1 /* 2 * Serving QEMU block devices via NBD 3 * 4 * Copyright (c) 2012 Red Hat, Inc. 5 * 6 * Author: Paolo Bonzini <pbonzini@redhat.com> 7 * 8 * This work is licensed under the terms of the GNU GPL, version 2 or 9 * later. See the COPYING file in the top-level directory. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "sysemu/blockdev.h" 14 #include "sysemu/block-backend.h" 15 #include "hw/block/block.h" 16 #include "qapi/error.h" 17 #include "qapi/qapi-commands-block.h" 18 #include "block/nbd.h" 19 #include "io/channel-socket.h" 20 #include "io/net-listener.h" 21 22 typedef struct NBDServerData { 23 QIONetListener *listener; 24 QCryptoTLSCreds *tlscreds; 25 char *tlsauthz; 26 } NBDServerData; 27 28 static NBDServerData *nbd_server; 29 30 static void nbd_blockdev_client_closed(NBDClient *client, bool ignored) 31 { 32 nbd_client_put(client); 33 } 34 35 static void nbd_accept(QIONetListener *listener, QIOChannelSocket *cioc, 36 gpointer opaque) 37 { 38 qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server"); 39 nbd_client_new(cioc, nbd_server->tlscreds, nbd_server->tlsauthz, 40 nbd_blockdev_client_closed); 41 } 42 43 44 static void nbd_server_free(NBDServerData *server) 45 { 46 if (!server) { 47 return; 48 } 49 50 qio_net_listener_disconnect(server->listener); 51 object_unref(OBJECT(server->listener)); 52 if (server->tlscreds) { 53 object_unref(OBJECT(server->tlscreds)); 54 } 55 g_free(server->tlsauthz); 56 57 g_free(server); 58 } 59 60 static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp) 61 { 62 Object *obj; 63 QCryptoTLSCreds *creds; 64 65 obj = object_resolve_path_component( 66 object_get_objects_root(), id); 67 if (!obj) { 68 error_setg(errp, "No TLS credentials with id '%s'", 69 id); 70 return NULL; 71 } 72 creds = (QCryptoTLSCreds *) 73 object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS); 74 if (!creds) { 75 error_setg(errp, "Object with id '%s' is not TLS credentials", 76 id); 77 return NULL; 78 } 79 80 if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 81 error_setg(errp, 82 "Expecting TLS credentials with a server endpoint"); 83 return NULL; 84 } 85 object_ref(obj); 86 return creds; 87 } 88 89 90 void nbd_server_start(SocketAddress *addr, const char *tls_creds, 91 const char *tls_authz, Error **errp) 92 { 93 if (nbd_server) { 94 error_setg(errp, "NBD server already running"); 95 return; 96 } 97 98 nbd_server = g_new0(NBDServerData, 1); 99 nbd_server->listener = qio_net_listener_new(); 100 101 qio_net_listener_set_name(nbd_server->listener, 102 "nbd-listener"); 103 104 if (qio_net_listener_open_sync(nbd_server->listener, addr, errp) < 0) { 105 goto error; 106 } 107 108 if (tls_creds) { 109 nbd_server->tlscreds = nbd_get_tls_creds(tls_creds, errp); 110 if (!nbd_server->tlscreds) { 111 goto error; 112 } 113 114 /* TODO SOCKET_ADDRESS_TYPE_FD where fd has AF_INET or AF_INET6 */ 115 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 116 error_setg(errp, "TLS is only supported with IPv4/IPv6"); 117 goto error; 118 } 119 } 120 121 nbd_server->tlsauthz = g_strdup(tls_authz); 122 123 qio_net_listener_set_client_func(nbd_server->listener, 124 nbd_accept, 125 NULL, 126 NULL); 127 128 return; 129 130 error: 131 nbd_server_free(nbd_server); 132 nbd_server = NULL; 133 } 134 135 void qmp_nbd_server_start(SocketAddressLegacy *addr, 136 bool has_tls_creds, const char *tls_creds, 137 bool has_tls_authz, const char *tls_authz, 138 Error **errp) 139 { 140 SocketAddress *addr_flat = socket_address_flatten(addr); 141 142 nbd_server_start(addr_flat, tls_creds, tls_authz, errp); 143 qapi_free_SocketAddress(addr_flat); 144 } 145 146 void qmp_nbd_server_add(const char *device, bool has_name, const char *name, 147 bool has_writable, bool writable, 148 bool has_bitmap, const char *bitmap, Error **errp) 149 { 150 BlockDriverState *bs = NULL; 151 BlockBackend *on_eject_blk; 152 NBDExport *exp; 153 int64_t len; 154 155 if (!nbd_server) { 156 error_setg(errp, "NBD server not running"); 157 return; 158 } 159 160 if (!has_name) { 161 name = device; 162 } 163 164 if (nbd_export_find(name)) { 165 error_setg(errp, "NBD server already has export named '%s'", name); 166 return; 167 } 168 169 on_eject_blk = blk_by_name(device); 170 171 bs = bdrv_lookup_bs(device, device, errp); 172 if (!bs) { 173 return; 174 } 175 176 len = bdrv_getlength(bs); 177 if (len < 0) { 178 error_setg_errno(errp, -len, 179 "Failed to determine the NBD export's length"); 180 return; 181 } 182 183 if (!has_writable) { 184 writable = false; 185 } 186 if (bdrv_is_read_only(bs)) { 187 writable = false; 188 } 189 190 exp = nbd_export_new(bs, 0, len, name, NULL, bitmap, 191 writable ? 0 : NBD_FLAG_READ_ONLY, 192 NULL, false, on_eject_blk, errp); 193 if (!exp) { 194 return; 195 } 196 197 /* The list of named exports has a strong reference to this export now and 198 * our only way of accessing it is through nbd_export_find(), so we can drop 199 * the strong reference that is @exp. */ 200 nbd_export_put(exp); 201 } 202 203 void qmp_nbd_server_remove(const char *name, 204 bool has_mode, NbdServerRemoveMode mode, 205 Error **errp) 206 { 207 NBDExport *exp; 208 209 if (!nbd_server) { 210 error_setg(errp, "NBD server not running"); 211 return; 212 } 213 214 exp = nbd_export_find(name); 215 if (exp == NULL) { 216 error_setg(errp, "Export '%s' is not found", name); 217 return; 218 } 219 220 if (!has_mode) { 221 mode = NBD_SERVER_REMOVE_MODE_SAFE; 222 } 223 224 nbd_export_remove(exp, mode, errp); 225 } 226 227 void qmp_nbd_server_stop(Error **errp) 228 { 229 if (!nbd_server) { 230 error_setg(errp, "NBD server not running"); 231 return; 232 } 233 234 nbd_export_close_all(); 235 236 nbd_server_free(nbd_server); 237 nbd_server = NULL; 238 } 239