]> git.proxmox.com Git - qemu.git/blame - qemu-nbd.c
fw_cfg: Splash image loader can overrun a stack variable, fix
[qemu.git] / qemu-nbd.c
CommitLineData
cd831bd7 1/*
7a5ca864
FB
2 * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws>
3 *
4 * Network Block Device
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 of the License.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
8167ee88 16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
7a5ca864
FB
17 */
18
5a61cb60 19#include "qemu-common.h"
737e150e
PB
20#include "block/block.h"
21#include "block/nbd.h"
7a5ca864 22
7a5ca864
FB
23#include <stdarg.h>
24#include <stdio.h>
25#include <getopt.h>
26#include <err.h>
cd831bd7 27#include <sys/types.h>
7a5ca864
FB
28#include <sys/socket.h>
29#include <netinet/in.h>
30#include <netinet/tcp.h>
31#include <arpa/inet.h>
cd831bd7 32#include <signal.h>
2bff4b6f 33#include <libgen.h>
a517e88b 34#include <pthread.h>
cd831bd7 35
39a5235c
PB
36#define SOCKET_PATH "/var/lock/qemu-nbd-%s"
37#define QEMU_NBD_OPT_CACHE 1
38#define QEMU_NBD_OPT_AIO 2
7a5ca864 39
af49bbbe 40static NBDExport *exp;
b1d8e52e 41static int verbose;
a517e88b
PB
42static char *srcpath;
43static char *sockpath;
7860a380
PB
44static int persistent = 0;
45static enum { RUNNING, TERMINATE, TERMINATING, TERMINATED } state;
a61c6782
PB
46static int shared = 1;
47static int nb_fds;
7a5ca864
FB
48
49static void usage(const char *name)
50{
b033cd86 51 (printf) (
7a5ca864
FB
52"Usage: %s [OPTIONS] FILE\n"
53"QEMU Disk Network Block Device Server\n"
54"\n"
b033cd86
PB
55" -h, --help display this help and exit\n"
56" -V, --version output version information and exit\n"
57"\n"
58"Connection properties:\n"
c2e2872b 59" -p, --port=PORT port to listen on (default `%d')\n"
7a5ca864 60" -b, --bind=IFACE interface to bind to (default `0.0.0.0')\n"
cd831bd7
TS
61" -k, --socket=PATH path to the unix socket\n"
62" (default '"SOCKET_PATH"')\n"
3b05a8e9 63" -e, --shared=NUM device can be shared by NUM clients (default '1')\n"
75818250 64" -t, --persistent don't exit on the last connection\n"
7a5ca864 65" -v, --verbose display extra debugging information\n"
7a5ca864 66"\n"
b033cd86
PB
67"Exposing part of the image:\n"
68" -o, --offset=OFFSET offset into the image\n"
69" -P, --partition=NUM only expose partition NUM\n"
70"\n"
71#ifdef __linux__
72"Kernel NBD client support:\n"
73" -c, --connect=DEV connect FILE to the local NBD device DEV\n"
74" -d, --disconnect disconnect the specified device\n"
75"\n"
76#endif
77"\n"
78"Block device options:\n"
79" -r, --read-only export read-only\n"
80" -s, --snapshot use snapshot file\n"
81" -n, --nocache disable host cache\n"
39a5235c
PB
82" --cache=MODE set cache mode (none, writeback, ...)\n"
83#ifdef CONFIG_LINUX_AIO
84" --aio=MODE set AIO mode (native or threads)\n"
85#endif
b033cd86
PB
86"\n"
87"Report bugs to <qemu-devel@nongnu.org>\n"
c2e2872b 88 , name, NBD_DEFAULT_PORT, "DEVICE");
7a5ca864
FB
89}
90
91static void version(const char *name)
92{
93 printf(
315bc7aa 94"%s version 0.0.1\n"
7a5ca864
FB
95"Written by Anthony Liguori.\n"
96"\n"
97"Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>.\n"
98"This is free software; see the source for copying conditions. There is NO\n"
99"warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n"
315bc7aa 100 , name);
7a5ca864
FB
101}
102
103struct partition_record
104{
105 uint8_t bootable;
106 uint8_t start_head;
107 uint32_t start_cylinder;
108 uint8_t start_sector;
109 uint8_t system;
110 uint8_t end_head;
111 uint8_t end_cylinder;
112 uint8_t end_sector;
113 uint32_t start_sector_abs;
114 uint32_t nb_sectors_abs;
115};
116
117static void read_partition(uint8_t *p, struct partition_record *r)
118{
119 r->bootable = p[0];
120 r->start_head = p[1];
121 r->start_cylinder = p[3] | ((p[2] << 2) & 0x0300);
122 r->start_sector = p[2] & 0x3f;
123 r->system = p[4];
124 r->end_head = p[5];
125 r->end_cylinder = p[7] | ((p[6] << 2) & 0x300);
126 r->end_sector = p[6] & 0x3f;
127 r->start_sector_abs = p[8] | p[9] << 8 | p[10] << 16 | p[11] << 24;
128 r->nb_sectors_abs = p[12] | p[13] << 8 | p[14] << 16 | p[15] << 24;
129}
130
131static int find_partition(BlockDriverState *bs, int partition,
132 off_t *offset, off_t *size)
133{
134 struct partition_record mbr[4];
135 uint8_t data[512];
136 int i;
137 int ext_partnum = 4;
cb7cf0e3 138 int ret;
7a5ca864 139
cb7cf0e3
RO
140 if ((ret = bdrv_read(bs, 0, data, 1)) < 0) {
141 errno = -ret;
142 err(EXIT_FAILURE, "error while reading");
143 }
7a5ca864
FB
144
145 if (data[510] != 0x55 || data[511] != 0xaa) {
185b4338 146 return -EINVAL;
7a5ca864
FB
147 }
148
149 for (i = 0; i < 4; i++) {
150 read_partition(&data[446 + 16 * i], &mbr[i]);
151
152 if (!mbr[i].nb_sectors_abs)
153 continue;
154
155 if (mbr[i].system == 0xF || mbr[i].system == 0x5) {
156 struct partition_record ext[4];
157 uint8_t data1[512];
158 int j;
159
cb7cf0e3
RO
160 if ((ret = bdrv_read(bs, mbr[i].start_sector_abs, data1, 1)) < 0) {
161 errno = -ret;
162 err(EXIT_FAILURE, "error while reading");
163 }
7a5ca864
FB
164
165 for (j = 0; j < 4; j++) {
166 read_partition(&data1[446 + 16 * j], &ext[j]);
167 if (!ext[j].nb_sectors_abs)
168 continue;
169
170 if ((ext_partnum + j + 1) == partition) {
171 *offset = (uint64_t)ext[j].start_sector_abs << 9;
172 *size = (uint64_t)ext[j].nb_sectors_abs << 9;
173 return 0;
174 }
175 }
176 ext_partnum += 4;
177 } else if ((i + 1) == partition) {
178 *offset = (uint64_t)mbr[i].start_sector_abs << 9;
179 *size = (uint64_t)mbr[i].nb_sectors_abs << 9;
180 return 0;
181 }
182 }
183
185b4338 184 return -ENOENT;
7a5ca864
FB
185}
186
bb345110
PB
187static void termsig_handler(int signum)
188{
7860a380 189 state = TERMINATE;
a61c6782 190 qemu_notify_event();
bb345110
PB
191}
192
a517e88b 193static void *show_parts(void *arg)
cd831bd7 194{
a6ac2313 195 char *device = arg;
a517e88b
PB
196 int nbd;
197
198 /* linux just needs an open() to trigger
199 * the partition table update
200 * but remember to load the module with max_part != 0 :
201 * modprobe nbd max_part=63
202 */
203 nbd = open(device, O_RDWR);
fc19f8a0 204 if (nbd >= 0) {
a517e88b
PB
205 close(nbd);
206 }
207 return NULL;
208}
cd831bd7 209
a517e88b
PB
210static void *nbd_client_thread(void *arg)
211{
a6ac2313 212 char *device = arg;
a517e88b
PB
213 off_t size;
214 size_t blocksize;
215 uint32_t nbdflags;
a6ac2313 216 int fd, sock;
a517e88b
PB
217 int ret;
218 pthread_t show_parts_thread;
219
dc10e8b3 220 sock = unix_socket_outgoing(sockpath);
fc19f8a0 221 if (sock < 0) {
dc10e8b3
SH
222 goto out;
223 }
a517e88b
PB
224
225 ret = nbd_receive_negotiate(sock, NULL, &nbdflags,
226 &size, &blocksize);
fc19f8a0 227 if (ret < 0) {
a517e88b
PB
228 goto out;
229 }
230
a6ac2313 231 fd = open(device, O_RDWR);
fc19f8a0 232 if (fd < 0) {
a6ac2313
PB
233 /* Linux-only, we can use %m in printf. */
234 fprintf(stderr, "Failed to open %s: %m", device);
235 goto out;
236 }
237
a517e88b 238 ret = nbd_init(fd, sock, nbdflags, size, blocksize);
fc19f8a0 239 if (ret < 0) {
a517e88b
PB
240 goto out;
241 }
242
243 /* update partition table */
a6ac2313 244 pthread_create(&show_parts_thread, NULL, show_parts, device);
a517e88b 245
c1f8fdc3
PB
246 if (verbose) {
247 fprintf(stderr, "NBD device %s is now connected to %s\n",
248 device, srcpath);
249 } else {
250 /* Close stderr so that the qemu-nbd process exits. */
251 dup2(STDOUT_FILENO, STDERR_FILENO);
252 }
a517e88b
PB
253
254 ret = nbd_client(fd);
255 if (ret) {
256 goto out;
cd831bd7 257 }
a517e88b
PB
258 close(fd);
259 kill(getpid(), SIGTERM);
260 return (void *) EXIT_SUCCESS;
261
262out:
263 kill(getpid(), SIGTERM);
264 return (void *) EXIT_FAILURE;
cd831bd7
TS
265}
266
a61c6782
PB
267static int nbd_can_accept(void *opaque)
268{
269 return nb_fds < shared;
270}
271
7860a380
PB
272static void nbd_export_closed(NBDExport *exp)
273{
274 assert(state == TERMINATING);
275 state = TERMINATED;
276}
277
1743b515 278static void nbd_client_closed(NBDClient *client)
a61c6782 279{
1743b515 280 nb_fds--;
7860a380
PB
281 if (nb_fds == 0 && !persistent && state == RUNNING) {
282 state = TERMINATE;
283 }
1743b515 284 qemu_notify_event();
7860a380 285 nbd_client_put(client);
a61c6782
PB
286}
287
288static void nbd_accept(void *opaque)
289{
290 int server_fd = (uintptr_t) opaque;
291 struct sockaddr_in addr;
292 socklen_t addr_len = sizeof(addr);
293
294 int fd = accept(server_fd, (struct sockaddr *)&addr, &addr_len);
7860a380
PB
295 if (state >= TERMINATE) {
296 close(fd);
297 return;
298 }
299
fc19f8a0 300 if (fd >= 0 && nbd_client_new(exp, fd, nbd_client_closed)) {
a61c6782
PB
301 nb_fds++;
302 }
303}
304
7a5ca864
FB
305int main(int argc, char **argv)
306{
307 BlockDriverState *bs;
308 off_t dev_offset = 0;
b90fb4b8 309 uint32_t nbdflags = 0;
cd831bd7 310 bool disconnect = false;
7a5ca864 311 const char *bindto = "0.0.0.0";
a6ac2313 312 char *device = NULL;
c2e2872b 313 int port = NBD_DEFAULT_PORT;
7a5ca864 314 off_t fd_size;
d6aa671f 315 const char *sopt = "hVb:o:p:rsnP:c:dvk:e:t";
7a5ca864 316 struct option lopt[] = {
660f11be
BS
317 { "help", 0, NULL, 'h' },
318 { "version", 0, NULL, 'V' },
319 { "bind", 1, NULL, 'b' },
320 { "port", 1, NULL, 'p' },
321 { "socket", 1, NULL, 'k' },
322 { "offset", 1, NULL, 'o' },
323 { "read-only", 0, NULL, 'r' },
324 { "partition", 1, NULL, 'P' },
325 { "connect", 1, NULL, 'c' },
326 { "disconnect", 0, NULL, 'd' },
327 { "snapshot", 0, NULL, 's' },
328 { "nocache", 0, NULL, 'n' },
39a5235c
PB
329 { "cache", 1, NULL, QEMU_NBD_OPT_CACHE },
330#ifdef CONFIG_LINUX_AIO
331 { "aio", 1, NULL, QEMU_NBD_OPT_AIO },
332#endif
660f11be
BS
333 { "shared", 1, NULL, 'e' },
334 { "persistent", 0, NULL, 't' },
335 { "verbose", 0, NULL, 'v' },
336 { NULL, 0, NULL, 0 }
7a5ca864
FB
337 };
338 int ch;
339 int opt_ind = 0;
340 int li;
341 char *end;
f5edb014 342 int flags = BDRV_O_RDWR;
7a5ca864 343 int partition = -1;
cd831bd7 344 int ret;
3b05a8e9 345 int fd;
39a5235c
PB
346 bool seen_cache = false;
347#ifdef CONFIG_LINUX_AIO
348 bool seen_aio = false;
349#endif
a517e88b 350 pthread_t client_thread;
7a5ca864 351
a517e88b
PB
352 /* The client thread uses SIGTERM to interrupt the server. A signal
353 * handler ensures that "qemu-nbd -v -c" exits with a nice status code.
354 */
bb345110 355 struct sigaction sa_sigterm;
bb345110
PB
356 memset(&sa_sigterm, 0, sizeof(sa_sigterm));
357 sa_sigterm.sa_handler = termsig_handler;
358 sigaction(SIGTERM, &sa_sigterm, NULL);
359
7a5ca864
FB
360 while ((ch = getopt_long(argc, argv, sopt, lopt, &opt_ind)) != -1) {
361 switch (ch) {
362 case 's':
2f726488
TS
363 flags |= BDRV_O_SNAPSHOT;
364 break;
365 case 'n':
39a5235c
PB
366 optarg = (char *) "none";
367 /* fallthrough */
368 case QEMU_NBD_OPT_CACHE:
369 if (seen_cache) {
370 errx(EXIT_FAILURE, "-n and --cache can only be specified once");
371 }
372 seen_cache = true;
373 if (bdrv_parse_cache_flags(optarg, &flags) == -1) {
374 errx(EXIT_FAILURE, "Invalid cache mode `%s'", optarg);
375 }
7a5ca864 376 break;
39a5235c
PB
377#ifdef CONFIG_LINUX_AIO
378 case QEMU_NBD_OPT_AIO:
379 if (seen_aio) {
380 errx(EXIT_FAILURE, "--aio can only be specified once");
381 }
382 seen_aio = true;
383 if (!strcmp(optarg, "native")) {
384 flags |= BDRV_O_NATIVE_AIO;
385 } else if (!strcmp(optarg, "threads")) {
386 /* this is the default */
387 } else {
388 errx(EXIT_FAILURE, "invalid aio mode `%s'", optarg);
389 }
390 break;
391#endif
7a5ca864
FB
392 case 'b':
393 bindto = optarg;
394 break;
395 case 'p':
396 li = strtol(optarg, &end, 0);
397 if (*end) {
b6353bea 398 errx(EXIT_FAILURE, "Invalid port `%s'", optarg);
7a5ca864
FB
399 }
400 if (li < 1 || li > 65535) {
b6353bea 401 errx(EXIT_FAILURE, "Port out of range `%s'", optarg);
7a5ca864
FB
402 }
403 port = (uint16_t)li;
404 break;
405 case 'o':
406 dev_offset = strtoll (optarg, &end, 0);
407 if (*end) {
b6353bea 408 errx(EXIT_FAILURE, "Invalid offset `%s'", optarg);
7a5ca864
FB
409 }
410 if (dev_offset < 0) {
b6353bea 411 errx(EXIT_FAILURE, "Offset must be positive `%s'", optarg);
7a5ca864
FB
412 }
413 break;
414 case 'r':
b90fb4b8 415 nbdflags |= NBD_FLAG_READ_ONLY;
07108b29 416 flags &= ~BDRV_O_RDWR;
7a5ca864
FB
417 break;
418 case 'P':
419 partition = strtol(optarg, &end, 0);
420 if (*end)
b6353bea 421 errx(EXIT_FAILURE, "Invalid partition `%s'", optarg);
7a5ca864 422 if (partition < 1 || partition > 8)
b6353bea 423 errx(EXIT_FAILURE, "Invalid partition %d", partition);
7a5ca864 424 break;
cd831bd7 425 case 'k':
b32f6c28
PB
426 sockpath = optarg;
427 if (sockpath[0] != '/')
b6353bea 428 errx(EXIT_FAILURE, "socket path must be absolute\n");
cd831bd7
TS
429 break;
430 case 'd':
431 disconnect = true;
432 break;
433 case 'c':
434 device = optarg;
435 break;
3b05a8e9
TS
436 case 'e':
437 shared = strtol(optarg, &end, 0);
438 if (*end) {
b6353bea 439 errx(EXIT_FAILURE, "Invalid shared device number '%s'", optarg);
3b05a8e9
TS
440 }
441 if (shared < 1) {
b6353bea 442 errx(EXIT_FAILURE, "Shared device number must be greater than 0\n");
3b05a8e9
TS
443 }
444 break;
75818250
TS
445 case 't':
446 persistent = 1;
447 break;
7a5ca864
FB
448 case 'v':
449 verbose = 1;
450 break;
451 case 'V':
452 version(argv[0]);
453 exit(0);
454 break;
455 case 'h':
456 usage(argv[0]);
457 exit(0);
458 break;
459 case '?':
b6353bea 460 errx(EXIT_FAILURE, "Try `%s --help' for more information.",
7a5ca864
FB
461 argv[0]);
462 }
463 }
464
465 if ((argc - optind) != 1) {
b6353bea 466 errx(EXIT_FAILURE, "Invalid number of argument.\n"
7a5ca864
FB
467 "Try `%s --help' for more information.",
468 argv[0]);
469 }
470
cd831bd7
TS
471 if (disconnect) {
472 fd = open(argv[optind], O_RDWR);
fc19f8a0 473 if (fd < 0) {
cb7cf0e3 474 err(EXIT_FAILURE, "Cannot open %s", argv[optind]);
fc19f8a0 475 }
cd831bd7
TS
476 nbd_disconnect(fd);
477
478 close(fd);
479
480 printf("%s disconnected\n", argv[optind]);
481
482 return 0;
483 }
484
c1f8fdc3
PB
485 if (device && !verbose) {
486 int stderr_fd[2];
487 pid_t pid;
488 int ret;
489
fc19f8a0 490 if (qemu_pipe(stderr_fd) < 0) {
c1f8fdc3
PB
491 err(EXIT_FAILURE, "Error setting up communication pipe");
492 }
493
494 /* Now daemonize, but keep a communication channel open to
495 * print errors and exit with the proper status code.
496 */
497 pid = fork();
498 if (pid == 0) {
499 close(stderr_fd[0]);
9faf31b6 500 ret = qemu_daemon(1, 0);
c1f8fdc3
PB
501
502 /* Temporarily redirect stderr to the parent's pipe... */
503 dup2(stderr_fd[1], STDERR_FILENO);
fc19f8a0 504 if (ret < 0) {
c1f8fdc3
PB
505 err(EXIT_FAILURE, "Failed to daemonize");
506 }
507
508 /* ... close the descriptor we inherited and go on. */
509 close(stderr_fd[1]);
510 } else {
511 bool errors = false;
512 char *buf;
513
514 /* In the parent. Print error messages from the child until
515 * it closes the pipe.
516 */
517 close(stderr_fd[1]);
518 buf = g_malloc(1024);
519 while ((ret = read(stderr_fd[0], buf, 1024)) > 0) {
520 errors = true;
521 ret = qemu_write_full(STDERR_FILENO, buf, ret);
fc19f8a0 522 if (ret < 0) {
c1f8fdc3
PB
523 exit(EXIT_FAILURE);
524 }
525 }
fc19f8a0 526 if (ret < 0) {
c1f8fdc3
PB
527 err(EXIT_FAILURE, "Cannot read from daemon");
528 }
529
530 /* Usually the daemon should not print any message.
531 * Exit with zero status in that case.
532 */
533 exit(errors);
534 }
535 }
536
a6ac2313
PB
537 if (device != NULL && sockpath == NULL) {
538 sockpath = g_malloc(128);
539 snprintf(sockpath, 128, SOCKET_PATH, basename(device));
cd831bd7
TS
540 }
541
7e7f4a0e 542 qemu_init_main_loop();
802ddc37
PB
543 bdrv_init();
544 atexit(bdrv_close_all);
545
546 bs = bdrv_new("hda");
547 srcpath = argv[optind];
548 if ((ret = bdrv_open(bs, srcpath, flags, NULL)) < 0) {
549 errno = -ret;
550 err(EXIT_FAILURE, "Failed to bdrv_open '%s'", argv[optind]);
551 }
552
38ceff04 553 fd_size = bdrv_getlength(bs);
802ddc37 554
185b4338
PB
555 if (partition != -1) {
556 ret = find_partition(bs, partition, &dev_offset, &fd_size);
557 if (ret < 0) {
558 errno = -ret;
559 err(EXIT_FAILURE, "Could not find partition %d", partition);
560 }
802ddc37
PB
561 }
562
7860a380 563 exp = nbd_export_new(bs, dev_offset, fd_size, nbdflags, nbd_export_closed);
3b05a8e9 564
b32f6c28 565 if (sockpath) {
a61c6782 566 fd = unix_socket_incoming(sockpath);
cd831bd7 567 } else {
a61c6782 568 fd = tcp_socket_incoming(bindto, port);
cd831bd7
TS
569 }
570
fc19f8a0 571 if (fd < 0) {
7a5ca864 572 return 1;
a61c6782 573 }
f1ef5555
PB
574
575 if (device) {
576 int ret;
577
a6ac2313 578 ret = pthread_create(&client_thread, NULL, nbd_client_thread, device);
f1ef5555
PB
579 if (ret != 0) {
580 errx(EXIT_FAILURE, "Failed to create client thread: %s",
581 strerror(ret));
582 }
583 } else {
584 /* Shut up GCC warnings. */
585 memset(&client_thread, 0, sizeof(client_thread));
586 }
587
a61c6782
PB
588 qemu_set_fd_handler2(fd, nbd_can_accept, nbd_accept, NULL,
589 (void *)(uintptr_t)fd);
7a5ca864 590
9faf31b6
MT
591 /* now when the initialization is (almost) complete, chdir("/")
592 * to free any busy filesystems */
593 if (chdir("/") < 0) {
594 err(EXIT_FAILURE, "Could not chdir to root directory");
595 }
596
7860a380 597 state = RUNNING;
3b05a8e9 598 do {
a61c6782 599 main_loop_wait(false);
7860a380
PB
600 if (state == TERMINATE) {
601 state = TERMINATING;
602 nbd_export_close(exp);
603 nbd_export_put(exp);
604 exp = NULL;
605 }
606 } while (state != TERMINATED);
7a5ca864 607
a4aab7b4 608 bdrv_close(bs);
b32f6c28
PB
609 if (sockpath) {
610 unlink(sockpath);
611 }
7a5ca864 612
a517e88b
PB
613 if (device) {
614 void *ret;
615 pthread_join(client_thread, &ret);
616 exit(ret != NULL);
617 } else {
618 exit(EXIT_SUCCESS);
619 }
7a5ca864 620}