]> git.proxmox.com Git - pve-storage.git/blob - PVE/Storage/RBDPlugin.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix #1925: untaint rbd JSON output
[pve-storage.git] / PVE / Storage / RBDPlugin.pm
1 package PVE::Storage::RBDPlugin;
2
3 use strict;
4 use warnings;
5 use IO::File;
6 use Net::IP;
7 use PVE::Tools qw(run_command trim);
8 use PVE::Storage::Plugin;
9 use PVE::JSONSchema qw(get_standard_option);
10 use PVE::RADOS;
11 use PVE::Storage::CephTools;
12 use JSON;
13
14 use base qw(PVE::Storage::Plugin);
15
16 my $get_parent_image_name = sub {
17 my ($parent) = @_;
18 return undef if !$parent;
19 return $parent->{image} . "@" . $parent->{snapshot};
20 };
21
22 my $add_pool_to_disk = sub {
23 my ($scfg, $disk) = @_;
24
25 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
26
27 return "$pool/$disk";
28 };
29
30 my $build_cmd = sub {
31 my ($binary, $scfg, $storeid, $op, @options) = @_;
32
33 my $cmd_option = PVE::Storage::CephTools::ceph_connect_option($scfg, $storeid);
34 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
35
36 my $cmd = [$binary, '-p', $pool];
37
38 push @$cmd, '-c', $cmd_option->{ceph_conf} if ($cmd_option->{ceph_conf});
39 push @$cmd, '-m', $cmd_option->{mon_host} if ($cmd_option->{mon_host});
40 push @$cmd, '--auth_supported', $cmd_option->{auth_supported} if ($cmd_option->{auth_supported});
41 push @$cmd, '-n', "client.$cmd_option->{userid}" if ($cmd_option->{userid});
42 push @$cmd, '--keyring', $cmd_option->{keyring} if ($cmd_option->{keyring});
43
44 push @$cmd, $op;
45
46 push @$cmd, @options if scalar(@options);
47
48 return $cmd;
49 };
50
51 my $rbd_cmd = sub {
52 my ($scfg, $storeid, $op, @options) = @_;
53
54 return $build_cmd->('/usr/bin/rbd', $scfg, $storeid, $op, @options);
55 };
56
57 my $rados_cmd = sub {
58 my ($scfg, $storeid, $op, @options) = @_;
59
60 return $build_cmd->('/usr/bin/rados', $scfg, $storeid, $op, @options);
61 };
62
63 my $librados_connect = sub {
64 my ($scfg, $storeid, $options) = @_;
65
66 my $librados_config = PVE::Storage::CephTools::ceph_connect_option($scfg, $storeid);
67
68 my $rados = PVE::RADOS->new(%$librados_config);
69
70 return $rados;
71 };
72
73 # needed for volumes created using ceph jewel (or higher)
74 my $krbd_feature_disable = sub {
75 my ($scfg, $storeid, $name) = @_;
76
77 return 1 if !$scfg->{krbd};
78
79 my ($major, undef, undef, undef) = ceph_version();
80 return 1 if $major < 10;
81
82 my $krbd_feature_blacklist = ['deep-flatten', 'fast-diff', 'object-map', 'exclusive-lock'];
83 my (undef, undef, undef, undef, $features) = rbd_volume_info($scfg, $storeid, $name);
84
85 my $active_features = { map { $_ => 1 } @$features };
86 my $incompatible_features = join(',', grep { %$active_features{$_} } @$krbd_feature_blacklist);
87
88 if ($incompatible_features) {
89 my $feature_cmd = &$rbd_cmd($scfg, $storeid, 'feature', 'disable', $name, $incompatible_features);
90 run_rbd_command($feature_cmd, errmsg => "could not disable krbd-incompatible image features of rbd volume $name");
91 }
92 };
93
94 my $ceph_version_parser = sub {
95 my $line = shift;
96 if ($line =~ m/^ceph version ((\d+)\.(\d+)\.(\d+))(?: \([a-fA-F0-9]+\))/) {
97 return ($2, $3, $4, $1);
98 } else {
99 warn "Could not parse Ceph version: '$line'\n";
100 }
101 };
102
103 sub ceph_version {
104 my ($cache) = @_;
105
106 my $version_string = $cache;
107
108 my $major;
109 my $minor;
110 my $bugfix;
111
112 if (defined($version_string)) {
113 ($major, $minor, $bugfix, $version_string) = &$ceph_version_parser($version_string);
114 } else {
115 run_command('ceph --version', outfunc => sub {
116 my $line = shift;
117 ($major, $minor, $bugfix, $version_string) = &$ceph_version_parser($line);
118 });
119 }
120 return undef if !defined($version_string);
121 return wantarray ? ($major, $minor, $bugfix, $version_string) : $version_string;
122 }
123
124 sub run_rbd_command {
125 my ($cmd, %args) = @_;
126
127 my $lasterr;
128 my $errmsg = $args{errmsg} . ": " || "";
129 if (!exists($args{errfunc})) {
130 # ' error: 2014-02-06 11:51:59.839135 7f09f94d0760 -1 librbd: snap_unprotect: can't unprotect;
131 # at least 1 child(ren) in pool cephstor1
132 $args{errfunc} = sub {
133 my $line = shift;
134 if ($line =~ m/^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}\.\d+ [0-9a-f]+ [\-\d]+ librbd: (.*)$/) {
135 $lasterr = "$1\n";
136 } else {
137 $lasterr = $line;
138 }
139 print STDERR $lasterr;
140 *STDERR->flush();
141 };
142 }
143
144 eval { run_command($cmd, %args); };
145 if (my $err = $@) {
146 die $errmsg . $lasterr if length($lasterr);
147 die $err;
148 }
149
150 return undef;
151 }
152
153 sub rbd_ls {
154 my ($scfg, $storeid) = @_;
155
156 my $cmd = &$rbd_cmd($scfg, $storeid, 'ls', '-l', '--format', 'json');
157 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
158
159 my $raw = '';
160 my $parser = sub { $raw .= shift };
161
162 eval {
163 run_rbd_command($cmd, errmsg => "rbd error", errfunc => sub {}, outfunc => $parser);
164 };
165 my $err = $@;
166
167 die $err if $err && $err !~ m/doesn't contain rbd images/ ;
168
169 my $result;
170 if ($raw eq '') {
171 $result = [];
172 } elsif ($raw =~ m/^(\[.*\])$/s) { # untaint
173 $result = JSON::decode_json($1);
174 } else {
175 die "got unexpected data from rbd ls: '$raw'\n";
176 }
177
178 my $list = {};
179
180 foreach my $el (@$result) {
181 next if defined($el->{snapshot});
182
183 my $image = $el->{image};
184
185 my ($owner) = $image =~ m/^(?:vm|base)-(\d+)-/;
186 next if !defined($owner);
187
188 $list->{$pool}->{$image} = {
189 name => $image,
190 size => $el->{size},
191 parent => $get_parent_image_name->($el->{parent}),
192 vmid => $owner
193 };
194 }
195
196 return $list;
197 }
198
199 sub rbd_volume_info {
200 my ($scfg, $storeid, $volname, $snap) = @_;
201
202 my $cmd = undef;
203
204 my @options = ('info', $volname, '--format', 'json');
205 if ($snap) {
206 push @options, '--snap', $snap;
207 }
208
209 $cmd = &$rbd_cmd($scfg, $storeid, @options);
210
211 my $raw = '';
212 my $parser = sub { $raw .= shift };
213
214 run_rbd_command($cmd, errmsg => "rbd error", errfunc => sub {}, outfunc => $parser);
215
216 my $volume;
217 if ($raw eq '') {
218 $volume = {};
219 } elsif ($raw =~ m/^(\{.*\})$/s) { # untaint
220 $volume = JSON::decode_json($1);
221 } else {
222 die "got unexpected data from rbd info: '$raw'\n";
223 }
224
225 $volume->{parent} = $get_parent_image_name->($volume->{parent});
226 $volume->{protected} = defined($volume->{protected}) && $volume->{protected} eq "true" ? 1 : undef;
227
228 return $volume->@{qw(size parent format protected features)};
229 }
230
231 # Configuration
232
233 sub type {
234 return 'rbd';
235 }
236
237 sub plugindata {
238 return {
239 content => [ {images => 1, rootdir => 1}, { images => 1 }],
240 };
241 }
242
243 sub properties {
244 return {
245 monhost => {
246 description => "IP addresses of monitors (for external clusters).",
247 type => 'string', format => 'pve-storage-portal-dns-list',
248 },
249 pool => {
250 description => "Pool.",
251 type => 'string',
252 },
253 username => {
254 description => "RBD Id.",
255 type => 'string',
256 },
257 authsupported => {
258 description => "Authsupported.",
259 type => 'string',
260 },
261 krbd => {
262 description => "Access rbd through krbd kernel module.",
263 type => 'boolean',
264 },
265 };
266 }
267
268 sub options {
269 return {
270 nodes => { optional => 1 },
271 disable => { optional => 1 },
272 monhost => { optional => 1},
273 pool => { optional => 1 },
274 username => { optional => 1 },
275 content => { optional => 1 },
276 krbd => { optional => 1 },
277 bwlimit => { optional => 1 },
278 };
279 }
280
281 # Storage implementation
282
283 sub on_add_hook {
284 my ($class, $storeid, $scfg, %param) = @_;
285
286 return if defined($scfg->{monhost}); # nothing to do if not pve managed ceph
287
288 PVE::Storage::CephTools::ceph_create_keyfile($scfg->{type}, $storeid);
289 }
290
291 sub on_delete_hook {
292 my ($class, $storeid, $scfg) = @_;
293
294 return if defined($scfg->{monhost}); # nothing to do if not pve managed ceph
295
296 PVE::Storage::CephTools::ceph_remove_keyfile($scfg->{type}, $storeid);
297 }
298
299 sub parse_volname {
300 my ($class, $volname) = @_;
301
302 if ($volname =~ m/^((base-(\d+)-\S+)\/)?((base)?(vm)?-(\d+)-\S+)$/) {
303 return ('images', $4, $7, $2, $3, $5, 'raw');
304 }
305
306 die "unable to parse rbd volume name '$volname'\n";
307 }
308
309 sub path {
310 my ($class, $scfg, $volname, $storeid, $snapname) = @_;
311
312 my $cmd_option = PVE::Storage::CephTools::ceph_connect_option($scfg, $storeid);
313 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
314 $name .= '@'.$snapname if $snapname;
315
316 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
317 return ("/dev/rbd/$pool/$name", $vmid, $vtype) if $scfg->{krbd};
318
319 my $path = "rbd:$pool/$name";
320
321 $path .= ":conf=$cmd_option->{ceph_conf}" if $cmd_option->{ceph_conf};
322 if (defined($scfg->{monhost})) {
323 my $monhost = PVE::Storage::CephTools::hostlist($scfg->{monhost}, ';');
324 $monhost =~ s/:/\\:/g;
325 $path .= ":mon_host=$monhost";
326 $path .= ":auth_supported=$cmd_option->{auth_supported}";
327 }
328
329 $path .= ":id=$cmd_option->{userid}:keyring=$cmd_option->{keyring}" if ($cmd_option->{keyring});
330
331 return ($path, $vmid, $vtype);
332 }
333
334 my $find_free_diskname = sub {
335 my ($storeid, $scfg, $vmid) = @_;
336
337 my $cmd = &$rbd_cmd($scfg, $storeid, 'ls');
338 my $disk_list = [];
339
340 my $parser = sub {
341 my $line = shift;
342 if ($line = m/^(.*)$/) { # untaint
343 push @$disk_list, $1;
344 }
345 };
346
347 eval {
348 run_rbd_command($cmd, errmsg => "rbd error", errfunc => sub {}, outfunc => $parser);
349 };
350 my $err = $@;
351
352 die $err if $err && $err !~ m/doesn't contain rbd images/;
353
354 return PVE::Storage::Plugin::get_next_vm_diskname($disk_list, $storeid, $vmid, undef, $scfg);
355 };
356
357 sub create_base {
358 my ($class, $storeid, $scfg, $volname) = @_;
359
360 my $snap = '__base__';
361
362 my ($vtype, $name, $vmid, $basename, $basevmid, $isBase) =
363 $class->parse_volname($volname);
364
365 die "create_base not possible with base image\n" if $isBase;
366
367 my ($size, $parent, $format, undef) = rbd_volume_info($scfg, $storeid, $name);
368 die "rbd volume info on '$name' failed\n" if !($size);
369
370 die "rbd image must be at format V2" if $format ne "2";
371
372 die "volname '$volname' contains wrong information about parent $parent $basename\n"
373 if $basename && (!$parent || $parent ne $basename."@".$snap);
374
375 my $newname = $name;
376 $newname =~ s/^vm-/base-/;
377
378 my $newvolname = $basename ? "$basename/$newname" : "$newname";
379
380 my $cmd = &$rbd_cmd($scfg, $storeid, 'rename', &$add_pool_to_disk($scfg, $name), &$add_pool_to_disk($scfg, $newname));
381 run_rbd_command($cmd, errmsg => "rbd rename '$name' error");
382
383 my $running = undef; #fixme : is create_base always offline ?
384
385 $class->volume_snapshot($scfg, $storeid, $newname, $snap, $running);
386
387 my (undef, undef, undef, $protected) = rbd_volume_info($scfg, $storeid, $newname, $snap);
388
389 if (!$protected){
390 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'protect', $newname, '--snap', $snap);
391 run_rbd_command($cmd, errmsg => "rbd protect $newname snap '$snap' error");
392 }
393
394 return $newvolname;
395
396 }
397
398 sub clone_image {
399 my ($class, $scfg, $storeid, $volname, $vmid, $snapname) = @_;
400
401 my $snap = '__base__';
402 $snap = $snapname if length $snapname;
403
404 my ($vtype, $basename, $basevmid, undef, undef, $isBase) =
405 $class->parse_volname($volname);
406
407 die "$volname is not a base image and snapname is not provided\n"
408 if !$isBase && !length($snapname);
409
410 my $name = $find_free_diskname->($storeid, $scfg, $vmid);
411
412 warn "clone $volname: $basename snapname $snap to $name\n";
413
414 if (length($snapname)) {
415 my (undef, undef, undef, $protected) = rbd_volume_info($scfg, $storeid, $volname, $snapname);
416
417 if (!$protected) {
418 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'protect', $volname, '--snap', $snapname);
419 run_rbd_command($cmd, errmsg => "rbd protect $volname snap $snapname error");
420 }
421 }
422
423 my $newvol = "$basename/$name";
424 $newvol = $name if length($snapname);
425
426 my $cmd = &$rbd_cmd($scfg, $storeid, 'clone', &$add_pool_to_disk($scfg, $basename),
427 '--snap', $snap, &$add_pool_to_disk($scfg, $name));
428
429 run_rbd_command($cmd, errmsg => "rbd clone '$basename' error");
430
431 &$krbd_feature_disable($scfg, $storeid, $name);
432
433 return $newvol;
434 }
435
436 sub alloc_image {
437 my ($class, $storeid, $scfg, $vmid, $fmt, $name, $size) = @_;
438
439
440 die "illegal name '$name' - should be 'vm-$vmid-*'\n"
441 if $name && $name !~ m/^vm-$vmid-/;
442
443 $name = $find_free_diskname->($storeid, $scfg, $vmid) if !$name;
444
445 my $cmd = &$rbd_cmd($scfg, $storeid, 'create', '--image-format' , 2, '--size', int(($size+1023)/1024), $name);
446 run_rbd_command($cmd, errmsg => "rbd create $name' error");
447
448 &$krbd_feature_disable($scfg, $storeid, $name);
449
450 return $name;
451 }
452
453 sub free_image {
454 my ($class, $storeid, $scfg, $volname, $isBase) = @_;
455
456 my ($vtype, $name, $vmid, undef, undef, undef) =
457 $class->parse_volname($volname);
458
459 if ($isBase) {
460 my $snap = '__base__';
461 my (undef, undef, undef, $protected) = rbd_volume_info($scfg, $storeid, $name, $snap);
462 if ($protected){
463 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'unprotect', $name, '--snap', $snap);
464 run_rbd_command($cmd, errmsg => "rbd unprotect $name snap '$snap' error");
465 }
466 }
467
468 $class->deactivate_volume($storeid, $scfg, $volname);
469
470 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'purge', $name);
471 run_rbd_command($cmd, errmsg => "rbd snap purge '$volname' error");
472
473 $cmd = &$rbd_cmd($scfg, $storeid, 'rm', $name);
474 run_rbd_command($cmd, errmsg => "rbd rm '$volname' error");
475
476 return undef;
477 }
478
479 sub list_images {
480 my ($class, $storeid, $scfg, $vmid, $vollist, $cache) = @_;
481
482 $cache->{rbd} = rbd_ls($scfg, $storeid) if !$cache->{rbd};
483 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
484
485 my $res = [];
486
487 if (my $dat = $cache->{rbd}->{$pool}) {
488 foreach my $image (keys %$dat) {
489
490 my $info = $dat->{$image};
491
492 my $volname = $info->{name};
493 my $parent = $info->{parent};
494 my $owner = $info->{vmid};
495
496 if ($parent && $parent =~ m/^(base-\d+-\S+)\@__base__$/) {
497 $info->{volid} = "$storeid:$1/$volname";
498 } else {
499 $info->{volid} = "$storeid:$volname";
500 }
501
502 if ($vollist) {
503 my $found = grep { $_ eq $info->{volid} } @$vollist;
504 next if !$found;
505 } else {
506 next if defined ($vmid) && ($owner ne $vmid);
507 }
508
509 $info->{format} = 'raw';
510
511 push @$res, $info;
512 }
513 }
514
515 return $res;
516 }
517
518 sub status {
519 my ($class, $storeid, $scfg, $cache) = @_;
520
521
522 my $rados = &$librados_connect($scfg, $storeid);
523 my $df = $rados->mon_command({ prefix => 'df', format => 'json' });
524
525 my ($d) = grep { $_->{name} eq $scfg->{pool} } @{$df->{pools}};
526
527 # max_avail -> max available space for data w/o replication in the pool
528 # bytes_used -> data w/o replication in the pool
529 my $free = $d->{stats}->{max_avail};
530 my $used = $d->{stats}->{bytes_used};
531 my $total = $used + $free;
532 my $active = 1;
533
534 return ($total, $free, $used, $active);
535 }
536
537 sub activate_storage {
538 my ($class, $storeid, $scfg, $cache) = @_;
539 return 1;
540 }
541
542 sub deactivate_storage {
543 my ($class, $storeid, $scfg, $cache) = @_;
544 return 1;
545 }
546
547 sub activate_volume {
548 my ($class, $storeid, $scfg, $volname, $snapname, $cache) = @_;
549
550 return 1 if !$scfg->{krbd};
551
552 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
553 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
554
555 my $path = "/dev/rbd/$pool/$name";
556 $path .= '@'.$snapname if $snapname;
557 return if -b $path;
558
559 $name .= '@'.$snapname if $snapname;
560 my $cmd = &$rbd_cmd($scfg, $storeid, 'map', $name);
561 run_rbd_command($cmd, errmsg => "can't mount rbd volume $name");
562
563 return 1;
564 }
565
566 sub deactivate_volume {
567 my ($class, $storeid, $scfg, $volname, $snapname, $cache) = @_;
568
569 return 1 if !$scfg->{krbd};
570
571 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
572 my $pool = $scfg->{pool} ? $scfg->{pool} : 'rbd';
573
574 my $path = "/dev/rbd/$pool/$name";
575 $path .= '@'.$snapname if $snapname;
576 return if ! -b $path;
577
578 my $cmd = &$rbd_cmd($scfg, $storeid, 'unmap', $path);
579 run_rbd_command($cmd, errmsg => "can't unmap rbd volume $name");
580
581 return 1;
582 }
583
584 sub volume_size_info {
585 my ($class, $scfg, $storeid, $volname, $timeout) = @_;
586
587 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
588 my ($size, undef) = rbd_volume_info($scfg, $storeid, $name);
589 return $size;
590 }
591
592 sub volume_resize {
593 my ($class, $scfg, $storeid, $volname, $size, $running) = @_;
594
595 return 1 if $running && !$scfg->{krbd};
596
597 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
598
599 my $cmd = &$rbd_cmd($scfg, $storeid, 'resize', '--allow-shrink', '--size', ($size/1024/1024), $name);
600 run_rbd_command($cmd, errmsg => "rbd resize '$volname' error");
601 return undef;
602 }
603
604 sub volume_snapshot {
605 my ($class, $scfg, $storeid, $volname, $snap) = @_;
606
607 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
608
609 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'create', '--snap', $snap, $name);
610 run_rbd_command($cmd, errmsg => "rbd snapshot '$volname' error");
611 return undef;
612 }
613
614 sub volume_snapshot_rollback {
615 my ($class, $scfg, $storeid, $volname, $snap) = @_;
616
617 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
618
619 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'rollback', '--snap', $snap, $name);
620 run_rbd_command($cmd, errmsg => "rbd snapshot $volname to '$snap' error");
621 }
622
623 sub volume_snapshot_delete {
624 my ($class, $scfg, $storeid, $volname, $snap, $running) = @_;
625
626 return 1 if $running && !$scfg->{krbd};
627
628 $class->deactivate_volume($storeid, $scfg, $volname, $snap, {});
629
630 my ($vtype, $name, $vmid) = $class->parse_volname($volname);
631
632 my (undef, undef, undef, $protected) = rbd_volume_info($scfg, $storeid, $name, $snap);
633 if ($protected){
634 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'unprotect', $name, '--snap', $snap);
635 run_rbd_command($cmd, errmsg => "rbd unprotect $name snap '$snap' error");
636 }
637
638 my $cmd = &$rbd_cmd($scfg, $storeid, 'snap', 'rm', '--snap', $snap, $name);
639
640 run_rbd_command($cmd, errmsg => "rbd snapshot '$volname' error");
641
642 return undef;
643 }
644
645 sub volume_has_feature {
646 my ($class, $scfg, $feature, $storeid, $volname, $snapname, $running) = @_;
647
648 my $features = {
649 snapshot => { current => 1, snap => 1},
650 clone => { base => 1, snap => 1},
651 template => { current => 1},
652 copy => { base => 1, current => 1, snap => 1},
653 sparseinit => { base => 1, current => 1},
654 };
655
656 my ($vtype, $name, $vmid, $basename, $basevmid, $isBase) =
657 $class->parse_volname($volname);
658
659 my $key = undef;
660 if($snapname){
661 $key = 'snap';
662 }else{
663 $key = $isBase ? 'base' : 'current';
664 }
665 return 1 if $features->{$feature}->{$key};
666
667 return undef;
668 }
669
670 1;
Storage library