1 /* 2 * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws> 3 * 4 * Network Block Device Client Side 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; under version 2 of the License. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, see <http://www.gnu.org/licenses/>. 17 */ 18 19 #include "qemu/osdep.h" 20 #include "qapi/error.h" 21 #include "nbd-internal.h" 22 23 static int nbd_errno_to_system_errno(int err) 24 { 25 switch (err) { 26 case NBD_SUCCESS: 27 return 0; 28 case NBD_EPERM: 29 return EPERM; 30 case NBD_EIO: 31 return EIO; 32 case NBD_ENOMEM: 33 return ENOMEM; 34 case NBD_ENOSPC: 35 return ENOSPC; 36 case NBD_EINVAL: 37 default: 38 return EINVAL; 39 } 40 } 41 42 /* Definitions for opaque data types */ 43 44 static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports); 45 46 /* That's all folks */ 47 48 /* Basic flow for negotiation 49 50 Server Client 51 Negotiate 52 53 or 54 55 Server Client 56 Negotiate #1 57 Option 58 Negotiate #2 59 60 ---- 61 62 followed by 63 64 Server Client 65 Request 66 Response 67 Request 68 Response 69 ... 70 ... 71 Request (type == 2) 72 73 */ 74 75 76 /* If type represents success, return 1 without further action. 77 * If type represents an error reply, consume the rest of the packet on ioc. 78 * Then return 0 for unsupported (so the client can fall back to 79 * other approaches), or -1 with errp set for other errors. 80 */ 81 static int nbd_handle_reply_err(QIOChannel *ioc, uint32_t opt, uint32_t type, 82 Error **errp) 83 { 84 uint32_t len; 85 char *msg = NULL; 86 int result = -1; 87 88 if (!(type & (1 << 31))) { 89 return 1; 90 } 91 92 if (read_sync(ioc, &len, sizeof(len)) != sizeof(len)) { 93 error_setg(errp, "failed to read option length"); 94 return -1; 95 } 96 len = be32_to_cpu(len); 97 if (len) { 98 if (len > NBD_MAX_BUFFER_SIZE) { 99 error_setg(errp, "server's error message is too long"); 100 goto cleanup; 101 } 102 msg = g_malloc(len + 1); 103 if (read_sync(ioc, msg, len) != len) { 104 error_setg(errp, "failed to read option error message"); 105 goto cleanup; 106 } 107 msg[len] = '\0'; 108 } 109 110 switch (type) { 111 case NBD_REP_ERR_UNSUP: 112 TRACE("server doesn't understand request %d, attempting fallback", 113 opt); 114 result = 0; 115 goto cleanup; 116 117 case NBD_REP_ERR_POLICY: 118 error_setg(errp, "Denied by server for option %x", opt); 119 break; 120 121 case NBD_REP_ERR_INVALID: 122 error_setg(errp, "Invalid data length for option %x", opt); 123 break; 124 125 case NBD_REP_ERR_TLS_REQD: 126 error_setg(errp, "TLS negotiation required before option %x", opt); 127 break; 128 129 default: 130 error_setg(errp, "Unknown error code when asking for option %x", opt); 131 break; 132 } 133 134 if (msg) { 135 error_append_hint(errp, "%s\n", msg); 136 } 137 138 cleanup: 139 g_free(msg); 140 return result; 141 } 142 143 static int nbd_receive_list(QIOChannel *ioc, char **name, Error **errp) 144 { 145 uint64_t magic; 146 uint32_t opt; 147 uint32_t type; 148 uint32_t len; 149 uint32_t namelen; 150 int error; 151 152 *name = NULL; 153 if (read_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 154 error_setg(errp, "failed to read list option magic"); 155 return -1; 156 } 157 magic = be64_to_cpu(magic); 158 if (magic != NBD_REP_MAGIC) { 159 error_setg(errp, "Unexpected option list magic"); 160 return -1; 161 } 162 if (read_sync(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 163 error_setg(errp, "failed to read list option"); 164 return -1; 165 } 166 opt = be32_to_cpu(opt); 167 if (opt != NBD_OPT_LIST) { 168 error_setg(errp, "Unexpected option type %x expected %x", 169 opt, NBD_OPT_LIST); 170 return -1; 171 } 172 173 if (read_sync(ioc, &type, sizeof(type)) != sizeof(type)) { 174 error_setg(errp, "failed to read list option type"); 175 return -1; 176 } 177 type = be32_to_cpu(type); 178 error = nbd_handle_reply_err(ioc, opt, type, errp); 179 if (error <= 0) { 180 return error; 181 } 182 183 if (read_sync(ioc, &len, sizeof(len)) != sizeof(len)) { 184 error_setg(errp, "failed to read option length"); 185 return -1; 186 } 187 len = be32_to_cpu(len); 188 189 if (type == NBD_REP_ACK) { 190 if (len != 0) { 191 error_setg(errp, "length too long for option end"); 192 return -1; 193 } 194 } else if (type == NBD_REP_SERVER) { 195 if (len < sizeof(namelen) || len > NBD_MAX_BUFFER_SIZE) { 196 error_setg(errp, "incorrect option length"); 197 return -1; 198 } 199 if (read_sync(ioc, &namelen, sizeof(namelen)) != sizeof(namelen)) { 200 error_setg(errp, "failed to read option name length"); 201 return -1; 202 } 203 namelen = be32_to_cpu(namelen); 204 len -= sizeof(namelen); 205 if (len < namelen) { 206 error_setg(errp, "incorrect option name length"); 207 return -1; 208 } 209 if (namelen > 255) { 210 error_setg(errp, "export name length too long %d", namelen); 211 return -1; 212 } 213 214 *name = g_new0(char, namelen + 1); 215 if (read_sync(ioc, *name, namelen) != namelen) { 216 error_setg(errp, "failed to read export name"); 217 g_free(*name); 218 *name = NULL; 219 return -1; 220 } 221 (*name)[namelen] = '\0'; 222 len -= namelen; 223 if (len) { 224 char *buf = g_malloc(len + 1); 225 if (read_sync(ioc, buf, len) != len) { 226 error_setg(errp, "failed to read export description"); 227 g_free(*name); 228 g_free(buf); 229 *name = NULL; 230 return -1; 231 } 232 buf[len] = '\0'; 233 TRACE("Ignoring export description: %s", buf); 234 g_free(buf); 235 } 236 } else { 237 error_setg(errp, "Unexpected reply type %x expected %x", 238 type, NBD_REP_SERVER); 239 return -1; 240 } 241 return 1; 242 } 243 244 245 static int nbd_receive_query_exports(QIOChannel *ioc, 246 const char *wantname, 247 Error **errp) 248 { 249 uint64_t magic = cpu_to_be64(NBD_OPTS_MAGIC); 250 uint32_t opt = cpu_to_be32(NBD_OPT_LIST); 251 uint32_t length = 0; 252 bool foundExport = false; 253 254 TRACE("Querying export list"); 255 if (write_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 256 error_setg(errp, "Failed to send list option magic"); 257 return -1; 258 } 259 260 if (write_sync(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 261 error_setg(errp, "Failed to send list option number"); 262 return -1; 263 } 264 265 if (write_sync(ioc, &length, sizeof(length)) != sizeof(length)) { 266 error_setg(errp, "Failed to send list option length"); 267 return -1; 268 } 269 270 TRACE("Reading available export names"); 271 while (1) { 272 char *name = NULL; 273 int ret = nbd_receive_list(ioc, &name, errp); 274 275 if (ret < 0) { 276 g_free(name); 277 name = NULL; 278 return -1; 279 } 280 if (ret == 0) { 281 /* Server doesn't support export listing, so 282 * we will just assume an export with our 283 * wanted name exists */ 284 foundExport = true; 285 break; 286 } 287 if (name == NULL) { 288 TRACE("End of export name list"); 289 break; 290 } 291 if (g_str_equal(name, wantname)) { 292 foundExport = true; 293 TRACE("Found desired export name '%s'", name); 294 } else { 295 TRACE("Ignored export name '%s'", name); 296 } 297 g_free(name); 298 } 299 300 if (!foundExport) { 301 error_setg(errp, "No export with name '%s' available", wantname); 302 return -1; 303 } 304 305 return 0; 306 } 307 308 static QIOChannel *nbd_receive_starttls(QIOChannel *ioc, 309 QCryptoTLSCreds *tlscreds, 310 const char *hostname, Error **errp) 311 { 312 uint64_t magic = cpu_to_be64(NBD_OPTS_MAGIC); 313 uint32_t opt = cpu_to_be32(NBD_OPT_STARTTLS); 314 uint32_t length = 0; 315 uint32_t type; 316 QIOChannelTLS *tioc; 317 struct NBDTLSHandshakeData data = { 0 }; 318 319 TRACE("Requesting TLS from server"); 320 if (write_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 321 error_setg(errp, "Failed to send option magic"); 322 return NULL; 323 } 324 325 if (write_sync(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 326 error_setg(errp, "Failed to send option number"); 327 return NULL; 328 } 329 330 if (write_sync(ioc, &length, sizeof(length)) != sizeof(length)) { 331 error_setg(errp, "Failed to send option length"); 332 return NULL; 333 } 334 335 TRACE("Getting TLS reply from server1"); 336 if (read_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 337 error_setg(errp, "failed to read option magic"); 338 return NULL; 339 } 340 magic = be64_to_cpu(magic); 341 if (magic != NBD_REP_MAGIC) { 342 error_setg(errp, "Unexpected option magic"); 343 return NULL; 344 } 345 TRACE("Getting TLS reply from server2"); 346 if (read_sync(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 347 error_setg(errp, "failed to read option"); 348 return NULL; 349 } 350 opt = be32_to_cpu(opt); 351 if (opt != NBD_OPT_STARTTLS) { 352 error_setg(errp, "Unexpected option type %x expected %x", 353 opt, NBD_OPT_STARTTLS); 354 return NULL; 355 } 356 357 TRACE("Getting TLS reply from server"); 358 if (read_sync(ioc, &type, sizeof(type)) != sizeof(type)) { 359 error_setg(errp, "failed to read option type"); 360 return NULL; 361 } 362 type = be32_to_cpu(type); 363 if (type != NBD_REP_ACK) { 364 error_setg(errp, "Server rejected request to start TLS %x", 365 type); 366 return NULL; 367 } 368 369 TRACE("Getting TLS reply from server"); 370 if (read_sync(ioc, &length, sizeof(length)) != sizeof(length)) { 371 error_setg(errp, "failed to read option length"); 372 return NULL; 373 } 374 length = be32_to_cpu(length); 375 if (length != 0) { 376 error_setg(errp, "Start TLS reponse was not zero %x", 377 length); 378 return NULL; 379 } 380 381 TRACE("TLS request approved, setting up TLS"); 382 tioc = qio_channel_tls_new_client(ioc, tlscreds, hostname, errp); 383 if (!tioc) { 384 return NULL; 385 } 386 data.loop = g_main_loop_new(g_main_context_default(), FALSE); 387 TRACE("Starting TLS hanshake"); 388 qio_channel_tls_handshake(tioc, 389 nbd_tls_handshake, 390 &data, 391 NULL); 392 393 if (!data.complete) { 394 g_main_loop_run(data.loop); 395 } 396 g_main_loop_unref(data.loop); 397 if (data.error) { 398 error_propagate(errp, data.error); 399 object_unref(OBJECT(tioc)); 400 return NULL; 401 } 402 403 return QIO_CHANNEL(tioc); 404 } 405 406 407 int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint32_t *flags, 408 QCryptoTLSCreds *tlscreds, const char *hostname, 409 QIOChannel **outioc, 410 off_t *size, Error **errp) 411 { 412 char buf[256]; 413 uint64_t magic, s; 414 int rc; 415 416 TRACE("Receiving negotiation tlscreds=%p hostname=%s.", 417 tlscreds, hostname ? hostname : "<null>"); 418 419 rc = -EINVAL; 420 421 if (outioc) { 422 *outioc = NULL; 423 } 424 if (tlscreds && !outioc) { 425 error_setg(errp, "Output I/O channel required for TLS"); 426 goto fail; 427 } 428 429 if (read_sync(ioc, buf, 8) != 8) { 430 error_setg(errp, "Failed to read data"); 431 goto fail; 432 } 433 434 buf[8] = '\0'; 435 if (strlen(buf) == 0) { 436 error_setg(errp, "Server connection closed unexpectedly"); 437 goto fail; 438 } 439 440 TRACE("Magic is %c%c%c%c%c%c%c%c", 441 qemu_isprint(buf[0]) ? buf[0] : '.', 442 qemu_isprint(buf[1]) ? buf[1] : '.', 443 qemu_isprint(buf[2]) ? buf[2] : '.', 444 qemu_isprint(buf[3]) ? buf[3] : '.', 445 qemu_isprint(buf[4]) ? buf[4] : '.', 446 qemu_isprint(buf[5]) ? buf[5] : '.', 447 qemu_isprint(buf[6]) ? buf[6] : '.', 448 qemu_isprint(buf[7]) ? buf[7] : '.'); 449 450 if (memcmp(buf, "NBDMAGIC", 8) != 0) { 451 error_setg(errp, "Invalid magic received"); 452 goto fail; 453 } 454 455 if (read_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 456 error_setg(errp, "Failed to read magic"); 457 goto fail; 458 } 459 magic = be64_to_cpu(magic); 460 TRACE("Magic is 0x%" PRIx64, magic); 461 462 if (magic == NBD_OPTS_MAGIC) { 463 uint32_t clientflags = 0; 464 uint32_t opt; 465 uint32_t namesize; 466 uint16_t globalflags; 467 uint16_t exportflags; 468 bool fixedNewStyle = false; 469 470 if (read_sync(ioc, &globalflags, sizeof(globalflags)) != 471 sizeof(globalflags)) { 472 error_setg(errp, "Failed to read server flags"); 473 goto fail; 474 } 475 globalflags = be16_to_cpu(globalflags); 476 *flags = globalflags << 16; 477 TRACE("Global flags are %x", globalflags); 478 if (globalflags & NBD_FLAG_FIXED_NEWSTYLE) { 479 fixedNewStyle = true; 480 TRACE("Server supports fixed new style"); 481 clientflags |= NBD_FLAG_C_FIXED_NEWSTYLE; 482 } 483 /* client requested flags */ 484 clientflags = cpu_to_be32(clientflags); 485 if (write_sync(ioc, &clientflags, sizeof(clientflags)) != 486 sizeof(clientflags)) { 487 error_setg(errp, "Failed to send clientflags field"); 488 goto fail; 489 } 490 if (tlscreds) { 491 if (fixedNewStyle) { 492 *outioc = nbd_receive_starttls(ioc, tlscreds, hostname, errp); 493 if (!*outioc) { 494 goto fail; 495 } 496 ioc = *outioc; 497 } else { 498 error_setg(errp, "Server does not support STARTTLS"); 499 goto fail; 500 } 501 } 502 if (!name) { 503 TRACE("Using default NBD export name \"\""); 504 name = ""; 505 } 506 if (fixedNewStyle) { 507 /* Check our desired export is present in the 508 * server export list. Since NBD_OPT_EXPORT_NAME 509 * cannot return an error message, running this 510 * query gives us good error reporting if the 511 * server required TLS 512 */ 513 if (nbd_receive_query_exports(ioc, name, errp) < 0) { 514 goto fail; 515 } 516 } 517 /* write the export name */ 518 magic = cpu_to_be64(magic); 519 if (write_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 520 error_setg(errp, "Failed to send export name magic"); 521 goto fail; 522 } 523 opt = cpu_to_be32(NBD_OPT_EXPORT_NAME); 524 if (write_sync(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 525 error_setg(errp, "Failed to send export name option number"); 526 goto fail; 527 } 528 namesize = cpu_to_be32(strlen(name)); 529 if (write_sync(ioc, &namesize, sizeof(namesize)) != 530 sizeof(namesize)) { 531 error_setg(errp, "Failed to send export name length"); 532 goto fail; 533 } 534 if (write_sync(ioc, (char *)name, strlen(name)) != strlen(name)) { 535 error_setg(errp, "Failed to send export name"); 536 goto fail; 537 } 538 539 if (read_sync(ioc, &s, sizeof(s)) != sizeof(s)) { 540 error_setg(errp, "Failed to read export length"); 541 goto fail; 542 } 543 *size = be64_to_cpu(s); 544 TRACE("Size is %" PRIu64, *size); 545 546 if (read_sync(ioc, &exportflags, sizeof(exportflags)) != 547 sizeof(exportflags)) { 548 error_setg(errp, "Failed to read export flags"); 549 goto fail; 550 } 551 exportflags = be16_to_cpu(exportflags); 552 *flags |= exportflags; 553 TRACE("Export flags are %x", exportflags); 554 } else if (magic == NBD_CLIENT_MAGIC) { 555 if (name) { 556 error_setg(errp, "Server does not support export names"); 557 goto fail; 558 } 559 if (tlscreds) { 560 error_setg(errp, "Server does not support STARTTLS"); 561 goto fail; 562 } 563 564 if (read_sync(ioc, &s, sizeof(s)) != sizeof(s)) { 565 error_setg(errp, "Failed to read export length"); 566 goto fail; 567 } 568 *size = be64_to_cpu(s); 569 TRACE("Size is %" PRIu64, *size); 570 571 if (read_sync(ioc, flags, sizeof(*flags)) != sizeof(*flags)) { 572 error_setg(errp, "Failed to read export flags"); 573 goto fail; 574 } 575 *flags = be32_to_cpup(flags); 576 } else { 577 error_setg(errp, "Bad magic received"); 578 goto fail; 579 } 580 581 if (read_sync(ioc, &buf, 124) != 124) { 582 error_setg(errp, "Failed to read reserved block"); 583 goto fail; 584 } 585 rc = 0; 586 587 fail: 588 return rc; 589 } 590 591 #ifdef __linux__ 592 int nbd_init(int fd, QIOChannelSocket *sioc, uint32_t flags, off_t size) 593 { 594 TRACE("Setting NBD socket"); 595 596 if (ioctl(fd, NBD_SET_SOCK, sioc->fd) < 0) { 597 int serrno = errno; 598 LOG("Failed to set NBD socket"); 599 return -serrno; 600 } 601 602 TRACE("Setting block size to %lu", (unsigned long)BDRV_SECTOR_SIZE); 603 604 if (ioctl(fd, NBD_SET_BLKSIZE, (size_t)BDRV_SECTOR_SIZE) < 0) { 605 int serrno = errno; 606 LOG("Failed setting NBD block size"); 607 return -serrno; 608 } 609 610 TRACE("Setting size to %zd block(s)", (size_t)(size / BDRV_SECTOR_SIZE)); 611 612 if (ioctl(fd, NBD_SET_SIZE_BLOCKS, (size_t)(size / BDRV_SECTOR_SIZE)) < 0) { 613 int serrno = errno; 614 LOG("Failed setting size (in blocks)"); 615 return -serrno; 616 } 617 618 if (ioctl(fd, NBD_SET_FLAGS, flags) < 0) { 619 if (errno == ENOTTY) { 620 int read_only = (flags & NBD_FLAG_READ_ONLY) != 0; 621 TRACE("Setting readonly attribute"); 622 623 if (ioctl(fd, BLKROSET, (unsigned long) &read_only) < 0) { 624 int serrno = errno; 625 LOG("Failed setting read-only attribute"); 626 return -serrno; 627 } 628 } else { 629 int serrno = errno; 630 LOG("Failed setting flags"); 631 return -serrno; 632 } 633 } 634 635 TRACE("Negotiation ended"); 636 637 return 0; 638 } 639 640 int nbd_client(int fd) 641 { 642 int ret; 643 int serrno; 644 645 TRACE("Doing NBD loop"); 646 647 ret = ioctl(fd, NBD_DO_IT); 648 if (ret < 0 && errno == EPIPE) { 649 /* NBD_DO_IT normally returns EPIPE when someone has disconnected 650 * the socket via NBD_DISCONNECT. We do not want to return 1 in 651 * that case. 652 */ 653 ret = 0; 654 } 655 serrno = errno; 656 657 TRACE("NBD loop returned %d: %s", ret, strerror(serrno)); 658 659 TRACE("Clearing NBD queue"); 660 ioctl(fd, NBD_CLEAR_QUE); 661 662 TRACE("Clearing NBD socket"); 663 ioctl(fd, NBD_CLEAR_SOCK); 664 665 errno = serrno; 666 return ret; 667 } 668 #else 669 int nbd_init(int fd, QIOChannelSocket *ioc, uint32_t flags, off_t size) 670 { 671 return -ENOTSUP; 672 } 673 674 int nbd_client(int fd) 675 { 676 return -ENOTSUP; 677 } 678 #endif 679 680 ssize_t nbd_send_request(QIOChannel *ioc, struct nbd_request *request) 681 { 682 uint8_t buf[NBD_REQUEST_SIZE]; 683 ssize_t ret; 684 685 TRACE("Sending request to server: " 686 "{ .from = %" PRIu64", .len = %u, .handle = %" PRIu64", .type=%i}", 687 request->from, request->len, request->handle, request->type); 688 689 cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC); 690 cpu_to_be32w((uint32_t*)(buf + 4), request->type); 691 cpu_to_be64w((uint64_t*)(buf + 8), request->handle); 692 cpu_to_be64w((uint64_t*)(buf + 16), request->from); 693 cpu_to_be32w((uint32_t*)(buf + 24), request->len); 694 695 ret = write_sync(ioc, buf, sizeof(buf)); 696 if (ret < 0) { 697 return ret; 698 } 699 700 if (ret != sizeof(buf)) { 701 LOG("writing to socket failed"); 702 return -EINVAL; 703 } 704 return 0; 705 } 706 707 ssize_t nbd_receive_reply(QIOChannel *ioc, struct nbd_reply *reply) 708 { 709 uint8_t buf[NBD_REPLY_SIZE]; 710 uint32_t magic; 711 ssize_t ret; 712 713 ret = read_sync(ioc, buf, sizeof(buf)); 714 if (ret < 0) { 715 return ret; 716 } 717 718 if (ret != sizeof(buf)) { 719 LOG("read failed"); 720 return -EINVAL; 721 } 722 723 /* Reply 724 [ 0 .. 3] magic (NBD_REPLY_MAGIC) 725 [ 4 .. 7] error (0 == no error) 726 [ 7 .. 15] handle 727 */ 728 729 magic = be32_to_cpup((uint32_t*)buf); 730 reply->error = be32_to_cpup((uint32_t*)(buf + 4)); 731 reply->handle = be64_to_cpup((uint64_t*)(buf + 8)); 732 733 reply->error = nbd_errno_to_system_errno(reply->error); 734 735 TRACE("Got reply: " 736 "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }", 737 magic, reply->error, reply->handle); 738 739 if (magic != NBD_REPLY_MAGIC) { 740 LOG("invalid magic (got 0x%x)", magic); 741 return -EINVAL; 742 } 743 return 0; 744 } 745 746