2 * Present a block device as a raw image through FUSE
4 * Copyright (c) 2020 Max Reitz <mreitz@redhat.com>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 or later of the License.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 #define FUSE_USE_VERSION 31
21 #include "qemu/osdep.h"
22 #include "block/aio.h"
23 #include "block/block.h"
24 #include "block/export.h"
25 #include "block/fuse.h"
26 #include "block/qapi.h"
27 #include "qapi/error.h"
28 #include "qapi/qapi-commands-block.h"
29 #include "sysemu/block-backend.h"
32 #include <fuse_lowlevel.h>
35 /* Prevent overly long bounce buffer allocations */
36 #define FUSE_MAX_BOUNCE_BYTES (MIN(BDRV_REQUEST_MAX_BYTES, 64 * 1024 * 1024))
39 typedef struct FuseExport
{
42 struct fuse_session
*fuse_session
;
43 struct fuse_buf fuse_buf
;
44 bool mounted
, fd_handler_set_up
;
51 static GHashTable
*exports
;
52 static const struct fuse_lowlevel_ops fuse_ops
;
54 static void fuse_export_shutdown(BlockExport
*exp
);
55 static void fuse_export_delete(BlockExport
*exp
);
57 static void init_exports_table(void);
59 static int setup_fuse_export(FuseExport
*exp
, const char *mountpoint
,
61 static void read_from_fuse_export(void *opaque
);
63 static bool is_regular_file(const char *path
, Error
**errp
);
66 static int fuse_export_create(BlockExport
*blk_exp
,
67 BlockExportOptions
*blk_exp_args
,
70 FuseExport
*exp
= container_of(blk_exp
, FuseExport
, common
);
71 BlockExportOptionsFuse
*args
= &blk_exp_args
->u
.fuse
;
74 assert(blk_exp_args
->type
== BLOCK_EXPORT_TYPE_FUSE
);
76 /* For growable exports, take the RESIZE permission */
78 uint64_t blk_perm
, blk_shared_perm
;
80 blk_get_perm(exp
->common
.blk
, &blk_perm
, &blk_shared_perm
);
82 ret
= blk_set_perm(exp
->common
.blk
, blk_perm
| BLK_PERM_RESIZE
,
83 blk_shared_perm
, errp
);
92 * It is important to do this check before calling is_regular_file() --
93 * that function will do a stat(), which we would have to handle if we
94 * already exported something on @mountpoint. But we cannot, because
95 * we are currently caught up here.
96 * (Note that ideally we would want to resolve relative paths here,
97 * but bdrv_make_absolute_filename() might do the wrong thing for
98 * paths that contain colons, and realpath() would resolve symlinks,
99 * which we do not want: The mount point is not going to be the
100 * symlink's destination, but the link itself.)
101 * So this will not catch all potential clashes, but hopefully at
102 * least the most common one of specifying exactly the same path
105 if (g_hash_table_contains(exports
, args
->mountpoint
)) {
106 error_setg(errp
, "There already is a FUSE export on '%s'",
112 if (!is_regular_file(args
->mountpoint
, errp
)) {
117 exp
->mountpoint
= g_strdup(args
->mountpoint
);
118 exp
->writable
= blk_exp_args
->writable
;
119 exp
->growable
= args
->growable
;
121 ret
= setup_fuse_export(exp
, args
->mountpoint
, errp
);
129 fuse_export_delete(blk_exp
);
134 * Allocates the global @exports hash table.
136 static void init_exports_table(void)
142 exports
= g_hash_table_new_full(g_str_hash
, g_str_equal
, g_free
, NULL
);
146 * Create exp->fuse_session and mount it.
148 static int setup_fuse_export(FuseExport
*exp
, const char *mountpoint
,
151 const char *fuse_argv
[4];
153 struct fuse_args fuse_args
;
157 * max_read needs to match what fuse_init() sets.
158 * max_write need not be supplied.
160 mount_opts
= g_strdup_printf("max_read=%zu,default_permissions",
161 FUSE_MAX_BOUNCE_BYTES
);
163 fuse_argv
[0] = ""; /* Dummy program name */
165 fuse_argv
[2] = mount_opts
;
167 fuse_args
= (struct fuse_args
)FUSE_ARGS_INIT(3, (char **)fuse_argv
);
169 exp
->fuse_session
= fuse_session_new(&fuse_args
, &fuse_ops
,
170 sizeof(fuse_ops
), exp
);
172 if (!exp
->fuse_session
) {
173 error_setg(errp
, "Failed to set up FUSE session");
178 ret
= fuse_session_mount(exp
->fuse_session
, mountpoint
);
180 error_setg(errp
, "Failed to mount FUSE session to export");
186 g_hash_table_insert(exports
, g_strdup(mountpoint
), NULL
);
188 aio_set_fd_handler(exp
->common
.ctx
,
189 fuse_session_fd(exp
->fuse_session
), true,
190 read_from_fuse_export
, NULL
, NULL
, exp
);
191 exp
->fd_handler_set_up
= true;
196 fuse_export_shutdown(&exp
->common
);
201 * Callback to be invoked when the FUSE session FD can be read from.
202 * (This is basically the FUSE event loop.)
204 static void read_from_fuse_export(void *opaque
)
206 FuseExport
*exp
= opaque
;
209 blk_exp_ref(&exp
->common
);
212 ret
= fuse_session_receive_buf(exp
->fuse_session
, &exp
->fuse_buf
);
213 } while (ret
== -EINTR
);
218 fuse_session_process_buf(exp
->fuse_session
, &exp
->fuse_buf
);
221 blk_exp_unref(&exp
->common
);
224 static void fuse_export_shutdown(BlockExport
*blk_exp
)
226 FuseExport
*exp
= container_of(blk_exp
, FuseExport
, common
);
228 if (exp
->fuse_session
) {
229 fuse_session_exit(exp
->fuse_session
);
231 if (exp
->fd_handler_set_up
) {
232 aio_set_fd_handler(exp
->common
.ctx
,
233 fuse_session_fd(exp
->fuse_session
), true,
234 NULL
, NULL
, NULL
, NULL
);
235 exp
->fd_handler_set_up
= false;
239 if (exp
->mountpoint
) {
241 * Safe to drop now, because we will not handle any requests
242 * for this export anymore anyway.
244 g_hash_table_remove(exports
, exp
->mountpoint
);
248 static void fuse_export_delete(BlockExport
*blk_exp
)
250 FuseExport
*exp
= container_of(blk_exp
, FuseExport
, common
);
252 if (exp
->fuse_session
) {
254 fuse_session_unmount(exp
->fuse_session
);
257 fuse_session_destroy(exp
->fuse_session
);
260 free(exp
->fuse_buf
.mem
);
261 g_free(exp
->mountpoint
);
265 * Check whether @path points to a regular file. If not, put an
266 * appropriate message into *errp.
268 static bool is_regular_file(const char *path
, Error
**errp
)
273 ret
= stat(path
, &statbuf
);
275 error_setg_errno(errp
, errno
, "Failed to stat '%s'", path
);
279 if (!S_ISREG(statbuf
.st_mode
)) {
280 error_setg(errp
, "'%s' is not a regular file", path
);
288 * A chance to set change some parameters supplied to FUSE_INIT.
290 static void fuse_init(void *userdata
, struct fuse_conn_info
*conn
)
293 * MIN_NON_ZERO() would not be wrong here, but what we set here
294 * must equal what has been passed to fuse_session_new().
295 * Therefore, as long as max_read must be passed as a mount option
296 * (which libfuse claims will be changed at some point), we have
297 * to set max_read to a fixed value here.
299 conn
->max_read
= FUSE_MAX_BOUNCE_BYTES
;
301 conn
->max_write
= MIN_NON_ZERO(BDRV_REQUEST_MAX_BYTES
, conn
->max_write
);
305 * Let clients look up files. Always return ENOENT because we only
306 * care about the mountpoint itself.
308 static void fuse_lookup(fuse_req_t req
, fuse_ino_t parent
, const char *name
)
310 fuse_reply_err(req
, ENOENT
);
314 * Let clients get file attributes (i.e., stat() the file).
316 static void fuse_getattr(fuse_req_t req
, fuse_ino_t inode
,
317 struct fuse_file_info
*fi
)
320 int64_t length
, allocated_blocks
;
321 time_t now
= time(NULL
);
322 FuseExport
*exp
= fuse_req_userdata(req
);
325 length
= blk_getlength(exp
->common
.blk
);
327 fuse_reply_err(req
, -length
);
331 allocated_blocks
= bdrv_get_allocated_file_size(blk_bs(exp
->common
.blk
));
332 if (allocated_blocks
<= 0) {
333 allocated_blocks
= DIV_ROUND_UP(length
, 512);
335 allocated_blocks
= DIV_ROUND_UP(allocated_blocks
, 512);
338 mode
= S_IFREG
| S_IRUSR
;
343 statbuf
= (struct stat
) {
350 .st_blksize
= blk_bs(exp
->common
.blk
)->bl
.request_alignment
,
351 .st_blocks
= allocated_blocks
,
357 fuse_reply_attr(req
, &statbuf
, 1.);
360 static int fuse_do_truncate(const FuseExport
*exp
, int64_t size
,
361 bool req_zero_write
, PreallocMode prealloc
)
363 uint64_t blk_perm
, blk_shared_perm
;
364 BdrvRequestFlags truncate_flags
= 0;
367 if (req_zero_write
) {
368 truncate_flags
|= BDRV_REQ_ZERO_WRITE
;
371 /* Growable exports have a permanent RESIZE permission */
372 if (!exp
->growable
) {
373 blk_get_perm(exp
->common
.blk
, &blk_perm
, &blk_shared_perm
);
375 ret
= blk_set_perm(exp
->common
.blk
, blk_perm
| BLK_PERM_RESIZE
,
376 blk_shared_perm
, NULL
);
382 ret
= blk_truncate(exp
->common
.blk
, size
, true, prealloc
,
383 truncate_flags
, NULL
);
385 if (!exp
->growable
) {
386 /* Must succeed, because we are only giving up the RESIZE permission */
387 blk_set_perm(exp
->common
.blk
, blk_perm
, blk_shared_perm
, &error_abort
);
394 * Let clients set file attributes. Only resizing is supported.
396 static void fuse_setattr(fuse_req_t req
, fuse_ino_t inode
, struct stat
*statbuf
,
397 int to_set
, struct fuse_file_info
*fi
)
399 FuseExport
*exp
= fuse_req_userdata(req
);
402 if (!exp
->writable
) {
403 fuse_reply_err(req
, EACCES
);
407 if (to_set
& ~FUSE_SET_ATTR_SIZE
) {
408 fuse_reply_err(req
, ENOTSUP
);
412 ret
= fuse_do_truncate(exp
, statbuf
->st_size
, true, PREALLOC_MODE_OFF
);
414 fuse_reply_err(req
, -ret
);
418 fuse_getattr(req
, inode
, fi
);
422 * Let clients open a file (i.e., the exported image).
424 static void fuse_open(fuse_req_t req
, fuse_ino_t inode
,
425 struct fuse_file_info
*fi
)
427 fuse_reply_open(req
, fi
);
431 * Handle client reads from the exported image.
433 static void fuse_read(fuse_req_t req
, fuse_ino_t inode
,
434 size_t size
, off_t offset
, struct fuse_file_info
*fi
)
436 FuseExport
*exp
= fuse_req_userdata(req
);
441 /* Limited by max_read, should not happen */
442 if (size
> FUSE_MAX_BOUNCE_BYTES
) {
443 fuse_reply_err(req
, EINVAL
);
448 * Clients will expect short reads at EOF, so we have to limit
449 * offset+size to the image length.
451 length
= blk_getlength(exp
->common
.blk
);
453 fuse_reply_err(req
, -length
);
457 if (offset
+ size
> length
) {
458 size
= length
- offset
;
461 buf
= qemu_try_blockalign(blk_bs(exp
->common
.blk
), size
);
463 fuse_reply_err(req
, ENOMEM
);
467 ret
= blk_pread(exp
->common
.blk
, offset
, buf
, size
);
469 fuse_reply_buf(req
, buf
, size
);
471 fuse_reply_err(req
, -ret
);
478 * Handle client writes to the exported image.
480 static void fuse_write(fuse_req_t req
, fuse_ino_t inode
, const char *buf
,
481 size_t size
, off_t offset
, struct fuse_file_info
*fi
)
483 FuseExport
*exp
= fuse_req_userdata(req
);
487 /* Limited by max_write, should not happen */
488 if (size
> BDRV_REQUEST_MAX_BYTES
) {
489 fuse_reply_err(req
, EINVAL
);
493 if (!exp
->writable
) {
494 fuse_reply_err(req
, EACCES
);
499 * Clients will expect short writes at EOF, so we have to limit
500 * offset+size to the image length.
502 length
= blk_getlength(exp
->common
.blk
);
504 fuse_reply_err(req
, -length
);
508 if (offset
+ size
> length
) {
510 ret
= fuse_do_truncate(exp
, offset
+ size
, true, PREALLOC_MODE_OFF
);
512 fuse_reply_err(req
, -ret
);
516 size
= length
- offset
;
520 ret
= blk_pwrite(exp
->common
.blk
, offset
, buf
, size
, 0);
522 fuse_reply_write(req
, size
);
524 fuse_reply_err(req
, -ret
);
529 * Let clients perform various fallocate() operations.
531 static void fuse_fallocate(fuse_req_t req
, fuse_ino_t inode
, int mode
,
532 off_t offset
, off_t length
,
533 struct fuse_file_info
*fi
)
535 FuseExport
*exp
= fuse_req_userdata(req
);
539 if (!exp
->writable
) {
540 fuse_reply_err(req
, EACCES
);
544 blk_len
= blk_getlength(exp
->common
.blk
);
546 fuse_reply_err(req
, -blk_len
);
550 if (mode
& FALLOC_FL_KEEP_SIZE
) {
551 length
= MIN(length
, blk_len
- offset
);
554 if (mode
& FALLOC_FL_PUNCH_HOLE
) {
555 if (!(mode
& FALLOC_FL_KEEP_SIZE
)) {
556 fuse_reply_err(req
, EINVAL
);
561 int size
= MIN(length
, BDRV_REQUEST_MAX_BYTES
);
563 ret
= blk_pdiscard(exp
->common
.blk
, offset
, size
);
566 } while (ret
== 0 && length
> 0);
567 } else if (mode
& FALLOC_FL_ZERO_RANGE
) {
568 if (!(mode
& FALLOC_FL_KEEP_SIZE
) && offset
+ length
> blk_len
) {
569 /* No need for zeroes, we are going to write them ourselves */
570 ret
= fuse_do_truncate(exp
, offset
+ length
, false,
573 fuse_reply_err(req
, -ret
);
579 int size
= MIN(length
, BDRV_REQUEST_MAX_BYTES
);
581 ret
= blk_pwrite_zeroes(exp
->common
.blk
,
585 } while (ret
== 0 && length
> 0);
587 /* We can only fallocate at the EOF with a truncate */
588 if (offset
< blk_len
) {
589 fuse_reply_err(req
, EOPNOTSUPP
);
593 if (offset
> blk_len
) {
594 /* No preallocation needed here */
595 ret
= fuse_do_truncate(exp
, offset
, true, PREALLOC_MODE_OFF
);
597 fuse_reply_err(req
, -ret
);
602 ret
= fuse_do_truncate(exp
, offset
+ length
, true,
603 PREALLOC_MODE_FALLOC
);
608 fuse_reply_err(req
, ret
< 0 ? -ret
: 0);
612 * Let clients fsync the exported image.
614 static void fuse_fsync(fuse_req_t req
, fuse_ino_t inode
, int datasync
,
615 struct fuse_file_info
*fi
)
617 FuseExport
*exp
= fuse_req_userdata(req
);
620 ret
= blk_flush(exp
->common
.blk
);
621 fuse_reply_err(req
, ret
< 0 ? -ret
: 0);
625 * Called before an FD to the exported image is closed. (libfuse
626 * notes this to be a way to return last-minute errors.)
628 static void fuse_flush(fuse_req_t req
, fuse_ino_t inode
,
629 struct fuse_file_info
*fi
)
631 fuse_fsync(req
, inode
, 1, fi
);
634 #ifdef CONFIG_FUSE_LSEEK
636 * Let clients inquire allocation status.
638 static void fuse_lseek(fuse_req_t req
, fuse_ino_t inode
, off_t offset
,
639 int whence
, struct fuse_file_info
*fi
)
641 FuseExport
*exp
= fuse_req_userdata(req
);
643 if (whence
!= SEEK_HOLE
&& whence
!= SEEK_DATA
) {
644 fuse_reply_err(req
, EINVAL
);
652 ret
= bdrv_block_status_above(blk_bs(exp
->common
.blk
), NULL
,
653 offset
, INT64_MAX
, &pnum
, NULL
, NULL
);
655 fuse_reply_err(req
, -ret
);
659 if (!pnum
&& (ret
& BDRV_BLOCK_EOF
)) {
663 * If blk_getlength() rounds (e.g. by sectors), then the
664 * export length will be rounded, too. However,
665 * bdrv_block_status_above() may return EOF at unaligned
666 * offsets. We must not let this become visible and thus
667 * always simulate a hole between @offset (the real EOF)
668 * and @blk_len (the client-visible EOF).
671 blk_len
= blk_getlength(exp
->common
.blk
);
673 fuse_reply_err(req
, -blk_len
);
677 if (offset
> blk_len
|| whence
== SEEK_DATA
) {
678 fuse_reply_err(req
, ENXIO
);
680 fuse_reply_lseek(req
, offset
);
685 if (ret
& BDRV_BLOCK_DATA
) {
686 if (whence
== SEEK_DATA
) {
687 fuse_reply_lseek(req
, offset
);
691 if (whence
== SEEK_HOLE
) {
692 fuse_reply_lseek(req
, offset
);
697 /* Safety check against infinite loops */
699 fuse_reply_err(req
, ENXIO
);
708 static const struct fuse_lowlevel_ops fuse_ops
= {
710 .lookup
= fuse_lookup
,
711 .getattr
= fuse_getattr
,
712 .setattr
= fuse_setattr
,
716 .fallocate
= fuse_fallocate
,
719 #ifdef CONFIG_FUSE_LSEEK
724 const BlockExportDriver blk_exp_fuse
= {
725 .type
= BLOCK_EXPORT_TYPE_FUSE
,
726 .instance_size
= sizeof(FuseExport
),
727 .create
= fuse_export_create
,
728 .delete = fuse_export_delete
,
729 .request_shutdown
= fuse_export_shutdown
,