6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 of the License.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 #include "block/nbd.h"
20 #include "block/block.h"
21 #include "block/block_int.h"
23 #include "block/coroutine.h"
28 #include <sys/ioctl.h>
30 #if defined(__sun__) || defined(__HAIKU__)
31 #include <sys/ioccom.h>
40 #include "qemu/sockets.h"
41 #include "qemu/queue.h"
42 #include "qemu/main-loop.h"
47 #define TRACE(msg, ...) do { \
48 LOG(msg, ## __VA_ARGS__); \
51 #define TRACE(msg, ...) \
55 #define LOG(msg, ...) do { \
56 fprintf(stderr, "%s:%s():L%d: " msg "\n", \
57 __FILE__, __FUNCTION__, __LINE__, ## __VA_ARGS__); \
60 /* This is all part of the "official" NBD API.
62 * The most up-to-date documentation is available at:
63 * https://github.com/yoe/nbd/blob/master/doc/proto.txt
66 #define NBD_REQUEST_SIZE (4 + 4 + 8 + 8 + 4)
67 #define NBD_REPLY_SIZE (4 + 4 + 8)
68 #define NBD_REQUEST_MAGIC 0x25609513
69 #define NBD_REPLY_MAGIC 0x67446698
70 #define NBD_OPTS_MAGIC 0x49484156454F5054LL
71 #define NBD_CLIENT_MAGIC 0x0000420281861253LL
72 #define NBD_REP_MAGIC 0x3e889045565a9LL
74 #define NBD_SET_SOCK _IO(0xab, 0)
75 #define NBD_SET_BLKSIZE _IO(0xab, 1)
76 #define NBD_SET_SIZE _IO(0xab, 2)
77 #define NBD_DO_IT _IO(0xab, 3)
78 #define NBD_CLEAR_SOCK _IO(0xab, 4)
79 #define NBD_CLEAR_QUE _IO(0xab, 5)
80 #define NBD_PRINT_DEBUG _IO(0xab, 6)
81 #define NBD_SET_SIZE_BLOCKS _IO(0xab, 7)
82 #define NBD_DISCONNECT _IO(0xab, 8)
83 #define NBD_SET_TIMEOUT _IO(0xab, 9)
84 #define NBD_SET_FLAGS _IO(0xab, 10)
86 #define NBD_OPT_EXPORT_NAME (1)
87 #define NBD_OPT_ABORT (2)
88 #define NBD_OPT_LIST (3)
90 /* Definitions for opaque data types */
92 typedef struct NBDRequest NBDRequest;
95 QSIMPLEQ_ENTRY(NBDRequest) entry;
102 void (*close)(NBDExport *exp);
104 BlockDriverState *bs;
109 QTAILQ_HEAD(, NBDClient) clients;
110 QTAILQ_ENTRY(NBDExport) next;
115 static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports);
119 void (*close)(NBDClient *client);
124 Coroutine *recv_coroutine;
127 Coroutine *send_coroutine;
131 QTAILQ_ENTRY(NBDClient) next;
136 /* That's all folks */
138 static void nbd_set_handlers(NBDClient *client);
139 static void nbd_unset_handlers(NBDClient *client);
140 static void nbd_update_can_read(NBDClient *client);
142 ssize_t nbd_wr_sync(int fd, void *buffer, size_t size, bool do_read)
147 if (qemu_in_coroutine()) {
149 return qemu_co_recv(fd, buffer, size);
151 return qemu_co_send(fd, buffer, size);
155 while (offset < size) {
159 len = qemu_recv(fd, buffer + offset, size - offset, 0);
161 len = send(fd, buffer + offset, size - offset, 0);
165 err = socket_error();
167 /* recoverable error */
168 if (err == EINTR || (offset > 0 && (err == EAGAIN || err == EWOULDBLOCK))) {
172 /* unrecoverable error */
187 static ssize_t read_sync(int fd, void *buffer, size_t size)
189 /* Sockets are kept in blocking mode in the negotiation phase. After
190 * that, a non-readable socket simply means that another thread stole
191 * our request/reply. Synchronization is done with recv_coroutine, so
192 * that this is coroutine-safe.
194 return nbd_wr_sync(fd, buffer, size, true);
197 static ssize_t write_sync(int fd, void *buffer, size_t size)
201 /* For writes, we do expect the socket to be writable. */
202 ret = nbd_wr_sync(fd, buffer, size, false);
203 } while (ret == -EAGAIN);
207 /* Basic flow for negotiation
234 static int nbd_send_rep(int csock, uint32_t type, uint32_t opt)
239 magic = cpu_to_be64(NBD_REP_MAGIC);
240 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
241 LOG("write failed (rep magic)");
244 opt = cpu_to_be32(opt);
245 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
246 LOG("write failed (rep opt)");
249 type = cpu_to_be32(type);
250 if (write_sync(csock, &type, sizeof(type)) != sizeof(type)) {
251 LOG("write failed (rep type)");
254 len = cpu_to_be32(0);
255 if (write_sync(csock, &len, sizeof(len)) != sizeof(len)) {
256 LOG("write failed (rep data length)");
262 static int nbd_send_rep_list(int csock, NBDExport *exp)
264 uint64_t magic, name_len;
265 uint32_t opt, type, len;
267 name_len = strlen(exp->name);
268 magic = cpu_to_be64(NBD_REP_MAGIC);
269 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
270 LOG("write failed (magic)");
273 opt = cpu_to_be32(NBD_OPT_LIST);
274 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
275 LOG("write failed (opt)");
278 type = cpu_to_be32(NBD_REP_SERVER);
279 if (write_sync(csock, &type, sizeof(type)) != sizeof(type)) {
280 LOG("write failed (reply type)");
283 len = cpu_to_be32(name_len + sizeof(len));
284 if (write_sync(csock, &len, sizeof(len)) != sizeof(len)) {
285 LOG("write failed (length)");
288 len = cpu_to_be32(name_len);
289 if (write_sync(csock, &len, sizeof(len)) != sizeof(len)) {
290 LOG("write failed (length)");
293 if (write_sync(csock, exp->name, name_len) != name_len) {
294 LOG("write failed (buffer)");
300 static int nbd_handle_list(NBDClient *client, uint32_t length)
305 csock = client->sock;
307 return nbd_send_rep(csock, NBD_REP_ERR_INVALID, NBD_OPT_LIST);
310 /* For each export, send a NBD_REP_SERVER reply. */
311 QTAILQ_FOREACH(exp, &exports, next) {
312 if (nbd_send_rep_list(csock, exp)) {
316 /* Finish with a NBD_REP_ACK. */
317 return nbd_send_rep(csock, NBD_REP_ACK, NBD_OPT_LIST);
320 static int nbd_handle_export_name(NBDClient *client, uint32_t length)
322 int rc = -EINVAL, csock = client->sock;
326 [20 .. xx] export name (length bytes)
328 TRACE("Checking length");
330 LOG("Bad length received");
333 if (read_sync(csock, name, length) != length) {
339 client->exp = nbd_export_find(name);
341 LOG("export not found");
345 QTAILQ_INSERT_TAIL(&client->exp->clients, client, next);
346 nbd_export_get(client->exp);
352 static int nbd_receive_options(NBDClient *client)
355 int csock = client->sock;
356 uint32_t tmp, length;
360 [ 0 .. 3] client flags
361 [ 4 .. 11] NBD_OPTS_MAGIC
362 [12 .. 15] NBD option
367 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
371 TRACE("Checking client flags");
372 tmp = be32_to_cpu(tmp);
373 if (tmp != 0 && tmp != NBD_FLAG_C_FIXED_NEWSTYLE) {
374 LOG("Bad client flags received");
378 if (read_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
382 TRACE("Checking opts magic");
383 if (magic != be64_to_cpu(NBD_OPTS_MAGIC)) {
384 LOG("Bad magic received");
388 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
393 if (read_sync(csock, &length, sizeof(length)) != sizeof(length)) {
397 length = be32_to_cpu(length);
399 TRACE("Checking option");
400 switch (be32_to_cpu(tmp)) {
402 if (nbd_handle_list(client, length) < 0) {
410 case NBD_OPT_EXPORT_NAME:
411 return nbd_handle_export_name(client, length);
414 tmp = be32_to_cpu(tmp);
415 LOG("Unsupported option 0x%x", tmp);
416 nbd_send_rep(client->sock, NBD_REP_ERR_UNSUP, tmp);
422 static int nbd_send_negotiate(NBDClient *client)
424 int csock = client->sock;
425 char buf[8 + 8 + 8 + 128];
427 const int myflags = (NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM |
428 NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA);
430 /* Negotiation header without options:
431 [ 0 .. 7] passwd ("NBDMAGIC")
432 [ 8 .. 15] magic (NBD_CLIENT_MAGIC)
434 [24 .. 25] server flags (0)
435 [26 .. 27] export flags
436 [28 .. 151] reserved (0)
438 Negotiation header with options, part 1:
439 [ 0 .. 7] passwd ("NBDMAGIC")
440 [ 8 .. 15] magic (NBD_OPTS_MAGIC)
441 [16 .. 17] server flags (0)
443 part 2 (after options are sent):
445 [26 .. 27] export flags
446 [28 .. 151] reserved (0)
449 qemu_set_block(csock);
452 TRACE("Beginning negotiation.");
453 memset(buf, 0, sizeof(buf));
454 memcpy(buf, "NBDMAGIC", 8);
456 assert ((client->exp->nbdflags & ~65535) == 0);
457 cpu_to_be64w((uint64_t*)(buf + 8), NBD_CLIENT_MAGIC);
458 cpu_to_be64w((uint64_t*)(buf + 16), client->exp->size);
459 cpu_to_be16w((uint16_t*)(buf + 26), client->exp->nbdflags | myflags);
461 cpu_to_be64w((uint64_t*)(buf + 8), NBD_OPTS_MAGIC);
462 cpu_to_be16w((uint16_t *)(buf + 16), NBD_FLAG_FIXED_NEWSTYLE);
466 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
471 if (write_sync(csock, buf, 18) != 18) {
475 rc = nbd_receive_options(client);
477 LOG("option negotiation failed");
481 assert ((client->exp->nbdflags & ~65535) == 0);
482 cpu_to_be64w((uint64_t*)(buf + 18), client->exp->size);
483 cpu_to_be16w((uint16_t*)(buf + 26), client->exp->nbdflags | myflags);
484 if (write_sync(csock, buf + 18, sizeof(buf) - 18) != sizeof(buf) - 18) {
490 TRACE("Negotiation succeeded.");
493 qemu_set_nonblock(csock);
497 int nbd_receive_negotiate(int csock, const char *name, uint32_t *flags,
498 off_t *size, size_t *blocksize)
505 TRACE("Receiving negotiation.");
509 if (read_sync(csock, buf, 8) != 8) {
515 if (strlen(buf) == 0) {
516 LOG("server connection closed");
520 TRACE("Magic is %c%c%c%c%c%c%c%c",
521 qemu_isprint(buf[0]) ? buf[0] : '.',
522 qemu_isprint(buf[1]) ? buf[1] : '.',
523 qemu_isprint(buf[2]) ? buf[2] : '.',
524 qemu_isprint(buf[3]) ? buf[3] : '.',
525 qemu_isprint(buf[4]) ? buf[4] : '.',
526 qemu_isprint(buf[5]) ? buf[5] : '.',
527 qemu_isprint(buf[6]) ? buf[6] : '.',
528 qemu_isprint(buf[7]) ? buf[7] : '.');
530 if (memcmp(buf, "NBDMAGIC", 8) != 0) {
531 LOG("Invalid magic received");
535 if (read_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
539 magic = be64_to_cpu(magic);
540 TRACE("Magic is 0x%" PRIx64, magic);
543 uint32_t reserved = 0;
547 TRACE("Checking magic (opts_magic)");
548 if (magic != NBD_OPTS_MAGIC) {
549 LOG("Bad magic received");
552 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
553 LOG("flags read failed");
556 *flags = be16_to_cpu(tmp) << 16;
557 /* reserved for future use */
558 if (write_sync(csock, &reserved, sizeof(reserved)) !=
560 LOG("write failed (reserved)");
563 /* write the export name */
564 magic = cpu_to_be64(magic);
565 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
566 LOG("write failed (magic)");
569 opt = cpu_to_be32(NBD_OPT_EXPORT_NAME);
570 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
571 LOG("write failed (opt)");
574 namesize = cpu_to_be32(strlen(name));
575 if (write_sync(csock, &namesize, sizeof(namesize)) !=
577 LOG("write failed (namesize)");
580 if (write_sync(csock, (char*)name, strlen(name)) != strlen(name)) {
581 LOG("write failed (name)");
585 TRACE("Checking magic (cli_magic)");
587 if (magic != NBD_CLIENT_MAGIC) {
588 LOG("Bad magic received");
593 if (read_sync(csock, &s, sizeof(s)) != sizeof(s)) {
597 *size = be64_to_cpu(s);
599 TRACE("Size is %" PRIu64, *size);
602 if (read_sync(csock, flags, sizeof(*flags)) != sizeof(*flags)) {
603 LOG("read failed (flags)");
606 *flags = be32_to_cpup(flags);
608 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
609 LOG("read failed (tmp)");
612 *flags |= be32_to_cpu(tmp);
614 if (read_sync(csock, &buf, 124) != 124) {
615 LOG("read failed (buf)");
625 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
627 TRACE("Setting NBD socket");
629 if (ioctl(fd, NBD_SET_SOCK, csock) < 0) {
631 LOG("Failed to set NBD socket");
635 TRACE("Setting block size to %lu", (unsigned long)blocksize);
637 if (ioctl(fd, NBD_SET_BLKSIZE, blocksize) < 0) {
639 LOG("Failed setting NBD block size");
643 TRACE("Setting size to %zd block(s)", (size_t)(size / blocksize));
645 if (ioctl(fd, NBD_SET_SIZE_BLOCKS, size / blocksize) < 0) {
647 LOG("Failed setting size (in blocks)");
651 if (ioctl(fd, NBD_SET_FLAGS, flags) < 0) {
652 if (errno == ENOTTY) {
653 int read_only = (flags & NBD_FLAG_READ_ONLY) != 0;
654 TRACE("Setting readonly attribute");
656 if (ioctl(fd, BLKROSET, (unsigned long) &read_only) < 0) {
658 LOG("Failed setting read-only attribute");
663 LOG("Failed setting flags");
668 TRACE("Negotiation ended");
673 int nbd_disconnect(int fd)
675 ioctl(fd, NBD_CLEAR_QUE);
676 ioctl(fd, NBD_DISCONNECT);
677 ioctl(fd, NBD_CLEAR_SOCK);
681 int nbd_client(int fd)
686 TRACE("Doing NBD loop");
688 ret = ioctl(fd, NBD_DO_IT);
689 if (ret < 0 && errno == EPIPE) {
690 /* NBD_DO_IT normally returns EPIPE when someone has disconnected
691 * the socket via NBD_DISCONNECT. We do not want to return 1 in
698 TRACE("NBD loop returned %d: %s", ret, strerror(serrno));
700 TRACE("Clearing NBD queue");
701 ioctl(fd, NBD_CLEAR_QUE);
703 TRACE("Clearing NBD socket");
704 ioctl(fd, NBD_CLEAR_SOCK);
710 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
715 int nbd_disconnect(int fd)
720 int nbd_client(int fd)
726 ssize_t nbd_send_request(int csock, struct nbd_request *request)
728 uint8_t buf[NBD_REQUEST_SIZE];
731 cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC);
732 cpu_to_be32w((uint32_t*)(buf + 4), request->type);
733 cpu_to_be64w((uint64_t*)(buf + 8), request->handle);
734 cpu_to_be64w((uint64_t*)(buf + 16), request->from);
735 cpu_to_be32w((uint32_t*)(buf + 24), request->len);
737 TRACE("Sending request to client: "
738 "{ .from = %" PRIu64", .len = %u, .handle = %" PRIu64", .type=%i}",
739 request->from, request->len, request->handle, request->type);
741 ret = write_sync(csock, buf, sizeof(buf));
746 if (ret != sizeof(buf)) {
747 LOG("writing to socket failed");
753 static ssize_t nbd_receive_request(int csock, struct nbd_request *request)
755 uint8_t buf[NBD_REQUEST_SIZE];
759 ret = read_sync(csock, buf, sizeof(buf));
764 if (ret != sizeof(buf)) {
770 [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
771 [ 4 .. 7] type (0 == READ, 1 == WRITE)
777 magic = be32_to_cpup((uint32_t*)buf);
778 request->type = be32_to_cpup((uint32_t*)(buf + 4));
779 request->handle = be64_to_cpup((uint64_t*)(buf + 8));
780 request->from = be64_to_cpup((uint64_t*)(buf + 16));
781 request->len = be32_to_cpup((uint32_t*)(buf + 24));
783 TRACE("Got request: "
784 "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
785 magic, request->type, request->from, request->len);
787 if (magic != NBD_REQUEST_MAGIC) {
788 LOG("invalid magic (got 0x%x)", magic);
794 ssize_t nbd_receive_reply(int csock, struct nbd_reply *reply)
796 uint8_t buf[NBD_REPLY_SIZE];
800 ret = read_sync(csock, buf, sizeof(buf));
805 if (ret != sizeof(buf)) {
811 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
812 [ 4 .. 7] error (0 == no error)
816 magic = be32_to_cpup((uint32_t*)buf);
817 reply->error = be32_to_cpup((uint32_t*)(buf + 4));
818 reply->handle = be64_to_cpup((uint64_t*)(buf + 8));
821 "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }",
822 magic, reply->error, reply->handle);
824 if (magic != NBD_REPLY_MAGIC) {
825 LOG("invalid magic (got 0x%x)", magic);
831 static ssize_t nbd_send_reply(int csock, struct nbd_reply *reply)
833 uint8_t buf[NBD_REPLY_SIZE];
837 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
838 [ 4 .. 7] error (0 == no error)
841 cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
842 cpu_to_be32w((uint32_t*)(buf + 4), reply->error);
843 cpu_to_be64w((uint64_t*)(buf + 8), reply->handle);
845 TRACE("Sending response to client");
847 ret = write_sync(csock, buf, sizeof(buf));
852 if (ret != sizeof(buf)) {
853 LOG("writing to socket failed");
859 #define MAX_NBD_REQUESTS 16
861 void nbd_client_get(NBDClient *client)
866 void nbd_client_put(NBDClient *client)
868 if (--client->refcount == 0) {
869 /* The last reference should be dropped by client->close,
870 * which is called by nbd_client_close.
872 assert(client->closing);
874 nbd_unset_handlers(client);
878 QTAILQ_REMOVE(&client->exp->clients, client, next);
879 nbd_export_put(client->exp);
885 void nbd_client_close(NBDClient *client)
887 if (client->closing) {
891 client->closing = true;
893 /* Force requests to finish. They will drop their own references,
894 * then we'll close the socket and free the NBDClient.
896 shutdown(client->sock, 2);
898 /* Also tell the client, so that they release their reference. */
900 client->close(client);
904 static NBDRequest *nbd_request_get(NBDClient *client)
908 assert(client->nb_requests <= MAX_NBD_REQUESTS - 1);
909 client->nb_requests++;
910 nbd_update_can_read(client);
912 req = g_slice_new0(NBDRequest);
913 nbd_client_get(client);
914 req->client = client;
918 static void nbd_request_put(NBDRequest *req)
920 NBDClient *client = req->client;
923 qemu_vfree(req->data);
925 g_slice_free(NBDRequest, req);
927 client->nb_requests--;
928 nbd_update_can_read(client);
929 nbd_client_put(client);
932 static void bs_aio_attached(AioContext *ctx, void *opaque)
934 NBDExport *exp = opaque;
937 TRACE("Export %s: Attaching clients to AIO context %p\n", exp->name, ctx);
941 QTAILQ_FOREACH(client, &exp->clients, next) {
942 nbd_set_handlers(client);
946 static void bs_aio_detach(void *opaque)
948 NBDExport *exp = opaque;
951 TRACE("Export %s: Detaching clients from AIO context %p\n", exp->name, exp->ctx);
953 QTAILQ_FOREACH(client, &exp->clients, next) {
954 nbd_unset_handlers(client);
960 NBDExport *nbd_export_new(BlockDriverState *bs, off_t dev_offset,
961 off_t size, uint32_t nbdflags,
962 void (*close)(NBDExport *))
964 NBDExport *exp = g_malloc0(sizeof(NBDExport));
966 QTAILQ_INIT(&exp->clients);
968 exp->dev_offset = dev_offset;
969 exp->nbdflags = nbdflags;
970 exp->size = size == -1 ? bdrv_getlength(bs) : size;
972 exp->ctx = bdrv_get_aio_context(bs);
974 bdrv_add_aio_context_notifier(bs, bs_aio_attached, bs_aio_detach, exp);
978 NBDExport *nbd_export_find(const char *name)
981 QTAILQ_FOREACH(exp, &exports, next) {
982 if (strcmp(name, exp->name) == 0) {
990 void nbd_export_set_name(NBDExport *exp, const char *name)
992 if (exp->name == name) {
997 if (exp->name != NULL) {
1000 QTAILQ_REMOVE(&exports, exp, next);
1001 nbd_export_put(exp);
1004 nbd_export_get(exp);
1005 exp->name = g_strdup(name);
1006 QTAILQ_INSERT_TAIL(&exports, exp, next);
1008 nbd_export_put(exp);
1011 void nbd_export_close(NBDExport *exp)
1013 NBDClient *client, *next;
1015 nbd_export_get(exp);
1016 QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) {
1017 nbd_client_close(client);
1019 nbd_export_set_name(exp, NULL);
1020 nbd_export_put(exp);
1022 bdrv_remove_aio_context_notifier(exp->bs, bs_aio_attached,
1023 bs_aio_detach, exp);
1024 bdrv_unref(exp->bs);
1029 void nbd_export_get(NBDExport *exp)
1031 assert(exp->refcount > 0);
1035 void nbd_export_put(NBDExport *exp)
1037 assert(exp->refcount > 0);
1038 if (exp->refcount == 1) {
1039 nbd_export_close(exp);
1042 if (--exp->refcount == 0) {
1043 assert(exp->name == NULL);
1053 BlockDriverState *nbd_export_get_blockdev(NBDExport *exp)
1058 void nbd_export_close_all(void)
1060 NBDExport *exp, *next;
1062 QTAILQ_FOREACH_SAFE(exp, &exports, next, next) {
1063 nbd_export_close(exp);
1067 static ssize_t nbd_co_send_reply(NBDRequest *req, struct nbd_reply *reply,
1070 NBDClient *client = req->client;
1071 int csock = client->sock;
1074 qemu_co_mutex_lock(&client->send_lock);
1075 client->send_coroutine = qemu_coroutine_self();
1076 nbd_set_handlers(client);
1079 rc = nbd_send_reply(csock, reply);
1081 socket_set_cork(csock, 1);
1082 rc = nbd_send_reply(csock, reply);
1084 ret = qemu_co_send(csock, req->data, len);
1089 socket_set_cork(csock, 0);
1092 client->send_coroutine = NULL;
1093 nbd_set_handlers(client);
1094 qemu_co_mutex_unlock(&client->send_lock);
1098 static ssize_t nbd_co_receive_request(NBDRequest *req, struct nbd_request *request)
1100 NBDClient *client = req->client;
1101 int csock = client->sock;
1105 client->recv_coroutine = qemu_coroutine_self();
1106 nbd_update_can_read(client);
1108 rc = nbd_receive_request(csock, request);
1110 if (rc != -EAGAIN) {
1116 if (request->len > NBD_MAX_BUFFER_SIZE) {
1117 LOG("len (%u) is larger than max len (%u)",
1118 request->len, NBD_MAX_BUFFER_SIZE);
1123 if ((request->from + request->len) < request->from) {
1124 LOG("integer overflow detected! "
1125 "you're probably being attacked");
1130 TRACE("Decoding type");
1132 command = request->type & NBD_CMD_MASK_COMMAND;
1133 if (command == NBD_CMD_READ || command == NBD_CMD_WRITE) {
1134 req->data = qemu_blockalign(client->exp->bs, request->len);
1136 if (command == NBD_CMD_WRITE) {
1137 TRACE("Reading %u byte(s)", request->len);
1139 if (qemu_co_recv(csock, req->data, request->len) != request->len) {
1140 LOG("reading from socket failed");
1148 client->recv_coroutine = NULL;
1149 nbd_update_can_read(client);
1154 static void nbd_trip(void *opaque)
1156 NBDClient *client = opaque;
1157 NBDExport *exp = client->exp;
1159 struct nbd_request request;
1160 struct nbd_reply reply;
1164 TRACE("Reading request.");
1165 if (client->closing) {
1169 req = nbd_request_get(client);
1170 ret = nbd_co_receive_request(req, &request);
1171 if (ret == -EAGAIN) {
1178 reply.handle = request.handle;
1185 command = request.type & NBD_CMD_MASK_COMMAND;
1186 if (command != NBD_CMD_DISC && (request.from + request.len) > exp->size) {
1187 LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
1188 ", Offset: %" PRIu64 "\n",
1189 request.from, request.len,
1190 (uint64_t)exp->size, (uint64_t)exp->dev_offset);
1191 LOG("requested operation past EOF--bad client?");
1192 goto invalid_request;
1197 TRACE("Request type is READ");
1199 if (request.type & NBD_CMD_FLAG_FUA) {
1200 ret = bdrv_co_flush(exp->bs);
1202 LOG("flush failed");
1208 ret = bdrv_read(exp->bs, (request.from + exp->dev_offset) / 512,
1209 req->data, request.len / 512);
1211 LOG("reading from file failed");
1216 TRACE("Read %u byte(s)", request.len);
1217 if (nbd_co_send_reply(req, &reply, request.len) < 0)
1221 TRACE("Request type is WRITE");
1223 if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
1224 TRACE("Server is read-only, return error");
1225 reply.error = EROFS;
1229 TRACE("Writing to device");
1231 ret = bdrv_write(exp->bs, (request.from + exp->dev_offset) / 512,
1232 req->data, request.len / 512);
1234 LOG("writing to file failed");
1239 if (request.type & NBD_CMD_FLAG_FUA) {
1240 ret = bdrv_co_flush(exp->bs);
1242 LOG("flush failed");
1248 if (nbd_co_send_reply(req, &reply, 0) < 0) {
1253 TRACE("Request type is DISCONNECT");
1257 TRACE("Request type is FLUSH");
1259 ret = bdrv_co_flush(exp->bs);
1261 LOG("flush failed");
1264 if (nbd_co_send_reply(req, &reply, 0) < 0) {
1269 TRACE("Request type is TRIM");
1270 ret = bdrv_co_discard(exp->bs, (request.from + exp->dev_offset) / 512,
1273 LOG("discard failed");
1276 if (nbd_co_send_reply(req, &reply, 0) < 0) {
1281 LOG("invalid request type (%u) received", request.type);
1283 reply.error = -EINVAL;
1285 if (nbd_co_send_reply(req, &reply, 0) < 0) {
1291 TRACE("Request/Reply complete");
1294 nbd_request_put(req);
1298 nbd_request_put(req);
1299 nbd_client_close(client);
1302 static void nbd_read(void *opaque)
1304 NBDClient *client = opaque;
1306 if (client->recv_coroutine) {
1307 qemu_coroutine_enter(client->recv_coroutine, NULL);
1309 qemu_coroutine_enter(qemu_coroutine_create(nbd_trip), client);
1313 static void nbd_restart_write(void *opaque)
1315 NBDClient *client = opaque;
1317 qemu_coroutine_enter(client->send_coroutine, NULL);
1320 static void nbd_set_handlers(NBDClient *client)
1322 if (client->exp && client->exp->ctx) {
1323 aio_set_fd_handler(client->exp->ctx, client->sock,
1324 client->can_read ? nbd_read : NULL,
1325 client->send_coroutine ? nbd_restart_write : NULL,
1330 static void nbd_unset_handlers(NBDClient *client)
1332 if (client->exp && client->exp->ctx) {
1333 aio_set_fd_handler(client->exp->ctx, client->sock, NULL, NULL, NULL);
1337 static void nbd_update_can_read(NBDClient *client)
1339 bool can_read = client->recv_coroutine ||
1340 client->nb_requests < MAX_NBD_REQUESTS;
1342 if (can_read != client->can_read) {
1343 client->can_read = can_read;
1344 nbd_set_handlers(client);
1346 /* There is no need to invoke aio_notify(), since aio_set_fd_handler()
1347 * in nbd_set_handlers() will have taken care of that */
1351 NBDClient *nbd_client_new(NBDExport *exp, int csock,
1352 void (*close)(NBDClient *))
1355 client = g_malloc0(sizeof(NBDClient));
1356 client->refcount = 1;
1358 client->sock = csock;
1359 client->can_read = true;
1360 if (nbd_send_negotiate(client)) {
1364 client->close = close;
1365 qemu_co_mutex_init(&client->send_lock);
1366 nbd_set_handlers(client);
1369 QTAILQ_INSERT_TAIL(&exp->clients, client, next);
1370 nbd_export_get(exp);
projects / qemu.git / blob