1 /* 2 * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws> 3 * 4 * Network Block Device Server Side 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; under version 2 of the License. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, see <http://www.gnu.org/licenses/>. 17 */ 18 19 #include "qemu/osdep.h" 20 #include "qapi/error.h" 21 #include "nbd-internal.h" 22 23 static int system_errno_to_nbd_errno(int err) 24 { 25 switch (err) { 26 case 0: 27 return NBD_SUCCESS; 28 case EPERM: 29 case EROFS: 30 return NBD_EPERM; 31 case EIO: 32 return NBD_EIO; 33 case ENOMEM: 34 return NBD_ENOMEM; 35 #ifdef EDQUOT 36 case EDQUOT: 37 #endif 38 case EFBIG: 39 case ENOSPC: 40 return NBD_ENOSPC; 41 case EINVAL: 42 default: 43 return NBD_EINVAL; 44 } 45 } 46 47 /* Definitions for opaque data types */ 48 49 typedef struct NBDRequest NBDRequest; 50 51 struct NBDRequest { 52 QSIMPLEQ_ENTRY(NBDRequest) entry; 53 NBDClient *client; 54 uint8_t *data; 55 bool complete; 56 }; 57 58 struct NBDExport { 59 int refcount; 60 void (*close)(NBDExport *exp); 61 62 BlockBackend *blk; 63 char *name; 64 off_t dev_offset; 65 off_t size; 66 uint16_t nbdflags; 67 QTAILQ_HEAD(, NBDClient) clients; 68 QTAILQ_ENTRY(NBDExport) next; 69 70 AioContext *ctx; 71 72 Notifier eject_notifier; 73 }; 74 75 static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports); 76 77 struct NBDClient { 78 int refcount; 79 void (*close)(NBDClient *client); 80 81 NBDExport *exp; 82 QCryptoTLSCreds *tlscreds; 83 char *tlsaclname; 84 QIOChannelSocket *sioc; /* The underlying data channel */ 85 QIOChannel *ioc; /* The current I/O channel which may differ (eg TLS) */ 86 87 Coroutine *recv_coroutine; 88 89 CoMutex send_lock; 90 Coroutine *send_coroutine; 91 92 bool can_read; 93 94 QTAILQ_ENTRY(NBDClient) next; 95 int nb_requests; 96 bool closing; 97 }; 98 99 /* That's all folks */ 100 101 static void nbd_set_handlers(NBDClient *client); 102 static void nbd_unset_handlers(NBDClient *client); 103 static void nbd_update_can_read(NBDClient *client); 104 105 static gboolean nbd_negotiate_continue(QIOChannel *ioc, 106 GIOCondition condition, 107 void *opaque) 108 { 109 qemu_coroutine_enter(opaque); 110 return TRUE; 111 } 112 113 static ssize_t nbd_negotiate_read(QIOChannel *ioc, void *buffer, size_t size) 114 { 115 ssize_t ret; 116 guint watch; 117 118 assert(qemu_in_coroutine()); 119 /* Negotiation are always in main loop. */ 120 watch = qio_channel_add_watch(ioc, 121 G_IO_IN, 122 nbd_negotiate_continue, 123 qemu_coroutine_self(), 124 NULL); 125 ret = read_sync(ioc, buffer, size); 126 g_source_remove(watch); 127 return ret; 128 129 } 130 131 static ssize_t nbd_negotiate_write(QIOChannel *ioc, void *buffer, size_t size) 132 { 133 ssize_t ret; 134 guint watch; 135 136 assert(qemu_in_coroutine()); 137 /* Negotiation are always in main loop. */ 138 watch = qio_channel_add_watch(ioc, 139 G_IO_OUT, 140 nbd_negotiate_continue, 141 qemu_coroutine_self(), 142 NULL); 143 ret = write_sync(ioc, buffer, size); 144 g_source_remove(watch); 145 return ret; 146 } 147 148 static ssize_t nbd_negotiate_drop_sync(QIOChannel *ioc, size_t size) 149 { 150 ssize_t ret, dropped = size; 151 uint8_t *buffer = g_malloc(MIN(65536, size)); 152 153 while (size > 0) { 154 ret = nbd_negotiate_read(ioc, buffer, MIN(65536, size)); 155 if (ret < 0) { 156 g_free(buffer); 157 return ret; 158 } 159 160 assert(ret <= size); 161 size -= ret; 162 } 163 164 g_free(buffer); 165 return dropped; 166 } 167 168 /* Basic flow for negotiation 169 170 Server Client 171 Negotiate 172 173 or 174 175 Server Client 176 Negotiate #1 177 Option 178 Negotiate #2 179 180 ---- 181 182 followed by 183 184 Server Client 185 Request 186 Response 187 Request 188 Response 189 ... 190 ... 191 Request (type == 2) 192 193 */ 194 195 static int nbd_negotiate_send_rep(QIOChannel *ioc, uint32_t type, uint32_t opt) 196 { 197 uint64_t magic; 198 uint32_t len; 199 200 TRACE("Reply opt=%" PRIx32 " type=%" PRIx32, type, opt); 201 202 magic = cpu_to_be64(NBD_REP_MAGIC); 203 if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 204 LOG("write failed (rep magic)"); 205 return -EINVAL; 206 } 207 opt = cpu_to_be32(opt); 208 if (nbd_negotiate_write(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 209 LOG("write failed (rep opt)"); 210 return -EINVAL; 211 } 212 type = cpu_to_be32(type); 213 if (nbd_negotiate_write(ioc, &type, sizeof(type)) != sizeof(type)) { 214 LOG("write failed (rep type)"); 215 return -EINVAL; 216 } 217 len = cpu_to_be32(0); 218 if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) { 219 LOG("write failed (rep data length)"); 220 return -EINVAL; 221 } 222 return 0; 223 } 224 225 static int nbd_negotiate_send_rep_list(QIOChannel *ioc, NBDExport *exp) 226 { 227 uint64_t magic, name_len; 228 uint32_t opt, type, len; 229 230 TRACE("Advertising export name '%s'", exp->name ? exp->name : ""); 231 name_len = strlen(exp->name); 232 magic = cpu_to_be64(NBD_REP_MAGIC); 233 if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) { 234 LOG("write failed (magic)"); 235 return -EINVAL; 236 } 237 opt = cpu_to_be32(NBD_OPT_LIST); 238 if (nbd_negotiate_write(ioc, &opt, sizeof(opt)) != sizeof(opt)) { 239 LOG("write failed (opt)"); 240 return -EINVAL; 241 } 242 type = cpu_to_be32(NBD_REP_SERVER); 243 if (nbd_negotiate_write(ioc, &type, sizeof(type)) != sizeof(type)) { 244 LOG("write failed (reply type)"); 245 return -EINVAL; 246 } 247 len = cpu_to_be32(name_len + sizeof(len)); 248 if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) { 249 LOG("write failed (length)"); 250 return -EINVAL; 251 } 252 len = cpu_to_be32(name_len); 253 if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) { 254 LOG("write failed (length)"); 255 return -EINVAL; 256 } 257 if (nbd_negotiate_write(ioc, exp->name, name_len) != name_len) { 258 LOG("write failed (buffer)"); 259 return -EINVAL; 260 } 261 return 0; 262 } 263 264 static int nbd_negotiate_handle_list(NBDClient *client, uint32_t length) 265 { 266 NBDExport *exp; 267 268 if (length) { 269 if (nbd_negotiate_drop_sync(client->ioc, length) != length) { 270 return -EIO; 271 } 272 return nbd_negotiate_send_rep(client->ioc, 273 NBD_REP_ERR_INVALID, NBD_OPT_LIST); 274 } 275 276 /* For each export, send a NBD_REP_SERVER reply. */ 277 QTAILQ_FOREACH(exp, &exports, next) { 278 if (nbd_negotiate_send_rep_list(client->ioc, exp)) { 279 return -EINVAL; 280 } 281 } 282 /* Finish with a NBD_REP_ACK. */ 283 return nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, NBD_OPT_LIST); 284 } 285 286 static int nbd_negotiate_handle_export_name(NBDClient *client, uint32_t length) 287 { 288 int rc = -EINVAL; 289 char name[NBD_MAX_NAME_SIZE + 1]; 290 291 /* Client sends: 292 [20 .. xx] export name (length bytes) 293 */ 294 TRACE("Checking length"); 295 if (length >= sizeof(name)) { 296 LOG("Bad length received"); 297 goto fail; 298 } 299 if (nbd_negotiate_read(client->ioc, name, length) != length) { 300 LOG("read failed"); 301 goto fail; 302 } 303 name[length] = '\0'; 304 305 TRACE("Client requested export '%s'", name); 306 307 client->exp = nbd_export_find(name); 308 if (!client->exp) { 309 LOG("export not found"); 310 goto fail; 311 } 312 313 QTAILQ_INSERT_TAIL(&client->exp->clients, client, next); 314 nbd_export_get(client->exp); 315 rc = 0; 316 fail: 317 return rc; 318 } 319 320 321 static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client, 322 uint32_t length) 323 { 324 QIOChannel *ioc; 325 QIOChannelTLS *tioc; 326 struct NBDTLSHandshakeData data = { 0 }; 327 328 TRACE("Setting up TLS"); 329 ioc = client->ioc; 330 if (length) { 331 if (nbd_negotiate_drop_sync(ioc, length) != length) { 332 return NULL; 333 } 334 nbd_negotiate_send_rep(ioc, NBD_REP_ERR_INVALID, NBD_OPT_STARTTLS); 335 return NULL; 336 } 337 338 if (nbd_negotiate_send_rep(client->ioc, NBD_REP_ACK, 339 NBD_OPT_STARTTLS) < 0) { 340 return NULL; 341 } 342 343 tioc = qio_channel_tls_new_server(ioc, 344 client->tlscreds, 345 client->tlsaclname, 346 NULL); 347 if (!tioc) { 348 return NULL; 349 } 350 351 TRACE("Starting TLS handshake"); 352 data.loop = g_main_loop_new(g_main_context_default(), FALSE); 353 qio_channel_tls_handshake(tioc, 354 nbd_tls_handshake, 355 &data, 356 NULL); 357 358 if (!data.complete) { 359 g_main_loop_run(data.loop); 360 } 361 g_main_loop_unref(data.loop); 362 if (data.error) { 363 object_unref(OBJECT(tioc)); 364 error_free(data.error); 365 return NULL; 366 } 367 368 return QIO_CHANNEL(tioc); 369 } 370 371 372 static int nbd_negotiate_options(NBDClient *client) 373 { 374 uint32_t flags; 375 bool fixedNewstyle = false; 376 377 /* Client sends: 378 [ 0 .. 3] client flags 379 380 [ 0 .. 7] NBD_OPTS_MAGIC 381 [ 8 .. 11] NBD option 382 [12 .. 15] Data length 383 ... Rest of request 384 385 [ 0 .. 7] NBD_OPTS_MAGIC 386 [ 8 .. 11] Second NBD option 387 [12 .. 15] Data length 388 ... Rest of request 389 */ 390 391 if (nbd_negotiate_read(client->ioc, &flags, sizeof(flags)) != 392 sizeof(flags)) { 393 LOG("read failed"); 394 return -EIO; 395 } 396 TRACE("Checking client flags"); 397 be32_to_cpus(&flags); 398 if (flags & NBD_FLAG_C_FIXED_NEWSTYLE) { 399 TRACE("Client supports fixed newstyle handshake"); 400 fixedNewstyle = true; 401 flags &= ~NBD_FLAG_C_FIXED_NEWSTYLE; 402 } 403 if (flags != 0) { 404 TRACE("Unknown client flags 0x%" PRIx32 " received", flags); 405 return -EIO; 406 } 407 408 while (1) { 409 int ret; 410 uint32_t clientflags, length; 411 uint64_t magic; 412 413 if (nbd_negotiate_read(client->ioc, &magic, sizeof(magic)) != 414 sizeof(magic)) { 415 LOG("read failed"); 416 return -EINVAL; 417 } 418 TRACE("Checking opts magic"); 419 if (magic != be64_to_cpu(NBD_OPTS_MAGIC)) { 420 LOG("Bad magic received"); 421 return -EINVAL; 422 } 423 424 if (nbd_negotiate_read(client->ioc, &clientflags, 425 sizeof(clientflags)) != sizeof(clientflags)) { 426 LOG("read failed"); 427 return -EINVAL; 428 } 429 clientflags = be32_to_cpu(clientflags); 430 431 if (nbd_negotiate_read(client->ioc, &length, sizeof(length)) != 432 sizeof(length)) { 433 LOG("read failed"); 434 return -EINVAL; 435 } 436 length = be32_to_cpu(length); 437 438 TRACE("Checking option 0x%" PRIx32, clientflags); 439 if (client->tlscreds && 440 client->ioc == (QIOChannel *)client->sioc) { 441 QIOChannel *tioc; 442 if (!fixedNewstyle) { 443 TRACE("Unsupported option 0x%" PRIx32, clientflags); 444 return -EINVAL; 445 } 446 switch (clientflags) { 447 case NBD_OPT_STARTTLS: 448 tioc = nbd_negotiate_handle_starttls(client, length); 449 if (!tioc) { 450 return -EIO; 451 } 452 object_unref(OBJECT(client->ioc)); 453 client->ioc = QIO_CHANNEL(tioc); 454 break; 455 456 case NBD_OPT_EXPORT_NAME: 457 /* No way to return an error to client, so drop connection */ 458 TRACE("Option 0x%x not permitted before TLS", clientflags); 459 return -EINVAL; 460 461 default: 462 TRACE("Option 0x%" PRIx32 " not permitted before TLS", 463 clientflags); 464 if (nbd_negotiate_drop_sync(client->ioc, length) != length) { 465 return -EIO; 466 } 467 ret = nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_TLS_REQD, 468 clientflags); 469 if (ret < 0) { 470 return ret; 471 } 472 break; 473 } 474 } else if (fixedNewstyle) { 475 switch (clientflags) { 476 case NBD_OPT_LIST: 477 ret = nbd_negotiate_handle_list(client, length); 478 if (ret < 0) { 479 return ret; 480 } 481 break; 482 483 case NBD_OPT_ABORT: 484 return -EINVAL; 485 486 case NBD_OPT_EXPORT_NAME: 487 return nbd_negotiate_handle_export_name(client, length); 488 489 case NBD_OPT_STARTTLS: 490 if (nbd_negotiate_drop_sync(client->ioc, length) != length) { 491 return -EIO; 492 } 493 if (client->tlscreds) { 494 TRACE("TLS already enabled"); 495 ret = nbd_negotiate_send_rep(client->ioc, 496 NBD_REP_ERR_INVALID, 497 clientflags); 498 } else { 499 TRACE("TLS not configured"); 500 ret = nbd_negotiate_send_rep(client->ioc, 501 NBD_REP_ERR_POLICY, 502 clientflags); 503 } 504 if (ret < 0) { 505 return ret; 506 } 507 break; 508 default: 509 TRACE("Unsupported option 0x%" PRIx32, clientflags); 510 if (nbd_negotiate_drop_sync(client->ioc, length) != length) { 511 return -EIO; 512 } 513 ret = nbd_negotiate_send_rep(client->ioc, NBD_REP_ERR_UNSUP, 514 clientflags); 515 if (ret < 0) { 516 return ret; 517 } 518 break; 519 } 520 } else { 521 /* 522 * If broken new-style we should drop the connection 523 * for anything except NBD_OPT_EXPORT_NAME 524 */ 525 switch (clientflags) { 526 case NBD_OPT_EXPORT_NAME: 527 return nbd_negotiate_handle_export_name(client, length); 528 529 default: 530 TRACE("Unsupported option 0x%" PRIx32, clientflags); 531 return -EINVAL; 532 } 533 } 534 } 535 } 536 537 typedef struct { 538 NBDClient *client; 539 Coroutine *co; 540 } NBDClientNewData; 541 542 static coroutine_fn int nbd_negotiate(NBDClientNewData *data) 543 { 544 NBDClient *client = data->client; 545 char buf[8 + 8 + 8 + 128]; 546 int rc; 547 const uint16_t myflags = (NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM | 548 NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA); 549 bool oldStyle; 550 551 /* Old style negotiation header without options 552 [ 0 .. 7] passwd ("NBDMAGIC") 553 [ 8 .. 15] magic (NBD_CLIENT_MAGIC) 554 [16 .. 23] size 555 [24 .. 25] server flags (0) 556 [26 .. 27] export flags 557 [28 .. 151] reserved (0) 558 559 New style negotiation header with options 560 [ 0 .. 7] passwd ("NBDMAGIC") 561 [ 8 .. 15] magic (NBD_OPTS_MAGIC) 562 [16 .. 17] server flags (0) 563 ....options sent.... 564 [18 .. 25] size 565 [26 .. 27] export flags 566 [28 .. 151] reserved (0) 567 */ 568 569 qio_channel_set_blocking(client->ioc, false, NULL); 570 rc = -EINVAL; 571 572 TRACE("Beginning negotiation."); 573 memset(buf, 0, sizeof(buf)); 574 memcpy(buf, "NBDMAGIC", 8); 575 576 oldStyle = client->exp != NULL && !client->tlscreds; 577 if (oldStyle) { 578 TRACE("advertising size %" PRIu64 " and flags %x", 579 client->exp->size, client->exp->nbdflags | myflags); 580 stq_be_p(buf + 8, NBD_CLIENT_MAGIC); 581 stq_be_p(buf + 16, client->exp->size); 582 stw_be_p(buf + 26, client->exp->nbdflags | myflags); 583 } else { 584 stq_be_p(buf + 8, NBD_OPTS_MAGIC); 585 stw_be_p(buf + 16, NBD_FLAG_FIXED_NEWSTYLE); 586 } 587 588 if (oldStyle) { 589 if (client->tlscreds) { 590 TRACE("TLS cannot be enabled with oldstyle protocol"); 591 goto fail; 592 } 593 if (nbd_negotiate_write(client->ioc, buf, sizeof(buf)) != sizeof(buf)) { 594 LOG("write failed"); 595 goto fail; 596 } 597 } else { 598 if (nbd_negotiate_write(client->ioc, buf, 18) != 18) { 599 LOG("write failed"); 600 goto fail; 601 } 602 rc = nbd_negotiate_options(client); 603 if (rc != 0) { 604 LOG("option negotiation failed"); 605 goto fail; 606 } 607 608 TRACE("advertising size %" PRIu64 " and flags %x", 609 client->exp->size, client->exp->nbdflags | myflags); 610 stq_be_p(buf + 18, client->exp->size); 611 stw_be_p(buf + 26, client->exp->nbdflags | myflags); 612 if (nbd_negotiate_write(client->ioc, buf + 18, sizeof(buf) - 18) != 613 sizeof(buf) - 18) { 614 LOG("write failed"); 615 goto fail; 616 } 617 } 618 619 TRACE("Negotiation succeeded."); 620 rc = 0; 621 fail: 622 return rc; 623 } 624 625 static ssize_t nbd_receive_request(QIOChannel *ioc, struct nbd_request *request) 626 { 627 uint8_t buf[NBD_REQUEST_SIZE]; 628 uint32_t magic; 629 ssize_t ret; 630 631 ret = read_sync(ioc, buf, sizeof(buf)); 632 if (ret < 0) { 633 return ret; 634 } 635 636 if (ret != sizeof(buf)) { 637 LOG("read failed"); 638 return -EINVAL; 639 } 640 641 /* Request 642 [ 0 .. 3] magic (NBD_REQUEST_MAGIC) 643 [ 4 .. 7] type (0 == READ, 1 == WRITE) 644 [ 8 .. 15] handle 645 [16 .. 23] from 646 [24 .. 27] len 647 */ 648 649 magic = ldl_be_p(buf); 650 request->type = ldl_be_p(buf + 4); 651 request->handle = ldq_be_p(buf + 8); 652 request->from = ldq_be_p(buf + 16); 653 request->len = ldl_be_p(buf + 24); 654 655 TRACE("Got request: { magic = 0x%" PRIx32 ", .type = %" PRIx32 656 ", from = %" PRIu64 " , len = %" PRIu32 " }", 657 magic, request->type, request->from, request->len); 658 659 if (magic != NBD_REQUEST_MAGIC) { 660 LOG("invalid magic (got 0x%" PRIx32 ")", magic); 661 return -EINVAL; 662 } 663 return 0; 664 } 665 666 static ssize_t nbd_send_reply(QIOChannel *ioc, struct nbd_reply *reply) 667 { 668 uint8_t buf[NBD_REPLY_SIZE]; 669 ssize_t ret; 670 671 reply->error = system_errno_to_nbd_errno(reply->error); 672 673 TRACE("Sending response to client: { .error = %" PRId32 674 ", handle = %" PRIu64 " }", 675 reply->error, reply->handle); 676 677 /* Reply 678 [ 0 .. 3] magic (NBD_REPLY_MAGIC) 679 [ 4 .. 7] error (0 == no error) 680 [ 7 .. 15] handle 681 */ 682 stl_be_p(buf, NBD_REPLY_MAGIC); 683 stl_be_p(buf + 4, reply->error); 684 stq_be_p(buf + 8, reply->handle); 685 686 ret = write_sync(ioc, buf, sizeof(buf)); 687 if (ret < 0) { 688 return ret; 689 } 690 691 if (ret != sizeof(buf)) { 692 LOG("writing to socket failed"); 693 return -EINVAL; 694 } 695 return 0; 696 } 697 698 #define MAX_NBD_REQUESTS 16 699 700 void nbd_client_get(NBDClient *client) 701 { 702 client->refcount++; 703 } 704 705 void nbd_client_put(NBDClient *client) 706 { 707 if (--client->refcount == 0) { 708 /* The last reference should be dropped by client->close, 709 * which is called by client_close. 710 */ 711 assert(client->closing); 712 713 nbd_unset_handlers(client); 714 object_unref(OBJECT(client->sioc)); 715 object_unref(OBJECT(client->ioc)); 716 if (client->tlscreds) { 717 object_unref(OBJECT(client->tlscreds)); 718 } 719 g_free(client->tlsaclname); 720 if (client->exp) { 721 QTAILQ_REMOVE(&client->exp->clients, client, next); 722 nbd_export_put(client->exp); 723 } 724 g_free(client); 725 } 726 } 727 728 static void client_close(NBDClient *client) 729 { 730 if (client->closing) { 731 return; 732 } 733 734 client->closing = true; 735 736 /* Force requests to finish. They will drop their own references, 737 * then we'll close the socket and free the NBDClient. 738 */ 739 qio_channel_shutdown(client->ioc, QIO_CHANNEL_SHUTDOWN_BOTH, 740 NULL); 741 742 /* Also tell the client, so that they release their reference. */ 743 if (client->close) { 744 client->close(client); 745 } 746 } 747 748 static NBDRequest *nbd_request_get(NBDClient *client) 749 { 750 NBDRequest *req; 751 752 assert(client->nb_requests <= MAX_NBD_REQUESTS - 1); 753 client->nb_requests++; 754 nbd_update_can_read(client); 755 756 req = g_new0(NBDRequest, 1); 757 nbd_client_get(client); 758 req->client = client; 759 return req; 760 } 761 762 static void nbd_request_put(NBDRequest *req) 763 { 764 NBDClient *client = req->client; 765 766 if (req->data) { 767 qemu_vfree(req->data); 768 } 769 g_free(req); 770 771 client->nb_requests--; 772 nbd_update_can_read(client); 773 nbd_client_put(client); 774 } 775 776 static void blk_aio_attached(AioContext *ctx, void *opaque) 777 { 778 NBDExport *exp = opaque; 779 NBDClient *client; 780 781 TRACE("Export %s: Attaching clients to AIO context %p\n", exp->name, ctx); 782 783 exp->ctx = ctx; 784 785 QTAILQ_FOREACH(client, &exp->clients, next) { 786 nbd_set_handlers(client); 787 } 788 } 789 790 static void blk_aio_detach(void *opaque) 791 { 792 NBDExport *exp = opaque; 793 NBDClient *client; 794 795 TRACE("Export %s: Detaching clients from AIO context %p\n", exp->name, exp->ctx); 796 797 QTAILQ_FOREACH(client, &exp->clients, next) { 798 nbd_unset_handlers(client); 799 } 800 801 exp->ctx = NULL; 802 } 803 804 static void nbd_eject_notifier(Notifier *n, void *data) 805 { 806 NBDExport *exp = container_of(n, NBDExport, eject_notifier); 807 nbd_export_close(exp); 808 } 809 810 NBDExport *nbd_export_new(BlockBackend *blk, off_t dev_offset, off_t size, 811 uint16_t nbdflags, void (*close)(NBDExport *), 812 Error **errp) 813 { 814 NBDExport *exp = g_malloc0(sizeof(NBDExport)); 815 exp->refcount = 1; 816 QTAILQ_INIT(&exp->clients); 817 exp->blk = blk; 818 exp->dev_offset = dev_offset; 819 exp->nbdflags = nbdflags; 820 exp->size = size < 0 ? blk_getlength(blk) : size; 821 if (exp->size < 0) { 822 error_setg_errno(errp, -exp->size, 823 "Failed to determine the NBD export's length"); 824 goto fail; 825 } 826 exp->size -= exp->size % BDRV_SECTOR_SIZE; 827 828 exp->close = close; 829 exp->ctx = blk_get_aio_context(blk); 830 blk_ref(blk); 831 blk_add_aio_context_notifier(blk, blk_aio_attached, blk_aio_detach, exp); 832 833 exp->eject_notifier.notify = nbd_eject_notifier; 834 blk_add_remove_bs_notifier(blk, &exp->eject_notifier); 835 836 /* 837 * NBD exports are used for non-shared storage migration. Make sure 838 * that BDRV_O_INACTIVE is cleared and the image is ready for write 839 * access since the export could be available before migration handover. 840 */ 841 aio_context_acquire(exp->ctx); 842 blk_invalidate_cache(blk, NULL); 843 aio_context_release(exp->ctx); 844 return exp; 845 846 fail: 847 g_free(exp); 848 return NULL; 849 } 850 851 NBDExport *nbd_export_find(const char *name) 852 { 853 NBDExport *exp; 854 QTAILQ_FOREACH(exp, &exports, next) { 855 if (strcmp(name, exp->name) == 0) { 856 return exp; 857 } 858 } 859 860 return NULL; 861 } 862 863 void nbd_export_set_name(NBDExport *exp, const char *name) 864 { 865 if (exp->name == name) { 866 return; 867 } 868 869 nbd_export_get(exp); 870 if (exp->name != NULL) { 871 g_free(exp->name); 872 exp->name = NULL; 873 QTAILQ_REMOVE(&exports, exp, next); 874 nbd_export_put(exp); 875 } 876 if (name != NULL) { 877 nbd_export_get(exp); 878 exp->name = g_strdup(name); 879 QTAILQ_INSERT_TAIL(&exports, exp, next); 880 } 881 nbd_export_put(exp); 882 } 883 884 void nbd_export_close(NBDExport *exp) 885 { 886 NBDClient *client, *next; 887 888 nbd_export_get(exp); 889 QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) { 890 client_close(client); 891 } 892 nbd_export_set_name(exp, NULL); 893 nbd_export_put(exp); 894 } 895 896 void nbd_export_get(NBDExport *exp) 897 { 898 assert(exp->refcount > 0); 899 exp->refcount++; 900 } 901 902 void nbd_export_put(NBDExport *exp) 903 { 904 assert(exp->refcount > 0); 905 if (exp->refcount == 1) { 906 nbd_export_close(exp); 907 } 908 909 if (--exp->refcount == 0) { 910 assert(exp->name == NULL); 911 912 if (exp->close) { 913 exp->close(exp); 914 } 915 916 if (exp->blk) { 917 notifier_remove(&exp->eject_notifier); 918 blk_remove_aio_context_notifier(exp->blk, blk_aio_attached, 919 blk_aio_detach, exp); 920 blk_unref(exp->blk); 921 exp->blk = NULL; 922 } 923 924 g_free(exp); 925 } 926 } 927 928 BlockBackend *nbd_export_get_blockdev(NBDExport *exp) 929 { 930 return exp->blk; 931 } 932 933 void nbd_export_close_all(void) 934 { 935 NBDExport *exp, *next; 936 937 QTAILQ_FOREACH_SAFE(exp, &exports, next, next) { 938 nbd_export_close(exp); 939 } 940 } 941 942 static ssize_t nbd_co_send_reply(NBDRequest *req, struct nbd_reply *reply, 943 int len) 944 { 945 NBDClient *client = req->client; 946 ssize_t rc, ret; 947 948 g_assert(qemu_in_coroutine()); 949 qemu_co_mutex_lock(&client->send_lock); 950 client->send_coroutine = qemu_coroutine_self(); 951 nbd_set_handlers(client); 952 953 if (!len) { 954 rc = nbd_send_reply(client->ioc, reply); 955 } else { 956 qio_channel_set_cork(client->ioc, true); 957 rc = nbd_send_reply(client->ioc, reply); 958 if (rc >= 0) { 959 ret = write_sync(client->ioc, req->data, len); 960 if (ret != len) { 961 rc = -EIO; 962 } 963 } 964 qio_channel_set_cork(client->ioc, false); 965 } 966 967 client->send_coroutine = NULL; 968 nbd_set_handlers(client); 969 qemu_co_mutex_unlock(&client->send_lock); 970 return rc; 971 } 972 973 /* Collect a client request. Return 0 if request looks valid, -EAGAIN 974 * to keep trying the collection, -EIO to drop connection right away, 975 * and any other negative value to report an error to the client 976 * (although the caller may still need to disconnect after reporting 977 * the error). */ 978 static ssize_t nbd_co_receive_request(NBDRequest *req, 979 struct nbd_request *request) 980 { 981 NBDClient *client = req->client; 982 uint32_t command; 983 ssize_t rc; 984 985 g_assert(qemu_in_coroutine()); 986 client->recv_coroutine = qemu_coroutine_self(); 987 nbd_update_can_read(client); 988 989 rc = nbd_receive_request(client->ioc, request); 990 if (rc < 0) { 991 if (rc != -EAGAIN) { 992 rc = -EIO; 993 } 994 goto out; 995 } 996 997 TRACE("Decoding type"); 998 999 command = request->type & NBD_CMD_MASK_COMMAND; 1000 if (command != NBD_CMD_WRITE) { 1001 /* No payload, we are ready to read the next request. */ 1002 req->complete = true; 1003 } 1004 1005 if (command == NBD_CMD_DISC) { 1006 /* Special case: we're going to disconnect without a reply, 1007 * whether or not flags, from, or len are bogus */ 1008 TRACE("Request type is DISCONNECT"); 1009 rc = -EIO; 1010 goto out; 1011 } 1012 1013 /* Check for sanity in the parameters, part 1. Defer as many 1014 * checks as possible until after reading any NBD_CMD_WRITE 1015 * payload, so we can try and keep the connection alive. */ 1016 if ((request->from + request->len) < request->from) { 1017 LOG("integer overflow detected, you're probably being attacked"); 1018 rc = -EINVAL; 1019 goto out; 1020 } 1021 1022 if (command == NBD_CMD_READ || command == NBD_CMD_WRITE) { 1023 if (request->len > NBD_MAX_BUFFER_SIZE) { 1024 LOG("len (%" PRIu32" ) is larger than max len (%u)", 1025 request->len, NBD_MAX_BUFFER_SIZE); 1026 rc = -EINVAL; 1027 goto out; 1028 } 1029 1030 req->data = blk_try_blockalign(client->exp->blk, request->len); 1031 if (req->data == NULL) { 1032 rc = -ENOMEM; 1033 goto out; 1034 } 1035 } 1036 if (command == NBD_CMD_WRITE) { 1037 TRACE("Reading %" PRIu32 " byte(s)", request->len); 1038 1039 if (read_sync(client->ioc, req->data, request->len) != request->len) { 1040 LOG("reading from socket failed"); 1041 rc = -EIO; 1042 goto out; 1043 } 1044 req->complete = true; 1045 } 1046 1047 /* Sanity checks, part 2. */ 1048 if (request->from + request->len > client->exp->size) { 1049 LOG("operation past EOF; From: %" PRIu64 ", Len: %" PRIu32 1050 ", Size: %" PRIu64, request->from, request->len, 1051 (uint64_t)client->exp->size); 1052 rc = command == NBD_CMD_WRITE ? -ENOSPC : -EINVAL; 1053 goto out; 1054 } 1055 if (request->type & ~NBD_CMD_MASK_COMMAND & ~NBD_CMD_FLAG_FUA) { 1056 LOG("unsupported flags (got 0x%x)", 1057 request->type & ~NBD_CMD_MASK_COMMAND); 1058 rc = -EINVAL; 1059 goto out; 1060 } 1061 1062 rc = 0; 1063 1064 out: 1065 client->recv_coroutine = NULL; 1066 nbd_update_can_read(client); 1067 1068 return rc; 1069 } 1070 1071 static void nbd_trip(void *opaque) 1072 { 1073 NBDClient *client = opaque; 1074 NBDExport *exp = client->exp; 1075 NBDRequest *req; 1076 struct nbd_request request; 1077 struct nbd_reply reply; 1078 ssize_t ret; 1079 uint32_t command; 1080 int flags; 1081 1082 TRACE("Reading request."); 1083 if (client->closing) { 1084 return; 1085 } 1086 1087 req = nbd_request_get(client); 1088 ret = nbd_co_receive_request(req, &request); 1089 if (ret == -EAGAIN) { 1090 goto done; 1091 } 1092 if (ret == -EIO) { 1093 goto out; 1094 } 1095 1096 reply.handle = request.handle; 1097 reply.error = 0; 1098 1099 if (ret < 0) { 1100 reply.error = -ret; 1101 goto error_reply; 1102 } 1103 command = request.type & NBD_CMD_MASK_COMMAND; 1104 1105 if (client->closing) { 1106 /* 1107 * The client may be closed when we are blocked in 1108 * nbd_co_receive_request() 1109 */ 1110 goto done; 1111 } 1112 1113 switch (command) { 1114 case NBD_CMD_READ: 1115 TRACE("Request type is READ"); 1116 1117 if (request.type & NBD_CMD_FLAG_FUA) { 1118 ret = blk_co_flush(exp->blk); 1119 if (ret < 0) { 1120 LOG("flush failed"); 1121 reply.error = -ret; 1122 goto error_reply; 1123 } 1124 } 1125 1126 ret = blk_pread(exp->blk, request.from + exp->dev_offset, 1127 req->data, request.len); 1128 if (ret < 0) { 1129 LOG("reading from file failed"); 1130 reply.error = -ret; 1131 goto error_reply; 1132 } 1133 1134 TRACE("Read %" PRIu32" byte(s)", request.len); 1135 if (nbd_co_send_reply(req, &reply, request.len) < 0) 1136 goto out; 1137 break; 1138 case NBD_CMD_WRITE: 1139 TRACE("Request type is WRITE"); 1140 1141 if (exp->nbdflags & NBD_FLAG_READ_ONLY) { 1142 TRACE("Server is read-only, return error"); 1143 reply.error = EROFS; 1144 goto error_reply; 1145 } 1146 1147 TRACE("Writing to device"); 1148 1149 flags = 0; 1150 if (request.type & NBD_CMD_FLAG_FUA) { 1151 flags |= BDRV_REQ_FUA; 1152 } 1153 ret = blk_pwrite(exp->blk, request.from + exp->dev_offset, 1154 req->data, request.len, flags); 1155 if (ret < 0) { 1156 LOG("writing to file failed"); 1157 reply.error = -ret; 1158 goto error_reply; 1159 } 1160 1161 if (nbd_co_send_reply(req, &reply, 0) < 0) { 1162 goto out; 1163 } 1164 break; 1165 1166 case NBD_CMD_DISC: 1167 /* unreachable, thanks to special case in nbd_co_receive_request() */ 1168 abort(); 1169 1170 case NBD_CMD_FLUSH: 1171 TRACE("Request type is FLUSH"); 1172 1173 ret = blk_co_flush(exp->blk); 1174 if (ret < 0) { 1175 LOG("flush failed"); 1176 reply.error = -ret; 1177 } 1178 if (nbd_co_send_reply(req, &reply, 0) < 0) { 1179 goto out; 1180 } 1181 break; 1182 case NBD_CMD_TRIM: 1183 TRACE("Request type is TRIM"); 1184 ret = blk_co_pdiscard(exp->blk, request.from + exp->dev_offset, 1185 request.len); 1186 if (ret < 0) { 1187 LOG("discard failed"); 1188 reply.error = -ret; 1189 } 1190 if (nbd_co_send_reply(req, &reply, 0) < 0) { 1191 goto out; 1192 } 1193 break; 1194 default: 1195 LOG("invalid request type (%" PRIu32 ") received", request.type); 1196 reply.error = EINVAL; 1197 error_reply: 1198 /* We must disconnect after NBD_CMD_WRITE if we did not 1199 * read the payload. 1200 */ 1201 if (nbd_co_send_reply(req, &reply, 0) < 0 || !req->complete) { 1202 goto out; 1203 } 1204 break; 1205 } 1206 1207 TRACE("Request/Reply complete"); 1208 1209 done: 1210 nbd_request_put(req); 1211 return; 1212 1213 out: 1214 nbd_request_put(req); 1215 client_close(client); 1216 } 1217 1218 static void nbd_read(void *opaque) 1219 { 1220 NBDClient *client = opaque; 1221 1222 if (client->recv_coroutine) { 1223 qemu_coroutine_enter(client->recv_coroutine); 1224 } else { 1225 qemu_coroutine_enter(qemu_coroutine_create(nbd_trip, client)); 1226 } 1227 } 1228 1229 static void nbd_restart_write(void *opaque) 1230 { 1231 NBDClient *client = opaque; 1232 1233 qemu_coroutine_enter(client->send_coroutine); 1234 } 1235 1236 static void nbd_set_handlers(NBDClient *client) 1237 { 1238 if (client->exp && client->exp->ctx) { 1239 aio_set_fd_handler(client->exp->ctx, client->sioc->fd, 1240 true, 1241 client->can_read ? nbd_read : NULL, 1242 client->send_coroutine ? nbd_restart_write : NULL, 1243 client); 1244 } 1245 } 1246 1247 static void nbd_unset_handlers(NBDClient *client) 1248 { 1249 if (client->exp && client->exp->ctx) { 1250 aio_set_fd_handler(client->exp->ctx, client->sioc->fd, 1251 true, NULL, NULL, NULL); 1252 } 1253 } 1254 1255 static void nbd_update_can_read(NBDClient *client) 1256 { 1257 bool can_read = client->recv_coroutine || 1258 client->nb_requests < MAX_NBD_REQUESTS; 1259 1260 if (can_read != client->can_read) { 1261 client->can_read = can_read; 1262 nbd_set_handlers(client); 1263 1264 /* There is no need to invoke aio_notify(), since aio_set_fd_handler() 1265 * in nbd_set_handlers() will have taken care of that */ 1266 } 1267 } 1268 1269 static coroutine_fn void nbd_co_client_start(void *opaque) 1270 { 1271 NBDClientNewData *data = opaque; 1272 NBDClient *client = data->client; 1273 NBDExport *exp = client->exp; 1274 1275 if (exp) { 1276 nbd_export_get(exp); 1277 } 1278 if (nbd_negotiate(data)) { 1279 client_close(client); 1280 goto out; 1281 } 1282 qemu_co_mutex_init(&client->send_lock); 1283 nbd_set_handlers(client); 1284 1285 if (exp) { 1286 QTAILQ_INSERT_TAIL(&exp->clients, client, next); 1287 } 1288 out: 1289 g_free(data); 1290 } 1291 1292 void nbd_client_new(NBDExport *exp, 1293 QIOChannelSocket *sioc, 1294 QCryptoTLSCreds *tlscreds, 1295 const char *tlsaclname, 1296 void (*close_fn)(NBDClient *)) 1297 { 1298 NBDClient *client; 1299 NBDClientNewData *data = g_new(NBDClientNewData, 1); 1300 1301 client = g_malloc0(sizeof(NBDClient)); 1302 client->refcount = 1; 1303 client->exp = exp; 1304 client->tlscreds = tlscreds; 1305 if (tlscreds) { 1306 object_ref(OBJECT(client->tlscreds)); 1307 } 1308 client->tlsaclname = g_strdup(tlsaclname); 1309 client->sioc = sioc; 1310 object_ref(OBJECT(client->sioc)); 1311 client->ioc = QIO_CHANNEL(sioc); 1312 object_ref(OBJECT(client->ioc)); 1313 client->can_read = true; 1314 client->close = close_fn; 1315 1316 data->client = client; 1317 data->co = qemu_coroutine_create(nbd_co_client_start, data); 1318 qemu_coroutine_enter(data->co); 1319 } 1320