2013-04-09 16:30:53 +02:00
|
|
|
/*
|
|
|
|
* Secure Shell (ssh) backend for QEMU.
|
|
|
|
*
|
|
|
|
* Copyright (C) 2013 Red Hat Inc., Richard W.M. Jones <rjones@redhat.com>
|
|
|
|
*
|
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
|
|
* in the Software without restriction, including without limitation the rights
|
|
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
|
|
* furnished to do so, subject to the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice shall be included in
|
|
|
|
* all copies or substantial portions of the Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
|
|
* THE SOFTWARE.
|
|
|
|
*/
|
|
|
|
|
2016-01-18 19:01:42 +01:00
|
|
|
#include "qemu/osdep.h"
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
#include <libssh/libssh.h>
|
|
|
|
#include <libssh/sftp.h>
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
#include "block/block_int.h"
|
2018-06-14 21:14:28 +02:00
|
|
|
#include "block/qdict.h"
|
include/qemu/osdep.h: Don't include qapi/error.h
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the
Error typedef. Since then, we've moved to include qemu/osdep.h
everywhere. Its file comment explains: "To avoid getting into
possible circular include dependencies, this file should not include
any other QEMU headers, with the exceptions of config-host.h,
compiler.h, os-posix.h and os-win32.h, all of which are doing a
similar job to this file and are under similar constraints."
qapi/error.h doesn't do a similar job, and it doesn't adhere to
similar constraints: it includes qapi-types.h. That's in excess of
100KiB of crap most .c files don't actually need.
Add the typedef to qemu/typedefs.h, and include that instead of
qapi/error.h. Include qapi/error.h in .c files that need it and don't
get it now. Include qapi-types.h in qom/object.h for uint16List.
Update scripts/clean-includes accordingly. Update it further to match
reality: replace config.h by config-target.h, add sysemu/os-posix.h,
sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h
comment quoted above similarly.
This reduces the number of objects depending on qapi/error.h from "all
of them" to less than a third. Unfortunately, the number depending on
qapi-types.h shrinks only a little. More work is needed for that one.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
[Fix compilation without the spice devel packages. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-14 09:01:28 +01:00
|
|
|
#include "qapi/error.h"
|
2015-03-17 18:29:20 +01:00
|
|
|
#include "qemu/error-report.h"
|
2019-05-23 16:35:07 +02:00
|
|
|
#include "qemu/module.h"
|
2018-02-01 12:18:46 +01:00
|
|
|
#include "qemu/option.h"
|
2019-05-23 16:35:06 +02:00
|
|
|
#include "qemu/ctype.h"
|
2016-10-25 15:03:59 +02:00
|
|
|
#include "qemu/cutils.h"
|
2013-04-09 16:30:53 +02:00
|
|
|
#include "qemu/sockets.h"
|
|
|
|
#include "qemu/uri.h"
|
2018-02-11 10:36:01 +01:00
|
|
|
#include "qapi/qapi-visit-sockets.h"
|
2018-02-02 16:12:18 +01:00
|
|
|
#include "qapi/qapi-visit-block-core.h"
|
2018-02-01 12:18:39 +01:00
|
|
|
#include "qapi/qmp/qdict.h"
|
2015-03-17 18:29:20 +01:00
|
|
|
#include "qapi/qmp/qstring.h"
|
2016-10-25 15:03:59 +02:00
|
|
|
#include "qapi/qobject-input-visitor.h"
|
|
|
|
#include "qapi/qobject-output-visitor.h"
|
2018-12-13 17:27:24 +01:00
|
|
|
#include "trace.h"
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2018-12-13 17:27:24 +01:00
|
|
|
/*
|
2019-06-20 22:08:40 +02:00
|
|
|
* TRACE_LIBSSH=<level> enables tracing in libssh itself.
|
|
|
|
* The meaning of <level> is described here:
|
|
|
|
* http://api.libssh.org/master/group__libssh__log.html
|
2013-04-09 16:30:53 +02:00
|
|
|
*/
|
2019-06-20 22:08:40 +02:00
|
|
|
#define TRACE_LIBSSH 0 /* see: SSH_LOG_* */
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
typedef struct BDRVSSHState {
|
|
|
|
/* Coroutine. */
|
|
|
|
CoMutex lock;
|
|
|
|
|
|
|
|
/* SSH connection. */
|
|
|
|
int sock; /* socket */
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_session session; /* ssh session */
|
|
|
|
sftp_session sftp; /* sftp session */
|
|
|
|
sftp_file sftp_handle; /* sftp remote file handle */
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/*
|
|
|
|
* File attributes at open. We try to keep the .size field
|
2013-04-09 16:30:53 +02:00
|
|
|
* updated if it changes (eg by writing at the end of the file).
|
|
|
|
*/
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_attributes attrs;
|
2013-04-09 16:30:54 +02:00
|
|
|
|
2016-10-25 15:03:59 +02:00
|
|
|
InetSocketAddress *inet;
|
|
|
|
|
2013-04-09 16:30:54 +02:00
|
|
|
/* Used to warn if 'flush' is not supported. */
|
|
|
|
bool unsafe_flush_warning;
|
2019-02-25 20:08:27 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Store the user name for ssh_refresh_filename() because the
|
|
|
|
* default depends on the system you are on -- therefore, when we
|
|
|
|
* generate a filename, it should always contain the user name we
|
|
|
|
* are actually using.
|
|
|
|
*/
|
|
|
|
char *user;
|
2013-04-09 16:30:53 +02:00
|
|
|
} BDRVSSHState;
|
|
|
|
|
|
|
|
static void ssh_state_init(BDRVSSHState *s)
|
|
|
|
{
|
|
|
|
memset(s, 0, sizeof *s);
|
|
|
|
s->sock = -1;
|
|
|
|
qemu_co_mutex_init(&s->lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void ssh_state_free(BDRVSSHState *s)
|
|
|
|
{
|
2019-02-25 20:08:27 +01:00
|
|
|
g_free(s->user);
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (s->attrs) {
|
|
|
|
sftp_attributes_free(s->attrs);
|
|
|
|
}
|
2013-04-09 16:30:53 +02:00
|
|
|
if (s->sftp_handle) {
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_close(s->sftp_handle);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
if (s->sftp) {
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_free(s->sftp);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
if (s->session) {
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_disconnect(s->session);
|
|
|
|
ssh_free(s->session); /* This frees s->sock */
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-05-16 11:00:13 +02:00
|
|
|
static void GCC_FMT_ATTR(3, 4)
|
|
|
|
session_error_setg(Error **errp, BDRVSSHState *s, const char *fs, ...)
|
|
|
|
{
|
|
|
|
va_list args;
|
|
|
|
char *msg;
|
|
|
|
|
|
|
|
va_start(args, fs);
|
|
|
|
msg = g_strdup_vprintf(fs, args);
|
|
|
|
va_end(args);
|
|
|
|
|
|
|
|
if (s->session) {
|
2019-06-20 22:08:40 +02:00
|
|
|
const char *ssh_err;
|
2014-05-16 11:00:13 +02:00
|
|
|
int ssh_err_code;
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/* This is not an errno. See <libssh/libssh.h>. */
|
|
|
|
ssh_err = ssh_get_error(s->session);
|
|
|
|
ssh_err_code = ssh_get_error_code(s->session);
|
|
|
|
error_setg(errp, "%s: %s (libssh error code: %d)",
|
2014-05-16 11:00:13 +02:00
|
|
|
msg, ssh_err, ssh_err_code);
|
|
|
|
} else {
|
|
|
|
error_setg(errp, "%s", msg);
|
|
|
|
}
|
|
|
|
g_free(msg);
|
|
|
|
}
|
|
|
|
|
2014-05-16 11:00:16 +02:00
|
|
|
static void GCC_FMT_ATTR(3, 4)
|
|
|
|
sftp_error_setg(Error **errp, BDRVSSHState *s, const char *fs, ...)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
|
|
|
va_list args;
|
2014-05-16 11:00:16 +02:00
|
|
|
char *msg;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
va_start(args, fs);
|
2014-05-16 11:00:16 +02:00
|
|
|
msg = g_strdup_vprintf(fs, args);
|
|
|
|
va_end(args);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2014-05-16 11:00:16 +02:00
|
|
|
if (s->sftp) {
|
2019-06-20 22:08:40 +02:00
|
|
|
const char *ssh_err;
|
2013-04-09 16:30:53 +02:00
|
|
|
int ssh_err_code;
|
2019-06-20 22:08:40 +02:00
|
|
|
int sftp_err_code;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/* This is not an errno. See <libssh/libssh.h>. */
|
|
|
|
ssh_err = ssh_get_error(s->session);
|
|
|
|
ssh_err_code = ssh_get_error_code(s->session);
|
|
|
|
/* See <libssh/sftp.h>. */
|
|
|
|
sftp_err_code = sftp_get_error(s->sftp);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2014-05-16 11:00:16 +02:00
|
|
|
error_setg(errp,
|
2019-06-20 22:08:40 +02:00
|
|
|
"%s: %s (libssh error code: %d, sftp error code: %d)",
|
2014-05-16 11:00:16 +02:00
|
|
|
msg, ssh_err, ssh_err_code, sftp_err_code);
|
|
|
|
} else {
|
|
|
|
error_setg(errp, "%s", msg);
|
|
|
|
}
|
|
|
|
g_free(msg);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
2019-04-17 21:06:28 +02:00
|
|
|
static void sftp_error_trace(BDRVSSHState *s, const char *op)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
2019-06-20 22:08:40 +02:00
|
|
|
const char *ssh_err;
|
2019-04-17 21:06:28 +02:00
|
|
|
int ssh_err_code;
|
2019-06-20 22:08:40 +02:00
|
|
|
int sftp_err_code;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/* This is not an errno. See <libssh/libssh.h>. */
|
|
|
|
ssh_err = ssh_get_error(s->session);
|
|
|
|
ssh_err_code = ssh_get_error_code(s->session);
|
|
|
|
/* See <libssh/sftp.h>. */
|
|
|
|
sftp_err_code = sftp_get_error(s->sftp);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-04-17 21:06:28 +02:00
|
|
|
trace_sftp_error(op, ssh_err, ssh_err_code, sftp_err_code);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static int parse_uri(const char *filename, QDict *options, Error **errp)
|
|
|
|
{
|
|
|
|
URI *uri = NULL;
|
2015-09-14 13:12:34 +02:00
|
|
|
QueryParams *qp;
|
2016-10-25 15:04:00 +02:00
|
|
|
char *port_str;
|
2013-04-09 16:30:53 +02:00
|
|
|
int i;
|
|
|
|
|
|
|
|
uri = uri_parse(filename);
|
|
|
|
if (!uri) {
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2017-06-13 22:57:26 +02:00
|
|
|
if (g_strcmp0(uri->scheme, "ssh") != 0) {
|
2013-04-09 16:30:53 +02:00
|
|
|
error_setg(errp, "URI scheme must be 'ssh'");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!uri->server || strcmp(uri->server, "") == 0) {
|
|
|
|
error_setg(errp, "missing hostname in URI");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!uri->path || strcmp(uri->path, "") == 0) {
|
|
|
|
error_setg(errp, "missing remote path in URI");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
qp = query_params_parse(uri->query);
|
|
|
|
if (!qp) {
|
|
|
|
error_setg(errp, "could not parse query parameters");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(uri->user && strcmp(uri->user, "") != 0) {
|
2017-04-27 23:58:17 +02:00
|
|
|
qdict_put_str(options, "user", uri->user);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
2017-04-27 23:58:17 +02:00
|
|
|
qdict_put_str(options, "server.host", uri->server);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2016-10-25 15:04:00 +02:00
|
|
|
port_str = g_strdup_printf("%d", uri->port ?: 22);
|
2017-04-27 23:58:17 +02:00
|
|
|
qdict_put_str(options, "server.port", port_str);
|
2016-10-25 15:04:00 +02:00
|
|
|
g_free(port_str);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2017-04-27 23:58:17 +02:00
|
|
|
qdict_put_str(options, "path", uri->path);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
/* Pick out any query parameters that we understand, and ignore
|
|
|
|
* the rest.
|
|
|
|
*/
|
|
|
|
for (i = 0; i < qp->n; ++i) {
|
|
|
|
if (strcmp(qp->p[i].name, "host_key_check") == 0) {
|
2017-04-27 23:58:17 +02:00
|
|
|
qdict_put_str(options, "host_key_check", qp->p[i].value);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
query_params_free(qp);
|
|
|
|
uri_free(uri);
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
err:
|
|
|
|
if (uri) {
|
|
|
|
uri_free(uri);
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2016-10-25 15:03:57 +02:00
|
|
|
static bool ssh_has_filename_options_conflict(QDict *options, Error **errp)
|
|
|
|
{
|
|
|
|
const QDictEntry *qe;
|
|
|
|
|
|
|
|
for (qe = qdict_first(options); qe; qe = qdict_next(options, qe)) {
|
|
|
|
if (!strcmp(qe->key, "host") ||
|
|
|
|
!strcmp(qe->key, "port") ||
|
|
|
|
!strcmp(qe->key, "path") ||
|
|
|
|
!strcmp(qe->key, "user") ||
|
2016-10-25 15:03:59 +02:00
|
|
|
!strcmp(qe->key, "host_key_check") ||
|
|
|
|
strstart(qe->key, "server.", NULL))
|
2016-10-25 15:03:57 +02:00
|
|
|
{
|
|
|
|
error_setg(errp, "Option '%s' cannot be used with a file name",
|
|
|
|
qe->key);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
static void ssh_parse_filename(const char *filename, QDict *options,
|
|
|
|
Error **errp)
|
|
|
|
{
|
2016-10-25 15:03:57 +02:00
|
|
|
if (ssh_has_filename_options_conflict(options, errp)) {
|
2013-04-09 16:30:53 +02:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
parse_uri(filename, options, errp);
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
static int check_host_key_knownhosts(BDRVSSHState *s, Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
2019-06-20 22:08:40 +02:00
|
|
|
int ret;
|
|
|
|
#ifdef HAVE_LIBSSH_0_8
|
|
|
|
enum ssh_known_hosts_e state;
|
|
|
|
int r;
|
|
|
|
ssh_key pubkey;
|
|
|
|
enum ssh_keytypes_e pubkey_type;
|
|
|
|
unsigned char *server_hash = NULL;
|
|
|
|
size_t server_hash_len;
|
|
|
|
char *fingerprint = NULL;
|
|
|
|
|
|
|
|
state = ssh_session_is_known_server(s->session);
|
|
|
|
trace_ssh_server_status(state);
|
|
|
|
|
|
|
|
switch (state) {
|
|
|
|
case SSH_KNOWN_HOSTS_OK:
|
|
|
|
/* OK */
|
|
|
|
trace_ssh_check_host_key_knownhosts();
|
|
|
|
break;
|
|
|
|
case SSH_KNOWN_HOSTS_CHANGED:
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
r = ssh_get_server_publickey(s->session, &pubkey);
|
|
|
|
if (r == 0) {
|
|
|
|
r = ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_SHA256,
|
|
|
|
&server_hash, &server_hash_len);
|
|
|
|
pubkey_type = ssh_key_type(pubkey);
|
|
|
|
ssh_key_free(pubkey);
|
|
|
|
}
|
|
|
|
if (r == 0) {
|
|
|
|
fingerprint = ssh_get_fingerprint_hash(SSH_PUBLICKEY_HASH_SHA256,
|
|
|
|
server_hash,
|
|
|
|
server_hash_len);
|
|
|
|
ssh_clean_pubkey_hash(&server_hash);
|
|
|
|
}
|
|
|
|
if (fingerprint) {
|
|
|
|
error_setg(errp,
|
|
|
|
"host key (%s key with fingerprint %s) does not match "
|
|
|
|
"the one in known_hosts; this may be a possible attack",
|
|
|
|
ssh_key_type_to_char(pubkey_type), fingerprint);
|
|
|
|
ssh_string_free_char(fingerprint);
|
|
|
|
} else {
|
|
|
|
error_setg(errp,
|
|
|
|
"host key does not match the one in known_hosts; this "
|
|
|
|
"may be a possible attack");
|
|
|
|
}
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
2019-06-20 22:08:40 +02:00
|
|
|
case SSH_KNOWN_HOSTS_OTHER:
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
error_setg(errp,
|
|
|
|
"host key for this server not found, another type exists");
|
|
|
|
goto out;
|
|
|
|
case SSH_KNOWN_HOSTS_UNKNOWN:
|
|
|
|
ret = -EINVAL;
|
|
|
|
error_setg(errp, "no host key was found in known_hosts");
|
|
|
|
goto out;
|
|
|
|
case SSH_KNOWN_HOSTS_NOT_FOUND:
|
|
|
|
ret = -ENOENT;
|
|
|
|
error_setg(errp, "known_hosts file not found");
|
|
|
|
goto out;
|
|
|
|
case SSH_KNOWN_HOSTS_ERROR:
|
|
|
|
ret = -EINVAL;
|
|
|
|
error_setg(errp, "error while checking the host");
|
|
|
|
goto out;
|
|
|
|
default:
|
|
|
|
ret = -EINVAL;
|
|
|
|
error_setg(errp, "error while checking for known server (%d)", state);
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
|
|
|
}
|
2019-06-20 22:08:40 +02:00
|
|
|
#else /* !HAVE_LIBSSH_0_8 */
|
|
|
|
int state;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
state = ssh_is_server_known(s->session);
|
|
|
|
trace_ssh_server_status(state);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
switch (state) {
|
|
|
|
case SSH_SERVER_KNOWN_OK:
|
2013-04-09 16:30:53 +02:00
|
|
|
/* OK */
|
2019-06-20 22:08:40 +02:00
|
|
|
trace_ssh_check_host_key_knownhosts();
|
2013-04-09 16:30:53 +02:00
|
|
|
break;
|
2019-06-20 22:08:40 +02:00
|
|
|
case SSH_SERVER_KNOWN_CHANGED:
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
error_setg(errp,
|
|
|
|
"host key does not match the one in known_hosts; this "
|
|
|
|
"may be a possible attack");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
2019-06-20 22:08:40 +02:00
|
|
|
case SSH_SERVER_FOUND_OTHER:
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
error_setg(errp,
|
|
|
|
"host key for this server not found, another type exists");
|
|
|
|
goto out;
|
|
|
|
case SSH_SERVER_FILE_NOT_FOUND:
|
|
|
|
ret = -ENOENT;
|
|
|
|
error_setg(errp, "known_hosts file not found");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
2019-06-20 22:08:40 +02:00
|
|
|
case SSH_SERVER_NOT_KNOWN:
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
error_setg(errp, "no host key was found in known_hosts");
|
|
|
|
goto out;
|
|
|
|
case SSH_SERVER_ERROR:
|
|
|
|
ret = -EINVAL;
|
|
|
|
error_setg(errp, "server error");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
|
|
|
default:
|
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
error_setg(errp, "error while checking for known server (%d)", state);
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
|
|
|
}
|
2019-06-20 22:08:40 +02:00
|
|
|
#endif /* !HAVE_LIBSSH_0_8 */
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
/* known_hosts checking successful. */
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
out:
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned hex2decimal(char ch)
|
|
|
|
{
|
|
|
|
if (ch >= '0' && ch <= '9') {
|
|
|
|
return (ch - '0');
|
|
|
|
} else if (ch >= 'a' && ch <= 'f') {
|
|
|
|
return 10 + (ch - 'a');
|
|
|
|
} else if (ch >= 'A' && ch <= 'F') {
|
|
|
|
return 10 + (ch - 'A');
|
|
|
|
}
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Compare the binary fingerprint (hash of host key) with the
|
|
|
|
* host_key_check parameter.
|
|
|
|
*/
|
|
|
|
static int compare_fingerprint(const unsigned char *fingerprint, size_t len,
|
|
|
|
const char *host_key_check)
|
|
|
|
{
|
|
|
|
unsigned c;
|
|
|
|
|
|
|
|
while (len > 0) {
|
|
|
|
while (*host_key_check == ':')
|
|
|
|
host_key_check++;
|
|
|
|
if (!qemu_isxdigit(host_key_check[0]) ||
|
|
|
|
!qemu_isxdigit(host_key_check[1]))
|
|
|
|
return 1;
|
|
|
|
c = hex2decimal(host_key_check[0]) * 16 +
|
|
|
|
hex2decimal(host_key_check[1]);
|
|
|
|
if (c - *fingerprint != 0)
|
|
|
|
return c - *fingerprint;
|
|
|
|
fingerprint++;
|
|
|
|
len--;
|
|
|
|
host_key_check += 2;
|
|
|
|
}
|
|
|
|
return *host_key_check - '\0';
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
check_host_key_hash(BDRVSSHState *s, const char *hash,
|
2019-06-20 22:08:40 +02:00
|
|
|
enum ssh_publickey_hash_type type, Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
2019-06-20 22:08:40 +02:00
|
|
|
int r;
|
|
|
|
ssh_key pubkey;
|
|
|
|
unsigned char *server_hash;
|
|
|
|
size_t server_hash_len;
|
|
|
|
|
|
|
|
#ifdef HAVE_LIBSSH_0_8
|
|
|
|
r = ssh_get_server_publickey(s->session, &pubkey);
|
|
|
|
#else
|
|
|
|
r = ssh_get_publickey(s->session, &pubkey);
|
|
|
|
#endif
|
|
|
|
if (r != SSH_OK) {
|
2014-05-16 11:00:13 +02:00
|
|
|
session_error_setg(errp, s, "failed to read remote host key");
|
2013-04-09 16:30:53 +02:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
r = ssh_get_publickey_hash(pubkey, type, &server_hash, &server_hash_len);
|
|
|
|
ssh_key_free(pubkey);
|
|
|
|
if (r != 0) {
|
|
|
|
session_error_setg(errp, s,
|
|
|
|
"failed reading the hash of the server SSH key");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
r = compare_fingerprint(server_hash, server_hash_len, hash);
|
|
|
|
ssh_clean_pubkey_hash(&server_hash);
|
|
|
|
if (r != 0) {
|
2014-05-16 11:00:13 +02:00
|
|
|
error_setg(errp, "remote host key does not match host_key_check '%s'",
|
|
|
|
hash);
|
2013-04-09 16:30:53 +02:00
|
|
|
return -EPERM;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
static int check_host_key(BDRVSSHState *s, SshHostKeyCheck *hkc, Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
2018-02-05 14:59:05 +01:00
|
|
|
SshHostKeyCheckMode mode;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2018-02-05 14:59:05 +01:00
|
|
|
if (hkc) {
|
|
|
|
mode = hkc->mode;
|
|
|
|
} else {
|
|
|
|
mode = SSH_HOST_KEY_CHECK_MODE_KNOWN_HOSTS;
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
2018-02-05 14:59:05 +01:00
|
|
|
switch (mode) {
|
|
|
|
case SSH_HOST_KEY_CHECK_MODE_NONE:
|
|
|
|
return 0;
|
|
|
|
case SSH_HOST_KEY_CHECK_MODE_HASH:
|
|
|
|
if (hkc->u.hash.type == SSH_HOST_KEY_CHECK_HASH_TYPE_MD5) {
|
|
|
|
return check_host_key_hash(s, hkc->u.hash.hash,
|
2019-06-20 22:08:40 +02:00
|
|
|
SSH_PUBLICKEY_HASH_MD5, errp);
|
2018-02-05 14:59:05 +01:00
|
|
|
} else if (hkc->u.hash.type == SSH_HOST_KEY_CHECK_HASH_TYPE_SHA1) {
|
|
|
|
return check_host_key_hash(s, hkc->u.hash.hash,
|
2019-06-20 22:08:40 +02:00
|
|
|
SSH_PUBLICKEY_HASH_SHA1, errp);
|
2018-02-05 14:59:05 +01:00
|
|
|
}
|
|
|
|
g_assert_not_reached();
|
|
|
|
break;
|
|
|
|
case SSH_HOST_KEY_CHECK_MODE_KNOWN_HOSTS:
|
2019-06-20 22:08:40 +02:00
|
|
|
return check_host_key_knownhosts(s, errp);
|
2018-02-05 14:59:05 +01:00
|
|
|
default:
|
|
|
|
g_assert_not_reached();
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
static int authenticate(BDRVSSHState *s, Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
|
|
|
int r, ret;
|
2019-06-20 22:08:40 +02:00
|
|
|
int method;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/* Try to authenticate with the "none" method. */
|
|
|
|
r = ssh_userauth_none(s->session, NULL);
|
|
|
|
if (r == SSH_AUTH_ERROR) {
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EPERM;
|
2019-06-20 22:08:40 +02:00
|
|
|
session_error_setg(errp, s, "failed to authenticate using none "
|
|
|
|
"authentication");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
2019-06-20 22:08:40 +02:00
|
|
|
} else if (r == SSH_AUTH_SUCCESS) {
|
|
|
|
/* Authenticated! */
|
|
|
|
ret = 0;
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
method = ssh_userauth_list(s->session, NULL);
|
|
|
|
trace_ssh_auth_methods(method);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try to authenticate with publickey, using the ssh-agent
|
|
|
|
* if available.
|
|
|
|
*/
|
|
|
|
if (method & SSH_AUTH_METHOD_PUBLICKEY) {
|
|
|
|
r = ssh_userauth_publickey_auto(s->session, NULL, NULL);
|
|
|
|
if (r == SSH_AUTH_ERROR) {
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
session_error_setg(errp, s, "failed to authenticate using "
|
|
|
|
"publickey authentication");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
2019-06-20 22:08:40 +02:00
|
|
|
} else if (r == SSH_AUTH_SUCCESS) {
|
2013-04-09 16:30:53 +02:00
|
|
|
/* Authenticated! */
|
|
|
|
ret = 0;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = -EPERM;
|
2014-05-16 11:00:14 +02:00
|
|
|
error_setg(errp, "failed to authenticate using publickey authentication "
|
|
|
|
"and the identities held by your ssh-agent");
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
out:
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2016-08-15 15:29:23 +02:00
|
|
|
static QemuOptsList ssh_runtime_opts = {
|
|
|
|
.name = "ssh",
|
|
|
|
.head = QTAILQ_HEAD_INITIALIZER(ssh_runtime_opts.head),
|
|
|
|
.desc = {
|
|
|
|
{
|
|
|
|
.name = "host",
|
|
|
|
.type = QEMU_OPT_STRING,
|
|
|
|
.help = "Host to connect to",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.name = "port",
|
|
|
|
.type = QEMU_OPT_NUMBER,
|
|
|
|
.help = "Port to connect to",
|
|
|
|
},
|
2018-02-05 14:59:05 +01:00
|
|
|
{
|
|
|
|
.name = "host_key_check",
|
|
|
|
.type = QEMU_OPT_STRING,
|
|
|
|
.help = "Defines how and what to check the host key against",
|
|
|
|
},
|
2018-01-05 15:44:40 +01:00
|
|
|
{ /* end of list */ }
|
2016-08-15 15:29:23 +02:00
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2018-02-05 14:59:05 +01:00
|
|
|
static bool ssh_process_legacy_options(QDict *output_opts,
|
|
|
|
QemuOpts *legacy_opts,
|
|
|
|
Error **errp)
|
2016-10-25 15:03:59 +02:00
|
|
|
{
|
|
|
|
const char *host = qemu_opt_get(legacy_opts, "host");
|
|
|
|
const char *port = qemu_opt_get(legacy_opts, "port");
|
2018-02-05 14:59:05 +01:00
|
|
|
const char *host_key_check = qemu_opt_get(legacy_opts, "host_key_check");
|
2016-10-25 15:03:59 +02:00
|
|
|
|
|
|
|
if (!host && port) {
|
|
|
|
error_setg(errp, "port may not be used without host");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (host) {
|
2017-04-27 23:58:17 +02:00
|
|
|
qdict_put_str(output_opts, "server.host", host);
|
|
|
|
qdict_put_str(output_opts, "server.port", port ?: stringify(22));
|
2016-10-25 15:03:59 +02:00
|
|
|
}
|
|
|
|
|
2018-02-05 14:59:05 +01:00
|
|
|
if (host_key_check) {
|
|
|
|
if (strcmp(host_key_check, "no") == 0) {
|
|
|
|
qdict_put_str(output_opts, "host-key-check.mode", "none");
|
|
|
|
} else if (strncmp(host_key_check, "md5:", 4) == 0) {
|
|
|
|
qdict_put_str(output_opts, "host-key-check.mode", "hash");
|
|
|
|
qdict_put_str(output_opts, "host-key-check.type", "md5");
|
|
|
|
qdict_put_str(output_opts, "host-key-check.hash",
|
|
|
|
&host_key_check[4]);
|
|
|
|
} else if (strncmp(host_key_check, "sha1:", 5) == 0) {
|
|
|
|
qdict_put_str(output_opts, "host-key-check.mode", "hash");
|
|
|
|
qdict_put_str(output_opts, "host-key-check.type", "sha1");
|
|
|
|
qdict_put_str(output_opts, "host-key-check.hash",
|
|
|
|
&host_key_check[5]);
|
|
|
|
} else if (strcmp(host_key_check, "yes") == 0) {
|
|
|
|
qdict_put_str(output_opts, "host-key-check.mode", "known_hosts");
|
|
|
|
} else {
|
|
|
|
error_setg(errp, "unknown host_key_check setting (%s)",
|
|
|
|
host_key_check);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-10-25 15:03:59 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2018-02-02 16:12:18 +01:00
|
|
|
static BlockdevOptionsSsh *ssh_parse_options(QDict *options, Error **errp)
|
2016-10-25 15:03:59 +02:00
|
|
|
{
|
2018-02-02 16:12:18 +01:00
|
|
|
BlockdevOptionsSsh *result = NULL;
|
|
|
|
QemuOpts *opts = NULL;
|
|
|
|
Error *local_err = NULL;
|
|
|
|
const QDictEntry *e;
|
|
|
|
Visitor *v;
|
|
|
|
|
|
|
|
/* Translate legacy options */
|
|
|
|
opts = qemu_opts_create(&ssh_runtime_opts, NULL, 0, &error_abort);
|
|
|
|
qemu_opts_absorb_qdict(opts, options, &local_err);
|
|
|
|
if (local_err) {
|
|
|
|
error_propagate(errp, local_err);
|
|
|
|
goto fail;
|
2016-10-25 15:03:59 +02:00
|
|
|
}
|
|
|
|
|
2018-02-05 14:59:05 +01:00
|
|
|
if (!ssh_process_legacy_options(options, opts, errp)) {
|
2018-02-02 16:12:18 +01:00
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Create the QAPI object */
|
2018-06-14 21:14:33 +02:00
|
|
|
v = qobject_input_visitor_new_flat_confused(options, errp);
|
|
|
|
if (!v) {
|
2018-02-02 16:12:18 +01:00
|
|
|
goto fail;
|
2016-10-25 15:03:59 +02:00
|
|
|
}
|
|
|
|
|
2018-02-02 16:12:18 +01:00
|
|
|
visit_type_BlockdevOptionsSsh(v, NULL, &result, &local_err);
|
|
|
|
visit_free(v);
|
|
|
|
|
|
|
|
if (local_err) {
|
|
|
|
error_propagate(errp, local_err);
|
|
|
|
goto fail;
|
2016-10-25 15:03:59 +02:00
|
|
|
}
|
|
|
|
|
2018-02-02 16:12:18 +01:00
|
|
|
/* Remove the processed options from the QDict (the visitor processes
|
|
|
|
* _all_ options in the QDict) */
|
|
|
|
while ((e = qdict_first(options))) {
|
|
|
|
qdict_del(options, e->key);
|
|
|
|
}
|
|
|
|
|
|
|
|
fail:
|
|
|
|
qemu_opts_del(opts);
|
|
|
|
return result;
|
2016-10-25 15:03:59 +02:00
|
|
|
}
|
|
|
|
|
2018-02-05 15:28:14 +01:00
|
|
|
static int connect_to_ssh(BDRVSSHState *s, BlockdevOptionsSsh *opts,
|
2014-05-16 11:00:15 +02:00
|
|
|
int ssh_flags, int creat_mode, Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
|
|
|
int r, ret;
|
2019-06-20 22:08:40 +02:00
|
|
|
unsigned int port = 0;
|
|
|
|
int new_sock = -1;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2018-02-02 16:12:18 +01:00
|
|
|
if (opts->has_user) {
|
2019-02-25 20:08:27 +01:00
|
|
|
s->user = g_strdup(opts->user);
|
2018-02-02 16:12:18 +01:00
|
|
|
} else {
|
2019-02-25 20:08:27 +01:00
|
|
|
s->user = g_strdup(g_get_user_name());
|
|
|
|
if (!s->user) {
|
2014-05-16 11:00:15 +02:00
|
|
|
error_setg_errno(errp, errno, "Can't get user name");
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -errno;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-10-25 15:03:59 +02:00
|
|
|
/* Pop the config into our state object, Exit if invalid */
|
2018-02-02 16:12:18 +01:00
|
|
|
s->inet = opts->server;
|
|
|
|
opts->server = NULL;
|
2016-10-25 15:03:59 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (qemu_strtoui(s->inet->port, NULL, 10, &port) < 0) {
|
2016-10-25 15:03:59 +02:00
|
|
|
error_setg(errp, "Use only numeric port value");
|
|
|
|
ret = -EINVAL;
|
|
|
|
goto err;
|
|
|
|
}
|
2013-04-09 16:30:54 +02:00
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
/* Open the socket and connect. */
|
2019-06-20 22:08:40 +02:00
|
|
|
new_sock = inet_connect_saddr(s->inet, errp);
|
|
|
|
if (new_sock < 0) {
|
block/ssh: Avoid segfault if inet_connect doesn't set errno.
On some (but not all) systems:
$ qemu-img create -f qcow2 overlay -b ssh://xen/
Segmentation fault
It turns out this happens when inet_connect returns -1 in the
following code, but errno == 0.
s->sock = inet_connect(s->hostport, errp);
if (s->sock < 0) {
ret = -errno;
goto err;
}
In the test case above, no host called "xen" exists, so getaddrinfo fails.
On Fedora 22, getaddrinfo happens to set errno = ENOENT (although it
is *not* documented to do that), so it doesn't segfault.
On RHEL 7, errno is not set by the failing getaddrinfo, so ret =
-errno = 0, so the caller doesn't know there was an error and
continues with a half-initialized BDRVSSHState struct, and everything
goes south from there, eventually resulting in a segfault.
Fix this by setting ret to -EIO (same as block/nbd.c and
block/sheepdog.c). The real error is saved in the Error** errp
struct, so it is printed correctly:
$ ./qemu-img create -f qcow2 overlay -b ssh://xen/
qemu-img: overlay: address resolution failed for xen:22: No address associated with hostname
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Reported-by: Jun Li
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1147343
Signed-off-by: Jeff Cody <jcody@redhat.com>
2015-07-22 15:27:47 +02:00
|
|
|
ret = -EIO;
|
2013-04-09 16:30:53 +02:00
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/*
|
|
|
|
* Try to disable the Nagle algorithm on TCP sockets to reduce latency,
|
|
|
|
* but do not fail if it cannot be disabled.
|
|
|
|
*/
|
|
|
|
r = socket_set_nodelay(new_sock);
|
|
|
|
if (r < 0) {
|
|
|
|
warn_report("can't set TCP_NODELAY for the ssh server %s: %s",
|
|
|
|
s->inet->host, strerror(errno));
|
|
|
|
}
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
/* Create SSH session. */
|
2019-06-20 22:08:40 +02:00
|
|
|
s->session = ssh_new();
|
2013-04-09 16:30:53 +02:00
|
|
|
if (!s->session) {
|
|
|
|
ret = -EINVAL;
|
2019-06-20 22:08:40 +02:00
|
|
|
session_error_setg(errp, s, "failed to initialize libssh session");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/*
|
|
|
|
* Make sure we are in blocking mode during the connection and
|
|
|
|
* authentication phases.
|
|
|
|
*/
|
|
|
|
ssh_set_blocking(s->session, 1);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
r = ssh_options_set(s->session, SSH_OPTIONS_USER, s->user);
|
|
|
|
if (r < 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
session_error_setg(errp, s,
|
|
|
|
"failed to set the user in the libssh session");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
r = ssh_options_set(s->session, SSH_OPTIONS_HOST, s->inet->host);
|
|
|
|
if (r < 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
session_error_setg(errp, s,
|
|
|
|
"failed to set the host in the libssh session");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (port > 0) {
|
|
|
|
r = ssh_options_set(s->session, SSH_OPTIONS_PORT, &port);
|
|
|
|
if (r < 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
session_error_setg(errp, s,
|
|
|
|
"failed to set the port in the libssh session");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
r = ssh_options_set(s->session, SSH_OPTIONS_COMPRESSION, "none");
|
|
|
|
if (r < 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
session_error_setg(errp, s,
|
|
|
|
"failed to disable the compression in the libssh "
|
|
|
|
"session");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Read ~/.ssh/config. */
|
|
|
|
r = ssh_options_parse_config(s->session, NULL);
|
|
|
|
if (r < 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
session_error_setg(errp, s, "failed to parse ~/.ssh/config");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
r = ssh_options_set(s->session, SSH_OPTIONS_FD, &new_sock);
|
|
|
|
if (r < 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
session_error_setg(errp, s,
|
|
|
|
"failed to set the socket in the libssh session");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
/* libssh took ownership of the socket. */
|
|
|
|
s->sock = new_sock;
|
|
|
|
new_sock = -1;
|
|
|
|
|
|
|
|
/* Connect. */
|
|
|
|
r = ssh_connect(s->session);
|
|
|
|
if (r != SSH_OK) {
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
2014-05-16 11:00:15 +02:00
|
|
|
session_error_setg(errp, s, "failed to establish SSH session");
|
2013-04-09 16:30:53 +02:00
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check the remote host's key against known_hosts. */
|
2019-06-20 22:08:40 +02:00
|
|
|
ret = check_host_key(s, opts->host_key_check, errp);
|
2013-04-09 16:30:53 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Authenticate. */
|
2019-06-20 22:08:40 +02:00
|
|
|
ret = authenticate(s, errp);
|
2013-04-09 16:30:53 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Start SFTP. */
|
2019-06-20 22:08:40 +02:00
|
|
|
s->sftp = sftp_new(s->session);
|
2013-04-09 16:30:53 +02:00
|
|
|
if (!s->sftp) {
|
2019-06-20 22:08:40 +02:00
|
|
|
session_error_setg(errp, s, "failed to create sftp handle");
|
|
|
|
ret = -EINVAL;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
r = sftp_init(s->sftp);
|
|
|
|
if (r < 0) {
|
|
|
|
sftp_error_setg(errp, s, "failed to initialize sftp handle");
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Open the remote file. */
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_connect_to_ssh(opts->path, ssh_flags, creat_mode);
|
2019-06-20 22:08:40 +02:00
|
|
|
s->sftp_handle = sftp_open(s->sftp, opts->path, ssh_flags, creat_mode);
|
2013-04-09 16:30:53 +02:00
|
|
|
if (!s->sftp_handle) {
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_error_setg(errp, s, "failed to open remote file '%s'",
|
|
|
|
opts->path);
|
2013-04-09 16:30:53 +02:00
|
|
|
ret = -EINVAL;
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/* Make sure the SFTP file is handled in blocking mode. */
|
|
|
|
sftp_file_set_blocking(s->sftp_handle);
|
|
|
|
|
|
|
|
s->attrs = sftp_fstat(s->sftp_handle);
|
|
|
|
if (!s->attrs) {
|
2014-05-16 11:00:16 +02:00
|
|
|
sftp_error_setg(errp, s, "failed to read file attributes");
|
2013-04-09 16:30:53 +02:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
err:
|
2019-06-20 22:08:40 +02:00
|
|
|
if (s->attrs) {
|
|
|
|
sftp_attributes_free(s->attrs);
|
|
|
|
}
|
|
|
|
s->attrs = NULL;
|
2013-04-09 16:30:53 +02:00
|
|
|
if (s->sftp_handle) {
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_close(s->sftp_handle);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
s->sftp_handle = NULL;
|
|
|
|
if (s->sftp) {
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_free(s->sftp);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
s->sftp = NULL;
|
|
|
|
if (s->session) {
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_disconnect(s->session);
|
|
|
|
ssh_free(s->session);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
s->session = NULL;
|
2019-06-20 22:08:40 +02:00
|
|
|
s->sock = -1;
|
|
|
|
if (new_sock >= 0) {
|
|
|
|
close(new_sock);
|
|
|
|
}
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-09-05 14:22:29 +02:00
|
|
|
static int ssh_file_open(BlockDriverState *bs, QDict *options, int bdrv_flags,
|
|
|
|
Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
2018-02-05 15:28:14 +01:00
|
|
|
BlockdevOptionsSsh *opts;
|
2013-04-09 16:30:53 +02:00
|
|
|
int ret;
|
|
|
|
int ssh_flags;
|
|
|
|
|
|
|
|
ssh_state_init(s);
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_flags = 0;
|
2013-04-09 16:30:53 +02:00
|
|
|
if (bdrv_flags & BDRV_O_RDWR) {
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_flags |= O_RDWR;
|
|
|
|
} else {
|
|
|
|
ssh_flags |= O_RDONLY;
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
2018-02-05 15:28:14 +01:00
|
|
|
opts = ssh_parse_options(options, errp);
|
|
|
|
if (opts == NULL) {
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
/* Start up SSH. */
|
2018-02-05 15:28:14 +01:00
|
|
|
ret = connect_to_ssh(s, opts, ssh_flags, 0, errp);
|
2013-04-09 16:30:53 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Go non-blocking. */
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_set_blocking(s->session, 0);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2018-02-05 15:28:14 +01:00
|
|
|
qapi_free_BlockdevOptionsSsh(opts);
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
err:
|
2018-02-05 15:28:14 +01:00
|
|
|
qapi_free_BlockdevOptionsSsh(opts);
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2018-02-14 21:49:14 +01:00
|
|
|
/* Note: This is a blocking operation */
|
2018-02-14 21:49:13 +01:00
|
|
|
static int ssh_grow_file(BDRVSSHState *s, int64_t offset, Error **errp)
|
|
|
|
{
|
|
|
|
ssize_t ret;
|
|
|
|
char c[1] = { '\0' };
|
2019-06-20 22:08:40 +02:00
|
|
|
int was_blocking = ssh_is_blocking(s->session);
|
2018-02-14 21:49:13 +01:00
|
|
|
|
|
|
|
/* offset must be strictly greater than the current size so we do
|
|
|
|
* not overwrite anything */
|
2019-06-20 22:08:40 +02:00
|
|
|
assert(offset > 0 && offset > s->attrs->size);
|
2018-02-14 21:49:13 +01:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_set_blocking(s->session, 1);
|
2018-02-14 21:49:14 +01:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
sftp_seek64(s->sftp_handle, offset - 1);
|
|
|
|
ret = sftp_write(s->sftp_handle, c, 1);
|
2018-02-14 21:49:14 +01:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
ssh_set_blocking(s->session, was_blocking);
|
2018-02-14 21:49:14 +01:00
|
|
|
|
2018-02-14 21:49:13 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
sftp_error_setg(errp, s, "Failed to grow file");
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
s->attrs->size = offset;
|
2018-02-14 21:49:13 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2014-06-05 11:21:06 +02:00
|
|
|
static QemuOptsList ssh_create_opts = {
|
|
|
|
.name = "ssh-create-opts",
|
|
|
|
.head = QTAILQ_HEAD_INITIALIZER(ssh_create_opts.head),
|
|
|
|
.desc = {
|
|
|
|
{
|
|
|
|
.name = BLOCK_OPT_SIZE,
|
|
|
|
.type = QEMU_OPT_SIZE,
|
|
|
|
.help = "Virtual disk size"
|
|
|
|
},
|
|
|
|
{ /* end of list */ }
|
|
|
|
}
|
2013-04-09 16:30:53 +02:00
|
|
|
};
|
|
|
|
|
2018-02-05 16:24:32 +01:00
|
|
|
static int ssh_co_create(BlockdevCreateOptions *options, Error **errp)
|
|
|
|
{
|
|
|
|
BlockdevCreateOptionsSsh *opts = &options->u.ssh;
|
|
|
|
BDRVSSHState s;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
assert(options->driver == BLOCKDEV_DRIVER_SSH);
|
|
|
|
|
|
|
|
ssh_state_init(&s);
|
|
|
|
|
|
|
|
ret = connect_to_ssh(&s, opts->location,
|
2019-06-20 22:08:40 +02:00
|
|
|
O_RDWR | O_CREAT | O_TRUNC,
|
2018-02-05 16:24:32 +01:00
|
|
|
0644, errp);
|
|
|
|
if (ret < 0) {
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (opts->size > 0) {
|
|
|
|
ret = ssh_grow_file(&s, opts->size, errp);
|
|
|
|
if (ret < 0) {
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
fail:
|
|
|
|
ssh_state_free(&s);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2020-03-26 02:12:17 +01:00
|
|
|
static int coroutine_fn ssh_co_create_opts(BlockDriver *drv,
|
|
|
|
const char *filename,
|
|
|
|
QemuOpts *opts,
|
2018-01-18 13:43:45 +01:00
|
|
|
Error **errp)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
2018-02-05 16:24:32 +01:00
|
|
|
BlockdevCreateOptions *create_options;
|
|
|
|
BlockdevCreateOptionsSsh *ssh_opts;
|
|
|
|
int ret;
|
2013-04-09 16:30:53 +02:00
|
|
|
QDict *uri_options = NULL;
|
|
|
|
|
2018-02-05 16:24:32 +01:00
|
|
|
create_options = g_new0(BlockdevCreateOptions, 1);
|
|
|
|
create_options->driver = BLOCKDEV_DRIVER_SSH;
|
|
|
|
ssh_opts = &create_options->u.ssh;
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
/* Get desired file size. */
|
2018-02-05 16:24:32 +01:00
|
|
|
ssh_opts->size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
|
|
|
|
BDRV_SECTOR_SIZE);
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_co_create_opts(ssh_opts->size);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
uri_options = qdict_new();
|
2018-02-05 16:24:32 +01:00
|
|
|
ret = parse_uri(filename, uri_options, errp);
|
|
|
|
if (ret < 0) {
|
2013-04-09 16:30:53 +02:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2018-02-05 16:24:32 +01:00
|
|
|
ssh_opts->location = ssh_parse_options(uri_options, errp);
|
|
|
|
if (ssh_opts->location == NULL) {
|
2018-02-05 15:28:14 +01:00
|
|
|
ret = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2018-02-05 16:24:32 +01:00
|
|
|
ret = ssh_co_create(create_options, errp);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
out:
|
2018-04-19 17:01:43 +02:00
|
|
|
qobject_unref(uri_options);
|
2018-02-05 16:24:32 +01:00
|
|
|
qapi_free_BlockdevCreateOptions(create_options);
|
2013-04-09 16:30:53 +02:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void ssh_close(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
|
|
|
|
ssh_state_free(s);
|
|
|
|
}
|
|
|
|
|
2013-06-25 19:15:18 +02:00
|
|
|
static int ssh_has_zero_init(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
/* Assume false, unless we can positively prove it's true. */
|
|
|
|
int has_zero_init = 0;
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (s->attrs->type == SSH_FILEXFER_TYPE_REGULAR) {
|
|
|
|
has_zero_init = 1;
|
2013-06-25 19:15:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return has_zero_init;
|
|
|
|
}
|
|
|
|
|
2017-06-29 15:27:49 +02:00
|
|
|
typedef struct BDRVSSHRestart {
|
|
|
|
BlockDriverState *bs;
|
|
|
|
Coroutine *co;
|
|
|
|
} BDRVSSHRestart;
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
static void restart_coroutine(void *opaque)
|
|
|
|
{
|
2017-06-29 15:27:49 +02:00
|
|
|
BDRVSSHRestart *restart = opaque;
|
|
|
|
BlockDriverState *bs = restart->bs;
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_restart_coroutine(restart->co);
|
2017-06-29 15:27:49 +02:00
|
|
|
aio_set_fd_handler(ctx, s->sock, false, NULL, NULL, NULL, NULL);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2017-06-29 15:27:49 +02:00
|
|
|
aio_co_wake(restart->co);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
2017-02-13 14:52:30 +01:00
|
|
|
/* A non-blocking call returned EAGAIN, so yield, ensuring the
|
|
|
|
* handlers are set up so that we'll be rescheduled when there is an
|
|
|
|
* interesting event on the socket.
|
|
|
|
*/
|
|
|
|
static coroutine_fn void co_yield(BDRVSSHState *s, BlockDriverState *bs)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
|
|
|
int r;
|
|
|
|
IOHandler *rd_handler = NULL, *wr_handler = NULL;
|
2017-06-29 15:27:49 +02:00
|
|
|
BDRVSSHRestart restart = {
|
|
|
|
.bs = bs,
|
|
|
|
.co = qemu_coroutine_self()
|
|
|
|
};
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
r = ssh_get_poll_flags(s->session);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (r & SSH_READ_PENDING) {
|
2013-04-09 16:30:53 +02:00
|
|
|
rd_handler = restart_coroutine;
|
|
|
|
}
|
2019-06-20 22:08:40 +02:00
|
|
|
if (r & SSH_WRITE_PENDING) {
|
2013-04-09 16:30:53 +02:00
|
|
|
wr_handler = restart_coroutine;
|
|
|
|
}
|
|
|
|
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_co_yield(s->sock, rd_handler, wr_handler);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2014-05-08 16:34:53 +02:00
|
|
|
aio_set_fd_handler(bdrv_get_aio_context(bs), s->sock,
|
2017-06-29 15:27:49 +02:00
|
|
|
false, rd_handler, wr_handler, NULL, &restart);
|
2013-04-09 16:30:53 +02:00
|
|
|
qemu_coroutine_yield();
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_co_yield_back(s->sock);
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
2014-05-08 16:34:53 +02:00
|
|
|
static coroutine_fn int ssh_read(BDRVSSHState *s, BlockDriverState *bs,
|
2013-04-09 16:30:53 +02:00
|
|
|
int64_t offset, size_t size,
|
|
|
|
QEMUIOVector *qiov)
|
|
|
|
{
|
|
|
|
ssize_t r;
|
|
|
|
size_t got;
|
|
|
|
char *buf, *end_of_vec;
|
|
|
|
struct iovec *i;
|
|
|
|
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_read(offset, size);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
trace_ssh_seek(offset);
|
|
|
|
sftp_seek64(s->sftp_handle, offset);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
/* This keeps track of the current iovec element ('i'), where we
|
|
|
|
* will write to next ('buf'), and the end of the current iovec
|
|
|
|
* ('end_of_vec').
|
|
|
|
*/
|
|
|
|
i = &qiov->iov[0];
|
|
|
|
buf = i->iov_base;
|
|
|
|
end_of_vec = i->iov_base + i->iov_len;
|
|
|
|
|
|
|
|
for (got = 0; got < size; ) {
|
2019-06-20 22:08:40 +02:00
|
|
|
size_t request_read_size;
|
2013-04-09 16:30:53 +02:00
|
|
|
again:
|
2019-06-20 22:08:40 +02:00
|
|
|
/*
|
|
|
|
* The size of SFTP packets is limited to 32K bytes, so limit
|
|
|
|
* the amount of data requested to 16K, as libssh currently
|
|
|
|
* does not handle multiple requests on its own.
|
|
|
|
*/
|
|
|
|
request_read_size = MIN(end_of_vec - buf, 16384);
|
|
|
|
trace_ssh_read_buf(buf, end_of_vec - buf, request_read_size);
|
|
|
|
r = sftp_read(s->sftp_handle, buf, request_read_size);
|
|
|
|
trace_ssh_read_return(r, sftp_get_error(s->sftp));
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (r == SSH_AGAIN) {
|
2014-05-08 16:34:53 +02:00
|
|
|
co_yield(s, bs);
|
2013-04-09 16:30:53 +02:00
|
|
|
goto again;
|
|
|
|
}
|
2019-06-20 22:08:40 +02:00
|
|
|
if (r == SSH_EOF || (r == 0 && sftp_get_error(s->sftp) == SSH_FX_EOF)) {
|
2013-04-09 16:30:53 +02:00
|
|
|
/* EOF: Short read so pad the buffer with zeroes and return it. */
|
|
|
|
qemu_iovec_memset(qiov, got, 0, size - got);
|
|
|
|
return 0;
|
|
|
|
}
|
2019-06-20 22:08:40 +02:00
|
|
|
if (r <= 0) {
|
|
|
|
sftp_error_trace(s, "read");
|
|
|
|
return -EIO;
|
|
|
|
}
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
got += r;
|
|
|
|
buf += r;
|
|
|
|
if (buf >= end_of_vec && got < size) {
|
|
|
|
i++;
|
|
|
|
buf = i->iov_base;
|
|
|
|
end_of_vec = i->iov_base + i->iov_len;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static coroutine_fn int ssh_co_readv(BlockDriverState *bs,
|
|
|
|
int64_t sector_num,
|
|
|
|
int nb_sectors, QEMUIOVector *qiov)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
qemu_co_mutex_lock(&s->lock);
|
2014-05-08 16:34:53 +02:00
|
|
|
ret = ssh_read(s, bs, sector_num * BDRV_SECTOR_SIZE,
|
2013-04-09 16:30:53 +02:00
|
|
|
nb_sectors * BDRV_SECTOR_SIZE, qiov);
|
|
|
|
qemu_co_mutex_unlock(&s->lock);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2014-05-08 16:34:53 +02:00
|
|
|
static int ssh_write(BDRVSSHState *s, BlockDriverState *bs,
|
2013-04-09 16:30:53 +02:00
|
|
|
int64_t offset, size_t size,
|
|
|
|
QEMUIOVector *qiov)
|
|
|
|
{
|
|
|
|
ssize_t r;
|
|
|
|
size_t written;
|
|
|
|
char *buf, *end_of_vec;
|
|
|
|
struct iovec *i;
|
|
|
|
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_write(offset, size);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
trace_ssh_seek(offset);
|
|
|
|
sftp_seek64(s->sftp_handle, offset);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
/* This keeps track of the current iovec element ('i'), where we
|
|
|
|
* will read from next ('buf'), and the end of the current iovec
|
|
|
|
* ('end_of_vec').
|
|
|
|
*/
|
|
|
|
i = &qiov->iov[0];
|
|
|
|
buf = i->iov_base;
|
|
|
|
end_of_vec = i->iov_base + i->iov_len;
|
|
|
|
|
|
|
|
for (written = 0; written < size; ) {
|
2019-06-20 22:08:40 +02:00
|
|
|
size_t request_write_size;
|
2013-04-09 16:30:53 +02:00
|
|
|
again:
|
2019-06-20 22:08:40 +02:00
|
|
|
/*
|
|
|
|
* Avoid too large data packets, as libssh currently does not
|
|
|
|
* handle multiple requests on its own.
|
|
|
|
*/
|
|
|
|
request_write_size = MIN(end_of_vec - buf, 131072);
|
|
|
|
trace_ssh_write_buf(buf, end_of_vec - buf, request_write_size);
|
|
|
|
r = sftp_write(s->sftp_handle, buf, request_write_size);
|
|
|
|
trace_ssh_write_return(r, sftp_get_error(s->sftp));
|
2013-04-09 16:30:53 +02:00
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (r == SSH_AGAIN) {
|
2014-05-08 16:34:53 +02:00
|
|
|
co_yield(s, bs);
|
2013-04-09 16:30:53 +02:00
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
if (r < 0) {
|
2019-04-17 21:06:28 +02:00
|
|
|
sftp_error_trace(s, "write");
|
2013-04-09 16:30:53 +02:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
|
|
|
written += r;
|
|
|
|
buf += r;
|
|
|
|
if (buf >= end_of_vec && written < size) {
|
|
|
|
i++;
|
|
|
|
buf = i->iov_base;
|
|
|
|
end_of_vec = i->iov_base + i->iov_len;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (offset + written > s->attrs->size) {
|
|
|
|
s->attrs->size = offset + written;
|
|
|
|
}
|
2013-04-09 16:30:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static coroutine_fn int ssh_co_writev(BlockDriverState *bs,
|
|
|
|
int64_t sector_num,
|
2018-04-25 00:01:57 +02:00
|
|
|
int nb_sectors, QEMUIOVector *qiov,
|
|
|
|
int flags)
|
2013-04-09 16:30:53 +02:00
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
int ret;
|
|
|
|
|
2018-04-25 00:01:57 +02:00
|
|
|
assert(!flags);
|
2013-04-09 16:30:53 +02:00
|
|
|
qemu_co_mutex_lock(&s->lock);
|
2014-05-08 16:34:53 +02:00
|
|
|
ret = ssh_write(s, bs, sector_num * BDRV_SECTOR_SIZE,
|
2013-04-09 16:30:53 +02:00
|
|
|
nb_sectors * BDRV_SECTOR_SIZE, qiov);
|
|
|
|
qemu_co_mutex_unlock(&s->lock);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-04-09 16:30:54 +02:00
|
|
|
static void unsafe_flush_warning(BDRVSSHState *s, const char *what)
|
|
|
|
{
|
|
|
|
if (!s->unsafe_flush_warning) {
|
2017-07-12 15:57:41 +02:00
|
|
|
warn_report("ssh server %s does not support fsync",
|
|
|
|
s->inet->host);
|
2013-04-09 16:30:54 +02:00
|
|
|
if (what) {
|
|
|
|
error_report("to support fsync, you need %s", what);
|
|
|
|
}
|
|
|
|
s->unsafe_flush_warning = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
#ifdef HAVE_LIBSSH_0_8
|
2013-04-09 16:30:54 +02:00
|
|
|
|
2014-05-08 16:34:53 +02:00
|
|
|
static coroutine_fn int ssh_flush(BDRVSSHState *s, BlockDriverState *bs)
|
2013-04-09 16:30:54 +02:00
|
|
|
{
|
|
|
|
int r;
|
|
|
|
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_flush();
|
2019-06-20 22:08:40 +02:00
|
|
|
|
|
|
|
if (!sftp_extension_supported(s->sftp, "fsync@openssh.com", "1")) {
|
|
|
|
unsafe_flush_warning(s, "OpenSSH >= 6.3");
|
|
|
|
return 0;
|
|
|
|
}
|
2013-04-09 16:30:54 +02:00
|
|
|
again:
|
2019-06-20 22:08:40 +02:00
|
|
|
r = sftp_fsync(s->sftp_handle);
|
|
|
|
if (r == SSH_AGAIN) {
|
2014-05-08 16:34:53 +02:00
|
|
|
co_yield(s, bs);
|
2013-04-09 16:30:54 +02:00
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
if (r < 0) {
|
2019-04-17 21:06:28 +02:00
|
|
|
sftp_error_trace(s, "fsync");
|
2013-04-09 16:30:54 +02:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static coroutine_fn int ssh_co_flush(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
qemu_co_mutex_lock(&s->lock);
|
2014-05-08 16:34:53 +02:00
|
|
|
ret = ssh_flush(s, bs);
|
2013-04-09 16:30:54 +02:00
|
|
|
qemu_co_mutex_unlock(&s->lock);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
#else /* !HAVE_LIBSSH_0_8 */
|
2013-04-09 16:30:54 +02:00
|
|
|
|
|
|
|
static coroutine_fn int ssh_co_flush(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
unsafe_flush_warning(s, "libssh >= 0.8.0");
|
2013-04-09 16:30:54 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
#endif /* !HAVE_LIBSSH_0_8 */
|
2013-04-09 16:30:54 +02:00
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
static int64_t ssh_getlength(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
int64_t length;
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
/* Note we cannot make a libssh call here. */
|
|
|
|
length = (int64_t) s->attrs->size;
|
2018-12-13 17:27:24 +01:00
|
|
|
trace_ssh_getlength(length);
|
2013-04-09 16:30:53 +02:00
|
|
|
|
|
|
|
return length;
|
|
|
|
}
|
|
|
|
|
block: Convert .bdrv_truncate callback to coroutine_fn
bdrv_truncate() is an operation that can block (even for a quite long
time, depending on the PreallocMode) in I/O paths that shouldn't block.
Convert it to a coroutine_fn so that we have the infrastructure for
drivers to make their .bdrv_co_truncate implementation asynchronous.
This change could potentially introduce new race conditions because
bdrv_truncate() isn't necessarily executed atomically any more. Whether
this is a problem needs to be evaluated for each block driver that
supports truncate:
* file-posix/win32, gluster, iscsi, nfs, rbd, ssh, sheepdog: The
protocol drivers are trivially safe because they don't actually yield
yet, so there is no change in behaviour.
* copy-on-read, crypto, raw-format: Essentially just filter drivers that
pass the request to a child node, no problem.
* qcow2: The implementation modifies metadata, so it needs to hold
s->lock to be safe with concurrent I/O requests. In order to avoid
double locking, this requires pulling the locking out into
preallocate_co() and using qcow2_write_caches() instead of
bdrv_flush().
* qed: Does a single header update, this is fine without locking.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-21 17:54:35 +02:00
|
|
|
static int coroutine_fn ssh_co_truncate(BlockDriverState *bs, int64_t offset,
|
2019-09-18 11:51:40 +02:00
|
|
|
bool exact, PreallocMode prealloc,
|
2020-04-24 14:54:39 +02:00
|
|
|
BdrvRequestFlags flags, Error **errp)
|
2018-02-14 21:49:15 +01:00
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
|
|
|
|
if (prealloc != PREALLOC_MODE_OFF) {
|
|
|
|
error_setg(errp, "Unsupported preallocation mode '%s'",
|
|
|
|
PreallocMode_str(prealloc));
|
|
|
|
return -ENOTSUP;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (offset < s->attrs->size) {
|
2018-02-14 21:49:15 +01:00
|
|
|
error_setg(errp, "ssh driver does not support shrinking files");
|
|
|
|
return -ENOTSUP;
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
if (offset == s->attrs->size) {
|
2018-02-14 21:49:15 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
return ssh_grow_file(s, offset, errp);
|
|
|
|
}
|
|
|
|
|
2019-02-25 20:08:27 +01:00
|
|
|
static void ssh_refresh_filename(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BDRVSSHState *s = bs->opaque;
|
|
|
|
const char *path, *host_key_check;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* None of these options can be represented in a plain "host:port"
|
|
|
|
* format, so if any was given, we have to abort.
|
|
|
|
*/
|
|
|
|
if (s->inet->has_ipv4 || s->inet->has_ipv6 || s->inet->has_to ||
|
|
|
|
s->inet->has_numeric)
|
|
|
|
{
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
path = qdict_get_try_str(bs->full_open_options, "path");
|
|
|
|
assert(path); /* mandatory option */
|
|
|
|
|
|
|
|
host_key_check = qdict_get_try_str(bs->full_open_options, "host_key_check");
|
|
|
|
|
|
|
|
ret = snprintf(bs->exact_filename, sizeof(bs->exact_filename),
|
|
|
|
"ssh://%s@%s:%s%s%s%s",
|
|
|
|
s->user, s->inet->host, s->inet->port, path,
|
|
|
|
host_key_check ? "?host_key_check=" : "",
|
|
|
|
host_key_check ?: "");
|
|
|
|
if (ret >= sizeof(bs->exact_filename)) {
|
|
|
|
/* An overflow makes the filename unusable, so do not report any */
|
|
|
|
bs->exact_filename[0] = '\0';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-02-25 20:08:28 +01:00
|
|
|
static char *ssh_bdrv_dirname(BlockDriverState *bs, Error **errp)
|
|
|
|
{
|
|
|
|
if (qdict_haskey(bs->full_open_options, "host_key_check")) {
|
|
|
|
/*
|
|
|
|
* We cannot generate a simple prefix if we would have to
|
|
|
|
* append a query string.
|
|
|
|
*/
|
|
|
|
error_setg(errp,
|
|
|
|
"Cannot generate a base directory with host_key_check set");
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (bs->exact_filename[0] == '\0') {
|
|
|
|
error_setg(errp, "Cannot generate a base directory for this ssh node");
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return path_combine(bs->exact_filename, "");
|
|
|
|
}
|
|
|
|
|
2019-02-01 20:29:25 +01:00
|
|
|
static const char *const ssh_strong_runtime_opts[] = {
|
|
|
|
"host",
|
|
|
|
"port",
|
|
|
|
"path",
|
|
|
|
"user",
|
|
|
|
"host_key_check",
|
|
|
|
"server.",
|
|
|
|
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
static BlockDriver bdrv_ssh = {
|
|
|
|
.format_name = "ssh",
|
|
|
|
.protocol_name = "ssh",
|
|
|
|
.instance_size = sizeof(BDRVSSHState),
|
|
|
|
.bdrv_parse_filename = ssh_parse_filename,
|
|
|
|
.bdrv_file_open = ssh_file_open,
|
2018-02-05 16:24:32 +01:00
|
|
|
.bdrv_co_create = ssh_co_create,
|
2018-01-18 13:43:45 +01:00
|
|
|
.bdrv_co_create_opts = ssh_co_create_opts,
|
2013-04-09 16:30:53 +02:00
|
|
|
.bdrv_close = ssh_close,
|
2013-06-25 19:15:18 +02:00
|
|
|
.bdrv_has_zero_init = ssh_has_zero_init,
|
2019-07-24 19:12:32 +02:00
|
|
|
.bdrv_has_zero_init_truncate = ssh_has_zero_init,
|
2013-04-09 16:30:53 +02:00
|
|
|
.bdrv_co_readv = ssh_co_readv,
|
|
|
|
.bdrv_co_writev = ssh_co_writev,
|
|
|
|
.bdrv_getlength = ssh_getlength,
|
block: Convert .bdrv_truncate callback to coroutine_fn
bdrv_truncate() is an operation that can block (even for a quite long
time, depending on the PreallocMode) in I/O paths that shouldn't block.
Convert it to a coroutine_fn so that we have the infrastructure for
drivers to make their .bdrv_co_truncate implementation asynchronous.
This change could potentially introduce new race conditions because
bdrv_truncate() isn't necessarily executed atomically any more. Whether
this is a problem needs to be evaluated for each block driver that
supports truncate:
* file-posix/win32, gluster, iscsi, nfs, rbd, ssh, sheepdog: The
protocol drivers are trivially safe because they don't actually yield
yet, so there is no change in behaviour.
* copy-on-read, crypto, raw-format: Essentially just filter drivers that
pass the request to a child node, no problem.
* qcow2: The implementation modifies metadata, so it needs to hold
s->lock to be safe with concurrent I/O requests. In order to avoid
double locking, this requires pulling the locking out into
preallocate_co() and using qcow2_write_caches() instead of
bdrv_flush().
* qed: Does a single header update, this is fine without locking.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-21 17:54:35 +02:00
|
|
|
.bdrv_co_truncate = ssh_co_truncate,
|
2013-04-09 16:30:54 +02:00
|
|
|
.bdrv_co_flush_to_disk = ssh_co_flush,
|
2019-02-25 20:08:27 +01:00
|
|
|
.bdrv_refresh_filename = ssh_refresh_filename,
|
2019-02-25 20:08:28 +01:00
|
|
|
.bdrv_dirname = ssh_bdrv_dirname,
|
2014-06-05 11:21:06 +02:00
|
|
|
.create_opts = &ssh_create_opts,
|
2019-02-01 20:29:25 +01:00
|
|
|
.strong_runtime_opts = ssh_strong_runtime_opts,
|
2013-04-09 16:30:53 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
static void bdrv_ssh_init(void)
|
|
|
|
{
|
|
|
|
int r;
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
r = ssh_init();
|
2013-04-09 16:30:53 +02:00
|
|
|
if (r != 0) {
|
2019-06-20 22:08:40 +02:00
|
|
|
fprintf(stderr, "libssh initialization failed, %d\n", r);
|
2013-04-09 16:30:53 +02:00
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
|
|
|
|
2019-06-20 22:08:40 +02:00
|
|
|
#if TRACE_LIBSSH != 0
|
|
|
|
ssh_set_log_level(TRACE_LIBSSH);
|
|
|
|
#endif
|
|
|
|
|
2013-04-09 16:30:53 +02:00
|
|
|
bdrv_register(&bdrv_ssh);
|
|
|
|
}
|
|
|
|
|
|
|
|
block_init(bdrv_ssh_init);
|