2008-07-03 15:41:03 +02:00
|
|
|
/*
|
2008-05-27 23:13:40 +02:00
|
|
|
* Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws>
|
|
|
|
*
|
2016-01-14 09:41:02 +01:00
|
|
|
* Network Block Device Server Side
|
2008-05-27 23:13:40 +02:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation; under version 2 of the License.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2009-07-16 22:47:01 +02:00
|
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
2008-07-03 15:41:03 +02:00
|
|
|
*/
|
2008-05-27 23:13:40 +02:00
|
|
|
|
2016-01-29 18:50:05 +01:00
|
|
|
#include "qemu/osdep.h"
|
include/qemu/osdep.h: Don't include qapi/error.h
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the
Error typedef. Since then, we've moved to include qemu/osdep.h
everywhere. Its file comment explains: "To avoid getting into
possible circular include dependencies, this file should not include
any other QEMU headers, with the exceptions of config-host.h,
compiler.h, os-posix.h and os-win32.h, all of which are doing a
similar job to this file and are under similar constraints."
qapi/error.h doesn't do a similar job, and it doesn't adhere to
similar constraints: it includes qapi-types.h. That's in excess of
100KiB of crap most .c files don't actually need.
Add the typedef to qemu/typedefs.h, and include that instead of
qapi/error.h. Include qapi/error.h in .c files that need it and don't
get it now. Include qapi-types.h in qom/object.h for uint16List.
Update scripts/clean-includes accordingly. Update it further to match
reality: replace config.h by config-target.h, add sysemu/os-posix.h,
sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h
comment quoted above similarly.
This reduces the number of objects depending on qapi/error.h from "all
of them" to less than a third. Unfortunately, the number depending on
qapi-types.h shrinks only a little. More work is needed for that one.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
[Fix compilation without the spice devel packages. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-14 09:01:28 +01:00
|
|
|
#include "qapi/error.h"
|
2016-01-14 09:41:02 +01:00
|
|
|
#include "nbd-internal.h"
|
qemu-nbd: only send a limited number of errno codes on the wire
Right now, NBD includes potentially platform-specific error values in
the wire protocol.
Luckily, most common error values are more or less universal: in
particular, of all errno values <= 34 (up to ERANGE), they are all the
same on supported platforms except for 11 (which is EAGAIN on Windows and
Linux, but EDEADLK on Darwin and the *BSDs). So, in order to guarantee
some portability, only keep a handful of possible error codes and squash
everything else to EINVAL.
This patch defines a limited set of errno values that are valid for the
NBD protocol, and specifies recommendations for what error to return
in specific corner cases. The set of errno values is roughly based on
the errors listed in the read(2) and write(2) man pages, with some
exceptions:
- ENOMEM is added for servers that implement copy-on-write or other
formats that require dynamic allocation.
- EDQUOT is not part of the universal set of errors; it can be changed
to ENOSPC on the wire format.
- EFBIG is part of the universal set of errors, but it is also changed
to ENOSPC because it is pretty similar to ENOSPC or EDQUOT.
Incoming values will in general match system errno values, but not
on the Hurd which has different errno values (they have a "subsystem
code" equal to 0x10 in bits 24-31). The Hurd is probably not something
to which QEMU has been ported, but still do the right thing and
reverse-map the NBD errno values to the system errno values.
The corresponding patch to the NBD protocol description can be found at
http://article.gmane.org/gmane.linux.drivers.nbd.general/3154.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-05-07 17:25:10 +02:00
|
|
|
|
|
|
|
static int system_errno_to_nbd_errno(int err)
|
|
|
|
{
|
|
|
|
switch (err) {
|
|
|
|
case 0:
|
|
|
|
return NBD_SUCCESS;
|
|
|
|
case EPERM:
|
2016-04-06 05:35:02 +02:00
|
|
|
case EROFS:
|
qemu-nbd: only send a limited number of errno codes on the wire
Right now, NBD includes potentially platform-specific error values in
the wire protocol.
Luckily, most common error values are more or less universal: in
particular, of all errno values <= 34 (up to ERANGE), they are all the
same on supported platforms except for 11 (which is EAGAIN on Windows and
Linux, but EDEADLK on Darwin and the *BSDs). So, in order to guarantee
some portability, only keep a handful of possible error codes and squash
everything else to EINVAL.
This patch defines a limited set of errno values that are valid for the
NBD protocol, and specifies recommendations for what error to return
in specific corner cases. The set of errno values is roughly based on
the errors listed in the read(2) and write(2) man pages, with some
exceptions:
- ENOMEM is added for servers that implement copy-on-write or other
formats that require dynamic allocation.
- EDQUOT is not part of the universal set of errors; it can be changed
to ENOSPC on the wire format.
- EFBIG is part of the universal set of errors, but it is also changed
to ENOSPC because it is pretty similar to ENOSPC or EDQUOT.
Incoming values will in general match system errno values, but not
on the Hurd which has different errno values (they have a "subsystem
code" equal to 0x10 in bits 24-31). The Hurd is probably not something
to which QEMU has been ported, but still do the right thing and
reverse-map the NBD errno values to the system errno values.
The corresponding patch to the NBD protocol description can be found at
http://article.gmane.org/gmane.linux.drivers.nbd.general/3154.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-05-07 17:25:10 +02:00
|
|
|
return NBD_EPERM;
|
|
|
|
case EIO:
|
|
|
|
return NBD_EIO;
|
|
|
|
case ENOMEM:
|
|
|
|
return NBD_ENOMEM;
|
|
|
|
#ifdef EDQUOT
|
|
|
|
case EDQUOT:
|
|
|
|
#endif
|
|
|
|
case EFBIG:
|
|
|
|
case ENOSPC:
|
|
|
|
return NBD_ENOSPC;
|
|
|
|
case EINVAL:
|
|
|
|
default:
|
|
|
|
return NBD_EINVAL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-08-22 15:30:31 +02:00
|
|
|
/* Definitions for opaque data types */
|
|
|
|
|
|
|
|
typedef struct NBDRequest NBDRequest;
|
|
|
|
|
|
|
|
struct NBDRequest {
|
|
|
|
QSIMPLEQ_ENTRY(NBDRequest) entry;
|
|
|
|
NBDClient *client;
|
|
|
|
uint8_t *data;
|
2016-05-12 00:39:37 +02:00
|
|
|
bool complete;
|
2012-08-22 15:30:31 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
struct NBDExport {
|
2012-09-18 13:26:25 +02:00
|
|
|
int refcount;
|
2012-09-18 13:59:03 +02:00
|
|
|
void (*close)(NBDExport *exp);
|
|
|
|
|
2014-11-18 12:21:18 +01:00
|
|
|
BlockBackend *blk;
|
2012-08-22 15:59:23 +02:00
|
|
|
char *name;
|
2012-08-22 15:30:31 +02:00
|
|
|
off_t dev_offset;
|
|
|
|
off_t size;
|
|
|
|
uint32_t nbdflags;
|
2012-09-18 13:58:25 +02:00
|
|
|
QTAILQ_HEAD(, NBDClient) clients;
|
2012-08-22 15:59:23 +02:00
|
|
|
QTAILQ_ENTRY(NBDExport) next;
|
2014-06-20 21:57:32 +02:00
|
|
|
|
|
|
|
AioContext *ctx;
|
2016-01-29 16:36:06 +01:00
|
|
|
|
|
|
|
Notifier eject_notifier;
|
2012-08-22 15:30:31 +02:00
|
|
|
};
|
|
|
|
|
2012-08-22 15:59:23 +02:00
|
|
|
static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports);
|
|
|
|
|
2012-08-22 15:30:31 +02:00
|
|
|
struct NBDClient {
|
|
|
|
int refcount;
|
|
|
|
void (*close)(NBDClient *client);
|
|
|
|
|
|
|
|
NBDExport *exp;
|
2016-02-10 19:41:11 +01:00
|
|
|
QCryptoTLSCreds *tlscreds;
|
|
|
|
char *tlsaclname;
|
2016-02-10 19:41:04 +01:00
|
|
|
QIOChannelSocket *sioc; /* The underlying data channel */
|
|
|
|
QIOChannel *ioc; /* The current I/O channel which may differ (eg TLS) */
|
2012-08-22 15:30:31 +02:00
|
|
|
|
|
|
|
Coroutine *recv_coroutine;
|
|
|
|
|
|
|
|
CoMutex send_lock;
|
|
|
|
Coroutine *send_coroutine;
|
|
|
|
|
2014-06-20 21:57:32 +02:00
|
|
|
bool can_read;
|
|
|
|
|
2012-09-18 13:58:25 +02:00
|
|
|
QTAILQ_ENTRY(NBDClient) next;
|
2012-08-22 15:30:31 +02:00
|
|
|
int nb_requests;
|
2012-08-22 18:45:12 +02:00
|
|
|
bool closing;
|
2012-08-22 15:30:31 +02:00
|
|
|
};
|
|
|
|
|
2008-05-27 23:13:40 +02:00
|
|
|
/* That's all folks */
|
|
|
|
|
2014-06-20 21:57:32 +02:00
|
|
|
static void nbd_set_handlers(NBDClient *client);
|
|
|
|
static void nbd_unset_handlers(NBDClient *client);
|
|
|
|
static void nbd_update_can_read(NBDClient *client);
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static gboolean nbd_negotiate_continue(QIOChannel *ioc,
|
|
|
|
GIOCondition condition,
|
|
|
|
void *opaque)
|
2016-01-14 09:41:03 +01:00
|
|
|
{
|
|
|
|
qemu_coroutine_enter(opaque, NULL);
|
2016-02-10 19:41:04 +01:00
|
|
|
return TRUE;
|
2016-01-14 09:41:03 +01:00
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static ssize_t nbd_negotiate_read(QIOChannel *ioc, void *buffer, size_t size)
|
2016-01-14 09:41:03 +01:00
|
|
|
{
|
|
|
|
ssize_t ret;
|
2016-02-10 19:41:04 +01:00
|
|
|
guint watch;
|
2016-01-14 09:41:03 +01:00
|
|
|
|
|
|
|
assert(qemu_in_coroutine());
|
|
|
|
/* Negotiation are always in main loop. */
|
2016-02-10 19:41:04 +01:00
|
|
|
watch = qio_channel_add_watch(ioc,
|
|
|
|
G_IO_IN,
|
|
|
|
nbd_negotiate_continue,
|
|
|
|
qemu_coroutine_self(),
|
|
|
|
NULL);
|
|
|
|
ret = read_sync(ioc, buffer, size);
|
|
|
|
g_source_remove(watch);
|
2016-01-14 09:41:03 +01:00
|
|
|
return ret;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static ssize_t nbd_negotiate_write(QIOChannel *ioc, void *buffer, size_t size)
|
2016-01-14 09:41:03 +01:00
|
|
|
{
|
|
|
|
ssize_t ret;
|
2016-02-10 19:41:04 +01:00
|
|
|
guint watch;
|
2016-01-14 09:41:03 +01:00
|
|
|
|
|
|
|
assert(qemu_in_coroutine());
|
|
|
|
/* Negotiation are always in main loop. */
|
2016-02-10 19:41:04 +01:00
|
|
|
watch = qio_channel_add_watch(ioc,
|
|
|
|
G_IO_OUT,
|
|
|
|
nbd_negotiate_continue,
|
|
|
|
qemu_coroutine_self(),
|
|
|
|
NULL);
|
|
|
|
ret = write_sync(ioc, buffer, size);
|
|
|
|
g_source_remove(watch);
|
2016-01-14 09:41:03 +01:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static ssize_t nbd_negotiate_drop_sync(QIOChannel *ioc, size_t size)
|
2015-02-25 19:08:34 +01:00
|
|
|
{
|
|
|
|
ssize_t ret, dropped = size;
|
|
|
|
uint8_t *buffer = g_malloc(MIN(65536, size));
|
|
|
|
|
|
|
|
while (size > 0) {
|
2016-02-10 19:41:04 +01:00
|
|
|
ret = nbd_negotiate_read(ioc, buffer, MIN(65536, size));
|
2015-02-25 19:08:34 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
g_free(buffer);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
assert(ret <= size);
|
|
|
|
size -= ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
g_free(buffer);
|
|
|
|
return dropped;
|
|
|
|
}
|
|
|
|
|
2012-08-23 14:57:11 +02:00
|
|
|
/* Basic flow for negotiation
|
2008-05-27 23:13:40 +02:00
|
|
|
|
|
|
|
Server Client
|
|
|
|
Negotiate
|
2012-08-23 14:57:11 +02:00
|
|
|
|
|
|
|
or
|
|
|
|
|
|
|
|
Server Client
|
|
|
|
Negotiate #1
|
|
|
|
Option
|
|
|
|
Negotiate #2
|
|
|
|
|
|
|
|
----
|
|
|
|
|
|
|
|
followed by
|
|
|
|
|
|
|
|
Server Client
|
2008-05-27 23:13:40 +02:00
|
|
|
Request
|
|
|
|
Response
|
|
|
|
Request
|
|
|
|
Response
|
|
|
|
...
|
|
|
|
...
|
|
|
|
Request (type == 2)
|
2012-08-23 14:57:11 +02:00
|
|
|
|
2008-05-27 23:13:40 +02:00
|
|
|
*/
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static int nbd_negotiate_send_rep(QIOChannel *ioc, uint32_t type, uint32_t opt)
|
2012-08-23 14:57:11 +02:00
|
|
|
{
|
|
|
|
uint64_t magic;
|
2014-06-07 02:32:31 +02:00
|
|
|
uint32_t len;
|
2012-08-23 14:57:11 +02:00
|
|
|
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Reply opt=%" PRIx32 " type=%" PRIx32, type, opt);
|
2016-02-10 19:41:11 +01:00
|
|
|
|
2014-06-07 02:32:31 +02:00
|
|
|
magic = cpu_to_be64(NBD_REP_MAGIC);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("write failed (rep magic)");
|
|
|
|
return -EINVAL;
|
2012-08-23 14:57:11 +02:00
|
|
|
}
|
2014-06-07 02:32:31 +02:00
|
|
|
opt = cpu_to_be32(opt);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &opt, sizeof(opt)) != sizeof(opt)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("write failed (rep opt)");
|
|
|
|
return -EINVAL;
|
2012-08-23 14:57:11 +02:00
|
|
|
}
|
2014-06-07 02:32:31 +02:00
|
|
|
type = cpu_to_be32(type);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &type, sizeof(type)) != sizeof(type)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("write failed (rep type)");
|
|
|
|
return -EINVAL;
|
2012-08-23 14:57:11 +02:00
|
|
|
}
|
2014-06-07 02:32:31 +02:00
|
|
|
len = cpu_to_be32(0);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("write failed (rep data length)");
|
|
|
|
return -EINVAL;
|
2012-08-23 14:57:11 +02:00
|
|
|
}
|
2014-06-07 02:32:31 +02:00
|
|
|
return 0;
|
|
|
|
}
|
2012-08-23 14:57:11 +02:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static int nbd_negotiate_send_rep_list(QIOChannel *ioc, NBDExport *exp)
|
2014-06-07 02:32:32 +02:00
|
|
|
{
|
|
|
|
uint64_t magic, name_len;
|
|
|
|
uint32_t opt, type, len;
|
|
|
|
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Advertising export name '%s'", exp->name ? exp->name : "");
|
2014-06-07 02:32:32 +02:00
|
|
|
name_len = strlen(exp->name);
|
|
|
|
magic = cpu_to_be64(NBD_REP_MAGIC);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) {
|
2014-06-07 02:32:32 +02:00
|
|
|
LOG("write failed (magic)");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
opt = cpu_to_be32(NBD_OPT_LIST);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &opt, sizeof(opt)) != sizeof(opt)) {
|
2014-06-07 02:32:32 +02:00
|
|
|
LOG("write failed (opt)");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
type = cpu_to_be32(NBD_REP_SERVER);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &type, sizeof(type)) != sizeof(type)) {
|
2014-06-07 02:32:32 +02:00
|
|
|
LOG("write failed (reply type)");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
len = cpu_to_be32(name_len + sizeof(len));
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) {
|
2014-06-07 02:32:32 +02:00
|
|
|
LOG("write failed (length)");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
len = cpu_to_be32(name_len);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) {
|
2014-06-07 02:32:32 +02:00
|
|
|
LOG("write failed (length)");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(ioc, exp->name, name_len) != name_len) {
|
2014-06-07 02:32:32 +02:00
|
|
|
LOG("write failed (buffer)");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-01-14 09:41:03 +01:00
|
|
|
static int nbd_negotiate_handle_list(NBDClient *client, uint32_t length)
|
2014-06-07 02:32:32 +02:00
|
|
|
{
|
|
|
|
NBDExport *exp;
|
|
|
|
|
|
|
|
if (length) {
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
|
2015-02-25 19:08:34 +01:00
|
|
|
return -EIO;
|
|
|
|
}
|
2016-02-10 19:41:04 +01:00
|
|
|
return nbd_negotiate_send_rep(client->ioc,
|
|
|
|
NBD_REP_ERR_INVALID, NBD_OPT_LIST);
|
2014-06-07 02:32:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/* For each export, send a NBD_REP_SERVER reply. */
|
|
|
|
QTAILQ_FOREACH(exp, &exports, next) {
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_send_rep_list(client->ioc, exp)) {
|
2014-06-07 02:32:32 +02:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* Finish with a NBD_REP_ACK. */
|
2016-02-10 19:41:04 +01:00
|
|
|
return nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, NBD_OPT_LIST);
|
2014-06-07 02:32:32 +02:00
|
|
|
}
|
|
|
|
|
2016-01-14 09:41:03 +01:00
|
|
|
static int nbd_negotiate_handle_export_name(NBDClient *client, uint32_t length)
|
2014-06-07 02:32:31 +02:00
|
|
|
{
|
2016-02-10 19:41:04 +01:00
|
|
|
int rc = -EINVAL;
|
2016-05-12 00:39:44 +02:00
|
|
|
char name[NBD_MAX_NAME_SIZE + 1];
|
2012-08-23 14:57:11 +02:00
|
|
|
|
2014-06-07 02:32:31 +02:00
|
|
|
/* Client sends:
|
|
|
|
[20 .. xx] export name (length bytes)
|
|
|
|
*/
|
2012-08-23 14:57:11 +02:00
|
|
|
TRACE("Checking length");
|
2016-05-12 00:39:44 +02:00
|
|
|
if (length >= sizeof(name)) {
|
2012-08-23 14:57:11 +02:00
|
|
|
LOG("Bad length received");
|
|
|
|
goto fail;
|
|
|
|
}
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_read(client->ioc, name, length) != length) {
|
2012-08-23 14:57:11 +02:00
|
|
|
LOG("read failed");
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
name[length] = '\0';
|
|
|
|
|
2016-02-10 19:41:09 +01:00
|
|
|
TRACE("Client requested export '%s'", name);
|
|
|
|
|
2012-08-23 14:57:11 +02:00
|
|
|
client->exp = nbd_export_find(name);
|
|
|
|
if (!client->exp) {
|
|
|
|
LOG("export not found");
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
QTAILQ_INSERT_TAIL(&client->exp->clients, client, next);
|
|
|
|
nbd_export_get(client->exp);
|
|
|
|
rc = 0;
|
|
|
|
fail:
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:11 +01:00
|
|
|
|
|
|
|
static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
|
|
|
|
uint32_t length)
|
|
|
|
{
|
|
|
|
QIOChannel *ioc;
|
|
|
|
QIOChannelTLS *tioc;
|
|
|
|
struct NBDTLSHandshakeData data = { 0 };
|
|
|
|
|
|
|
|
TRACE("Setting up TLS");
|
|
|
|
ioc = client->ioc;
|
|
|
|
if (length) {
|
|
|
|
if (nbd_negotiate_drop_sync(ioc, length) != length) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
nbd_negotiate_send_rep(ioc, NBD_REP_ERR_INVALID, NBD_OPT_STARTTLS);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2016-05-12 00:39:36 +02:00
|
|
|
if (nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK,
|
|
|
|
NBD_OPT_STARTTLS) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
2016-02-10 19:41:11 +01:00
|
|
|
|
|
|
|
tioc = qio_channel_tls_new_server(ioc,
|
|
|
|
client->tlscreds,
|
|
|
|
client->tlsaclname,
|
|
|
|
NULL);
|
|
|
|
if (!tioc) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
TRACE("Starting TLS handshake");
|
|
|
|
data.loop = g_main_loop_new(g_main_context_default(), FALSE);
|
|
|
|
qio_channel_tls_handshake(tioc,
|
|
|
|
nbd_tls_handshake,
|
|
|
|
&data,
|
|
|
|
NULL);
|
|
|
|
|
|
|
|
if (!data.complete) {
|
|
|
|
g_main_loop_run(data.loop);
|
|
|
|
}
|
|
|
|
g_main_loop_unref(data.loop);
|
|
|
|
if (data.error) {
|
|
|
|
object_unref(OBJECT(tioc));
|
|
|
|
error_free(data.error);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return QIO_CHANNEL(tioc);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2016-01-14 09:41:03 +01:00
|
|
|
static int nbd_negotiate_options(NBDClient *client)
|
2014-06-07 02:32:31 +02:00
|
|
|
{
|
2015-02-25 19:08:31 +01:00
|
|
|
uint32_t flags;
|
2016-02-10 19:41:06 +01:00
|
|
|
bool fixedNewstyle = false;
|
2015-02-25 19:08:31 +01:00
|
|
|
|
|
|
|
/* Client sends:
|
|
|
|
[ 0 .. 3] client flags
|
|
|
|
|
|
|
|
[ 0 .. 7] NBD_OPTS_MAGIC
|
|
|
|
[ 8 .. 11] NBD option
|
|
|
|
[12 .. 15] Data length
|
|
|
|
... Rest of request
|
|
|
|
|
|
|
|
[ 0 .. 7] NBD_OPTS_MAGIC
|
|
|
|
[ 8 .. 11] Second NBD option
|
|
|
|
[12 .. 15] Data length
|
|
|
|
... Rest of request
|
|
|
|
*/
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_read(client->ioc, &flags, sizeof(flags)) !=
|
|
|
|
sizeof(flags)) {
|
2015-02-25 19:08:31 +01:00
|
|
|
LOG("read failed");
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
TRACE("Checking client flags");
|
|
|
|
be32_to_cpus(&flags);
|
2016-02-10 19:41:06 +01:00
|
|
|
if (flags & NBD_FLAG_C_FIXED_NEWSTYLE) {
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Client supports fixed newstyle handshake");
|
2016-02-10 19:41:06 +01:00
|
|
|
fixedNewstyle = true;
|
|
|
|
flags &= ~NBD_FLAG_C_FIXED_NEWSTYLE;
|
|
|
|
}
|
|
|
|
if (flags != 0) {
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Unknown client flags 0x%" PRIx32 " received", flags);
|
2015-02-25 19:08:31 +01:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2014-06-07 02:32:31 +02:00
|
|
|
while (1) {
|
2015-02-25 19:08:31 +01:00
|
|
|
int ret;
|
2016-02-10 19:41:06 +01:00
|
|
|
uint32_t clientflags, length;
|
2014-06-07 02:32:31 +02:00
|
|
|
uint64_t magic;
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_read(client->ioc, &magic, sizeof(magic)) !=
|
|
|
|
sizeof(magic)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("read failed");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
TRACE("Checking opts magic");
|
|
|
|
if (magic != be64_to_cpu(NBD_OPTS_MAGIC)) {
|
|
|
|
LOG("Bad magic received");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:06 +01:00
|
|
|
if (nbd_negotiate_read(client->ioc, &clientflags,
|
|
|
|
sizeof(clientflags)) != sizeof(clientflags)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("read failed");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
2016-02-10 19:41:06 +01:00
|
|
|
clientflags = be32_to_cpu(clientflags);
|
2014-06-07 02:32:31 +02:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_read(client->ioc, &length, sizeof(length)) !=
|
|
|
|
sizeof(length)) {
|
2014-06-07 02:32:31 +02:00
|
|
|
LOG("read failed");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
length = be32_to_cpu(length);
|
|
|
|
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Checking option 0x%" PRIx32, clientflags);
|
2016-02-10 19:41:11 +01:00
|
|
|
if (client->tlscreds &&
|
|
|
|
client->ioc == (QIOChannel *)client->sioc) {
|
|
|
|
QIOChannel *tioc;
|
|
|
|
if (!fixedNewstyle) {
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Unsupported option 0x%" PRIx32, clientflags);
|
2016-02-10 19:41:11 +01:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
switch (clientflags) {
|
|
|
|
case NBD_OPT_STARTTLS:
|
|
|
|
tioc = nbd_negotiate_handle_starttls(client, length);
|
|
|
|
if (!tioc) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
object_unref(OBJECT(client->ioc));
|
|
|
|
client->ioc = QIO_CHANNEL(tioc);
|
|
|
|
break;
|
|
|
|
|
nbd: Don't kill server on client that doesn't request TLS
Upstream NBD documents (as of commit 4feebc95) that servers MAY
choose to operate in a conditional mode, where it is up to the
client whether to use TLS. For qemu's case, we want to always be
in FORCEDTLS mode, because of the risk of man-in-the-middle
attacks, and since we never export more than one device; likewise,
the qemu client will ALWAYS send NBD_OPT_STARTTLS as its first
option. But now that SELECTIVETLS servers exist, it is feasible
to encounter a (non-qemu) client that is programmed to talk to
such a server, and does not do NBD_OPT_STARTTLS first, but rather
wants to probe if it can use a non-encrypted export.
The NBD protocol documents that we should let such a client
continue trying, on the grounds that maybe the client will get the
hint to send NBD_OPT_STARTTLS, rather than immediately dropping
the connection.
Note that NBD_OPT_EXPORT_NAME is a special case: since it is the
only option request that can't have an error return, we have to
(continue to) drop the connection on that one; rather, what we are
fixing here is that all other replies prior to TLS initiation tell
the client NBD_REP_ERR_TLS_REQD, but keep the connection alive.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 1460671343-18485-1-git-send-email-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-04-15 00:02:23 +02:00
|
|
|
case NBD_OPT_EXPORT_NAME:
|
|
|
|
/* No way to return an error to client, so drop connection */
|
|
|
|
TRACE("Option 0x%x not permitted before TLS", clientflags);
|
|
|
|
return -EINVAL;
|
|
|
|
|
2016-02-10 19:41:11 +01:00
|
|
|
default:
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Option 0x%" PRIx32 " not permitted before TLS",
|
|
|
|
clientflags);
|
nbd: Don't kill server on client that doesn't request TLS
Upstream NBD documents (as of commit 4feebc95) that servers MAY
choose to operate in a conditional mode, where it is up to the
client whether to use TLS. For qemu's case, we want to always be
in FORCEDTLS mode, because of the risk of man-in-the-middle
attacks, and since we never export more than one device; likewise,
the qemu client will ALWAYS send NBD_OPT_STARTTLS as its first
option. But now that SELECTIVETLS servers exist, it is feasible
to encounter a (non-qemu) client that is programmed to talk to
such a server, and does not do NBD_OPT_STARTTLS first, but rather
wants to probe if it can use a non-encrypted export.
The NBD protocol documents that we should let such a client
continue trying, on the grounds that maybe the client will get the
hint to send NBD_OPT_STARTTLS, rather than immediately dropping
the connection.
Note that NBD_OPT_EXPORT_NAME is a special case: since it is the
only option request that can't have an error return, we have to
(continue to) drop the connection on that one; rather, what we are
fixing here is that all other replies prior to TLS initiation tell
the client NBD_REP_ERR_TLS_REQD, but keep the connection alive.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 1460671343-18485-1-git-send-email-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-04-15 00:02:23 +02:00
|
|
|
if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
2016-05-12 00:39:36 +02:00
|
|
|
ret = nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_TLS_REQD,
|
|
|
|
clientflags);
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
nbd: Don't kill server on client that doesn't request TLS
Upstream NBD documents (as of commit 4feebc95) that servers MAY
choose to operate in a conditional mode, where it is up to the
client whether to use TLS. For qemu's case, we want to always be
in FORCEDTLS mode, because of the risk of man-in-the-middle
attacks, and since we never export more than one device; likewise,
the qemu client will ALWAYS send NBD_OPT_STARTTLS as its first
option. But now that SELECTIVETLS servers exist, it is feasible
to encounter a (non-qemu) client that is programmed to talk to
such a server, and does not do NBD_OPT_STARTTLS first, but rather
wants to probe if it can use a non-encrypted export.
The NBD protocol documents that we should let such a client
continue trying, on the grounds that maybe the client will get the
hint to send NBD_OPT_STARTTLS, rather than immediately dropping
the connection.
Note that NBD_OPT_EXPORT_NAME is a special case: since it is the
only option request that can't have an error return, we have to
(continue to) drop the connection on that one; rather, what we are
fixing here is that all other replies prior to TLS initiation tell
the client NBD_REP_ERR_TLS_REQD, but keep the connection alive.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 1460671343-18485-1-git-send-email-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-04-15 00:02:23 +02:00
|
|
|
break;
|
2016-02-10 19:41:11 +01:00
|
|
|
}
|
|
|
|
} else if (fixedNewstyle) {
|
2016-02-10 19:41:06 +01:00
|
|
|
switch (clientflags) {
|
|
|
|
case NBD_OPT_LIST:
|
|
|
|
ret = nbd_negotiate_handle_list(client, length);
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case NBD_OPT_ABORT:
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
case NBD_OPT_EXPORT_NAME:
|
|
|
|
return nbd_negotiate_handle_export_name(client, length);
|
|
|
|
|
2016-02-10 19:41:11 +01:00
|
|
|
case NBD_OPT_STARTTLS:
|
nbd: Don't kill server on client that doesn't request TLS
Upstream NBD documents (as of commit 4feebc95) that servers MAY
choose to operate in a conditional mode, where it is up to the
client whether to use TLS. For qemu's case, we want to always be
in FORCEDTLS mode, because of the risk of man-in-the-middle
attacks, and since we never export more than one device; likewise,
the qemu client will ALWAYS send NBD_OPT_STARTTLS as its first
option. But now that SELECTIVETLS servers exist, it is feasible
to encounter a (non-qemu) client that is programmed to talk to
such a server, and does not do NBD_OPT_STARTTLS first, but rather
wants to probe if it can use a non-encrypted export.
The NBD protocol documents that we should let such a client
continue trying, on the grounds that maybe the client will get the
hint to send NBD_OPT_STARTTLS, rather than immediately dropping
the connection.
Note that NBD_OPT_EXPORT_NAME is a special case: since it is the
only option request that can't have an error return, we have to
(continue to) drop the connection on that one; rather, what we are
fixing here is that all other replies prior to TLS initiation tell
the client NBD_REP_ERR_TLS_REQD, but keep the connection alive.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 1460671343-18485-1-git-send-email-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-04-15 00:02:23 +02:00
|
|
|
if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
2016-02-10 19:41:11 +01:00
|
|
|
if (client->tlscreds) {
|
|
|
|
TRACE("TLS already enabled");
|
2016-05-12 00:39:36 +02:00
|
|
|
ret = nbd_negotiate_send_rep(client->ioc,
|
|
|
|
NBD_REP_ERR_INVALID,
|
|
|
|
clientflags);
|
2016-02-10 19:41:11 +01:00
|
|
|
} else {
|
|
|
|
TRACE("TLS not configured");
|
2016-05-12 00:39:36 +02:00
|
|
|
ret = nbd_negotiate_send_rep(client->ioc,
|
|
|
|
NBD_REP_ERR_POLICY,
|
|
|
|
clientflags);
|
|
|
|
}
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
2016-02-10 19:41:11 +01:00
|
|
|
}
|
nbd: Don't kill server on client that doesn't request TLS
Upstream NBD documents (as of commit 4feebc95) that servers MAY
choose to operate in a conditional mode, where it is up to the
client whether to use TLS. For qemu's case, we want to always be
in FORCEDTLS mode, because of the risk of man-in-the-middle
attacks, and since we never export more than one device; likewise,
the qemu client will ALWAYS send NBD_OPT_STARTTLS as its first
option. But now that SELECTIVETLS servers exist, it is feasible
to encounter a (non-qemu) client that is programmed to talk to
such a server, and does not do NBD_OPT_STARTTLS first, but rather
wants to probe if it can use a non-encrypted export.
The NBD protocol documents that we should let such a client
continue trying, on the grounds that maybe the client will get the
hint to send NBD_OPT_STARTTLS, rather than immediately dropping
the connection.
Note that NBD_OPT_EXPORT_NAME is a special case: since it is the
only option request that can't have an error return, we have to
(continue to) drop the connection on that one; rather, what we are
fixing here is that all other replies prior to TLS initiation tell
the client NBD_REP_ERR_TLS_REQD, but keep the connection alive.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 1460671343-18485-1-git-send-email-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-04-15 00:02:23 +02:00
|
|
|
break;
|
2016-02-10 19:41:06 +01:00
|
|
|
default:
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Unsupported option 0x%" PRIx32, clientflags);
|
2016-04-07 00:48:38 +02:00
|
|
|
if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
2016-05-12 00:39:36 +02:00
|
|
|
ret = nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_UNSUP,
|
|
|
|
clientflags);
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
2016-04-07 00:48:38 +02:00
|
|
|
break;
|
2016-02-10 19:41:06 +01:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* If broken new-style we should drop the connection
|
|
|
|
* for anything except NBD_OPT_EXPORT_NAME
|
|
|
|
*/
|
|
|
|
switch (clientflags) {
|
|
|
|
case NBD_OPT_EXPORT_NAME:
|
|
|
|
return nbd_negotiate_handle_export_name(client, length);
|
|
|
|
|
|
|
|
default:
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Unsupported option 0x%" PRIx32, clientflags);
|
2016-02-10 19:41:06 +01:00
|
|
|
return -EINVAL;
|
2014-06-07 02:32:32 +02:00
|
|
|
}
|
2014-06-07 02:32:31 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-01-14 09:41:03 +01:00
|
|
|
typedef struct {
|
|
|
|
NBDClient *client;
|
|
|
|
Coroutine *co;
|
|
|
|
} NBDClientNewData;
|
|
|
|
|
|
|
|
static coroutine_fn int nbd_negotiate(NBDClientNewData *data)
|
2008-05-27 23:13:40 +02:00
|
|
|
{
|
2016-01-14 09:41:03 +01:00
|
|
|
NBDClient *client = data->client;
|
2011-02-22 16:44:51 +01:00
|
|
|
char buf[8 + 8 + 8 + 128];
|
2012-03-05 08:56:10 +01:00
|
|
|
int rc;
|
2012-08-23 14:57:11 +02:00
|
|
|
const int myflags = (NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM |
|
|
|
|
NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA);
|
2016-02-10 19:41:11 +01:00
|
|
|
bool oldStyle;
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2016-02-10 19:41:11 +01:00
|
|
|
/* Old style negotiation header without options
|
2012-08-23 14:57:11 +02:00
|
|
|
[ 0 .. 7] passwd ("NBDMAGIC")
|
|
|
|
[ 8 .. 15] magic (NBD_CLIENT_MAGIC)
|
2011-02-22 16:44:51 +01:00
|
|
|
[16 .. 23] size
|
2012-08-23 14:57:11 +02:00
|
|
|
[24 .. 25] server flags (0)
|
2014-05-13 01:35:16 +02:00
|
|
|
[26 .. 27] export flags
|
2012-08-23 14:57:11 +02:00
|
|
|
[28 .. 151] reserved (0)
|
|
|
|
|
2016-02-10 19:41:11 +01:00
|
|
|
New style negotiation header with options
|
2012-08-23 14:57:11 +02:00
|
|
|
[ 0 .. 7] passwd ("NBDMAGIC")
|
|
|
|
[ 8 .. 15] magic (NBD_OPTS_MAGIC)
|
|
|
|
[16 .. 17] server flags (0)
|
2016-02-10 19:41:11 +01:00
|
|
|
....options sent....
|
2012-08-23 14:57:11 +02:00
|
|
|
[18 .. 25] size
|
|
|
|
[26 .. 27] export flags
|
|
|
|
[28 .. 151] reserved (0)
|
2011-02-22 16:44:51 +01:00
|
|
|
*/
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
qio_channel_set_blocking(client->ioc, false, NULL);
|
2012-03-05 08:56:10 +01:00
|
|
|
rc = -EINVAL;
|
|
|
|
|
2011-02-22 16:44:51 +01:00
|
|
|
TRACE("Beginning negotiation.");
|
2012-11-26 15:19:31 +01:00
|
|
|
memset(buf, 0, sizeof(buf));
|
2011-02-22 16:44:51 +01:00
|
|
|
memcpy(buf, "NBDMAGIC", 8);
|
2016-02-10 19:41:11 +01:00
|
|
|
|
|
|
|
oldStyle = client->exp != NULL && !client->tlscreds;
|
|
|
|
if (oldStyle) {
|
2012-08-23 14:57:11 +02:00
|
|
|
assert ((client->exp->nbdflags & ~65535) == 0);
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("advertising size %" PRIu64 " and flags %x",
|
|
|
|
client->exp->size, client->exp->nbdflags | myflags);
|
2016-02-04 11:27:55 +01:00
|
|
|
stq_be_p(buf + 8, NBD_CLIENT_MAGIC);
|
|
|
|
stq_be_p(buf + 16, client->exp->size);
|
|
|
|
stw_be_p(buf + 26, client->exp->nbdflags | myflags);
|
2012-08-23 14:57:11 +02:00
|
|
|
} else {
|
2016-02-04 11:27:55 +01:00
|
|
|
stq_be_p(buf + 8, NBD_OPTS_MAGIC);
|
|
|
|
stw_be_p(buf + 16, NBD_FLAG_FIXED_NEWSTYLE);
|
2012-08-23 14:57:11 +02:00
|
|
|
}
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2016-02-10 19:41:11 +01:00
|
|
|
if (oldStyle) {
|
|
|
|
if (client->tlscreds) {
|
|
|
|
TRACE("TLS cannot be enabled with oldstyle protocol");
|
|
|
|
goto fail;
|
|
|
|
}
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(client->ioc, buf, sizeof(buf)) != sizeof(buf)) {
|
2012-08-23 14:57:11 +02:00
|
|
|
LOG("write failed");
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
} else {
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(client->ioc, buf, 18) != 18) {
|
2012-08-23 14:57:11 +02:00
|
|
|
LOG("write failed");
|
|
|
|
goto fail;
|
|
|
|
}
|
2016-01-14 09:41:03 +01:00
|
|
|
rc = nbd_negotiate_options(client);
|
2014-06-07 02:32:31 +02:00
|
|
|
if (rc != 0) {
|
2012-08-23 14:57:11 +02:00
|
|
|
LOG("option negotiation failed");
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
assert ((client->exp->nbdflags & ~65535) == 0);
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("advertising size %" PRIu64 " and flags %x",
|
|
|
|
client->exp->size, client->exp->nbdflags | myflags);
|
2016-02-04 11:27:55 +01:00
|
|
|
stq_be_p(buf + 18, client->exp->size);
|
|
|
|
stw_be_p(buf + 26, client->exp->nbdflags | myflags);
|
2016-02-10 19:41:04 +01:00
|
|
|
if (nbd_negotiate_write(client->ioc, buf + 18, sizeof(buf) - 18) !=
|
|
|
|
sizeof(buf) - 18) {
|
2012-08-23 14:57:11 +02:00
|
|
|
LOG("write failed");
|
|
|
|
goto fail;
|
|
|
|
}
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
|
|
|
|
2011-11-22 11:06:26 +01:00
|
|
|
TRACE("Negotiation succeeded.");
|
2012-03-05 08:56:10 +01:00
|
|
|
rc = 0;
|
|
|
|
fail:
|
|
|
|
return rc;
|
2008-05-27 23:13:40 +02:00
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static ssize_t nbd_receive_request(QIOChannel *ioc, struct nbd_request *request)
|
2008-07-03 15:41:03 +02:00
|
|
|
{
|
2012-08-22 15:13:30 +02:00
|
|
|
uint8_t buf[NBD_REQUEST_SIZE];
|
2011-02-22 16:44:51 +01:00
|
|
|
uint32_t magic;
|
2012-03-05 08:56:10 +01:00
|
|
|
ssize_t ret;
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
ret = read_sync(ioc, buf, sizeof(buf));
|
2012-03-05 08:56:10 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ret != sizeof(buf)) {
|
2011-02-22 16:44:51 +01:00
|
|
|
LOG("read failed");
|
2012-03-05 08:56:10 +01:00
|
|
|
return -EINVAL;
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Request
|
|
|
|
[ 0 .. 3] magic (NBD_REQUEST_MAGIC)
|
|
|
|
[ 4 .. 7] type (0 == READ, 1 == WRITE)
|
|
|
|
[ 8 .. 15] handle
|
|
|
|
[16 .. 23] from
|
|
|
|
[24 .. 27] len
|
|
|
|
*/
|
|
|
|
|
2016-06-10 17:00:36 +02:00
|
|
|
magic = ldl_be_p(buf);
|
|
|
|
request->type = ldl_be_p(buf + 4);
|
|
|
|
request->handle = ldq_be_p(buf + 8);
|
|
|
|
request->from = ldq_be_p(buf + 16);
|
|
|
|
request->len = ldl_be_p(buf + 24);
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Got request: { magic = 0x%" PRIx32 ", .type = %" PRIx32
|
|
|
|
", from = %" PRIu64 " , len = %" PRIu32 " }",
|
2011-02-22 16:44:51 +01:00
|
|
|
magic, request->type, request->from, request->len);
|
|
|
|
|
|
|
|
if (magic != NBD_REQUEST_MAGIC) {
|
2016-05-12 00:39:35 +02:00
|
|
|
LOG("invalid magic (got 0x%" PRIx32 ")", magic);
|
2012-03-05 08:56:10 +01:00
|
|
|
return -EINVAL;
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
|
|
|
return 0;
|
2008-07-03 15:41:03 +02:00
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
static ssize_t nbd_send_reply(QIOChannel *ioc, struct nbd_reply *reply)
|
2008-07-03 15:41:03 +02:00
|
|
|
{
|
2012-08-22 15:13:30 +02:00
|
|
|
uint8_t buf[NBD_REPLY_SIZE];
|
2012-03-05 08:56:10 +01:00
|
|
|
ssize_t ret;
|
2011-02-22 16:44:51 +01:00
|
|
|
|
qemu-nbd: only send a limited number of errno codes on the wire
Right now, NBD includes potentially platform-specific error values in
the wire protocol.
Luckily, most common error values are more or less universal: in
particular, of all errno values <= 34 (up to ERANGE), they are all the
same on supported platforms except for 11 (which is EAGAIN on Windows and
Linux, but EDEADLK on Darwin and the *BSDs). So, in order to guarantee
some portability, only keep a handful of possible error codes and squash
everything else to EINVAL.
This patch defines a limited set of errno values that are valid for the
NBD protocol, and specifies recommendations for what error to return
in specific corner cases. The set of errno values is roughly based on
the errors listed in the read(2) and write(2) man pages, with some
exceptions:
- ENOMEM is added for servers that implement copy-on-write or other
formats that require dynamic allocation.
- EDQUOT is not part of the universal set of errors; it can be changed
to ENOSPC on the wire format.
- EFBIG is part of the universal set of errors, but it is also changed
to ENOSPC because it is pretty similar to ENOSPC or EDQUOT.
Incoming values will in general match system errno values, but not
on the Hurd which has different errno values (they have a "subsystem
code" equal to 0x10 in bits 24-31). The Hurd is probably not something
to which QEMU has been ported, but still do the right thing and
reverse-map the NBD errno values to the system errno values.
The corresponding patch to the NBD protocol description can be found at
http://article.gmane.org/gmane.linux.drivers.nbd.general/3154.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-05-07 17:25:10 +02:00
|
|
|
reply->error = system_errno_to_nbd_errno(reply->error);
|
|
|
|
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Sending response to client: { .error = %" PRId32
|
|
|
|
", handle = %" PRIu64 " }",
|
2016-04-06 05:35:04 +02:00
|
|
|
reply->error, reply->handle);
|
|
|
|
|
2011-02-22 16:44:51 +01:00
|
|
|
/* Reply
|
|
|
|
[ 0 .. 3] magic (NBD_REPLY_MAGIC)
|
|
|
|
[ 4 .. 7] error (0 == no error)
|
|
|
|
[ 7 .. 15] handle
|
|
|
|
*/
|
2016-02-04 11:27:55 +01:00
|
|
|
stl_be_p(buf, NBD_REPLY_MAGIC);
|
|
|
|
stl_be_p(buf + 4, reply->error);
|
|
|
|
stq_be_p(buf + 8, reply->handle);
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
ret = write_sync(ioc, buf, sizeof(buf));
|
2012-03-05 08:56:10 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ret != sizeof(buf)) {
|
2011-02-22 16:44:51 +01:00
|
|
|
LOG("writing to socket failed");
|
2012-03-05 08:56:10 +01:00
|
|
|
return -EINVAL;
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
|
|
|
return 0;
|
2008-07-03 15:41:03 +02:00
|
|
|
}
|
2008-05-27 23:13:40 +02:00
|
|
|
|
2011-09-19 15:25:40 +02:00
|
|
|
#define MAX_NBD_REQUESTS 16
|
|
|
|
|
2012-09-18 13:17:52 +02:00
|
|
|
void nbd_client_get(NBDClient *client)
|
2011-09-19 14:33:23 +02:00
|
|
|
{
|
|
|
|
client->refcount++;
|
|
|
|
}
|
|
|
|
|
2012-09-18 13:17:52 +02:00
|
|
|
void nbd_client_put(NBDClient *client)
|
2011-09-19 14:33:23 +02:00
|
|
|
{
|
|
|
|
if (--client->refcount == 0) {
|
2012-08-22 18:45:12 +02:00
|
|
|
/* The last reference should be dropped by client->close,
|
2015-02-06 22:06:16 +01:00
|
|
|
* which is called by client_close.
|
2012-08-22 18:45:12 +02:00
|
|
|
*/
|
|
|
|
assert(client->closing);
|
|
|
|
|
2014-06-20 21:57:32 +02:00
|
|
|
nbd_unset_handlers(client);
|
2016-02-10 19:41:04 +01:00
|
|
|
object_unref(OBJECT(client->sioc));
|
|
|
|
object_unref(OBJECT(client->ioc));
|
2016-02-10 19:41:11 +01:00
|
|
|
if (client->tlscreds) {
|
|
|
|
object_unref(OBJECT(client->tlscreds));
|
|
|
|
}
|
|
|
|
g_free(client->tlsaclname);
|
2012-08-23 14:57:11 +02:00
|
|
|
if (client->exp) {
|
|
|
|
QTAILQ_REMOVE(&client->exp->clients, client, next);
|
|
|
|
nbd_export_put(client->exp);
|
|
|
|
}
|
2011-09-19 14:33:23 +02:00
|
|
|
g_free(client);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-02-06 22:06:16 +01:00
|
|
|
static void client_close(NBDClient *client)
|
2011-09-19 14:33:23 +02:00
|
|
|
{
|
2012-08-22 18:45:12 +02:00
|
|
|
if (client->closing) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
client->closing = true;
|
|
|
|
|
|
|
|
/* Force requests to finish. They will drop their own references,
|
|
|
|
* then we'll close the socket and free the NBDClient.
|
|
|
|
*/
|
2016-02-10 19:41:04 +01:00
|
|
|
qio_channel_shutdown(client->ioc, QIO_CHANNEL_SHUTDOWN_BOTH,
|
|
|
|
NULL);
|
2012-08-22 18:45:12 +02:00
|
|
|
|
|
|
|
/* Also tell the client, so that they release their reference. */
|
2011-09-19 14:33:23 +02:00
|
|
|
if (client->close) {
|
|
|
|
client->close(client);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-10-07 16:47:56 +02:00
|
|
|
static NBDRequest *nbd_request_get(NBDClient *client)
|
2011-09-19 14:18:33 +02:00
|
|
|
{
|
|
|
|
NBDRequest *req;
|
2011-10-07 16:47:56 +02:00
|
|
|
|
2011-09-19 15:25:40 +02:00
|
|
|
assert(client->nb_requests <= MAX_NBD_REQUESTS - 1);
|
|
|
|
client->nb_requests++;
|
2014-06-20 21:57:32 +02:00
|
|
|
nbd_update_can_read(client);
|
2011-09-19 15:25:40 +02:00
|
|
|
|
2015-10-01 12:59:08 +02:00
|
|
|
req = g_new0(NBDRequest, 1);
|
2011-10-07 16:47:56 +02:00
|
|
|
nbd_client_get(client);
|
|
|
|
req->client = client;
|
2011-09-19 14:18:33 +02:00
|
|
|
return req;
|
|
|
|
}
|
|
|
|
|
2011-10-07 16:47:56 +02:00
|
|
|
static void nbd_request_put(NBDRequest *req)
|
2011-09-19 14:18:33 +02:00
|
|
|
{
|
2011-10-07 16:47:56 +02:00
|
|
|
NBDClient *client = req->client;
|
2013-05-02 14:23:07 +02:00
|
|
|
|
2013-05-02 14:23:08 +02:00
|
|
|
if (req->data) {
|
|
|
|
qemu_vfree(req->data);
|
|
|
|
}
|
2015-10-01 12:59:08 +02:00
|
|
|
g_free(req);
|
2013-05-02 14:23:07 +02:00
|
|
|
|
2014-06-20 21:57:32 +02:00
|
|
|
client->nb_requests--;
|
|
|
|
nbd_update_can_read(client);
|
2011-10-07 16:47:56 +02:00
|
|
|
nbd_client_put(client);
|
2011-09-19 14:18:33 +02:00
|
|
|
}
|
|
|
|
|
2014-11-18 12:21:18 +01:00
|
|
|
static void blk_aio_attached(AioContext *ctx, void *opaque)
|
2014-06-20 21:57:34 +02:00
|
|
|
{
|
|
|
|
NBDExport *exp = opaque;
|
|
|
|
NBDClient *client;
|
|
|
|
|
|
|
|
TRACE("Export %s: Attaching clients to AIO context %p\n", exp->name, ctx);
|
|
|
|
|
|
|
|
exp->ctx = ctx;
|
|
|
|
|
|
|
|
QTAILQ_FOREACH(client, &exp->clients, next) {
|
|
|
|
nbd_set_handlers(client);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-11-18 12:21:18 +01:00
|
|
|
static void blk_aio_detach(void *opaque)
|
2014-06-20 21:57:34 +02:00
|
|
|
{
|
|
|
|
NBDExport *exp = opaque;
|
|
|
|
NBDClient *client;
|
|
|
|
|
|
|
|
TRACE("Export %s: Detaching clients from AIO context %p\n", exp->name, exp->ctx);
|
|
|
|
|
|
|
|
QTAILQ_FOREACH(client, &exp->clients, next) {
|
|
|
|
nbd_unset_handlers(client);
|
|
|
|
}
|
|
|
|
|
|
|
|
exp->ctx = NULL;
|
|
|
|
}
|
|
|
|
|
2016-01-29 16:36:06 +01:00
|
|
|
static void nbd_eject_notifier(Notifier *n, void *data)
|
|
|
|
{
|
|
|
|
NBDExport *exp = container_of(n, NBDExport, eject_notifier);
|
|
|
|
nbd_export_close(exp);
|
|
|
|
}
|
|
|
|
|
2014-11-18 12:21:17 +01:00
|
|
|
NBDExport *nbd_export_new(BlockBackend *blk, off_t dev_offset, off_t size,
|
2015-02-25 19:08:21 +01:00
|
|
|
uint32_t nbdflags, void (*close)(NBDExport *),
|
|
|
|
Error **errp)
|
2011-09-19 14:03:37 +02:00
|
|
|
{
|
|
|
|
NBDExport *exp = g_malloc0(sizeof(NBDExport));
|
2012-09-18 13:26:25 +02:00
|
|
|
exp->refcount = 1;
|
2012-09-18 13:58:25 +02:00
|
|
|
QTAILQ_INIT(&exp->clients);
|
2014-11-18 12:21:18 +01:00
|
|
|
exp->blk = blk;
|
2011-09-19 14:03:37 +02:00
|
|
|
exp->dev_offset = dev_offset;
|
|
|
|
exp->nbdflags = nbdflags;
|
2015-02-25 19:08:21 +01:00
|
|
|
exp->size = size < 0 ? blk_getlength(blk) : size;
|
|
|
|
if (exp->size < 0) {
|
|
|
|
error_setg_errno(errp, -exp->size,
|
|
|
|
"Failed to determine the NBD export's length");
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
exp->size -= exp->size % BDRV_SECTOR_SIZE;
|
|
|
|
|
2012-09-18 13:59:03 +02:00
|
|
|
exp->close = close;
|
2014-11-18 12:21:18 +01:00
|
|
|
exp->ctx = blk_get_aio_context(blk);
|
|
|
|
blk_ref(blk);
|
|
|
|
blk_add_aio_context_notifier(blk, blk_aio_attached, blk_aio_detach, exp);
|
2016-01-29 16:36:06 +01:00
|
|
|
|
|
|
|
exp->eject_notifier.notify = nbd_eject_notifier;
|
|
|
|
blk_add_remove_bs_notifier(blk, &exp->eject_notifier);
|
|
|
|
|
2014-10-09 04:50:46 +02:00
|
|
|
/*
|
|
|
|
* NBD exports are used for non-shared storage migration. Make sure
|
2016-01-13 15:56:06 +01:00
|
|
|
* that BDRV_O_INACTIVE is cleared and the image is ready for write
|
2014-10-09 04:50:46 +02:00
|
|
|
* access since the export could be available before migration handover.
|
|
|
|
*/
|
2016-01-20 08:12:20 +01:00
|
|
|
aio_context_acquire(exp->ctx);
|
2014-11-18 12:21:18 +01:00
|
|
|
blk_invalidate_cache(blk, NULL);
|
2016-01-20 08:12:20 +01:00
|
|
|
aio_context_release(exp->ctx);
|
2011-09-19 14:03:37 +02:00
|
|
|
return exp;
|
2015-02-25 19:08:21 +01:00
|
|
|
|
|
|
|
fail:
|
|
|
|
g_free(exp);
|
|
|
|
return NULL;
|
2011-09-19 14:03:37 +02:00
|
|
|
}
|
|
|
|
|
2012-08-22 15:59:23 +02:00
|
|
|
NBDExport *nbd_export_find(const char *name)
|
|
|
|
{
|
|
|
|
NBDExport *exp;
|
|
|
|
QTAILQ_FOREACH(exp, &exports, next) {
|
|
|
|
if (strcmp(name, exp->name) == 0) {
|
|
|
|
return exp;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
void nbd_export_set_name(NBDExport *exp, const char *name)
|
|
|
|
{
|
|
|
|
if (exp->name == name) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
nbd_export_get(exp);
|
|
|
|
if (exp->name != NULL) {
|
|
|
|
g_free(exp->name);
|
|
|
|
exp->name = NULL;
|
|
|
|
QTAILQ_REMOVE(&exports, exp, next);
|
|
|
|
nbd_export_put(exp);
|
|
|
|
}
|
|
|
|
if (name != NULL) {
|
|
|
|
nbd_export_get(exp);
|
|
|
|
exp->name = g_strdup(name);
|
|
|
|
QTAILQ_INSERT_TAIL(&exports, exp, next);
|
|
|
|
}
|
|
|
|
nbd_export_put(exp);
|
|
|
|
}
|
|
|
|
|
2011-09-19 14:03:37 +02:00
|
|
|
void nbd_export_close(NBDExport *exp)
|
|
|
|
{
|
2012-09-18 13:58:25 +02:00
|
|
|
NBDClient *client, *next;
|
2012-09-18 13:26:25 +02:00
|
|
|
|
2012-09-18 13:58:25 +02:00
|
|
|
nbd_export_get(exp);
|
|
|
|
QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) {
|
2015-02-06 22:06:16 +01:00
|
|
|
client_close(client);
|
2012-09-18 13:58:25 +02:00
|
|
|
}
|
2012-09-18 14:31:44 +02:00
|
|
|
nbd_export_set_name(exp, NULL);
|
2012-09-18 13:58:25 +02:00
|
|
|
nbd_export_put(exp);
|
2012-09-18 13:26:25 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void nbd_export_get(NBDExport *exp)
|
|
|
|
{
|
|
|
|
assert(exp->refcount > 0);
|
|
|
|
exp->refcount++;
|
|
|
|
}
|
|
|
|
|
|
|
|
void nbd_export_put(NBDExport *exp)
|
|
|
|
{
|
|
|
|
assert(exp->refcount > 0);
|
|
|
|
if (exp->refcount == 1) {
|
|
|
|
nbd_export_close(exp);
|
2011-09-19 14:18:33 +02:00
|
|
|
}
|
|
|
|
|
2012-09-18 13:26:25 +02:00
|
|
|
if (--exp->refcount == 0) {
|
2012-08-22 15:59:23 +02:00
|
|
|
assert(exp->name == NULL);
|
|
|
|
|
2012-09-18 13:59:03 +02:00
|
|
|
if (exp->close) {
|
|
|
|
exp->close(exp);
|
|
|
|
}
|
|
|
|
|
2015-09-16 10:35:46 +02:00
|
|
|
if (exp->blk) {
|
2016-01-29 16:36:06 +01:00
|
|
|
notifier_remove(&exp->eject_notifier);
|
2015-09-16 10:35:46 +02:00
|
|
|
blk_remove_aio_context_notifier(exp->blk, blk_aio_attached,
|
|
|
|
blk_aio_detach, exp);
|
|
|
|
blk_unref(exp->blk);
|
|
|
|
exp->blk = NULL;
|
|
|
|
}
|
|
|
|
|
2012-09-18 13:26:25 +02:00
|
|
|
g_free(exp);
|
|
|
|
}
|
2011-09-19 14:03:37 +02:00
|
|
|
}
|
|
|
|
|
2014-11-18 12:21:17 +01:00
|
|
|
BlockBackend *nbd_export_get_blockdev(NBDExport *exp)
|
2012-09-18 14:31:44 +02:00
|
|
|
{
|
2014-11-18 12:21:18 +01:00
|
|
|
return exp->blk;
|
2012-09-18 14:31:44 +02:00
|
|
|
}
|
|
|
|
|
2012-08-22 15:59:23 +02:00
|
|
|
void nbd_export_close_all(void)
|
|
|
|
{
|
|
|
|
NBDExport *exp, *next;
|
|
|
|
|
|
|
|
QTAILQ_FOREACH_SAFE(exp, &exports, next, next) {
|
|
|
|
nbd_export_close(exp);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-03-07 11:25:01 +01:00
|
|
|
static ssize_t nbd_co_send_reply(NBDRequest *req, struct nbd_reply *reply,
|
|
|
|
int len)
|
2011-09-19 14:25:30 +02:00
|
|
|
{
|
2011-10-07 16:47:56 +02:00
|
|
|
NBDClient *client = req->client;
|
2012-03-07 11:25:01 +01:00
|
|
|
ssize_t rc, ret;
|
2011-09-19 14:25:30 +02:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
g_assert(qemu_in_coroutine());
|
2011-09-19 15:19:27 +02:00
|
|
|
qemu_co_mutex_lock(&client->send_lock);
|
|
|
|
client->send_coroutine = qemu_coroutine_self();
|
2014-06-20 21:57:32 +02:00
|
|
|
nbd_set_handlers(client);
|
2011-09-19 15:19:27 +02:00
|
|
|
|
2011-09-19 14:25:30 +02:00
|
|
|
if (!len) {
|
2016-02-10 19:41:04 +01:00
|
|
|
rc = nbd_send_reply(client->ioc, reply);
|
2011-09-19 14:25:30 +02:00
|
|
|
} else {
|
2016-02-10 19:41:04 +01:00
|
|
|
qio_channel_set_cork(client->ioc, true);
|
|
|
|
rc = nbd_send_reply(client->ioc, reply);
|
2012-03-07 11:05:34 +01:00
|
|
|
if (rc >= 0) {
|
2016-02-10 19:41:04 +01:00
|
|
|
ret = write_sync(client->ioc, req->data, len);
|
2011-09-19 14:25:30 +02:00
|
|
|
if (ret != len) {
|
2012-03-05 08:56:10 +01:00
|
|
|
rc = -EIO;
|
2011-09-19 14:25:30 +02:00
|
|
|
}
|
|
|
|
}
|
2016-02-10 19:41:04 +01:00
|
|
|
qio_channel_set_cork(client->ioc, false);
|
2011-09-19 14:25:30 +02:00
|
|
|
}
|
2011-09-19 15:19:27 +02:00
|
|
|
|
|
|
|
client->send_coroutine = NULL;
|
2014-06-20 21:57:32 +02:00
|
|
|
nbd_set_handlers(client);
|
2011-09-19 15:19:27 +02:00
|
|
|
qemu_co_mutex_unlock(&client->send_lock);
|
2011-09-19 14:25:30 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2016-05-12 00:39:37 +02:00
|
|
|
/* Collect a client request. Return 0 if request looks valid, -EAGAIN
|
|
|
|
* to keep trying the collection, -EIO to drop connection right away,
|
|
|
|
* and any other negative value to report an error to the client
|
|
|
|
* (although the caller may still need to disconnect after reporting
|
|
|
|
* the error). */
|
|
|
|
static ssize_t nbd_co_receive_request(NBDRequest *req,
|
|
|
|
struct nbd_request *request)
|
2011-09-19 15:07:54 +02:00
|
|
|
{
|
2011-10-07 16:47:56 +02:00
|
|
|
NBDClient *client = req->client;
|
2013-05-02 14:23:08 +02:00
|
|
|
uint32_t command;
|
2012-03-07 11:25:01 +01:00
|
|
|
ssize_t rc;
|
2011-09-19 15:07:54 +02:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
g_assert(qemu_in_coroutine());
|
2011-09-19 15:19:27 +02:00
|
|
|
client->recv_coroutine = qemu_coroutine_self();
|
2014-06-20 21:57:32 +02:00
|
|
|
nbd_update_can_read(client);
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
rc = nbd_receive_request(client->ioc, request);
|
2012-03-05 09:10:35 +01:00
|
|
|
if (rc < 0) {
|
|
|
|
if (rc != -EAGAIN) {
|
|
|
|
rc = -EIO;
|
|
|
|
}
|
2011-09-19 15:07:54 +02:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2016-05-12 00:39:37 +02:00
|
|
|
TRACE("Decoding type");
|
|
|
|
|
|
|
|
command = request->type & NBD_CMD_MASK_COMMAND;
|
|
|
|
if (command != NBD_CMD_WRITE) {
|
|
|
|
/* No payload, we are ready to read the next request. */
|
|
|
|
req->complete = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (command == NBD_CMD_DISC) {
|
|
|
|
/* Special case: we're going to disconnect without a reply,
|
|
|
|
* whether or not flags, from, or len are bogus */
|
|
|
|
TRACE("Request type is DISCONNECT");
|
|
|
|
rc = -EIO;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check for sanity in the parameters, part 1. Defer as many
|
|
|
|
* checks as possible until after reading any NBD_CMD_WRITE
|
|
|
|
* payload, so we can try and keep the connection alive. */
|
2011-09-19 15:07:54 +02:00
|
|
|
if ((request->from + request->len) < request->from) {
|
2016-05-12 00:39:37 +02:00
|
|
|
LOG("integer overflow detected, you're probably being attacked");
|
2011-09-19 15:07:54 +02:00
|
|
|
rc = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2013-05-02 14:23:08 +02:00
|
|
|
if (command == NBD_CMD_READ || command == NBD_CMD_WRITE) {
|
2016-01-07 14:32:42 +01:00
|
|
|
if (request->len > NBD_MAX_BUFFER_SIZE) {
|
2016-05-12 00:39:35 +02:00
|
|
|
LOG("len (%" PRIu32" ) is larger than max len (%u)",
|
2016-01-07 14:32:42 +01:00
|
|
|
request->len, NBD_MAX_BUFFER_SIZE);
|
|
|
|
rc = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2016-01-07 14:34:13 +01:00
|
|
|
req->data = blk_try_blockalign(client->exp->blk, request->len);
|
|
|
|
if (req->data == NULL) {
|
|
|
|
rc = -ENOMEM;
|
|
|
|
goto out;
|
|
|
|
}
|
2013-05-02 14:23:08 +02:00
|
|
|
}
|
|
|
|
if (command == NBD_CMD_WRITE) {
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Reading %" PRIu32 " byte(s)", request->len);
|
2011-09-19 15:07:54 +02:00
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
if (read_sync(client->ioc, req->data, request->len) != request->len) {
|
2011-09-19 15:07:54 +02:00
|
|
|
LOG("reading from socket failed");
|
|
|
|
rc = -EIO;
|
|
|
|
goto out;
|
|
|
|
}
|
2016-05-12 00:39:37 +02:00
|
|
|
req->complete = true;
|
2011-09-19 15:07:54 +02:00
|
|
|
}
|
2016-05-12 00:39:37 +02:00
|
|
|
|
|
|
|
/* Sanity checks, part 2. */
|
|
|
|
if (request->from + request->len > client->exp->size) {
|
|
|
|
LOG("operation past EOF; From: %" PRIu64 ", Len: %" PRIu32
|
|
|
|
", Size: %" PRIu64, request->from, request->len,
|
|
|
|
(uint64_t)client->exp->size);
|
|
|
|
rc = command == NBD_CMD_WRITE ? -ENOSPC : -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
2016-05-12 00:39:38 +02:00
|
|
|
if (request->type & ~NBD_CMD_MASK_COMMAND & ~NBD_CMD_FLAG_FUA) {
|
|
|
|
LOG("unsupported flags (got 0x%x)",
|
|
|
|
request->type & ~NBD_CMD_MASK_COMMAND);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
2016-05-12 00:39:37 +02:00
|
|
|
|
2011-09-19 15:07:54 +02:00
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
out:
|
2011-09-19 15:19:27 +02:00
|
|
|
client->recv_coroutine = NULL;
|
2014-06-20 21:57:32 +02:00
|
|
|
nbd_update_can_read(client);
|
|
|
|
|
2011-09-19 15:07:54 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2011-09-19 15:19:27 +02:00
|
|
|
static void nbd_trip(void *opaque)
|
2008-07-03 15:41:03 +02:00
|
|
|
{
|
2011-09-19 15:19:27 +02:00
|
|
|
NBDClient *client = opaque;
|
2011-09-19 14:33:23 +02:00
|
|
|
NBDExport *exp = client->exp;
|
2012-08-22 18:45:12 +02:00
|
|
|
NBDRequest *req;
|
2011-02-22 16:44:51 +01:00
|
|
|
struct nbd_request request;
|
|
|
|
struct nbd_reply reply;
|
2012-03-07 11:25:01 +01:00
|
|
|
ssize_t ret;
|
2014-05-18 12:50:05 +02:00
|
|
|
uint32_t command;
|
2016-05-12 00:39:34 +02:00
|
|
|
int flags;
|
2011-02-22 16:44:51 +01:00
|
|
|
|
|
|
|
TRACE("Reading request.");
|
2012-08-22 18:45:12 +02:00
|
|
|
if (client->closing) {
|
|
|
|
return;
|
|
|
|
}
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2012-08-22 18:45:12 +02:00
|
|
|
req = nbd_request_get(client);
|
2011-09-19 15:19:27 +02:00
|
|
|
ret = nbd_co_receive_request(req, &request);
|
2012-03-05 09:10:35 +01:00
|
|
|
if (ret == -EAGAIN) {
|
|
|
|
goto done;
|
|
|
|
}
|
2011-09-19 15:07:54 +02:00
|
|
|
if (ret == -EIO) {
|
2011-09-19 14:18:33 +02:00
|
|
|
goto out;
|
2011-09-19 15:07:54 +02:00
|
|
|
}
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2011-09-19 16:04:36 +02:00
|
|
|
reply.handle = request.handle;
|
|
|
|
reply.error = 0;
|
|
|
|
|
2011-09-19 15:07:54 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
reply.error = -ret;
|
|
|
|
goto error_reply;
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
2014-05-18 12:50:05 +02:00
|
|
|
command = request.type & NBD_CMD_MASK_COMMAND;
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2015-09-16 10:35:46 +02:00
|
|
|
if (client->closing) {
|
|
|
|
/*
|
|
|
|
* The client may be closed when we are blocked in
|
|
|
|
* nbd_co_receive_request()
|
|
|
|
*/
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2014-05-18 12:50:05 +02:00
|
|
|
switch (command) {
|
2011-02-22 16:44:51 +01:00
|
|
|
case NBD_CMD_READ:
|
|
|
|
TRACE("Request type is READ");
|
|
|
|
|
2012-04-19 11:59:11 +02:00
|
|
|
if (request.type & NBD_CMD_FLAG_FUA) {
|
2014-11-18 12:21:18 +01:00
|
|
|
ret = blk_co_flush(exp->blk);
|
2012-04-19 11:59:11 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
LOG("flush failed");
|
|
|
|
reply.error = -ret;
|
|
|
|
goto error_reply;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-04-21 16:42:30 +02:00
|
|
|
ret = blk_pread(exp->blk, request.from + exp->dev_offset,
|
|
|
|
req->data, request.len);
|
2011-09-13 17:27:45 +02:00
|
|
|
if (ret < 0) {
|
2011-02-22 16:44:51 +01:00
|
|
|
LOG("reading from file failed");
|
2011-09-13 17:27:45 +02:00
|
|
|
reply.error = -ret;
|
2011-09-19 16:04:36 +02:00
|
|
|
goto error_reply;
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
|
|
|
|
2016-05-12 00:39:35 +02:00
|
|
|
TRACE("Read %" PRIu32" byte(s)", request.len);
|
2011-09-19 15:19:27 +02:00
|
|
|
if (nbd_co_send_reply(req, &reply, request.len) < 0)
|
2011-09-19 14:18:33 +02:00
|
|
|
goto out;
|
2011-02-22 16:44:51 +01:00
|
|
|
break;
|
|
|
|
case NBD_CMD_WRITE:
|
|
|
|
TRACE("Request type is WRITE");
|
|
|
|
|
2011-09-19 14:03:37 +02:00
|
|
|
if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
|
2011-02-22 16:44:51 +01:00
|
|
|
TRACE("Server is read-only, return error");
|
2011-09-19 16:04:36 +02:00
|
|
|
reply.error = EROFS;
|
|
|
|
goto error_reply;
|
|
|
|
}
|
|
|
|
|
|
|
|
TRACE("Writing to device");
|
|
|
|
|
2016-05-12 00:39:34 +02:00
|
|
|
flags = 0;
|
|
|
|
if (request.type & NBD_CMD_FLAG_FUA) {
|
|
|
|
flags |= BDRV_REQ_FUA;
|
|
|
|
}
|
2016-04-21 16:42:30 +02:00
|
|
|
ret = blk_pwrite(exp->blk, request.from + exp->dev_offset,
|
2016-05-12 00:39:34 +02:00
|
|
|
req->data, request.len, flags);
|
2011-09-19 16:04:36 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
LOG("writing to file failed");
|
|
|
|
reply.error = -ret;
|
|
|
|
goto error_reply;
|
|
|
|
}
|
2011-02-22 16:44:51 +01:00
|
|
|
|
2012-03-07 11:05:34 +01:00
|
|
|
if (nbd_co_send_reply(req, &reply, 0) < 0) {
|
2011-09-19 14:18:33 +02:00
|
|
|
goto out;
|
2012-03-07 11:05:34 +01:00
|
|
|
}
|
2011-02-22 16:44:51 +01:00
|
|
|
break;
|
2016-05-12 00:39:37 +02:00
|
|
|
|
2011-02-22 16:44:51 +01:00
|
|
|
case NBD_CMD_DISC:
|
2016-05-12 00:39:37 +02:00
|
|
|
/* unreachable, thanks to special case in nbd_co_receive_request() */
|
|
|
|
abort();
|
|
|
|
|
2011-10-21 13:17:14 +02:00
|
|
|
case NBD_CMD_FLUSH:
|
|
|
|
TRACE("Request type is FLUSH");
|
|
|
|
|
2014-11-18 12:21:18 +01:00
|
|
|
ret = blk_co_flush(exp->blk);
|
2011-10-21 13:17:14 +02:00
|
|
|
if (ret < 0) {
|
|
|
|
LOG("flush failed");
|
|
|
|
reply.error = -ret;
|
|
|
|
}
|
2012-03-07 11:05:34 +01:00
|
|
|
if (nbd_co_send_reply(req, &reply, 0) < 0) {
|
2011-09-19 14:18:33 +02:00
|
|
|
goto out;
|
2012-03-07 11:05:34 +01:00
|
|
|
}
|
2011-10-21 13:17:14 +02:00
|
|
|
break;
|
|
|
|
case NBD_CMD_TRIM:
|
|
|
|
TRACE("Request type is TRIM");
|
2016-05-25 12:59:25 +02:00
|
|
|
/* Ignore unaligned head or tail, until block layer adds byte
|
|
|
|
* interface */
|
|
|
|
if (request.len >= BDRV_SECTOR_SIZE) {
|
|
|
|
request.len -= (request.from + request.len) % BDRV_SECTOR_SIZE;
|
|
|
|
ret = blk_co_discard(exp->blk,
|
|
|
|
DIV_ROUND_UP(request.from + exp->dev_offset,
|
|
|
|
BDRV_SECTOR_SIZE),
|
|
|
|
request.len / BDRV_SECTOR_SIZE);
|
|
|
|
if (ret < 0) {
|
|
|
|
LOG("discard failed");
|
|
|
|
reply.error = -ret;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
TRACE("trim request too small, ignoring");
|
2011-10-21 13:17:14 +02:00
|
|
|
}
|
2012-03-07 11:05:34 +01:00
|
|
|
if (nbd_co_send_reply(req, &reply, 0) < 0) {
|
2011-09-19 14:18:33 +02:00
|
|
|
goto out;
|
2012-03-07 11:05:34 +01:00
|
|
|
}
|
2011-10-21 13:17:14 +02:00
|
|
|
break;
|
2011-02-22 16:44:51 +01:00
|
|
|
default:
|
2016-05-12 00:39:35 +02:00
|
|
|
LOG("invalid request type (%" PRIu32 ") received", request.type);
|
2015-02-12 07:21:51 +01:00
|
|
|
reply.error = EINVAL;
|
2011-09-19 16:04:36 +02:00
|
|
|
error_reply:
|
2016-05-12 00:39:37 +02:00
|
|
|
/* We must disconnect after NBD_CMD_WRITE if we did not
|
|
|
|
* read the payload.
|
|
|
|
*/
|
|
|
|
if (nbd_co_send_reply(req, &reply, 0) < 0 || !req->complete) {
|
2011-09-19 14:18:33 +02:00
|
|
|
goto out;
|
2012-03-07 11:05:34 +01:00
|
|
|
}
|
2011-09-19 16:04:36 +02:00
|
|
|
break;
|
2011-02-22 16:44:51 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
TRACE("Request/Reply complete");
|
|
|
|
|
2012-03-05 09:10:35 +01:00
|
|
|
done:
|
2011-09-19 15:19:27 +02:00
|
|
|
nbd_request_put(req);
|
|
|
|
return;
|
|
|
|
|
2011-09-19 14:18:33 +02:00
|
|
|
out:
|
2011-10-07 16:47:56 +02:00
|
|
|
nbd_request_put(req);
|
2015-02-06 22:06:16 +01:00
|
|
|
client_close(client);
|
2008-05-27 23:13:40 +02:00
|
|
|
}
|
2011-09-19 14:03:37 +02:00
|
|
|
|
2011-09-19 14:33:23 +02:00
|
|
|
static void nbd_read(void *opaque)
|
|
|
|
{
|
|
|
|
NBDClient *client = opaque;
|
|
|
|
|
2011-09-19 15:19:27 +02:00
|
|
|
if (client->recv_coroutine) {
|
|
|
|
qemu_coroutine_enter(client->recv_coroutine, NULL);
|
|
|
|
} else {
|
|
|
|
qemu_coroutine_enter(qemu_coroutine_create(nbd_trip), client);
|
2011-09-19 14:33:23 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-09-19 15:19:27 +02:00
|
|
|
static void nbd_restart_write(void *opaque)
|
|
|
|
{
|
|
|
|
NBDClient *client = opaque;
|
|
|
|
|
|
|
|
qemu_coroutine_enter(client->send_coroutine, NULL);
|
|
|
|
}
|
|
|
|
|
2014-06-20 21:57:32 +02:00
|
|
|
static void nbd_set_handlers(NBDClient *client)
|
|
|
|
{
|
|
|
|
if (client->exp && client->exp->ctx) {
|
2016-02-10 19:41:04 +01:00
|
|
|
aio_set_fd_handler(client->exp->ctx, client->sioc->fd,
|
2015-10-23 05:08:06 +02:00
|
|
|
true,
|
2014-06-20 21:57:32 +02:00
|
|
|
client->can_read ? nbd_read : NULL,
|
|
|
|
client->send_coroutine ? nbd_restart_write : NULL,
|
|
|
|
client);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void nbd_unset_handlers(NBDClient *client)
|
|
|
|
{
|
|
|
|
if (client->exp && client->exp->ctx) {
|
2016-02-10 19:41:04 +01:00
|
|
|
aio_set_fd_handler(client->exp->ctx, client->sioc->fd,
|
2015-10-23 05:08:06 +02:00
|
|
|
true, NULL, NULL, NULL);
|
2014-06-20 21:57:32 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void nbd_update_can_read(NBDClient *client)
|
|
|
|
{
|
|
|
|
bool can_read = client->recv_coroutine ||
|
|
|
|
client->nb_requests < MAX_NBD_REQUESTS;
|
|
|
|
|
|
|
|
if (can_read != client->can_read) {
|
|
|
|
client->can_read = can_read;
|
|
|
|
nbd_set_handlers(client);
|
|
|
|
|
|
|
|
/* There is no need to invoke aio_notify(), since aio_set_fd_handler()
|
|
|
|
* in nbd_set_handlers() will have taken care of that */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-01-14 09:41:03 +01:00
|
|
|
static coroutine_fn void nbd_co_client_start(void *opaque)
|
|
|
|
{
|
|
|
|
NBDClientNewData *data = opaque;
|
|
|
|
NBDClient *client = data->client;
|
|
|
|
NBDExport *exp = client->exp;
|
|
|
|
|
|
|
|
if (exp) {
|
|
|
|
nbd_export_get(exp);
|
|
|
|
}
|
|
|
|
if (nbd_negotiate(data)) {
|
2016-01-25 19:41:08 +01:00
|
|
|
client_close(client);
|
2016-01-14 09:41:03 +01:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
qemu_co_mutex_init(&client->send_lock);
|
|
|
|
nbd_set_handlers(client);
|
|
|
|
|
|
|
|
if (exp) {
|
|
|
|
QTAILQ_INSERT_TAIL(&exp->clients, client, next);
|
|
|
|
}
|
|
|
|
out:
|
|
|
|
g_free(data);
|
|
|
|
}
|
|
|
|
|
2016-02-10 19:41:04 +01:00
|
|
|
void nbd_client_new(NBDExport *exp,
|
|
|
|
QIOChannelSocket *sioc,
|
2016-02-10 19:41:11 +01:00
|
|
|
QCryptoTLSCreds *tlscreds,
|
|
|
|
const char *tlsaclname,
|
2016-02-10 19:41:04 +01:00
|
|
|
void (*close_fn)(NBDClient *))
|
2011-09-19 14:03:37 +02:00
|
|
|
{
|
2011-09-19 14:33:23 +02:00
|
|
|
NBDClient *client;
|
2016-01-14 09:41:03 +01:00
|
|
|
NBDClientNewData *data = g_new(NBDClientNewData, 1);
|
|
|
|
|
2011-09-19 14:33:23 +02:00
|
|
|
client = g_malloc0(sizeof(NBDClient));
|
|
|
|
client->refcount = 1;
|
|
|
|
client->exp = exp;
|
2016-02-10 19:41:11 +01:00
|
|
|
client->tlscreds = tlscreds;
|
|
|
|
if (tlscreds) {
|
|
|
|
object_ref(OBJECT(client->tlscreds));
|
|
|
|
}
|
|
|
|
client->tlsaclname = g_strdup(tlsaclname);
|
2016-02-10 19:41:04 +01:00
|
|
|
client->sioc = sioc;
|
|
|
|
object_ref(OBJECT(client->sioc));
|
|
|
|
client->ioc = QIO_CHANNEL(sioc);
|
|
|
|
object_ref(OBJECT(client->ioc));
|
2014-06-20 21:57:32 +02:00
|
|
|
client->can_read = true;
|
2016-01-14 09:41:01 +01:00
|
|
|
client->close = close_fn;
|
2012-09-18 13:26:25 +02:00
|
|
|
|
2016-01-14 09:41:03 +01:00
|
|
|
data->client = client;
|
|
|
|
data->co = qemu_coroutine_create(nbd_co_client_start);
|
|
|
|
qemu_coroutine_enter(data->co, data);
|
2011-09-19 14:03:37 +02:00
|
|
|
}
|