { |
2cb34749 | 383 | TRACE("Client supports fixed newstyle handshake"); |
26afa868 DB |
384 | fixedNewstyle = true; |
385 | flags &= ~NBD_FLAG_C_FIXED_NEWSTYLE; | |
386 | } | |
c203c59a EB |
387 | if (flags & NBD_FLAG_C_NO_ZEROES) { |
388 | TRACE("Client supports no zeroes at handshake end"); | |
389 | client->no_zeroes = true; | |
390 | flags &= ~NBD_FLAG_C_NO_ZEROES; | |
391 | } | |
26afa868 | 392 | if (flags != 0) { |
2cb34749 | 393 | TRACE("Unknown client flags 0x%" PRIx32 " received", flags); |
9c122ada HR |
394 | return -EIO; |
395 | } | |
396 | ||
f5076b5a | 397 | while (1) { |
9c122ada | 398 | int ret; |
26afa868 | 399 | uint32_t clientflags, length; |
f5076b5a HB |
400 | uint64_t magic; |
401 | ||
2b0bbc4f | 402 | if (nbd_read(client->ioc, &magic, sizeof(magic), NULL) < 0) { |
f5076b5a HB |
403 | LOG("read failed"); |
404 | return -EINVAL; | |
405 | } | |
406 | TRACE("Checking opts magic"); | |
407 | if (magic != be64_to_cpu(NBD_OPTS_MAGIC)) { | |
408 | LOG("Bad magic received"); | |
409 | return -EINVAL; | |
410 | } | |
411 | ||
2b0bbc4f VSO |
412 | if (nbd_read(client->ioc, &clientflags, |
413 | sizeof(clientflags), NULL) < 0) | |
f5d406fe | 414 | { |
f5076b5a HB |
415 | LOG("read failed"); |
416 | return -EINVAL; | |
417 | } | |
26afa868 | 418 | clientflags = be32_to_cpu(clientflags); |
f5076b5a | 419 | |
2b0bbc4f | 420 | if (nbd_read(client->ioc, &length, sizeof(length), NULL) < 0) { |
f5076b5a HB |
421 | LOG("read failed"); |
422 | return -EINVAL; | |
423 | } | |
424 | length = be32_to_cpu(length); | |
425 | ||
2cb34749 | 426 | TRACE("Checking option 0x%" PRIx32, clientflags); |
f95910fe DB |
427 | if (client->tlscreds && |
428 | client->ioc == (QIOChannel *)client->sioc) { | |
429 | QIOChannel *tioc; | |
430 | if (!fixedNewstyle) { | |
2cb34749 | 431 | TRACE("Unsupported option 0x%" PRIx32, clientflags); |
f95910fe DB |
432 | return -EINVAL; |
433 | } | |
434 | switch (clientflags) { | |
435 | case NBD_OPT_STARTTLS: | |
436 | tioc = nbd_negotiate_handle_starttls(client, length); | |
437 | if (!tioc) { | |
438 | return -EIO; | |
439 | } | |
440 | object_unref(OBJECT(client->ioc)); | |
441 | client->ioc = QIO_CHANNEL(tioc); | |
442 | break; | |
443 | ||
d1129a8a EB |
444 | case NBD_OPT_EXPORT_NAME: |
445 | /* No way to return an error to client, so drop connection */ | |
446 | TRACE("Option 0x%x not permitted before TLS", clientflags); | |
447 | return -EINVAL; | |
448 | ||
f95910fe | 449 | default: |
2b0bbc4f | 450 | if (nbd_drop(client->ioc, length, NULL) < 0) { |
d1129a8a EB |
451 | return -EIO; |
452 | } | |
36683283 EB |
453 | ret = nbd_negotiate_send_rep_err(client->ioc, |
454 | NBD_REP_ERR_TLS_REQD, | |
455 | clientflags, | |
456 | "Option 0x%" PRIx32 | |
457 | "not permitted before TLS", | |
458 | clientflags); | |
63d5ef86 EB |
459 | if (ret < 0) { |
460 | return ret; | |
461 | } | |
b6f5d3b5 EB |
462 | /* Let the client keep trying, unless they asked to quit */ |
463 | if (clientflags == NBD_OPT_ABORT) { | |
464 | return -EINVAL; | |
465 | } | |
d1129a8a | 466 | break; |
f95910fe DB |
467 | } |
468 | } else if (fixedNewstyle) { | |
26afa868 DB |
469 | switch (clientflags) { |
470 | case NBD_OPT_LIST: | |
471 | ret = nbd_negotiate_handle_list(client, length); | |
472 | if (ret < 0) { | |
473 | return ret; | |
474 | } | |
475 | break; | |
476 | ||
477 | case NBD_OPT_ABORT: | |
b6f5d3b5 EB |
478 | /* NBD spec says we must try to reply before |
479 | * disconnecting, but that we must also tolerate | |
480 | * guests that don't wait for our reply. */ | |
481 | nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, clientflags); | |
26afa868 DB |
482 | return -EINVAL; |
483 | ||
484 | case NBD_OPT_EXPORT_NAME: | |
485 | return nbd_negotiate_handle_export_name(client, length); | |
486 | ||
f95910fe | 487 | case NBD_OPT_STARTTLS: |
2b0bbc4f | 488 | if (nbd_drop(client->ioc, length, NULL) < 0) { |
d1129a8a EB |
489 | return -EIO; |
490 | } | |
f95910fe | 491 | if (client->tlscreds) { |
36683283 EB |
492 | ret = nbd_negotiate_send_rep_err(client->ioc, |
493 | NBD_REP_ERR_INVALID, | |
494 | clientflags, | |
495 | "TLS already enabled"); | |
f95910fe | 496 | } else { |
36683283 EB |
497 | ret = nbd_negotiate_send_rep_err(client->ioc, |
498 | NBD_REP_ERR_POLICY, | |
499 | clientflags, | |
500 | "TLS not configured"); | |
63d5ef86 EB |
501 | } |
502 | if (ret < 0) { | |
503 | return ret; | |
f95910fe | 504 | } |
d1129a8a | 505 | break; |
26afa868 | 506 | default: |
2b0bbc4f | 507 | if (nbd_drop(client->ioc, length, NULL) < 0) { |
156f6a10 EB |
508 | return -EIO; |
509 | } | |
36683283 EB |
510 | ret = nbd_negotiate_send_rep_err(client->ioc, |
511 | NBD_REP_ERR_UNSUP, | |
512 | clientflags, | |
513 | "Unsupported option 0x%" | |
514 | PRIx32, | |
515 | clientflags); | |
63d5ef86 EB |
516 | if (ret < 0) { |
517 | return ret; | |
518 | } | |
156f6a10 | 519 | break; |
26afa868 DB |
520 | } |
521 | } else { | |
522 | /* | |
523 | * If broken new-style we should drop the connection | |
524 | * for anything except NBD_OPT_EXPORT_NAME | |
525 | */ | |
526 | switch (clientflags) { | |
527 | case NBD_OPT_EXPORT_NAME: | |
528 | return nbd_negotiate_handle_export_name(client, length); | |
529 | ||
530 | default: | |
2cb34749 | 531 | TRACE("Unsupported option 0x%" PRIx32, clientflags); |
26afa868 | 532 | return -EINVAL; |
32d7d2e0 | 533 | } |
f5076b5a HB |
534 | } |
535 | } | |
536 | } | |
537 | ||
c84087f2 | 538 | static coroutine_fn int nbd_negotiate(NBDClient *client) |
7a5ca864 | 539 | { |
b2e3d87f | 540 | char buf[8 + 8 + 8 + 128]; |
185b4338 | 541 | int rc; |
7423f417 | 542 | const uint16_t myflags = (NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM | |
1f4d6d18 EB |
543 | NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA | |
544 | NBD_FLAG_SEND_WRITE_ZEROES); | |
f95910fe | 545 | bool oldStyle; |
c203c59a | 546 | size_t len; |
b2e3d87f | 547 | |
f95910fe | 548 | /* Old style negotiation header without options |
6b8c01e7 PB |
549 | [ 0 .. 7] passwd ("NBDMAGIC") |
550 | [ 8 .. 15] magic (NBD_CLIENT_MAGIC) | |
b2e3d87f | 551 | [16 .. 23] size |
6b8c01e7 | 552 | [24 .. 25] server flags (0) |
5672ee54 | 553 | [26 .. 27] export flags |
6b8c01e7 PB |
554 | [28 .. 151] reserved (0) |
555 | ||
f95910fe | 556 | New style negotiation header with options |
6b8c01e7 PB |
557 | [ 0 .. 7] passwd ("NBDMAGIC") |
558 | [ 8 .. 15] magic (NBD_OPTS_MAGIC) | |
559 | [16 .. 17] server flags (0) | |
f95910fe | 560 | ....options sent.... |
6b8c01e7 PB |
561 | [18 .. 25] size |
562 | [26 .. 27] export flags | |
c203c59a | 563 | [28 .. 151] reserved (0, omit if no_zeroes) |
b2e3d87f NT |
564 | */ |
565 | ||
1c778ef7 | 566 | qio_channel_set_blocking(client->ioc, false, NULL); |
185b4338 PB |
567 | rc = -EINVAL; |
568 | ||
b2e3d87f | 569 | TRACE("Beginning negotiation."); |
8ffaaba0 | 570 | memset(buf, 0, sizeof(buf)); |
b2e3d87f | 571 | memcpy(buf, "NBDMAGIC", 8); |
f95910fe DB |
572 | |
573 | oldStyle = client->exp != NULL && !client->tlscreds; | |
574 | if (oldStyle) { | |
2cb34749 EB |
575 | TRACE("advertising size %" PRIu64 " and flags %x", |
576 | client->exp->size, client->exp->nbdflags | myflags); | |
667ad26f JS |
577 | stq_be_p(buf + 8, NBD_CLIENT_MAGIC); |
578 | stq_be_p(buf + 16, client->exp->size); | |
579 | stw_be_p(buf + 26, client->exp->nbdflags | myflags); | |
6b8c01e7 | 580 | } else { |
667ad26f | 581 | stq_be_p(buf + 8, NBD_OPTS_MAGIC); |
c203c59a | 582 | stw_be_p(buf + 16, NBD_FLAG_FIXED_NEWSTYLE | NBD_FLAG_NO_ZEROES); |
6b8c01e7 | 583 | } |
b2e3d87f | 584 | |
f95910fe DB |
585 | if (oldStyle) { |
586 | if (client->tlscreds) { | |
587 | TRACE("TLS cannot be enabled with oldstyle protocol"); | |
588 | goto fail; | |
589 | } | |
2b0bbc4f | 590 | if (nbd_write(client->ioc, buf, sizeof(buf), NULL) < 0) { |
6b8c01e7 PB |
591 | LOG("write failed"); |
592 | goto fail; | |
593 | } | |
594 | } else { | |
2b0bbc4f | 595 | if (nbd_write(client->ioc, buf, 18, NULL) < 0) { |
6b8c01e7 PB |
596 | LOG("write failed"); |
597 | goto fail; | |
598 | } | |
1a6245a5 | 599 | rc = nbd_negotiate_options(client); |
f5076b5a | 600 | if (rc != 0) { |
6b8c01e7 PB |
601 | LOG("option negotiation failed"); |
602 | goto fail; | |
603 | } | |
604 | ||
2cb34749 EB |
605 | TRACE("advertising size %" PRIu64 " and flags %x", |
606 | client->exp->size, client->exp->nbdflags | myflags); | |
667ad26f JS |
607 | stq_be_p(buf + 18, client->exp->size); |
608 | stw_be_p(buf + 26, client->exp->nbdflags | myflags); | |
c203c59a | 609 | len = client->no_zeroes ? 10 : sizeof(buf) - 18; |
7798d3aa VSO |
610 | rc = nbd_write(client->ioc, buf + 18, len, NULL); |
611 | if (rc < 0) { | |
6b8c01e7 PB |
612 | LOG("write failed"); |
613 | goto fail; | |
614 | } | |
b2e3d87f NT |
615 | } |
616 | ||
07f35073 | 617 | TRACE("Negotiation succeeded."); |
185b4338 PB |
618 | rc = 0; |
619 | fail: | |
620 | return rc; | |
7a5ca864 FB |
621 | } |
622 | ||
a0dc63a6 | 623 | static int nbd_receive_request(QIOChannel *ioc, NBDRequest *request) |
75818250 | 624 | { |
fa26c26b | 625 | uint8_t buf[NBD_REQUEST_SIZE]; |
b2e3d87f | 626 | uint32_t magic; |
a0dc63a6 | 627 | int ret; |
b2e3d87f | 628 | |
d1fdf257 | 629 | ret = nbd_read(ioc, buf, sizeof(buf), NULL); |
185b4338 PB |
630 | if (ret < 0) { |
631 | return ret; | |
632 | } | |
633 | ||
b2e3d87f NT |
634 | /* Request |
635 | [ 0 .. 3] magic (NBD_REQUEST_MAGIC) | |
b626b51a EB |
636 | [ 4 .. 5] flags (NBD_CMD_FLAG_FUA, ...) |
637 | [ 6 .. 7] type (NBD_CMD_READ, ...) | |
b2e3d87f NT |
638 | [ 8 .. 15] handle |
639 | [16 .. 23] from | |
640 | [24 .. 27] len | |
641 | */ | |
642 | ||
773dce3c | 643 | magic = ldl_be_p(buf); |
b626b51a EB |
644 | request->flags = lduw_be_p(buf + 4); |
645 | request->type = lduw_be_p(buf + 6); | |
773dce3c PM |
646 | request->handle = ldq_be_p(buf + 8); |
647 | request->from = ldq_be_p(buf + 16); | |
648 | request->len = ldl_be_p(buf + 24); | |
b2e3d87f | 649 | |
b626b51a EB |
650 | TRACE("Got request: { magic = 0x%" PRIx32 ", .flags = %" PRIx16 |
651 | ", .type = %" PRIx16 ", from = %" PRIu64 ", len = %" PRIu32 " }", | |
652 | magic, request->flags, request->type, request->from, request->len); | |
b2e3d87f NT |
653 | |
654 | if (magic != NBD_REQUEST_MAGIC) { | |
2cb34749 | 655 | LOG("invalid magic (got 0x%" PRIx32 ")", magic); |
185b4338 | 656 | return -EINVAL; |
b2e3d87f NT |
657 | } |
658 | return 0; | |
75818250 TS |
659 | } |
660 | ||
a0dc63a6 | 661 | static int nbd_send_reply(QIOChannel *ioc, NBDReply *reply) |
75818250 | 662 | { |
fa26c26b | 663 | uint8_t buf[NBD_REPLY_SIZE]; |
b2e3d87f | 664 | |
ca441480 PB |
665 | reply->error = system_errno_to_nbd_errno(reply->error); |
666 | ||
2cb34749 EB |
667 | TRACE("Sending response to client: { .error = %" PRId32 |
668 | ", handle = %" PRIu64 " }", | |
7548fe31 EB |
669 | reply->error, reply->handle); |
670 | ||
b2e3d87f NT |
671 | /* Reply |
672 | [ 0 .. 3] magic (NBD_REPLY_MAGIC) | |
673 | [ 4 .. 7] error (0 == no error) | |
674 | [ 7 .. 15] handle | |
675 | */ | |
667ad26f JS |
676 | stl_be_p(buf, NBD_REPLY_MAGIC); |
677 | stl_be_p(buf + 4, reply->error); | |
678 | stq_be_p(buf + 8, reply->handle); | |
b2e3d87f | 679 | |
d1fdf257 | 680 | return nbd_write(ioc, buf, sizeof(buf), NULL); |
75818250 | 681 | } |
7a5ca864 | 682 | |
41996e38 PB |
683 | #define MAX_NBD_REQUESTS 16 |
684 | ||
ce33967a | 685 | void nbd_client_get(NBDClient *client) |
1743b515 PB |
686 | { |
687 | client->refcount++; | |
688 | } | |
689 | ||
ce33967a | 690 | void nbd_client_put(NBDClient *client) |
1743b515 PB |
691 | { |
692 | if (--client->refcount == 0) { | |
ff2b68aa | 693 | /* The last reference should be dropped by client->close, |
f53a829b | 694 | * which is called by client_close. |
ff2b68aa PB |
695 | */ |
696 | assert(client->closing); | |
697 | ||
ff82911c | 698 | qio_channel_detach_aio_context(client->ioc); |
1c778ef7 DB |
699 | object_unref(OBJECT(client->sioc)); |
700 | object_unref(OBJECT(client->ioc)); | |
f95910fe DB |
701 | if (client->tlscreds) { |
702 | object_unref(OBJECT(client->tlscreds)); | |
703 | } | |
704 | g_free(client->tlsaclname); | |
6b8c01e7 PB |
705 | if (client->exp) { |
706 | QTAILQ_REMOVE(&client->exp->clients, client, next); | |
707 | nbd_export_put(client->exp); | |
708 | } | |
1743b515 PB |
709 | g_free(client); |
710 | } | |
711 | } | |
712 | ||
0c9390d9 | 713 | static void client_close(NBDClient *client, bool negotiated) |
1743b515 | 714 | { |
ff2b68aa PB |
715 | if (client->closing) { |
716 | return; | |
717 | } | |
718 | ||
719 | client->closing = true; | |
720 | ||
721 | /* Force requests to finish. They will drop their own references, | |
722 | * then we'll close the socket and free the NBDClient. | |
723 | */ | |
1c778ef7 DB |
724 | qio_channel_shutdown(client->ioc, QIO_CHANNEL_SHUTDOWN_BOTH, |
725 | NULL); | |
ff2b68aa PB |
726 | |
727 | /* Also tell the client, so that they release their reference. */ | |
0c9390d9 EB |
728 | if (client->close_fn) { |
729 | client->close_fn(client, negotiated); | |
1743b515 | 730 | } |
1743b515 PB |
731 | } |
732 | ||
315f78ab | 733 | static NBDRequestData *nbd_request_get(NBDClient *client) |
d9a73806 | 734 | { |
315f78ab | 735 | NBDRequestData *req; |
72deddc5 | 736 | |
41996e38 PB |
737 | assert(client->nb_requests <= MAX_NBD_REQUESTS - 1); |
738 | client->nb_requests++; | |
739 | ||
315f78ab | 740 | req = g_new0(NBDRequestData, 1); |
72deddc5 PB |
741 | nbd_client_get(client); |
742 | req->client = client; | |
d9a73806 PB |
743 | return req; |
744 | } | |
745 | ||
315f78ab | 746 | static void nbd_request_put(NBDRequestData *req) |
d9a73806 | 747 | { |
72deddc5 | 748 | NBDClient *client = req->client; |
e1adb27a | 749 | |
2d821488 SH |
750 | if (req->data) { |
751 | qemu_vfree(req->data); | |
752 | } | |
1729404c | 753 | g_free(req); |
e1adb27a | 754 | |
958c717d | 755 | client->nb_requests--; |
ff82911c PB |
756 | nbd_client_receive_next_request(client); |
757 | ||
72deddc5 | 758 | nbd_client_put(client); |
d9a73806 PB |
759 | } |
760 | ||
aadf99a7 | 761 | static void blk_aio_attached(AioContext *ctx, void *opaque) |
f2149281 HR |
762 | { |
763 | NBDExport *exp = opaque; | |
764 | NBDClient *client; | |
765 | ||
766 | TRACE("Export %s: Attaching clients to AIO context %p\n", exp->name, ctx); | |
767 | ||
768 | exp->ctx = ctx; | |
769 | ||
770 | QTAILQ_FOREACH(client, &exp->clients, next) { | |
ff82911c PB |
771 | qio_channel_attach_aio_context(client->ioc, ctx); |
772 | if (client->recv_coroutine) { | |
773 | aio_co_schedule(ctx, client->recv_coroutine); | |
774 | } | |
775 | if (client->send_coroutine) { | |
776 | aio_co_schedule(ctx, client->send_coroutine); | |
777 | } | |
f2149281 HR |
778 | } |
779 | } | |
780 | ||
aadf99a7 | 781 | static void blk_aio_detach(void *opaque) |
f2149281 HR |
782 | { |
783 | NBDExport *exp = opaque; | |
784 | NBDClient *client; | |
785 | ||
786 | TRACE("Export %s: Detaching clients from AIO context %p\n", exp->name, exp->ctx); | |
787 | ||
788 | QTAILQ_FOREACH(client, &exp->clients, next) { | |
ff82911c | 789 | qio_channel_detach_aio_context(client->ioc); |
f2149281 HR |
790 | } |
791 | ||
792 | exp->ctx = NULL; | |
793 | } | |
794 | ||
741cc431 HR |
795 | static void nbd_eject_notifier(Notifier *n, void *data) |
796 | { | |
797 | NBDExport *exp = container_of(n, NBDExport, eject_notifier); | |
798 | nbd_export_close(exp); | |
799 | } | |
800 | ||
cd7fca95 | 801 | NBDExport *nbd_export_new(BlockDriverState *bs, off_t dev_offset, off_t size, |
7423f417 | 802 | uint16_t nbdflags, void (*close)(NBDExport *), |
cd7fca95 | 803 | bool writethrough, BlockBackend *on_eject_blk, |
98f44bbe | 804 | Error **errp) |
af49bbbe | 805 | { |
cd7fca95 | 806 | BlockBackend *blk; |
af49bbbe | 807 | NBDExport *exp = g_malloc0(sizeof(NBDExport)); |
8a7ce4f9 | 808 | uint64_t perm; |
d7086422 | 809 | int ret; |
cd7fca95 | 810 | |
8a7ce4f9 KW |
811 | /* Don't allow resize while the NBD server is running, otherwise we don't |
812 | * care what happens with the node. */ | |
813 | perm = BLK_PERM_CONSISTENT_READ; | |
814 | if ((nbdflags & NBD_FLAG_READ_ONLY) == 0) { | |
815 | perm |= BLK_PERM_WRITE; | |
816 | } | |
817 | blk = blk_new(perm, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED | | |
818 | BLK_PERM_WRITE | BLK_PERM_GRAPH_MOD); | |
d7086422 KW |
819 | ret = blk_insert_bs(blk, bs, errp); |
820 | if (ret < 0) { | |
821 | goto fail; | |
822 | } | |
cd7fca95 KW |
823 | blk_set_enable_write_cache(blk, !writethrough); |
824 | ||
2c8d9f06 | 825 | exp->refcount = 1; |
4b9441f6 | 826 | QTAILQ_INIT(&exp->clients); |
aadf99a7 | 827 | exp->blk = blk; |
af49bbbe PB |
828 | exp->dev_offset = dev_offset; |
829 | exp->nbdflags = nbdflags; | |
98f44bbe HR |
830 | exp->size = size < 0 ? blk_getlength(blk) : size; |
831 | if (exp->size < 0) { | |
832 | error_setg_errno(errp, -exp->size, | |
833 | "Failed to determine the NBD export's length"); | |
834 | goto fail; | |
835 | } | |
836 | exp->size -= exp->size % BDRV_SECTOR_SIZE; | |
837 | ||
0ddf08db | 838 | exp->close = close; |
aadf99a7 | 839 | exp->ctx = blk_get_aio_context(blk); |
aadf99a7 | 840 | blk_add_aio_context_notifier(blk, blk_aio_attached, blk_aio_detach, exp); |
741cc431 | 841 | |
cd7fca95 KW |
842 | if (on_eject_blk) { |
843 | blk_ref(on_eject_blk); | |
844 | exp->eject_notifier_blk = on_eject_blk; | |
845 | exp->eject_notifier.notify = nbd_eject_notifier; | |
846 | blk_add_remove_bs_notifier(on_eject_blk, &exp->eject_notifier); | |
847 | } | |
741cc431 | 848 | |
7ea2d269 AK |
849 | /* |
850 | * NBD exports are used for non-shared storage migration. Make sure | |
04c01a5c | 851 | * that BDRV_O_INACTIVE is cleared and the image is ready for write |
7ea2d269 AK |
852 | * access since the export could be available before migration handover. |
853 | */ | |
e5f3e12e | 854 | aio_context_acquire(exp->ctx); |
aadf99a7 | 855 | blk_invalidate_cache(blk, NULL); |
e5f3e12e | 856 | aio_context_release(exp->ctx); |
af49bbbe | 857 | return exp; |
98f44bbe HR |
858 | |
859 | fail: | |
cd7fca95 | 860 | blk_unref(blk); |
98f44bbe HR |
861 | g_free(exp); |
862 | return NULL; | |
af49bbbe PB |
863 | } |
864 | ||
ee0a19ec PB |
865 | NBDExport *nbd_export_find(const char *name) |
866 | { | |
867 | NBDExport *exp; | |
868 | QTAILQ_FOREACH(exp, &exports, next) { | |
869 | if (strcmp(name, exp->name) == 0) { | |
870 | return exp; | |
871 | } | |
872 | } | |
873 | ||
874 | return NULL; | |
875 | } | |
876 | ||
877 | void nbd_export_set_name(NBDExport *exp, const char *name) | |
878 | { | |
879 | if (exp->name == name) { | |
880 | return; | |
881 | } | |
882 | ||
883 | nbd_export_get(exp); | |
884 | if (exp->name != NULL) { | |
885 | g_free(exp->name); | |
886 | exp->name = NULL; | |
887 | QTAILQ_REMOVE(&exports, exp, next); | |
888 | nbd_export_put(exp); | |
889 | } | |
890 | if (name != NULL) { | |
891 | nbd_export_get(exp); | |
892 | exp->name = g_strdup(name); | |
893 | QTAILQ_INSERT_TAIL(&exports, exp, next); | |
894 | } | |
895 | nbd_export_put(exp); | |
896 | } | |
897 | ||
b1a75b33 EB |
898 | void nbd_export_set_description(NBDExport *exp, const char *description) |
899 | { | |
900 | g_free(exp->description); | |
901 | exp->description = g_strdup(description); | |
902 | } | |
903 | ||
af49bbbe PB |
904 | void nbd_export_close(NBDExport *exp) |
905 | { | |
4b9441f6 | 906 | NBDClient *client, *next; |
2c8d9f06 | 907 | |
4b9441f6 PB |
908 | nbd_export_get(exp); |
909 | QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) { | |
0c9390d9 | 910 | client_close(client, true); |
4b9441f6 | 911 | } |
125afda8 | 912 | nbd_export_set_name(exp, NULL); |
b1a75b33 | 913 | nbd_export_set_description(exp, NULL); |
4b9441f6 | 914 | nbd_export_put(exp); |
2c8d9f06 PB |
915 | } |
916 | ||
917 | void nbd_export_get(NBDExport *exp) | |
918 | { | |
919 | assert(exp->refcount > 0); | |
920 | exp->refcount++; | |
921 | } | |
922 | ||
923 | void nbd_export_put(NBDExport *exp) | |
924 | { | |
925 | assert(exp->refcount > 0); | |
926 | if (exp->refcount == 1) { | |
927 | nbd_export_close(exp); | |
d9a73806 PB |
928 | } |
929 | ||
2c8d9f06 | 930 | if (--exp->refcount == 0) { |
ee0a19ec | 931 | assert(exp->name == NULL); |
b1a75b33 | 932 | assert(exp->description == NULL); |
ee0a19ec | 933 | |
0ddf08db PB |
934 | if (exp->close) { |
935 | exp->close(exp); | |
936 | } | |
937 | ||
d6268348 | 938 | if (exp->blk) { |
cd7fca95 KW |
939 | if (exp->eject_notifier_blk) { |
940 | notifier_remove(&exp->eject_notifier); | |
941 | blk_unref(exp->eject_notifier_blk); | |
942 | } | |
d6268348 WC |
943 | blk_remove_aio_context_notifier(exp->blk, blk_aio_attached, |
944 | blk_aio_detach, exp); | |
945 | blk_unref(exp->blk); | |
946 | exp->blk = NULL; | |
947 | } | |
948 | ||
2c8d9f06 PB |
949 | g_free(exp); |
950 | } | |
af49bbbe PB |
951 | } |
952 | ||
e140177d | 953 | BlockBackend *nbd_export_get_blockdev(NBDExport *exp) |
125afda8 | 954 | { |
aadf99a7 | 955 | return exp->blk; |
125afda8 PB |
956 | } |
957 | ||
ee0a19ec PB |
958 | void nbd_export_close_all(void) |
959 | { | |
960 | NBDExport *exp, *next; | |
961 | ||
962 | QTAILQ_FOREACH_SAFE(exp, &exports, next, next) { | |
963 | nbd_export_close(exp); | |
ee0a19ec PB |
964 | } |
965 | } | |
966 | ||
a0dc63a6 | 967 | static int nbd_co_send_reply(NBDRequestData *req, NBDReply *reply, int len) |
22045592 | 968 | { |
72deddc5 | 969 | NBDClient *client = req->client; |
572b97e7 | 970 | int rc; |
22045592 | 971 | |
1c778ef7 | 972 | g_assert(qemu_in_coroutine()); |
262db388 | 973 | qemu_co_mutex_lock(&client->send_lock); |
262db388 PB |
974 | client->send_coroutine = qemu_coroutine_self(); |
975 | ||
22045592 | 976 | if (!len) { |
1c778ef7 | 977 | rc = nbd_send_reply(client->ioc, reply); |
22045592 | 978 | } else { |
1c778ef7 DB |
979 | qio_channel_set_cork(client->ioc, true); |
980 | rc = nbd_send_reply(client->ioc, reply); | |
572b97e7 VSO |
981 | if (rc == 0) { |
982 | rc = nbd_write(client->ioc, req->data, len, NULL); | |
983 | if (rc < 0) { | |
185b4338 | 984 | rc = -EIO; |
22045592 PB |
985 | } |
986 | } | |
1c778ef7 | 987 | qio_channel_set_cork(client->ioc, false); |
22045592 | 988 | } |
262db388 PB |
989 | |
990 | client->send_coroutine = NULL; | |
262db388 | 991 | qemu_co_mutex_unlock(&client->send_lock); |
22045592 PB |
992 | return rc; |
993 | } | |
994 | ||
2a6e128b VSO |
995 | /* nbd_co_receive_request |
996 | * Collect a client request. Return 0 if request looks valid, -EIO to drop | |
997 | * connection right away, and any other negative value to report an error to | |
998 | * the client (although the caller may still need to disconnect after reporting | |
999 | * the error). | |
1000 | */ | |
a0dc63a6 | 1001 | static int nbd_co_receive_request(NBDRequestData *req, NBDRequest *request) |
a030b347 | 1002 | { |
72deddc5 | 1003 | NBDClient *client = req->client; |
a030b347 | 1004 | |
1c778ef7 | 1005 | g_assert(qemu_in_coroutine()); |
ff82911c | 1006 | assert(client->recv_coroutine == qemu_coroutine_self()); |
ee898b87 VSO |
1007 | if (nbd_receive_request(client->ioc, request) < 0) { |
1008 | return -EIO; | |
a030b347 PB |
1009 | } |
1010 | ||
29b6c3b3 EB |
1011 | TRACE("Decoding type"); |
1012 | ||
b626b51a | 1013 | if (request->type != NBD_CMD_WRITE) { |
29b6c3b3 EB |
1014 | /* No payload, we are ready to read the next request. */ |
1015 | req->complete = true; | |
1016 | } | |
1017 | ||
b626b51a | 1018 | if (request->type == NBD_CMD_DISC) { |
29b6c3b3 EB |
1019 | /* Special case: we're going to disconnect without a reply, |
1020 | * whether or not flags, from, or len are bogus */ | |
1021 | TRACE("Request type is DISCONNECT"); | |
ee898b87 | 1022 | return -EIO; |
29b6c3b3 EB |
1023 | } |
1024 | ||
1025 | /* Check for sanity in the parameters, part 1. Defer as many | |
1026 | * checks as possible until after reading any NBD_CMD_WRITE | |
1027 | * payload, so we can try and keep the connection alive. */ | |
a030b347 | 1028 | if ((request->from + request->len) < request->from) { |
29b6c3b3 | 1029 | LOG("integer overflow detected, you're probably being attacked"); |
ee898b87 | 1030 | return -EINVAL; |
a030b347 PB |
1031 | } |
1032 | ||
b626b51a | 1033 | if (request->type == NBD_CMD_READ || request->type == NBD_CMD_WRITE) { |
eb38c3b6 | 1034 | if (request->len > NBD_MAX_BUFFER_SIZE) { |
2cb34749 | 1035 | LOG("len (%" PRIu32" ) is larger than max len (%u)", |
eb38c3b6 | 1036 | request->len, NBD_MAX_BUFFER_SIZE); |
ee898b87 | 1037 | return -EINVAL; |
eb38c3b6 PB |
1038 | } |
1039 | ||
f1c17521 PB |
1040 | req->data = blk_try_blockalign(client->exp->blk, request->len); |
1041 | if (req->data == NULL) { | |
ee898b87 | 1042 | return -ENOMEM; |
f1c17521 | 1043 | } |
2d821488 | 1044 | } |
b626b51a | 1045 | if (request->type == NBD_CMD_WRITE) { |
2cb34749 | 1046 | TRACE("Reading %" PRIu32 " byte(s)", request->len); |
a030b347 | 1047 | |
d1fdf257 | 1048 | if (nbd_read(client->ioc, req->data, request->len, NULL) < 0) { |
a030b347 | 1049 | LOG("reading from socket failed"); |
ee898b87 | 1050 | return -EIO; |
a030b347 | 1051 | } |
29b6c3b3 | 1052 | req->complete = true; |
a030b347 | 1053 | } |
29b6c3b3 EB |
1054 | |
1055 | /* Sanity checks, part 2. */ | |
1056 | if (request->from + request->len > client->exp->size) { | |
1057 | LOG("operation past EOF; From: %" PRIu64 ", Len: %" PRIu32 | |
1058 | ", Size: %" PRIu64, request->from, request->len, | |
1059 | (uint64_t)client->exp->size); | |
ee898b87 | 1060 | return request->type == NBD_CMD_WRITE ? -ENOSPC : -EINVAL; |
29b6c3b3 | 1061 | } |
1f4d6d18 | 1062 | if (request->flags & ~(NBD_CMD_FLAG_FUA | NBD_CMD_FLAG_NO_HOLE)) { |
b626b51a | 1063 | LOG("unsupported flags (got 0x%x)", request->flags); |
ee898b87 | 1064 | return -EINVAL; |
ab7c548e | 1065 | } |
1f4d6d18 EB |
1066 | if (request->type != NBD_CMD_WRITE_ZEROES && |
1067 | (request->flags & NBD_CMD_FLAG_NO_HOLE)) { | |
1068 | LOG("unexpected flags (got 0x%x)", request->flags); | |
ee898b87 | 1069 | return -EINVAL; |
1f4d6d18 | 1070 | } |
29b6c3b3 | 1071 | |
ee898b87 | 1072 | return 0; |
a030b347 PB |
1073 | } |
1074 | ||
ff82911c PB |
1075 | /* Owns a reference to the NBDClient passed as opaque. */ |
1076 | static coroutine_fn void nbd_trip(void *opaque) | |
75818250 | 1077 | { |
262db388 | 1078 | NBDClient *client = opaque; |
1743b515 | 1079 | NBDExport *exp = client->exp; |
315f78ab | 1080 | NBDRequestData *req; |
ff82911c | 1081 | NBDRequest request = { 0 }; /* GCC thinks it can be used uninitialized */ |
ed2dd912 | 1082 | NBDReply reply; |
a0dc63a6 | 1083 | int ret; |
a0c30369 | 1084 | int flags; |
b2e3d87f NT |
1085 | |
1086 | TRACE("Reading request."); | |
ff2b68aa | 1087 | if (client->closing) { |
ff82911c | 1088 | nbd_client_put(client); |
ff2b68aa PB |
1089 | return; |
1090 | } | |
b2e3d87f | 1091 | |
ff2b68aa | 1092 | req = nbd_request_get(client); |
262db388 | 1093 | ret = nbd_co_receive_request(req, &request); |
ee898b87 VSO |
1094 | client->recv_coroutine = NULL; |
1095 | nbd_client_receive_next_request(client); | |
a030b347 | 1096 | if (ret == -EIO) { |
d9a73806 | 1097 | goto out; |
a030b347 | 1098 | } |
b2e3d87f | 1099 | |
fae69416 PB |
1100 | reply.handle = request.handle; |
1101 | reply.error = 0; | |
1102 | ||
a030b347 PB |
1103 | if (ret < 0) { |
1104 | reply.error = -ret; | |
1105 | goto error_reply; | |
b2e3d87f | 1106 | } |
b2e3d87f | 1107 | |
d6268348 WC |
1108 | if (client->closing) { |
1109 | /* | |
1110 | * The client may be closed when we are blocked in | |
1111 | * nbd_co_receive_request() | |
1112 | */ | |
1113 | goto done; | |
1114 | } | |
1115 | ||
b626b51a | 1116 | switch (request.type) { |
b2e3d87f NT |
1117 | case NBD_CMD_READ: |
1118 | TRACE("Request type is READ"); | |
1119 | ||
b626b51a EB |
1120 | /* XXX: NBD Protocol only documents use of FUA with WRITE */ |
1121 | if (request.flags & NBD_CMD_FLAG_FUA) { | |
aadf99a7 | 1122 | ret = blk_co_flush(exp->blk); |
e25ceb76 PB |
1123 | if (ret < 0) { |
1124 | LOG("flush failed"); | |
1125 | reply.error = -ret; | |
1126 | goto error_reply; | |
1127 | } | |
1128 | } | |
1129 | ||
df7b97ff EB |
1130 | ret = blk_pread(exp->blk, request.from + exp->dev_offset, |
1131 | req->data, request.len); | |
adcf6302 | 1132 | if (ret < 0) { |
b2e3d87f | 1133 | LOG("reading from file failed"); |
adcf6302 | 1134 | reply.error = -ret; |
fae69416 | 1135 | goto error_reply; |
b2e3d87f | 1136 | } |
b2e3d87f | 1137 | |
2cb34749 | 1138 | TRACE("Read %" PRIu32" byte(s)", request.len); |
262db388 | 1139 | if (nbd_co_send_reply(req, &reply, request.len) < 0) |
d9a73806 | 1140 | goto out; |
b2e3d87f NT |
1141 | break; |
1142 | case NBD_CMD_WRITE: | |
1143 | TRACE("Request type is WRITE"); | |
1144 | ||
af49bbbe | 1145 | if (exp->nbdflags & NBD_FLAG_READ_ONLY) { |
b2e3d87f | 1146 | TRACE("Server is read-only, return error"); |
fae69416 PB |
1147 | reply.error = EROFS; |
1148 | goto error_reply; | |
1149 | } | |
1150 | ||
1151 | TRACE("Writing to device"); | |
1152 | ||
a0c30369 | 1153 | flags = 0; |
b626b51a | 1154 | if (request.flags & NBD_CMD_FLAG_FUA) { |
a0c30369 EB |
1155 | flags |= BDRV_REQ_FUA; |
1156 | } | |
df7b97ff | 1157 | ret = blk_pwrite(exp->blk, request.from + exp->dev_offset, |
a0c30369 | 1158 | req->data, request.len, flags); |
fae69416 PB |
1159 | if (ret < 0) { |
1160 | LOG("writing to file failed"); | |
1161 | reply.error = -ret; | |
1162 | goto error_reply; | |
1163 | } | |
b2e3d87f | 1164 | |
1f4d6d18 EB |
1165 | if (nbd_co_send_reply(req, &reply, 0) < 0) { |
1166 | goto out; | |
1167 | } | |
1168 | break; | |
1169 | ||
1170 | case NBD_CMD_WRITE_ZEROES: | |
1171 | TRACE("Request type is WRITE_ZEROES"); | |
1172 | ||
1173 | if (exp->nbdflags & NBD_FLAG_READ_ONLY) { | |
1174 | TRACE("Server is read-only, return error"); | |
1175 | reply.error = EROFS; | |
1176 | goto error_reply; | |
1177 | } | |
1178 | ||
1179 | TRACE("Writing to device"); | |
1180 | ||
1181 | flags = 0; | |
1182 | if (request.flags & NBD_CMD_FLAG_FUA) { | |
1183 | flags |= BDRV_REQ_FUA; | |
1184 | } | |
1185 | if (!(request.flags & NBD_CMD_FLAG_NO_HOLE)) { | |
1186 | flags |= BDRV_REQ_MAY_UNMAP; | |
1187 | } | |
1188 | ret = blk_pwrite_zeroes(exp->blk, request.from + exp->dev_offset, | |
1189 | request.len, flags); | |
1190 | if (ret < 0) { | |
1191 | LOG("writing to file failed"); | |
1192 | reply.error = -ret; | |
1193 | goto error_reply; | |
1194 | } | |
1195 | ||
fc19f8a0 | 1196 | if (nbd_co_send_reply(req, &reply, 0) < 0) { |
d9a73806 | 1197 | goto out; |
fc19f8a0 | 1198 | } |
b2e3d87f | 1199 | break; |
29b6c3b3 | 1200 | |
b2e3d87f | 1201 | case NBD_CMD_DISC: |
29b6c3b3 EB |
1202 | /* unreachable, thanks to special case in nbd_co_receive_request() */ |
1203 | abort(); | |
1204 | ||
1486d04a PB |
1205 | case NBD_CMD_FLUSH: |
1206 | TRACE("Request type is FLUSH"); | |
1207 | ||
aadf99a7 | 1208 | ret = blk_co_flush(exp->blk); |
1486d04a PB |
1209 | if (ret < 0) { |
1210 | LOG("flush failed"); | |
1211 | reply.error = -ret; | |
1212 | } | |
fc19f8a0 | 1213 | if (nbd_co_send_reply(req, &reply, 0) < 0) { |
d9a73806 | 1214 | goto out; |
fc19f8a0 | 1215 | } |
7a706633 PB |
1216 | break; |
1217 | case NBD_CMD_TRIM: | |
1218 | TRACE("Request type is TRIM"); | |
1c6c4bb7 EB |
1219 | ret = blk_co_pdiscard(exp->blk, request.from + exp->dev_offset, |
1220 | request.len); | |
1221 | if (ret < 0) { | |
1222 | LOG("discard failed"); | |
1223 | reply.error = -ret; | |
7a706633 | 1224 | } |
fc19f8a0 | 1225 | if (nbd_co_send_reply(req, &reply, 0) < 0) { |
d9a73806 | 1226 | goto out; |
fc19f8a0 | 1227 | } |
1486d04a | 1228 | break; |
b2e3d87f | 1229 | default: |
2cb34749 | 1230 | LOG("invalid request type (%" PRIu32 ") received", request.type); |
8b2f0abf | 1231 | reply.error = EINVAL; |
fae69416 | 1232 | error_reply: |
29b6c3b3 EB |
1233 | /* We must disconnect after NBD_CMD_WRITE if we did not |
1234 | * read the payload. | |
1235 | */ | |
1236 | if (nbd_co_send_reply(req, &reply, 0) < 0 || !req->complete) { | |
d9a73806 | 1237 | goto out; |
fc19f8a0 | 1238 | } |
fae69416 | 1239 | break; |
b2e3d87f NT |
1240 | } |
1241 | ||
1242 | TRACE("Request/Reply complete"); | |
1243 | ||
7fe7b68b | 1244 | done: |
262db388 | 1245 | nbd_request_put(req); |
ff82911c | 1246 | nbd_client_put(client); |
262db388 PB |
1247 | return; |
1248 | ||
d9a73806 | 1249 | out: |
72deddc5 | 1250 | nbd_request_put(req); |
0c9390d9 | 1251 | client_close(client, true); |
ff82911c | 1252 | nbd_client_put(client); |
7a5ca864 | 1253 | } |
af49bbbe | 1254 | |
ff82911c | 1255 | static void nbd_client_receive_next_request(NBDClient *client) |
958c717d | 1256 | { |
ff82911c PB |
1257 | if (!client->recv_coroutine && client->nb_requests < MAX_NBD_REQUESTS) { |
1258 | nbd_client_get(client); | |
1259 | client->recv_coroutine = qemu_coroutine_create(nbd_trip, client); | |
1260 | aio_co_schedule(client->exp->ctx, client->recv_coroutine); | |
958c717d HR |
1261 | } |
1262 | } | |
1263 | ||
1a6245a5 FZ |
1264 | static coroutine_fn void nbd_co_client_start(void *opaque) |
1265 | { | |
c84087f2 | 1266 | NBDClient *client = opaque; |
1a6245a5 FZ |
1267 | NBDExport *exp = client->exp; |
1268 | ||
1269 | if (exp) { | |
1270 | nbd_export_get(exp); | |
df8ad9f1 | 1271 | QTAILQ_INSERT_TAIL(&exp->clients, client, next); |
1a6245a5 | 1272 | } |
df8ad9f1 EB |
1273 | qemu_co_mutex_init(&client->send_lock); |
1274 | ||
c84087f2 | 1275 | if (nbd_negotiate(client)) { |
0c9390d9 | 1276 | client_close(client, false); |
c84087f2 | 1277 | return; |
1a6245a5 | 1278 | } |
ff82911c PB |
1279 | |
1280 | nbd_client_receive_next_request(client); | |
1a6245a5 FZ |
1281 | } |
1282 | ||
0c9390d9 EB |
1283 | /* |
1284 | * Create a new client listener on the given export @exp, using the | |
1285 | * given channel @sioc. Begin servicing it in a coroutine. When the | |
1286 | * connection closes, call @close_fn with an indication of whether the | |
1287 | * client completed negotiation. | |
1288 | */ | |
1c778ef7 DB |
1289 | void nbd_client_new(NBDExport *exp, |
1290 | QIOChannelSocket *sioc, | |
f95910fe DB |
1291 | QCryptoTLSCreds *tlscreds, |
1292 | const char *tlsaclname, | |
0c9390d9 | 1293 | void (*close_fn)(NBDClient *, bool)) |
af49bbbe | 1294 | { |
1743b515 | 1295 | NBDClient *client; |
c84087f2 | 1296 | Coroutine *co; |
1a6245a5 | 1297 | |
1743b515 PB |
1298 | client = g_malloc0(sizeof(NBDClient)); |
1299 | client->refcount = 1; | |
1300 | client->exp = exp; | |
f95910fe DB |
1301 | client->tlscreds = tlscreds; |
1302 | if (tlscreds) { | |
1303 | object_ref(OBJECT(client->tlscreds)); | |
1304 | } | |
1305 | client->tlsaclname = g_strdup(tlsaclname); | |
1c778ef7 DB |
1306 | client->sioc = sioc; |
1307 | object_ref(OBJECT(client->sioc)); | |
1308 | client->ioc = QIO_CHANNEL(sioc); | |
1309 | object_ref(OBJECT(client->ioc)); | |
0c9390d9 | 1310 | client->close_fn = close_fn; |
2c8d9f06 | 1311 | |
c84087f2 VSO |
1312 | co = qemu_coroutine_create(nbd_co_client_start, client); |
1313 | qemu_coroutine_enter(co); | |
af49bbbe | 1314 | } |