QSIMPLEQ_ENTRY(NBDRequest) entry;
NBDClient *client;
uint8_t *data;
+ bool complete;
};
struct NBDExport {
uint64_t magic;
uint32_t len;
- TRACE("Reply opt=%x type=%x", type, opt);
+ TRACE("Reply opt=%" PRIx32 " type=%" PRIx32, type, opt);
magic = cpu_to_be64(NBD_REP_MAGIC);
if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) {
uint64_t magic, name_len;
uint32_t opt, type, len;
- TRACE("Advertizing export name '%s'", exp->name ? exp->name : "");
+ TRACE("Advertising export name '%s'", exp->name ? exp->name : "");
name_len = strlen(exp->name);
magic = cpu_to_be64(NBD_REP_MAGIC);
if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) {
return NULL;
}
- nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, NBD_OPT_STARTTLS);
+ if (nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK,
+ NBD_OPT_STARTTLS) < 0) {
+ return NULL;
+ }
tioc = qio_channel_tls_new_server(ioc,
client->tlscreds,
TRACE("Checking client flags");
be32_to_cpus(&flags);
if (flags & NBD_FLAG_C_FIXED_NEWSTYLE) {
- TRACE("Support supports fixed newstyle handshake");
+ TRACE("Client supports fixed newstyle handshake");
fixedNewstyle = true;
flags &= ~NBD_FLAG_C_FIXED_NEWSTYLE;
}
if (flags != 0) {
- TRACE("Unknown client flags 0x%x received", flags);
+ TRACE("Unknown client flags 0x%" PRIx32 " received", flags);
return -EIO;
}
}
length = be32_to_cpu(length);
- TRACE("Checking option 0x%x", clientflags);
+ TRACE("Checking option 0x%" PRIx32, clientflags);
if (client->tlscreds &&
client->ioc == (QIOChannel *)client->sioc) {
QIOChannel *tioc;
if (!fixedNewstyle) {
- TRACE("Unsupported option 0x%x", clientflags);
+ TRACE("Unsupported option 0x%" PRIx32, clientflags);
return -EINVAL;
}
switch (clientflags) {
client->ioc = QIO_CHANNEL(tioc);
break;
- default:
+ case NBD_OPT_EXPORT_NAME:
+ /* No way to return an error to client, so drop connection */
TRACE("Option 0x%x not permitted before TLS", clientflags);
- nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_TLS_REQD,
- clientflags);
return -EINVAL;
+
+ default:
+ TRACE("Option 0x%" PRIx32 " not permitted before TLS",
+ clientflags);
+ if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
+ return -EIO;
+ }
+ ret = nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_TLS_REQD,
+ clientflags);
+ if (ret < 0) {
+ return ret;
+ }
+ break;
}
} else if (fixedNewstyle) {
switch (clientflags) {
return nbd_negotiate_handle_export_name(client, length);
case NBD_OPT_STARTTLS:
+ if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
+ return -EIO;
+ }
if (client->tlscreds) {
TRACE("TLS already enabled");
- nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_INVALID,
- clientflags);
+ ret = nbd_negotiate_send_rep(client->ioc,
+ NBD_REP_ERR_INVALID,
+ clientflags);
} else {
TRACE("TLS not configured");
- nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_POLICY,
- clientflags);
+ ret = nbd_negotiate_send_rep(client->ioc,
+ NBD_REP_ERR_POLICY,
+ clientflags);
}
- return -EINVAL;
+ if (ret < 0) {
+ return ret;
+ }
+ break;
default:
- TRACE("Unsupported option 0x%x", clientflags);
+ TRACE("Unsupported option 0x%" PRIx32, clientflags);
if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
return -EIO;
}
- nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_UNSUP,
- clientflags);
+ ret = nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_UNSUP,
+ clientflags);
+ if (ret < 0) {
+ return ret;
+ }
break;
}
} else {
return nbd_negotiate_handle_export_name(client, length);
default:
- TRACE("Unsupported option 0x%x", clientflags);
+ TRACE("Unsupported option 0x%" PRIx32, clientflags);
return -EINVAL;
}
}
oldStyle = client->exp != NULL && !client->tlscreds;
if (oldStyle) {
assert ((client->exp->nbdflags & ~65535) == 0);
+ TRACE("advertising size %" PRIu64 " and flags %x",
+ client->exp->size, client->exp->nbdflags | myflags);
stq_be_p(buf + 8, NBD_CLIENT_MAGIC);
stq_be_p(buf + 16, client->exp->size);
stw_be_p(buf + 26, client->exp->nbdflags | myflags);
}
assert ((client->exp->nbdflags & ~65535) == 0);
+ TRACE("advertising size %" PRIu64 " and flags %x",
+ client->exp->size, client->exp->nbdflags | myflags);
stq_be_p(buf + 18, client->exp->size);
stw_be_p(buf + 26, client->exp->nbdflags | myflags);
if (nbd_negotiate_write(client->ioc, buf + 18, sizeof(buf) - 18) !=
[24 .. 27] len
*/
- magic = be32_to_cpup((uint32_t*)buf);
- request->type = be32_to_cpup((uint32_t*)(buf + 4));
- request->handle = be64_to_cpup((uint64_t*)(buf + 8));
- request->from = be64_to_cpup((uint64_t*)(buf + 16));
- request->len = be32_to_cpup((uint32_t*)(buf + 24));
+ magic = ldl_be_p(buf);
+ request->type = ldl_be_p(buf + 4);
+ request->handle = ldq_be_p(buf + 8);
+ request->from = ldq_be_p(buf + 16);
+ request->len = ldl_be_p(buf + 24);
- TRACE("Got request: "
- "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
+ TRACE("Got request: { magic = 0x%" PRIx32 ", .type = %" PRIx32
+ ", from = %" PRIu64 " , len = %" PRIu32 " }",
magic, request->type, request->from, request->len);
if (magic != NBD_REQUEST_MAGIC) {
- LOG("invalid magic (got 0x%x)", magic);
+ LOG("invalid magic (got 0x%" PRIx32 ")", magic);
return -EINVAL;
}
return 0;
reply->error = system_errno_to_nbd_errno(reply->error);
- TRACE("Sending response to client: { .error = %d, handle = %" PRIu64 " }",
+ TRACE("Sending response to client: { .error = %" PRId32
+ ", handle = %" PRIu64 " }",
reply->error, reply->handle);
/* Reply
return rc;
}
-static ssize_t nbd_co_receive_request(NBDRequest *req, struct nbd_request *request)
+/* Collect a client request. Return 0 if request looks valid, -EAGAIN
+ * to keep trying the collection, -EIO to drop connection right away,
+ * and any other negative value to report an error to the client
+ * (although the caller may still need to disconnect after reporting
+ * the error). */
+static ssize_t nbd_co_receive_request(NBDRequest *req,
+ struct nbd_request *request)
{
NBDClient *client = req->client;
uint32_t command;
goto out;
}
+ TRACE("Decoding type");
+
+ command = request->type & NBD_CMD_MASK_COMMAND;
+ if (command != NBD_CMD_WRITE) {
+ /* No payload, we are ready to read the next request. */
+ req->complete = true;
+ }
+
+ if (command == NBD_CMD_DISC) {
+ /* Special case: we're going to disconnect without a reply,
+ * whether or not flags, from, or len are bogus */
+ TRACE("Request type is DISCONNECT");
+ rc = -EIO;
+ goto out;
+ }
+
+ /* Check for sanity in the parameters, part 1. Defer as many
+ * checks as possible until after reading any NBD_CMD_WRITE
+ * payload, so we can try and keep the connection alive. */
if ((request->from + request->len) < request->from) {
- LOG("integer overflow detected! "
- "you're probably being attacked");
+ LOG("integer overflow detected, you're probably being attacked");
rc = -EINVAL;
goto out;
}
- TRACE("Decoding type");
-
- command = request->type & NBD_CMD_MASK_COMMAND;
if (command == NBD_CMD_READ || command == NBD_CMD_WRITE) {
if (request->len > NBD_MAX_BUFFER_SIZE) {
- LOG("len (%u) is larger than max len (%u)",
+ LOG("len (%" PRIu32" ) is larger than max len (%u)",
request->len, NBD_MAX_BUFFER_SIZE);
rc = -EINVAL;
goto out;
}
}
if (command == NBD_CMD_WRITE) {
- TRACE("Reading %u byte(s)", request->len);
+ TRACE("Reading %" PRIu32 " byte(s)", request->len);
if (read_sync(client->ioc, req->data, request->len) != request->len) {
LOG("reading from socket failed");
rc = -EIO;
goto out;
}
+ req->complete = true;
}
+
+ /* Sanity checks, part 2. */
+ if (request->from + request->len > client->exp->size) {
+ LOG("operation past EOF; From: %" PRIu64 ", Len: %" PRIu32
+ ", Size: %" PRIu64, request->from, request->len,
+ (uint64_t)client->exp->size);
+ rc = command == NBD_CMD_WRITE ? -ENOSPC : -EINVAL;
+ goto out;
+ }
+ if (request->type & ~NBD_CMD_MASK_COMMAND & ~NBD_CMD_FLAG_FUA) {
+ LOG("unsupported flags (got 0x%x)",
+ request->type & ~NBD_CMD_MASK_COMMAND);
+ return -EINVAL;
+ }
+
rc = 0;
out:
struct nbd_reply reply;
ssize_t ret;
uint32_t command;
+ int flags;
TRACE("Reading request.");
if (client->closing) {
goto error_reply;
}
command = request.type & NBD_CMD_MASK_COMMAND;
- if (command != NBD_CMD_DISC && (request.from + request.len) > exp->size) {
- LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
- ", Offset: %" PRIu64 "\n",
- request.from, request.len,
- (uint64_t)exp->size, (uint64_t)exp->dev_offset);
- LOG("requested operation past EOF--bad client?");
- goto invalid_request;
- }
if (client->closing) {
/*
}
}
- ret = blk_read(exp->blk,
- (request.from + exp->dev_offset) / BDRV_SECTOR_SIZE,
- req->data, request.len / BDRV_SECTOR_SIZE);
+ ret = blk_pread(exp->blk, request.from + exp->dev_offset,
+ req->data, request.len);
if (ret < 0) {
LOG("reading from file failed");
reply.error = -ret;
goto error_reply;
}
- TRACE("Read %u byte(s)", request.len);
+ TRACE("Read %" PRIu32" byte(s)", request.len);
if (nbd_co_send_reply(req, &reply, request.len) < 0)
goto out;
break;
TRACE("Writing to device");
- ret = blk_write(exp->blk,
- (request.from + exp->dev_offset) / BDRV_SECTOR_SIZE,
- req->data, request.len / BDRV_SECTOR_SIZE);
+ flags = 0;
+ if (request.type & NBD_CMD_FLAG_FUA) {
+ flags |= BDRV_REQ_FUA;
+ }
+ ret = blk_pwrite(exp->blk, request.from + exp->dev_offset,
+ req->data, request.len, flags);
if (ret < 0) {
LOG("writing to file failed");
reply.error = -ret;
goto error_reply;
}
- if (request.type & NBD_CMD_FLAG_FUA) {
- ret = blk_co_flush(exp->blk);
- if (ret < 0) {
- LOG("flush failed");
- reply.error = -ret;
- goto error_reply;
- }
- }
-
if (nbd_co_send_reply(req, &reply, 0) < 0) {
goto out;
}
break;
+
case NBD_CMD_DISC:
- TRACE("Request type is DISCONNECT");
- errno = 0;
- goto out;
+ /* unreachable, thanks to special case in nbd_co_receive_request() */
+ abort();
+
case NBD_CMD_FLUSH:
TRACE("Request type is FLUSH");
break;
case NBD_CMD_TRIM:
TRACE("Request type is TRIM");
- ret = blk_co_discard(exp->blk, (request.from + exp->dev_offset)
- / BDRV_SECTOR_SIZE,
- request.len / BDRV_SECTOR_SIZE);
- if (ret < 0) {
- LOG("discard failed");
- reply.error = -ret;
+ /* Ignore unaligned head or tail, until block layer adds byte
+ * interface */
+ if (request.len >= BDRV_SECTOR_SIZE) {
+ request.len -= (request.from + request.len) % BDRV_SECTOR_SIZE;
+ ret = blk_co_discard(exp->blk,
+ DIV_ROUND_UP(request.from + exp->dev_offset,
+ BDRV_SECTOR_SIZE),
+ request.len / BDRV_SECTOR_SIZE);
+ if (ret < 0) {
+ LOG("discard failed");
+ reply.error = -ret;
+ }
+ } else {
+ TRACE("trim request too small, ignoring");
}
if (nbd_co_send_reply(req, &reply, 0) < 0) {
goto out;
}
break;
default:
- LOG("invalid request type (%u) received", request.type);
- invalid_request:
+ LOG("invalid request type (%" PRIu32 ") received", request.type);
reply.error = EINVAL;
error_reply:
- if (nbd_co_send_reply(req, &reply, 0) < 0) {
+ /* We must disconnect after NBD_CMD_WRITE if we did not
+ * read the payload.
+ */
+ if (nbd_co_send_reply(req, &reply, 0) < 0 || !req->complete) {
goto out;
}
break;
projects / mirror_qemu.git / blobdiff