6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 of the License.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "qemu-coroutine.h"
27 #include <sys/ioctl.h>
29 #if defined(__sun__) || defined(__HAIKU__)
30 #include <sys/ioccom.h>
39 #include "qemu_socket.h"
40 #include "qemu-queue.h"
45 #define TRACE(msg, ...) do { \
46 LOG(msg, ## __VA_ARGS__); \
49 #define TRACE(msg, ...) \
53 #define LOG(msg, ...) do { \
54 fprintf(stderr, "%s:%s():L%d: " msg "\n", \
55 __FILE__, __FUNCTION__, __LINE__, ## __VA_ARGS__); \
58 /* This is all part of the "official" NBD API */
60 #define NBD_REQUEST_SIZE (4 + 4 + 8 + 8 + 4)
61 #define NBD_REPLY_SIZE (4 + 4 + 8)
62 #define NBD_REQUEST_MAGIC 0x25609513
63 #define NBD_REPLY_MAGIC 0x67446698
64 #define NBD_OPTS_MAGIC 0x49484156454F5054LL
65 #define NBD_CLIENT_MAGIC 0x0000420281861253LL
67 #define NBD_SET_SOCK _IO(0xab, 0)
68 #define NBD_SET_BLKSIZE _IO(0xab, 1)
69 #define NBD_SET_SIZE _IO(0xab, 2)
70 #define NBD_DO_IT _IO(0xab, 3)
71 #define NBD_CLEAR_SOCK _IO(0xab, 4)
72 #define NBD_CLEAR_QUE _IO(0xab, 5)
73 #define NBD_PRINT_DEBUG _IO(0xab, 6)
74 #define NBD_SET_SIZE_BLOCKS _IO(0xab, 7)
75 #define NBD_DISCONNECT _IO(0xab, 8)
76 #define NBD_SET_TIMEOUT _IO(0xab, 9)
77 #define NBD_SET_FLAGS _IO(0xab, 10)
79 #define NBD_OPT_EXPORT_NAME (1 << 0)
81 /* Definitions for opaque data types */
83 typedef struct NBDRequest NBDRequest;
86 QSIMPLEQ_ENTRY(NBDRequest) entry;
96 QSIMPLEQ_HEAD(, NBDRequest) requests;
101 void (*close)(NBDClient *client);
106 Coroutine *recv_coroutine;
109 Coroutine *send_coroutine;
114 /* That's all folks */
116 ssize_t nbd_wr_sync(int fd, void *buffer, size_t size, bool do_read)
121 if (qemu_in_coroutine()) {
123 return qemu_co_recv(fd, buffer, size);
125 return qemu_co_send(fd, buffer, size);
129 while (offset < size) {
133 len = qemu_recv(fd, buffer + offset, size - offset, 0);
135 len = send(fd, buffer + offset, size - offset, 0);
139 err = socket_error();
141 /* recoverable error */
142 if (err == EINTR || (offset > 0 && err == EAGAIN)) {
146 /* unrecoverable error */
161 static ssize_t read_sync(int fd, void *buffer, size_t size)
163 /* Sockets are kept in blocking mode in the negotiation phase. After
164 * that, a non-readable socket simply means that another thread stole
165 * our request/reply. Synchronization is done with recv_coroutine, so
166 * that this is coroutine-safe.
168 return nbd_wr_sync(fd, buffer, size, true);
171 static ssize_t write_sync(int fd, void *buffer, size_t size)
175 /* For writes, we do expect the socket to be writable. */
176 ret = nbd_wr_sync(fd, buffer, size, false);
177 } while (ret == -EAGAIN);
181 static void combine_addr(char *buf, size_t len, const char* address,
184 /* If the address-part contains a colon, it's an IPv6 IP so needs [] */
185 if (strstr(address, ":")) {
186 snprintf(buf, len, "[%s]:%u", address, port);
188 snprintf(buf, len, "%s:%u", address, port);
192 int tcp_socket_outgoing(const char *address, uint16_t port)
194 char address_and_port[128];
195 combine_addr(address_and_port, 128, address, port);
196 return tcp_socket_outgoing_spec(address_and_port);
199 int tcp_socket_outgoing_spec(const char *address_and_port)
201 return inet_connect(address_and_port, true, NULL, NULL);
204 int tcp_socket_incoming(const char *address, uint16_t port)
206 char address_and_port[128];
207 combine_addr(address_and_port, 128, address, port);
208 return tcp_socket_incoming_spec(address_and_port);
211 int tcp_socket_incoming_spec(const char *address_and_port)
215 return inet_listen(address_and_port, ostr, olen, SOCK_STREAM, 0, NULL);
218 int unix_socket_incoming(const char *path)
223 return unix_listen(path, ostr, olen);
226 int unix_socket_outgoing(const char *path)
228 return unix_connect(path);
245 static int nbd_send_negotiate(NBDClient *client)
247 int csock = client->sock;
248 char buf[8 + 8 + 8 + 128];
252 [ 0 .. 7] passwd ("NBDMAGIC")
253 [ 8 .. 15] magic (NBD_CLIENT_MAGIC)
256 [28 .. 151] reserved (0)
259 socket_set_block(csock);
262 TRACE("Beginning negotiation.");
263 memcpy(buf, "NBDMAGIC", 8);
264 cpu_to_be64w((uint64_t*)(buf + 8), NBD_CLIENT_MAGIC);
265 cpu_to_be64w((uint64_t*)(buf + 16), client->exp->size);
266 cpu_to_be32w((uint32_t*)(buf + 24),
267 client->exp->nbdflags | NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM |
268 NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA);
269 memset(buf + 28, 0, 124);
271 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
276 TRACE("Negotiation succeeded.");
279 socket_set_nonblock(csock);
283 int nbd_receive_negotiate(int csock, const char *name, uint32_t *flags,
284 off_t *size, size_t *blocksize)
291 TRACE("Receiving negotiation.");
293 socket_set_block(csock);
296 if (read_sync(csock, buf, 8) != 8) {
302 if (strlen(buf) == 0) {
303 LOG("server connection closed");
307 TRACE("Magic is %c%c%c%c%c%c%c%c",
308 qemu_isprint(buf[0]) ? buf[0] : '.',
309 qemu_isprint(buf[1]) ? buf[1] : '.',
310 qemu_isprint(buf[2]) ? buf[2] : '.',
311 qemu_isprint(buf[3]) ? buf[3] : '.',
312 qemu_isprint(buf[4]) ? buf[4] : '.',
313 qemu_isprint(buf[5]) ? buf[5] : '.',
314 qemu_isprint(buf[6]) ? buf[6] : '.',
315 qemu_isprint(buf[7]) ? buf[7] : '.');
317 if (memcmp(buf, "NBDMAGIC", 8) != 0) {
318 LOG("Invalid magic received");
322 if (read_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
326 magic = be64_to_cpu(magic);
327 TRACE("Magic is 0x%" PRIx64, magic);
330 uint32_t reserved = 0;
334 TRACE("Checking magic (opts_magic)");
335 if (magic != NBD_OPTS_MAGIC) {
336 LOG("Bad magic received");
339 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
340 LOG("flags read failed");
343 *flags = be16_to_cpu(tmp) << 16;
344 /* reserved for future use */
345 if (write_sync(csock, &reserved, sizeof(reserved)) !=
347 LOG("write failed (reserved)");
350 /* write the export name */
351 magic = cpu_to_be64(magic);
352 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
353 LOG("write failed (magic)");
356 opt = cpu_to_be32(NBD_OPT_EXPORT_NAME);
357 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
358 LOG("write failed (opt)");
361 namesize = cpu_to_be32(strlen(name));
362 if (write_sync(csock, &namesize, sizeof(namesize)) !=
364 LOG("write failed (namesize)");
367 if (write_sync(csock, (char*)name, strlen(name)) != strlen(name)) {
368 LOG("write failed (name)");
372 TRACE("Checking magic (cli_magic)");
374 if (magic != NBD_CLIENT_MAGIC) {
375 LOG("Bad magic received");
380 if (read_sync(csock, &s, sizeof(s)) != sizeof(s)) {
384 *size = be64_to_cpu(s);
386 TRACE("Size is %" PRIu64, *size);
389 if (read_sync(csock, flags, sizeof(*flags)) != sizeof(*flags)) {
390 LOG("read failed (flags)");
393 *flags = be32_to_cpup(flags);
395 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
396 LOG("read failed (tmp)");
399 *flags |= be32_to_cpu(tmp);
401 if (read_sync(csock, &buf, 124) != 124) {
402 LOG("read failed (buf)");
408 socket_set_nonblock(csock);
413 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
415 TRACE("Setting NBD socket");
417 if (ioctl(fd, NBD_SET_SOCK, csock) < 0) {
419 LOG("Failed to set NBD socket");
423 TRACE("Setting block size to %lu", (unsigned long)blocksize);
425 if (ioctl(fd, NBD_SET_BLKSIZE, blocksize) < 0) {
427 LOG("Failed setting NBD block size");
431 TRACE("Setting size to %zd block(s)", (size_t)(size / blocksize));
433 if (ioctl(fd, NBD_SET_SIZE_BLOCKS, size / blocksize) < 0) {
435 LOG("Failed setting size (in blocks)");
439 if (flags & NBD_FLAG_READ_ONLY) {
441 TRACE("Setting readonly attribute");
443 if (ioctl(fd, BLKROSET, (unsigned long) &read_only) < 0) {
445 LOG("Failed setting read-only attribute");
450 if (ioctl(fd, NBD_SET_FLAGS, flags) < 0
451 && errno != ENOTTY) {
453 LOG("Failed setting flags");
457 TRACE("Negotiation ended");
462 int nbd_disconnect(int fd)
464 ioctl(fd, NBD_CLEAR_QUE);
465 ioctl(fd, NBD_DISCONNECT);
466 ioctl(fd, NBD_CLEAR_SOCK);
470 int nbd_client(int fd)
475 TRACE("Doing NBD loop");
477 ret = ioctl(fd, NBD_DO_IT);
478 if (ret < 0 && errno == EPIPE) {
479 /* NBD_DO_IT normally returns EPIPE when someone has disconnected
480 * the socket via NBD_DISCONNECT. We do not want to return 1 in
487 TRACE("NBD loop returned %d: %s", ret, strerror(serrno));
489 TRACE("Clearing NBD queue");
490 ioctl(fd, NBD_CLEAR_QUE);
492 TRACE("Clearing NBD socket");
493 ioctl(fd, NBD_CLEAR_SOCK);
499 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
504 int nbd_disconnect(int fd)
509 int nbd_client(int fd)
515 ssize_t nbd_send_request(int csock, struct nbd_request *request)
517 uint8_t buf[NBD_REQUEST_SIZE];
520 cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC);
521 cpu_to_be32w((uint32_t*)(buf + 4), request->type);
522 cpu_to_be64w((uint64_t*)(buf + 8), request->handle);
523 cpu_to_be64w((uint64_t*)(buf + 16), request->from);
524 cpu_to_be32w((uint32_t*)(buf + 24), request->len);
526 TRACE("Sending request to client: "
527 "{ .from = %" PRIu64", .len = %u, .handle = %" PRIu64", .type=%i}",
528 request->from, request->len, request->handle, request->type);
530 ret = write_sync(csock, buf, sizeof(buf));
535 if (ret != sizeof(buf)) {
536 LOG("writing to socket failed");
542 static ssize_t nbd_receive_request(int csock, struct nbd_request *request)
544 uint8_t buf[NBD_REQUEST_SIZE];
548 ret = read_sync(csock, buf, sizeof(buf));
553 if (ret != sizeof(buf)) {
559 [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
560 [ 4 .. 7] type (0 == READ, 1 == WRITE)
566 magic = be32_to_cpup((uint32_t*)buf);
567 request->type = be32_to_cpup((uint32_t*)(buf + 4));
568 request->handle = be64_to_cpup((uint64_t*)(buf + 8));
569 request->from = be64_to_cpup((uint64_t*)(buf + 16));
570 request->len = be32_to_cpup((uint32_t*)(buf + 24));
572 TRACE("Got request: "
573 "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
574 magic, request->type, request->from, request->len);
576 if (magic != NBD_REQUEST_MAGIC) {
577 LOG("invalid magic (got 0x%x)", magic);
583 ssize_t nbd_receive_reply(int csock, struct nbd_reply *reply)
585 uint8_t buf[NBD_REPLY_SIZE];
589 ret = read_sync(csock, buf, sizeof(buf));
594 if (ret != sizeof(buf)) {
600 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
601 [ 4 .. 7] error (0 == no error)
605 magic = be32_to_cpup((uint32_t*)buf);
606 reply->error = be32_to_cpup((uint32_t*)(buf + 4));
607 reply->handle = be64_to_cpup((uint64_t*)(buf + 8));
610 "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }",
611 magic, reply->error, reply->handle);
613 if (magic != NBD_REPLY_MAGIC) {
614 LOG("invalid magic (got 0x%x)", magic);
620 static ssize_t nbd_send_reply(int csock, struct nbd_reply *reply)
622 uint8_t buf[NBD_REPLY_SIZE];
626 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
627 [ 4 .. 7] error (0 == no error)
630 cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
631 cpu_to_be32w((uint32_t*)(buf + 4), reply->error);
632 cpu_to_be64w((uint64_t*)(buf + 8), reply->handle);
634 TRACE("Sending response to client");
636 ret = write_sync(csock, buf, sizeof(buf));
641 if (ret != sizeof(buf)) {
642 LOG("writing to socket failed");
648 #define MAX_NBD_REQUESTS 16
650 static void nbd_client_get(NBDClient *client)
655 static void nbd_client_put(NBDClient *client)
657 if (--client->refcount == 0) {
662 static void nbd_client_close(NBDClient *client)
664 qemu_set_fd_handler2(client->sock, NULL, NULL, NULL, NULL);
668 client->close(client);
670 nbd_client_put(client);
673 static NBDRequest *nbd_request_get(NBDClient *client)
676 NBDExport *exp = client->exp;
678 assert(client->nb_requests <= MAX_NBD_REQUESTS - 1);
679 client->nb_requests++;
681 if (QSIMPLEQ_EMPTY(&exp->requests)) {
682 req = g_malloc0(sizeof(NBDRequest));
683 req->data = qemu_blockalign(exp->bs, NBD_BUFFER_SIZE);
685 req = QSIMPLEQ_FIRST(&exp->requests);
686 QSIMPLEQ_REMOVE_HEAD(&exp->requests, entry);
688 nbd_client_get(client);
689 req->client = client;
693 static void nbd_request_put(NBDRequest *req)
695 NBDClient *client = req->client;
696 QSIMPLEQ_INSERT_HEAD(&client->exp->requests, req, entry);
697 if (client->nb_requests-- == MAX_NBD_REQUESTS) {
700 nbd_client_put(client);
703 NBDExport *nbd_export_new(BlockDriverState *bs, off_t dev_offset,
704 off_t size, uint32_t nbdflags)
706 NBDExport *exp = g_malloc0(sizeof(NBDExport));
707 QSIMPLEQ_INIT(&exp->requests);
709 exp->dev_offset = dev_offset;
710 exp->nbdflags = nbdflags;
711 exp->size = size == -1 ? bdrv_getlength(bs) : size;
715 void nbd_export_close(NBDExport *exp)
717 while (!QSIMPLEQ_EMPTY(&exp->requests)) {
718 NBDRequest *first = QSIMPLEQ_FIRST(&exp->requests);
719 QSIMPLEQ_REMOVE_HEAD(&exp->requests, entry);
720 qemu_vfree(first->data);
727 static int nbd_can_read(void *opaque);
728 static void nbd_read(void *opaque);
729 static void nbd_restart_write(void *opaque);
731 static ssize_t nbd_co_send_reply(NBDRequest *req, struct nbd_reply *reply,
734 NBDClient *client = req->client;
735 int csock = client->sock;
738 qemu_co_mutex_lock(&client->send_lock);
739 qemu_set_fd_handler2(csock, nbd_can_read, nbd_read,
740 nbd_restart_write, client);
741 client->send_coroutine = qemu_coroutine_self();
744 rc = nbd_send_reply(csock, reply);
746 socket_set_cork(csock, 1);
747 rc = nbd_send_reply(csock, reply);
749 ret = qemu_co_send(csock, req->data, len);
754 socket_set_cork(csock, 0);
757 client->send_coroutine = NULL;
758 qemu_set_fd_handler2(csock, nbd_can_read, nbd_read, NULL, client);
759 qemu_co_mutex_unlock(&client->send_lock);
763 static ssize_t nbd_co_receive_request(NBDRequest *req, struct nbd_request *request)
765 NBDClient *client = req->client;
766 int csock = client->sock;
769 client->recv_coroutine = qemu_coroutine_self();
770 rc = nbd_receive_request(csock, request);
778 if (request->len > NBD_BUFFER_SIZE) {
779 LOG("len (%u) is larger than max len (%u)",
780 request->len, NBD_BUFFER_SIZE);
785 if ((request->from + request->len) < request->from) {
786 LOG("integer overflow detected! "
787 "you're probably being attacked");
792 TRACE("Decoding type");
794 if ((request->type & NBD_CMD_MASK_COMMAND) == NBD_CMD_WRITE) {
795 TRACE("Reading %u byte(s)", request->len);
797 if (qemu_co_recv(csock, req->data, request->len) != request->len) {
798 LOG("reading from socket failed");
806 client->recv_coroutine = NULL;
810 static void nbd_trip(void *opaque)
812 NBDClient *client = opaque;
813 NBDRequest *req = nbd_request_get(client);
814 NBDExport *exp = client->exp;
815 struct nbd_request request;
816 struct nbd_reply reply;
819 TRACE("Reading request.");
821 ret = nbd_co_receive_request(req, &request);
822 if (ret == -EAGAIN) {
829 reply.handle = request.handle;
837 if ((request.from + request.len) > exp->size) {
838 LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
839 ", Offset: %" PRIu64 "\n",
840 request.from, request.len,
841 (uint64_t)exp->size, (uint64_t)exp->dev_offset);
842 LOG("requested operation past EOF--bad client?");
843 goto invalid_request;
846 switch (request.type & NBD_CMD_MASK_COMMAND) {
848 TRACE("Request type is READ");
850 if (request.type & NBD_CMD_FLAG_FUA) {
851 ret = bdrv_co_flush(exp->bs);
859 ret = bdrv_read(exp->bs, (request.from + exp->dev_offset) / 512,
860 req->data, request.len / 512);
862 LOG("reading from file failed");
867 TRACE("Read %u byte(s)", request.len);
868 if (nbd_co_send_reply(req, &reply, request.len) < 0)
872 TRACE("Request type is WRITE");
874 if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
875 TRACE("Server is read-only, return error");
880 TRACE("Writing to device");
882 ret = bdrv_write(exp->bs, (request.from + exp->dev_offset) / 512,
883 req->data, request.len / 512);
885 LOG("writing to file failed");
890 if (request.type & NBD_CMD_FLAG_FUA) {
891 ret = bdrv_co_flush(exp->bs);
899 if (nbd_co_send_reply(req, &reply, 0) < 0) {
904 TRACE("Request type is DISCONNECT");
908 TRACE("Request type is FLUSH");
910 ret = bdrv_co_flush(exp->bs);
915 if (nbd_co_send_reply(req, &reply, 0) < 0) {
920 TRACE("Request type is TRIM");
921 ret = bdrv_co_discard(exp->bs, (request.from + exp->dev_offset) / 512,
924 LOG("discard failed");
927 if (nbd_co_send_reply(req, &reply, 0) < 0) {
932 LOG("invalid request type (%u) received", request.type);
934 reply.error = -EINVAL;
936 if (nbd_co_send_reply(req, &reply, 0) < 0) {
942 TRACE("Request/Reply complete");
945 nbd_request_put(req);
949 nbd_request_put(req);
950 nbd_client_close(client);
953 static int nbd_can_read(void *opaque)
955 NBDClient *client = opaque;
957 return client->recv_coroutine || client->nb_requests < MAX_NBD_REQUESTS;
960 static void nbd_read(void *opaque)
962 NBDClient *client = opaque;
964 if (client->recv_coroutine) {
965 qemu_coroutine_enter(client->recv_coroutine, NULL);
967 qemu_coroutine_enter(qemu_coroutine_create(nbd_trip), client);
971 static void nbd_restart_write(void *opaque)
973 NBDClient *client = opaque;
975 qemu_coroutine_enter(client->send_coroutine, NULL);
978 NBDClient *nbd_client_new(NBDExport *exp, int csock,
979 void (*close)(NBDClient *))
982 client = g_malloc0(sizeof(NBDClient));
983 client->refcount = 1;
985 client->sock = csock;
986 if (nbd_send_negotiate(client) < 0) {
990 client->close = close;
991 qemu_co_mutex_init(&client->send_lock);
992 qemu_set_fd_handler2(csock, nbd_can_read, nbd_read, NULL, client);
projects / qemu.git / blob