1 /* 2 * Serving QEMU block devices via NBD 3 * 4 * Copyright (c) 2012 Red Hat, Inc. 5 * 6 * Author: Paolo Bonzini <pbonzini@redhat.com> 7 * 8 * This work is licensed under the terms of the GNU GPL, version 2 or 9 * later. See the COPYING file in the top-level directory. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "sysemu/blockdev.h" 14 #include "sysemu/block-backend.h" 15 #include "hw/block/block.h" 16 #include "qapi/error.h" 17 #include "qapi/qapi-commands-block.h" 18 #include "sysemu/sysemu.h" 19 #include "block/nbd.h" 20 #include "io/channel-socket.h" 21 #include "io/net-listener.h" 22 23 typedef struct NBDServerData { 24 QIONetListener *listener; 25 QCryptoTLSCreds *tlscreds; 26 char *tlsauthz; 27 } NBDServerData; 28 29 static NBDServerData *nbd_server; 30 31 static void nbd_blockdev_client_closed(NBDClient *client, bool ignored) 32 { 33 nbd_client_put(client); 34 } 35 36 static void nbd_accept(QIONetListener *listener, QIOChannelSocket *cioc, 37 gpointer opaque) 38 { 39 qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server"); 40 nbd_client_new(cioc, nbd_server->tlscreds, nbd_server->tlsauthz, 41 nbd_blockdev_client_closed); 42 } 43 44 45 static void nbd_server_free(NBDServerData *server) 46 { 47 if (!server) { 48 return; 49 } 50 51 qio_net_listener_disconnect(server->listener); 52 object_unref(OBJECT(server->listener)); 53 if (server->tlscreds) { 54 object_unref(OBJECT(server->tlscreds)); 55 } 56 g_free(server->tlsauthz); 57 58 g_free(server); 59 } 60 61 static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp) 62 { 63 Object *obj; 64 QCryptoTLSCreds *creds; 65 66 obj = object_resolve_path_component( 67 object_get_objects_root(), id); 68 if (!obj) { 69 error_setg(errp, "No TLS credentials with id '%s'", 70 id); 71 return NULL; 72 } 73 creds = (QCryptoTLSCreds *) 74 object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS); 75 if (!creds) { 76 error_setg(errp, "Object with id '%s' is not TLS credentials", 77 id); 78 return NULL; 79 } 80 81 if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 82 error_setg(errp, 83 "Expecting TLS credentials with a server endpoint"); 84 return NULL; 85 } 86 object_ref(obj); 87 return creds; 88 } 89 90 91 void nbd_server_start(SocketAddress *addr, const char *tls_creds, 92 const char *tls_authz, Error **errp) 93 { 94 if (nbd_server) { 95 error_setg(errp, "NBD server already running"); 96 return; 97 } 98 99 nbd_server = g_new0(NBDServerData, 1); 100 nbd_server->listener = qio_net_listener_new(); 101 102 qio_net_listener_set_name(nbd_server->listener, 103 "nbd-listener"); 104 105 if (qio_net_listener_open_sync(nbd_server->listener, addr, errp) < 0) { 106 goto error; 107 } 108 109 if (tls_creds) { 110 nbd_server->tlscreds = nbd_get_tls_creds(tls_creds, errp); 111 if (!nbd_server->tlscreds) { 112 goto error; 113 } 114 115 /* TODO SOCKET_ADDRESS_TYPE_FD where fd has AF_INET or AF_INET6 */ 116 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 117 error_setg(errp, "TLS is only supported with IPv4/IPv6"); 118 goto error; 119 } 120 } 121 122 nbd_server->tlsauthz = g_strdup(tls_authz); 123 124 qio_net_listener_set_client_func(nbd_server->listener, 125 nbd_accept, 126 NULL, 127 NULL); 128 129 return; 130 131 error: 132 nbd_server_free(nbd_server); 133 nbd_server = NULL; 134 } 135 136 void qmp_nbd_server_start(SocketAddressLegacy *addr, 137 bool has_tls_creds, const char *tls_creds, 138 bool has_tls_authz, const char *tls_authz, 139 Error **errp) 140 { 141 SocketAddress *addr_flat = socket_address_flatten(addr); 142 143 nbd_server_start(addr_flat, tls_creds, tls_authz, errp); 144 qapi_free_SocketAddress(addr_flat); 145 } 146 147 void qmp_nbd_server_add(const char *device, bool has_name, const char *name, 148 bool has_writable, bool writable, 149 bool has_bitmap, const char *bitmap, Error **errp) 150 { 151 BlockDriverState *bs = NULL; 152 BlockBackend *on_eject_blk; 153 NBDExport *exp; 154 int64_t len; 155 156 if (!nbd_server) { 157 error_setg(errp, "NBD server not running"); 158 return; 159 } 160 161 if (!has_name) { 162 name = device; 163 } 164 165 if (nbd_export_find(name)) { 166 error_setg(errp, "NBD server already has export named '%s'", name); 167 return; 168 } 169 170 on_eject_blk = blk_by_name(device); 171 172 bs = bdrv_lookup_bs(device, device, errp); 173 if (!bs) { 174 return; 175 } 176 177 len = bdrv_getlength(bs); 178 if (len < 0) { 179 error_setg_errno(errp, -len, 180 "Failed to determine the NBD export's length"); 181 return; 182 } 183 184 if (!has_writable) { 185 writable = false; 186 } 187 if (bdrv_is_read_only(bs)) { 188 writable = false; 189 } 190 191 exp = nbd_export_new(bs, 0, len, name, NULL, bitmap, 192 writable ? 0 : NBD_FLAG_READ_ONLY, 193 NULL, false, on_eject_blk, errp); 194 if (!exp) { 195 return; 196 } 197 198 /* The list of named exports has a strong reference to this export now and 199 * our only way of accessing it is through nbd_export_find(), so we can drop 200 * the strong reference that is @exp. */ 201 nbd_export_put(exp); 202 } 203 204 void qmp_nbd_server_remove(const char *name, 205 bool has_mode, NbdServerRemoveMode mode, 206 Error **errp) 207 { 208 NBDExport *exp; 209 210 if (!nbd_server) { 211 error_setg(errp, "NBD server not running"); 212 return; 213 } 214 215 exp = nbd_export_find(name); 216 if (exp == NULL) { 217 error_setg(errp, "Export '%s' is not found", name); 218 return; 219 } 220 221 if (!has_mode) { 222 mode = NBD_SERVER_REMOVE_MODE_SAFE; 223 } 224 225 nbd_export_remove(exp, mode, errp); 226 } 227 228 void qmp_nbd_server_stop(Error **errp) 229 { 230 if (!nbd_server) { 231 error_setg(errp, "NBD server not running"); 232 return; 233 } 234 235 nbd_export_close_all(); 236 237 nbd_server_free(nbd_server); 238 nbd_server = NULL; 239 } 240