1 /* 2 * QEMU Block driver for CURL images 3 * 4 * Copyright (c) 2009 Alexander Graf <agraf@suse.de> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qapi/error.h" 27 #include "qemu/error-report.h" 28 #include "qemu/module.h" 29 #include "qemu/option.h" 30 #include "block/block-io.h" 31 #include "block/block_int.h" 32 #include "qobject/qdict.h" 33 #include "qobject/qstring.h" 34 #include "crypto/secret.h" 35 #include <curl/curl.h> 36 #include "qemu/cutils.h" 37 #include "trace.h" 38 39 // #define DEBUG_VERBOSE 40 41 /* CURL 7.85.0 switches to a string based API for specifying 42 * the desired protocols. 43 */ 44 #if LIBCURL_VERSION_NUM >= 0x075500 45 #define PROTOCOLS "HTTP,HTTPS,FTP,FTPS" 46 #else 47 #define PROTOCOLS (CURLPROTO_HTTP | CURLPROTO_HTTPS | \ 48 CURLPROTO_FTP | CURLPROTO_FTPS) 49 #endif 50 51 #define CURL_NUM_STATES 8 52 #define CURL_NUM_ACB 8 53 #define CURL_TIMEOUT_MAX 10000 54 55 #define CURL_BLOCK_OPT_URL "url" 56 #define CURL_BLOCK_OPT_READAHEAD "readahead" 57 #define CURL_BLOCK_OPT_SSLVERIFY "sslverify" 58 #define CURL_BLOCK_OPT_TIMEOUT "timeout" 59 #define CURL_BLOCK_OPT_COOKIE "cookie" 60 #define CURL_BLOCK_OPT_COOKIE_SECRET "cookie-secret" 61 #define CURL_BLOCK_OPT_USERNAME "username" 62 #define CURL_BLOCK_OPT_PASSWORD_SECRET "password-secret" 63 #define CURL_BLOCK_OPT_PROXY_USERNAME "proxy-username" 64 #define CURL_BLOCK_OPT_PROXY_PASSWORD_SECRET "proxy-password-secret" 65 66 #define CURL_BLOCK_OPT_READAHEAD_DEFAULT (256 * 1024) 67 #define CURL_BLOCK_OPT_SSLVERIFY_DEFAULT true 68 #define CURL_BLOCK_OPT_TIMEOUT_DEFAULT 5 69 70 struct BDRVCURLState; 71 struct CURLState; 72 73 static bool libcurl_initialized; 74 75 typedef struct CURLAIOCB { 76 Coroutine *co; 77 QEMUIOVector *qiov; 78 79 uint64_t offset; 80 uint64_t bytes; 81 int ret; 82 83 size_t start; 84 size_t end; 85 } CURLAIOCB; 86 87 typedef struct CURLSocket { 88 int fd; 89 struct BDRVCURLState *s; 90 } CURLSocket; 91 92 typedef struct CURLState 93 { 94 struct BDRVCURLState *s; 95 CURLAIOCB *acb[CURL_NUM_ACB]; 96 CURL *curl; 97 char *orig_buf; 98 uint64_t buf_start; 99 size_t buf_off; 100 size_t buf_len; 101 char range[128]; 102 char errmsg[CURL_ERROR_SIZE]; 103 char in_use; 104 } CURLState; 105 106 typedef struct BDRVCURLState { 107 CURLM *multi; 108 QEMUTimer timer; 109 uint64_t len; 110 CURLState states[CURL_NUM_STATES]; 111 GHashTable *sockets; /* GINT_TO_POINTER(fd) -> socket */ 112 char *url; 113 size_t readahead_size; 114 bool sslverify; 115 uint64_t timeout; 116 char *cookie; 117 bool accept_range; 118 AioContext *aio_context; 119 QemuMutex mutex; 120 CoQueue free_state_waitq; 121 char *username; 122 char *password; 123 char *proxyusername; 124 char *proxypassword; 125 } BDRVCURLState; 126 127 static void curl_clean_state(CURLState *s); 128 static void curl_multi_do(void *arg); 129 130 static gboolean curl_drop_socket(void *key, void *value, void *opaque) 131 { 132 CURLSocket *socket = value; 133 BDRVCURLState *s = socket->s; 134 135 aio_set_fd_handler(s->aio_context, socket->fd, 136 NULL, NULL, NULL, NULL, NULL); 137 return true; 138 } 139 140 static void curl_drop_all_sockets(GHashTable *sockets) 141 { 142 g_hash_table_foreach_remove(sockets, curl_drop_socket, NULL); 143 } 144 145 /* Called from curl_multi_do_locked, with s->mutex held. */ 146 static int curl_timer_cb(CURLM *multi, long timeout_ms, void *opaque) 147 { 148 BDRVCURLState *s = opaque; 149 150 trace_curl_timer_cb(timeout_ms); 151 if (timeout_ms == -1) { 152 timer_del(&s->timer); 153 } else { 154 int64_t timeout_ns = (int64_t)timeout_ms * 1000 * 1000; 155 timer_mod(&s->timer, 156 qemu_clock_get_ns(QEMU_CLOCK_REALTIME) + timeout_ns); 157 } 158 return 0; 159 } 160 161 /* Called from curl_multi_do_locked, with s->mutex held. */ 162 static int curl_sock_cb(CURL *curl, curl_socket_t fd, int action, 163 void *userp, void *sp) 164 { 165 BDRVCURLState *s = userp; 166 CURLSocket *socket; 167 168 socket = g_hash_table_lookup(s->sockets, GINT_TO_POINTER(fd)); 169 if (!socket) { 170 socket = g_new0(CURLSocket, 1); 171 socket->fd = fd; 172 socket->s = s; 173 g_hash_table_insert(s->sockets, GINT_TO_POINTER(fd), socket); 174 } 175 176 trace_curl_sock_cb(action, (int)fd); 177 switch (action) { 178 case CURL_POLL_IN: 179 aio_set_fd_handler(s->aio_context, fd, 180 curl_multi_do, NULL, NULL, NULL, socket); 181 break; 182 case CURL_POLL_OUT: 183 aio_set_fd_handler(s->aio_context, fd, 184 NULL, curl_multi_do, NULL, NULL, socket); 185 break; 186 case CURL_POLL_INOUT: 187 aio_set_fd_handler(s->aio_context, fd, 188 curl_multi_do, curl_multi_do, 189 NULL, NULL, socket); 190 break; 191 case CURL_POLL_REMOVE: 192 aio_set_fd_handler(s->aio_context, fd, 193 NULL, NULL, NULL, NULL, NULL); 194 break; 195 } 196 197 if (action == CURL_POLL_REMOVE) { 198 g_hash_table_remove(s->sockets, GINT_TO_POINTER(fd)); 199 } 200 201 return 0; 202 } 203 204 /* Called from curl_multi_do_locked, with s->mutex held. */ 205 static size_t curl_header_cb(void *ptr, size_t size, size_t nmemb, void *opaque) 206 { 207 BDRVCURLState *s = opaque; 208 size_t realsize = size * nmemb; 209 const char *p = ptr; 210 const char *end = p + realsize; 211 const char *t = "accept-ranges : bytes "; /* A lowercase template */ 212 213 /* check if header matches the "t" template */ 214 for (;;) { 215 if (*t == ' ') { /* space in t matches any amount of isspace in p */ 216 if (p < end && g_ascii_isspace(*p)) { 217 ++p; 218 } else { 219 ++t; 220 } 221 } else if (*t && p < end && *t == g_ascii_tolower(*p)) { 222 ++p, ++t; 223 } else { 224 break; 225 } 226 } 227 228 if (!*t && p == end) { /* if we managed to reach ends of both strings */ 229 s->accept_range = true; 230 } 231 232 return realsize; 233 } 234 235 /* Called from curl_multi_do_locked, with s->mutex held. */ 236 static size_t curl_read_cb(void *ptr, size_t size, size_t nmemb, void *opaque) 237 { 238 CURLState *s = ((CURLState*)opaque); 239 size_t realsize = size * nmemb; 240 241 trace_curl_read_cb(realsize); 242 243 if (!s || !s->orig_buf) { 244 goto read_end; 245 } 246 247 if (s->buf_off >= s->buf_len) { 248 /* buffer full, read nothing */ 249 goto read_end; 250 } 251 realsize = MIN(realsize, s->buf_len - s->buf_off); 252 memcpy(s->orig_buf + s->buf_off, ptr, realsize); 253 s->buf_off += realsize; 254 255 read_end: 256 /* curl will error out if we do not return this value */ 257 return size * nmemb; 258 } 259 260 /* Called with s->mutex held. */ 261 static bool coroutine_fn 262 curl_find_buf(BDRVCURLState *s, uint64_t start, uint64_t len, CURLAIOCB *acb) 263 { 264 int i; 265 uint64_t end = start + len; 266 uint64_t clamped_end = MIN(end, s->len); 267 uint64_t clamped_len = clamped_end - start; 268 269 for (i=0; i<CURL_NUM_STATES; i++) { 270 CURLState *state = &s->states[i]; 271 uint64_t buf_end = (state->buf_start + state->buf_off); 272 uint64_t buf_fend = (state->buf_start + state->buf_len); 273 274 if (!state->orig_buf) 275 continue; 276 if (!state->buf_off) 277 continue; 278 279 // Does the existing buffer cover our section? 280 if ((start >= state->buf_start) && 281 (start <= buf_end) && 282 (clamped_end >= state->buf_start) && 283 (clamped_end <= buf_end)) 284 { 285 char *buf = state->orig_buf + (start - state->buf_start); 286 287 qemu_iovec_from_buf(acb->qiov, 0, buf, clamped_len); 288 if (clamped_len < len) { 289 qemu_iovec_memset(acb->qiov, clamped_len, 0, len - clamped_len); 290 } 291 acb->ret = 0; 292 return true; 293 } 294 295 // Wait for unfinished chunks 296 if (state->in_use && 297 (start >= state->buf_start) && 298 (start <= buf_fend) && 299 (clamped_end >= state->buf_start) && 300 (clamped_end <= buf_fend)) 301 { 302 int j; 303 304 acb->start = start - state->buf_start; 305 acb->end = acb->start + clamped_len; 306 307 for (j=0; j<CURL_NUM_ACB; j++) { 308 if (!state->acb[j]) { 309 state->acb[j] = acb; 310 /* Await ongoing request */ 311 qemu_mutex_unlock(&s->mutex); 312 qemu_coroutine_yield(); 313 qemu_mutex_lock(&s->mutex); 314 return true; 315 } 316 } 317 } 318 } 319 320 return false; 321 } 322 323 /* Called with s->mutex held. */ 324 static void curl_multi_check_completion(BDRVCURLState *s) 325 { 326 int msgs_in_queue; 327 328 /* Try to find done transfers, so we can free the easy 329 * handle again. */ 330 for (;;) { 331 CURLMsg *msg; 332 msg = curl_multi_info_read(s->multi, &msgs_in_queue); 333 334 /* Quit when there are no more completions */ 335 if (!msg) 336 break; 337 338 if (msg->msg == CURLMSG_DONE) { 339 int i; 340 CURLState *state = NULL; 341 bool error = msg->data.result != CURLE_OK; 342 343 curl_easy_getinfo(msg->easy_handle, CURLINFO_PRIVATE, 344 (char **)&state); 345 346 if (error) { 347 static int errcount = 100; 348 349 /* Don't lose the original error message from curl, since 350 * it contains extra data. 351 */ 352 if (errcount > 0) { 353 error_report("curl: %s", state->errmsg); 354 if (--errcount == 0) { 355 error_report("curl: further errors suppressed"); 356 } 357 } 358 } 359 360 for (i = 0; i < CURL_NUM_ACB; i++) { 361 CURLAIOCB *acb = state->acb[i]; 362 363 if (acb == NULL) { 364 continue; 365 } 366 367 if (!error) { 368 /* Assert that we have read all data */ 369 assert(state->buf_off >= acb->end); 370 371 qemu_iovec_from_buf(acb->qiov, 0, 372 state->orig_buf + acb->start, 373 acb->end - acb->start); 374 375 if (acb->end - acb->start < acb->bytes) { 376 size_t offset = acb->end - acb->start; 377 qemu_iovec_memset(acb->qiov, offset, 0, 378 acb->bytes - offset); 379 } 380 } 381 382 acb->ret = error ? -EIO : 0; 383 state->acb[i] = NULL; 384 qemu_mutex_unlock(&s->mutex); 385 /* 386 * Current AioContext is the BDS context, which may or may not 387 * be the request (coroutine) context. 388 * - If it is, the coroutine must have yielded or the FD handler 389 * (curl_multi_do()/curl_multi_timeout_do()) could not have 390 * been called and we would not be here 391 * - If it is not, it doesn't matter whether it has already 392 * yielded or not; it will be scheduled once it does yield 393 * So aio_co_wake() is safe to call. 394 */ 395 aio_co_wake(acb->co); 396 qemu_mutex_lock(&s->mutex); 397 } 398 399 curl_clean_state(state); 400 break; 401 } 402 } 403 } 404 405 /* Called with s->mutex held. */ 406 static void curl_multi_do_locked(CURLSocket *socket) 407 { 408 BDRVCURLState *s = socket->s; 409 int running; 410 int r; 411 412 if (!s->multi) { 413 return; 414 } 415 416 do { 417 r = curl_multi_socket_action(s->multi, socket->fd, 0, &running); 418 } while (r == CURLM_CALL_MULTI_PERFORM); 419 } 420 421 static void curl_multi_do(void *arg) 422 { 423 CURLSocket *socket = arg; 424 BDRVCURLState *s = socket->s; 425 426 qemu_mutex_lock(&s->mutex); 427 curl_multi_do_locked(socket); 428 curl_multi_check_completion(s); 429 qemu_mutex_unlock(&s->mutex); 430 } 431 432 static void curl_multi_timeout_do(void *arg) 433 { 434 BDRVCURLState *s = (BDRVCURLState *)arg; 435 int running; 436 437 if (!s->multi) { 438 return; 439 } 440 441 qemu_mutex_lock(&s->mutex); 442 curl_multi_socket_action(s->multi, CURL_SOCKET_TIMEOUT, 0, &running); 443 444 curl_multi_check_completion(s); 445 qemu_mutex_unlock(&s->mutex); 446 } 447 448 /* Called with s->mutex held. */ 449 static CURLState *curl_find_state(BDRVCURLState *s) 450 { 451 CURLState *state = NULL; 452 int i; 453 454 for (i = 0; i < CURL_NUM_STATES; i++) { 455 if (!s->states[i].in_use) { 456 state = &s->states[i]; 457 state->in_use = 1; 458 break; 459 } 460 } 461 return state; 462 } 463 464 static int curl_init_state(BDRVCURLState *s, CURLState *state) 465 { 466 if (!state->curl) { 467 state->curl = curl_easy_init(); 468 if (!state->curl) { 469 return -EIO; 470 } 471 if (curl_easy_setopt(state->curl, CURLOPT_URL, s->url) || 472 curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER, 473 (long) s->sslverify) || 474 curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYHOST, 475 s->sslverify ? 2L : 0L)) { 476 goto err; 477 } 478 if (s->cookie) { 479 if (curl_easy_setopt(state->curl, CURLOPT_COOKIE, s->cookie)) { 480 goto err; 481 } 482 } 483 if (curl_easy_setopt(state->curl, CURLOPT_TIMEOUT, (long)s->timeout) || 484 curl_easy_setopt(state->curl, CURLOPT_WRITEFUNCTION, 485 (void *)curl_read_cb) || 486 curl_easy_setopt(state->curl, CURLOPT_WRITEDATA, (void *)state) || 487 curl_easy_setopt(state->curl, CURLOPT_PRIVATE, (void *)state) || 488 curl_easy_setopt(state->curl, CURLOPT_AUTOREFERER, 1L) || 489 curl_easy_setopt(state->curl, CURLOPT_FOLLOWLOCATION, 1L) || 490 curl_easy_setopt(state->curl, CURLOPT_NOSIGNAL, 1L) || 491 curl_easy_setopt(state->curl, CURLOPT_ERRORBUFFER, state->errmsg) || 492 curl_easy_setopt(state->curl, CURLOPT_FAILONERROR, 1L)) { 493 goto err; 494 } 495 if (s->username) { 496 if (curl_easy_setopt(state->curl, CURLOPT_USERNAME, s->username)) { 497 goto err; 498 } 499 } 500 if (s->password) { 501 if (curl_easy_setopt(state->curl, CURLOPT_PASSWORD, s->password)) { 502 goto err; 503 } 504 } 505 if (s->proxyusername) { 506 if (curl_easy_setopt(state->curl, 507 CURLOPT_PROXYUSERNAME, s->proxyusername)) { 508 goto err; 509 } 510 } 511 if (s->proxypassword) { 512 if (curl_easy_setopt(state->curl, 513 CURLOPT_PROXYPASSWORD, s->proxypassword)) { 514 goto err; 515 } 516 } 517 518 /* Restrict supported protocols to avoid security issues in the more 519 * obscure protocols. For example, do not allow POP3/SMTP/IMAP see 520 * CVE-2013-0249. 521 * 522 * Restricting protocols is only supported from 7.19.4 upwards. Note: 523 * version 7.85.0 deprecates CURLOPT_*PROTOCOLS in favour of a string 524 * based CURLOPT_*PROTOCOLS_STR API. 525 */ 526 #if LIBCURL_VERSION_NUM >= 0x075500 527 if (curl_easy_setopt(state->curl, 528 CURLOPT_PROTOCOLS_STR, PROTOCOLS) || 529 curl_easy_setopt(state->curl, 530 CURLOPT_REDIR_PROTOCOLS_STR, PROTOCOLS)) { 531 goto err; 532 } 533 #elif LIBCURL_VERSION_NUM >= 0x071304 534 if (curl_easy_setopt(state->curl, CURLOPT_PROTOCOLS, PROTOCOLS) || 535 curl_easy_setopt(state->curl, CURLOPT_REDIR_PROTOCOLS, PROTOCOLS)) { 536 goto err; 537 } 538 #endif 539 540 #ifdef DEBUG_VERBOSE 541 if (curl_easy_setopt(state->curl, CURLOPT_VERBOSE, 1L)) { 542 goto err; 543 } 544 #endif 545 } 546 547 state->s = s; 548 549 return 0; 550 551 err: 552 curl_easy_cleanup(state->curl); 553 state->curl = NULL; 554 return -EIO; 555 } 556 557 /* Called with s->mutex held. */ 558 static void curl_clean_state(CURLState *s) 559 { 560 int j; 561 for (j = 0; j < CURL_NUM_ACB; j++) { 562 assert(!s->acb[j]); 563 } 564 565 if (s->s->multi) 566 curl_multi_remove_handle(s->s->multi, s->curl); 567 568 s->in_use = 0; 569 570 qemu_co_enter_next(&s->s->free_state_waitq, &s->s->mutex); 571 } 572 573 static void curl_parse_filename(const char *filename, QDict *options, 574 Error **errp) 575 { 576 qdict_put_str(options, CURL_BLOCK_OPT_URL, filename); 577 } 578 579 static void curl_detach_aio_context(BlockDriverState *bs) 580 { 581 BDRVCURLState *s = bs->opaque; 582 int i; 583 584 WITH_QEMU_LOCK_GUARD(&s->mutex) { 585 curl_drop_all_sockets(s->sockets); 586 for (i = 0; i < CURL_NUM_STATES; i++) { 587 if (s->states[i].in_use) { 588 curl_clean_state(&s->states[i]); 589 } 590 if (s->states[i].curl) { 591 curl_easy_cleanup(s->states[i].curl); 592 s->states[i].curl = NULL; 593 } 594 g_free(s->states[i].orig_buf); 595 s->states[i].orig_buf = NULL; 596 } 597 if (s->multi) { 598 curl_multi_cleanup(s->multi); 599 s->multi = NULL; 600 } 601 } 602 603 timer_del(&s->timer); 604 } 605 606 static void curl_attach_aio_context(BlockDriverState *bs, 607 AioContext *new_context) 608 { 609 BDRVCURLState *s = bs->opaque; 610 611 aio_timer_init(new_context, &s->timer, 612 QEMU_CLOCK_REALTIME, SCALE_NS, 613 curl_multi_timeout_do, s); 614 615 assert(!s->multi); 616 s->multi = curl_multi_init(); 617 s->aio_context = new_context; 618 curl_multi_setopt(s->multi, CURLMOPT_SOCKETDATA, s); 619 curl_multi_setopt(s->multi, CURLMOPT_SOCKETFUNCTION, curl_sock_cb); 620 curl_multi_setopt(s->multi, CURLMOPT_TIMERDATA, s); 621 curl_multi_setopt(s->multi, CURLMOPT_TIMERFUNCTION, curl_timer_cb); 622 } 623 624 static QemuOptsList runtime_opts = { 625 .name = "curl", 626 .head = QTAILQ_HEAD_INITIALIZER(runtime_opts.head), 627 .desc = { 628 { 629 .name = CURL_BLOCK_OPT_URL, 630 .type = QEMU_OPT_STRING, 631 .help = "URL to open", 632 }, 633 { 634 .name = CURL_BLOCK_OPT_READAHEAD, 635 .type = QEMU_OPT_SIZE, 636 .help = "Readahead size", 637 }, 638 { 639 .name = CURL_BLOCK_OPT_SSLVERIFY, 640 .type = QEMU_OPT_BOOL, 641 .help = "Verify SSL certificate" 642 }, 643 { 644 .name = CURL_BLOCK_OPT_TIMEOUT, 645 .type = QEMU_OPT_NUMBER, 646 .help = "Curl timeout" 647 }, 648 { 649 .name = CURL_BLOCK_OPT_COOKIE, 650 .type = QEMU_OPT_STRING, 651 .help = "Pass the cookie or list of cookies with each request" 652 }, 653 { 654 .name = CURL_BLOCK_OPT_COOKIE_SECRET, 655 .type = QEMU_OPT_STRING, 656 .help = "ID of secret used as cookie passed with each request" 657 }, 658 { 659 .name = CURL_BLOCK_OPT_USERNAME, 660 .type = QEMU_OPT_STRING, 661 .help = "Username for HTTP auth" 662 }, 663 { 664 .name = CURL_BLOCK_OPT_PASSWORD_SECRET, 665 .type = QEMU_OPT_STRING, 666 .help = "ID of secret used as password for HTTP auth", 667 }, 668 { 669 .name = CURL_BLOCK_OPT_PROXY_USERNAME, 670 .type = QEMU_OPT_STRING, 671 .help = "Username for HTTP proxy auth" 672 }, 673 { 674 .name = CURL_BLOCK_OPT_PROXY_PASSWORD_SECRET, 675 .type = QEMU_OPT_STRING, 676 .help = "ID of secret used as password for HTTP proxy auth", 677 }, 678 { /* end of list */ } 679 }, 680 }; 681 682 683 static int curl_open(BlockDriverState *bs, QDict *options, int flags, 684 Error **errp) 685 { 686 BDRVCURLState *s = bs->opaque; 687 CURLState *state = NULL; 688 QemuOpts *opts; 689 const char *file; 690 const char *cookie; 691 const char *cookie_secret; 692 /* CURL >= 7.55.0 uses curl_off_t for content length instead of a double */ 693 #if LIBCURL_VERSION_NUM >= 0x073700 694 curl_off_t cl; 695 #else 696 double cl; 697 #endif 698 const char *secretid; 699 const char *protocol_delimiter; 700 int ret; 701 702 bdrv_graph_rdlock_main_loop(); 703 ret = bdrv_apply_auto_read_only(bs, "curl driver does not support writes", 704 errp); 705 bdrv_graph_rdunlock_main_loop(); 706 if (ret < 0) { 707 return ret; 708 } 709 710 if (!libcurl_initialized) { 711 ret = curl_global_init(CURL_GLOBAL_ALL); 712 if (ret) { 713 error_setg(errp, "libcurl initialization failed with %d", ret); 714 return -EIO; 715 } 716 libcurl_initialized = true; 717 } 718 719 qemu_mutex_init(&s->mutex); 720 opts = qemu_opts_create(&runtime_opts, NULL, 0, &error_abort); 721 if (!qemu_opts_absorb_qdict(opts, options, errp)) { 722 goto out_noclean; 723 } 724 725 s->readahead_size = qemu_opt_get_size(opts, CURL_BLOCK_OPT_READAHEAD, 726 CURL_BLOCK_OPT_READAHEAD_DEFAULT); 727 if ((s->readahead_size & 0x1ff) != 0) { 728 error_setg(errp, "HTTP_READAHEAD_SIZE %zd is not a multiple of 512", 729 s->readahead_size); 730 goto out_noclean; 731 } 732 733 s->timeout = qemu_opt_get_number(opts, CURL_BLOCK_OPT_TIMEOUT, 734 CURL_BLOCK_OPT_TIMEOUT_DEFAULT); 735 if (s->timeout > CURL_TIMEOUT_MAX) { 736 error_setg(errp, "timeout parameter is too large or negative"); 737 goto out_noclean; 738 } 739 740 s->sslverify = qemu_opt_get_bool(opts, CURL_BLOCK_OPT_SSLVERIFY, 741 CURL_BLOCK_OPT_SSLVERIFY_DEFAULT); 742 743 cookie = qemu_opt_get(opts, CURL_BLOCK_OPT_COOKIE); 744 cookie_secret = qemu_opt_get(opts, CURL_BLOCK_OPT_COOKIE_SECRET); 745 746 if (cookie && cookie_secret) { 747 error_setg(errp, 748 "curl driver cannot handle both cookie and cookie secret"); 749 goto out_noclean; 750 } 751 752 if (cookie_secret) { 753 s->cookie = qcrypto_secret_lookup_as_utf8(cookie_secret, errp); 754 if (!s->cookie) { 755 goto out_noclean; 756 } 757 } else { 758 s->cookie = g_strdup(cookie); 759 } 760 761 file = qemu_opt_get(opts, CURL_BLOCK_OPT_URL); 762 if (file == NULL) { 763 error_setg(errp, "curl block driver requires an 'url' option"); 764 goto out_noclean; 765 } 766 767 if (!strstart(file, bs->drv->protocol_name, &protocol_delimiter) || 768 !strstart(protocol_delimiter, "://", NULL)) 769 { 770 error_setg(errp, "%s curl driver cannot handle the URL '%s' (does not " 771 "start with '%s://')", bs->drv->protocol_name, file, 772 bs->drv->protocol_name); 773 goto out_noclean; 774 } 775 776 s->username = g_strdup(qemu_opt_get(opts, CURL_BLOCK_OPT_USERNAME)); 777 secretid = qemu_opt_get(opts, CURL_BLOCK_OPT_PASSWORD_SECRET); 778 779 if (secretid) { 780 s->password = qcrypto_secret_lookup_as_utf8(secretid, errp); 781 if (!s->password) { 782 goto out_noclean; 783 } 784 } 785 786 s->proxyusername = g_strdup( 787 qemu_opt_get(opts, CURL_BLOCK_OPT_PROXY_USERNAME)); 788 secretid = qemu_opt_get(opts, CURL_BLOCK_OPT_PROXY_PASSWORD_SECRET); 789 if (secretid) { 790 s->proxypassword = qcrypto_secret_lookup_as_utf8(secretid, errp); 791 if (!s->proxypassword) { 792 goto out_noclean; 793 } 794 } 795 796 trace_curl_open(file); 797 qemu_co_queue_init(&s->free_state_waitq); 798 s->aio_context = bdrv_get_aio_context(bs); 799 s->url = g_strdup(file); 800 s->sockets = g_hash_table_new_full(NULL, NULL, NULL, g_free); 801 qemu_mutex_lock(&s->mutex); 802 state = curl_find_state(s); 803 qemu_mutex_unlock(&s->mutex); 804 if (!state) { 805 goto out_noclean; 806 } 807 808 // Get file size 809 810 if (curl_init_state(s, state) < 0) { 811 pstrcpy(state->errmsg, CURL_ERROR_SIZE, 812 "curl library initialization failed."); 813 goto out; 814 } 815 816 s->accept_range = false; 817 if (curl_easy_setopt(state->curl, CURLOPT_NOBODY, 1L) || 818 curl_easy_setopt(state->curl, CURLOPT_HEADERFUNCTION, curl_header_cb) || 819 curl_easy_setopt(state->curl, CURLOPT_HEADERDATA, s)) { 820 pstrcpy(state->errmsg, CURL_ERROR_SIZE, 821 "curl library initialization failed."); 822 goto out; 823 } 824 if (curl_easy_perform(state->curl)) 825 goto out; 826 /* CURL 7.55.0 deprecates CURLINFO_CONTENT_LENGTH_DOWNLOAD in favour of 827 * the *_T version which returns a more sensible type for content length. 828 */ 829 #if LIBCURL_VERSION_NUM >= 0x073700 830 if (curl_easy_getinfo(state->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, &cl)) { 831 goto out; 832 } 833 #else 834 if (curl_easy_getinfo(state->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &cl)) { 835 goto out; 836 } 837 #endif 838 /* Prior CURL 7.19.4 return value of 0 could mean that the file size is not 839 * know or the size is zero. From 7.19.4 CURL returns -1 if size is not 840 * known and zero if it is really zero-length file. */ 841 #if LIBCURL_VERSION_NUM >= 0x071304 842 if (cl < 0) { 843 pstrcpy(state->errmsg, CURL_ERROR_SIZE, 844 "Server didn't report file size."); 845 goto out; 846 } 847 #else 848 if (cl <= 0) { 849 pstrcpy(state->errmsg, CURL_ERROR_SIZE, 850 "Unknown file size or zero-length file."); 851 goto out; 852 } 853 #endif 854 855 s->len = cl; 856 857 if ((!strncasecmp(s->url, "http://", strlen("http://")) 858 || !strncasecmp(s->url, "https://", strlen("https://"))) 859 && !s->accept_range) { 860 pstrcpy(state->errmsg, CURL_ERROR_SIZE, 861 "Server does not support 'range' (byte ranges)."); 862 goto out; 863 } 864 trace_curl_open_size(s->len); 865 866 qemu_mutex_lock(&s->mutex); 867 curl_clean_state(state); 868 qemu_mutex_unlock(&s->mutex); 869 curl_easy_cleanup(state->curl); 870 state->curl = NULL; 871 872 curl_attach_aio_context(bs, bdrv_get_aio_context(bs)); 873 874 qemu_opts_del(opts); 875 return 0; 876 877 out: 878 error_setg(errp, "CURL: Error opening file: %s", state->errmsg); 879 curl_easy_cleanup(state->curl); 880 state->curl = NULL; 881 out_noclean: 882 qemu_mutex_destroy(&s->mutex); 883 g_free(s->cookie); 884 g_free(s->url); 885 g_free(s->username); 886 g_free(s->proxyusername); 887 g_free(s->proxypassword); 888 if (s->sockets) { 889 curl_drop_all_sockets(s->sockets); 890 g_hash_table_destroy(s->sockets); 891 } 892 qemu_opts_del(opts); 893 return -EINVAL; 894 } 895 896 static void coroutine_fn curl_do_preadv(BlockDriverState *bs, CURLAIOCB *acb) 897 { 898 CURLState *state; 899 int running; 900 901 BDRVCURLState *s = bs->opaque; 902 903 uint64_t start = acb->offset; 904 uint64_t end; 905 906 qemu_mutex_lock(&s->mutex); 907 908 /* 909 * In case we have the requested data already (e.g. read-ahead), 910 * we can just call the callback and be done. This may have to 911 * await an ongoing request, in which case it itself will yield. 912 */ 913 if (curl_find_buf(s, start, acb->bytes, acb)) { 914 goto dont_yield; 915 } 916 917 // No cache found, so let's start a new request 918 for (;;) { 919 state = curl_find_state(s); 920 if (state) { 921 break; 922 } 923 qemu_co_queue_wait(&s->free_state_waitq, &s->mutex); 924 } 925 926 if (curl_init_state(s, state) < 0) { 927 curl_clean_state(state); 928 acb->ret = -EIO; 929 goto dont_yield; 930 } 931 932 acb->start = 0; 933 acb->end = MIN(acb->bytes, s->len - start); 934 935 state->buf_off = 0; 936 g_free(state->orig_buf); 937 state->buf_start = start; 938 state->buf_len = MIN(acb->end + s->readahead_size, s->len - start); 939 end = start + state->buf_len - 1; 940 state->orig_buf = g_try_malloc(state->buf_len); 941 if (state->buf_len && state->orig_buf == NULL) { 942 curl_clean_state(state); 943 acb->ret = -ENOMEM; 944 goto dont_yield; 945 } 946 state->acb[0] = acb; 947 948 snprintf(state->range, 127, "%" PRIu64 "-%" PRIu64, start, end); 949 trace_curl_setup_preadv(acb->bytes, start, state->range); 950 if (curl_easy_setopt(state->curl, CURLOPT_RANGE, state->range) || 951 curl_multi_add_handle(s->multi, state->curl) != CURLM_OK) { 952 state->acb[0] = NULL; 953 acb->ret = -EIO; 954 955 curl_clean_state(state); 956 goto dont_yield; 957 } 958 959 /* Tell curl it needs to kick things off */ 960 curl_multi_socket_action(s->multi, CURL_SOCKET_TIMEOUT, 0, &running); 961 qemu_mutex_unlock(&s->mutex); 962 qemu_coroutine_yield(); 963 return; 964 965 dont_yield: 966 qemu_mutex_unlock(&s->mutex); 967 } 968 969 static int coroutine_fn curl_co_preadv(BlockDriverState *bs, 970 int64_t offset, int64_t bytes, QEMUIOVector *qiov, 971 BdrvRequestFlags flags) 972 { 973 CURLAIOCB acb = { 974 .co = qemu_coroutine_self(), 975 .ret = -EINPROGRESS, 976 .qiov = qiov, 977 .offset = offset, 978 .bytes = bytes 979 }; 980 981 curl_do_preadv(bs, &acb); 982 return acb.ret; 983 } 984 985 static void curl_close(BlockDriverState *bs) 986 { 987 BDRVCURLState *s = bs->opaque; 988 989 trace_curl_close(); 990 curl_detach_aio_context(bs); 991 qemu_mutex_destroy(&s->mutex); 992 993 g_hash_table_destroy(s->sockets); 994 g_free(s->cookie); 995 g_free(s->url); 996 g_free(s->username); 997 g_free(s->proxyusername); 998 g_free(s->proxypassword); 999 } 1000 1001 static int64_t coroutine_fn curl_co_getlength(BlockDriverState *bs) 1002 { 1003 BDRVCURLState *s = bs->opaque; 1004 return s->len; 1005 } 1006 1007 static void curl_refresh_filename(BlockDriverState *bs) 1008 { 1009 BDRVCURLState *s = bs->opaque; 1010 1011 /* "readahead" and "timeout" do not change the guest-visible data, 1012 * so ignore them */ 1013 if (s->sslverify != CURL_BLOCK_OPT_SSLVERIFY_DEFAULT || 1014 s->cookie || s->username || s->password || s->proxyusername || 1015 s->proxypassword) 1016 { 1017 return; 1018 } 1019 1020 pstrcpy(bs->exact_filename, sizeof(bs->exact_filename), s->url); 1021 } 1022 1023 1024 static const char *const curl_strong_runtime_opts[] = { 1025 CURL_BLOCK_OPT_URL, 1026 CURL_BLOCK_OPT_SSLVERIFY, 1027 CURL_BLOCK_OPT_COOKIE, 1028 CURL_BLOCK_OPT_COOKIE_SECRET, 1029 CURL_BLOCK_OPT_USERNAME, 1030 CURL_BLOCK_OPT_PASSWORD_SECRET, 1031 CURL_BLOCK_OPT_PROXY_USERNAME, 1032 CURL_BLOCK_OPT_PROXY_PASSWORD_SECRET, 1033 1034 NULL 1035 }; 1036 1037 static BlockDriver bdrv_http = { 1038 .format_name = "http", 1039 .protocol_name = "http", 1040 1041 .instance_size = sizeof(BDRVCURLState), 1042 .bdrv_parse_filename = curl_parse_filename, 1043 .bdrv_open = curl_open, 1044 .bdrv_close = curl_close, 1045 .bdrv_co_getlength = curl_co_getlength, 1046 1047 .bdrv_co_preadv = curl_co_preadv, 1048 1049 .bdrv_detach_aio_context = curl_detach_aio_context, 1050 .bdrv_attach_aio_context = curl_attach_aio_context, 1051 1052 .bdrv_refresh_filename = curl_refresh_filename, 1053 .strong_runtime_opts = curl_strong_runtime_opts, 1054 }; 1055 1056 static BlockDriver bdrv_https = { 1057 .format_name = "https", 1058 .protocol_name = "https", 1059 1060 .instance_size = sizeof(BDRVCURLState), 1061 .bdrv_parse_filename = curl_parse_filename, 1062 .bdrv_open = curl_open, 1063 .bdrv_close = curl_close, 1064 .bdrv_co_getlength = curl_co_getlength, 1065 1066 .bdrv_co_preadv = curl_co_preadv, 1067 1068 .bdrv_detach_aio_context = curl_detach_aio_context, 1069 .bdrv_attach_aio_context = curl_attach_aio_context, 1070 1071 .bdrv_refresh_filename = curl_refresh_filename, 1072 .strong_runtime_opts = curl_strong_runtime_opts, 1073 }; 1074 1075 static BlockDriver bdrv_ftp = { 1076 .format_name = "ftp", 1077 .protocol_name = "ftp", 1078 1079 .instance_size = sizeof(BDRVCURLState), 1080 .bdrv_parse_filename = curl_parse_filename, 1081 .bdrv_open = curl_open, 1082 .bdrv_close = curl_close, 1083 .bdrv_co_getlength = curl_co_getlength, 1084 1085 .bdrv_co_preadv = curl_co_preadv, 1086 1087 .bdrv_detach_aio_context = curl_detach_aio_context, 1088 .bdrv_attach_aio_context = curl_attach_aio_context, 1089 1090 .bdrv_refresh_filename = curl_refresh_filename, 1091 .strong_runtime_opts = curl_strong_runtime_opts, 1092 }; 1093 1094 static BlockDriver bdrv_ftps = { 1095 .format_name = "ftps", 1096 .protocol_name = "ftps", 1097 1098 .instance_size = sizeof(BDRVCURLState), 1099 .bdrv_parse_filename = curl_parse_filename, 1100 .bdrv_open = curl_open, 1101 .bdrv_close = curl_close, 1102 .bdrv_co_getlength = curl_co_getlength, 1103 1104 .bdrv_co_preadv = curl_co_preadv, 1105 1106 .bdrv_detach_aio_context = curl_detach_aio_context, 1107 .bdrv_attach_aio_context = curl_attach_aio_context, 1108 1109 .bdrv_refresh_filename = curl_refresh_filename, 1110 .strong_runtime_opts = curl_strong_runtime_opts, 1111 }; 1112 1113 static void curl_block_init(void) 1114 { 1115 bdrv_register(&bdrv_http); 1116 bdrv_register(&bdrv_https); 1117 bdrv_register(&bdrv_ftp); 1118 bdrv_register(&bdrv_ftps); 1119 } 1120 1121 block_init(curl_block_init); 1122