6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 of the License.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
25 #include <sys/ioctl.h>
27 #if defined(__sun__) || defined(__HAIKU__)
28 #include <sys/ioccom.h>
37 #include "qemu_socket.h"
42 #define TRACE(msg, ...) do { \
43 LOG(msg, ## __VA_ARGS__); \
46 #define TRACE(msg, ...) \
50 #define LOG(msg, ...) do { \
51 fprintf(stderr, "%s:%s():L%d: " msg "\n", \
52 __FILE__, __FUNCTION__, __LINE__, ## __VA_ARGS__); \
55 /* This is all part of the "official" NBD API */
57 #define NBD_REPLY_SIZE (4 + 4 + 8)
58 #define NBD_REQUEST_MAGIC 0x25609513
59 #define NBD_REPLY_MAGIC 0x67446698
61 #define NBD_SET_SOCK _IO(0xab, 0)
62 #define NBD_SET_BLKSIZE _IO(0xab, 1)
63 #define NBD_SET_SIZE _IO(0xab, 2)
64 #define NBD_DO_IT _IO(0xab, 3)
65 #define NBD_CLEAR_SOCK _IO(0xab, 4)
66 #define NBD_CLEAR_QUE _IO(0xab, 5)
67 #define NBD_PRINT_DEBUG _IO(0xab, 6)
68 #define NBD_SET_SIZE_BLOCKS _IO(0xab, 7)
69 #define NBD_DISCONNECT _IO(0xab, 8)
71 #define NBD_OPT_EXPORT_NAME (1 << 0)
73 /* That's all folks */
75 #define read_sync(fd, buffer, size) nbd_wr_sync(fd, buffer, size, true)
76 #define write_sync(fd, buffer, size) nbd_wr_sync(fd, buffer, size, false)
78 size_t nbd_wr_sync(int fd, void *buffer, size_t size, bool do_read)
82 while (offset < size) {
86 len = qemu_recv(fd, buffer + offset, size - offset, 0);
88 len = send(fd, buffer + offset, size - offset, 0);
92 errno = socket_error();
94 /* recoverable error */
95 if (len == -1 && (errno == EAGAIN || errno == EINTR)) {
104 /* unrecoverable error */
115 static void combine_addr(char *buf, size_t len, const char* address,
118 /* If the address-part contains a colon, it's an IPv6 IP so needs [] */
119 if (strstr(address, ":")) {
120 snprintf(buf, len, "[%s]:%u", address, port);
122 snprintf(buf, len, "%s:%u", address, port);
126 int tcp_socket_outgoing(const char *address, uint16_t port)
128 char address_and_port[128];
129 combine_addr(address_and_port, 128, address, port);
130 return tcp_socket_outgoing_spec(address_and_port);
133 int tcp_socket_outgoing_spec(const char *address_and_port)
135 return inet_connect(address_and_port, SOCK_STREAM);
138 int tcp_socket_incoming(const char *address, uint16_t port)
140 char address_and_port[128];
141 combine_addr(address_and_port, 128, address, port);
142 return tcp_socket_incoming_spec(address_and_port);
145 int tcp_socket_incoming_spec(const char *address_and_port)
149 return inet_listen(address_and_port, ostr, olen, SOCK_STREAM, 0);
152 int unix_socket_incoming(const char *path)
157 return unix_listen(path, ostr, olen);
160 int unix_socket_outgoing(const char *path)
162 return unix_connect(path);
179 int nbd_negotiate(int csock, off_t size, uint32_t flags)
181 char buf[8 + 8 + 8 + 128];
184 [ 0 .. 7] passwd ("NBDMAGIC")
185 [ 8 .. 15] magic (0x00420281861253)
188 [28 .. 151] reserved (0)
191 TRACE("Beginning negotiation.");
192 memcpy(buf, "NBDMAGIC", 8);
193 cpu_to_be64w((uint64_t*)(buf + 8), 0x00420281861253LL);
194 cpu_to_be64w((uint64_t*)(buf + 16), size);
195 cpu_to_be32w((uint32_t*)(buf + 24), flags | NBD_FLAG_HAS_FLAGS);
196 memset(buf + 28, 0, 124);
198 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
204 TRACE("Negotation succeeded.");
209 int nbd_receive_negotiate(int csock, const char *name, uint32_t *flags,
210 off_t *size, size_t *blocksize)
216 TRACE("Receiving negotation.");
218 if (read_sync(csock, buf, 8) != 8) {
225 if (strlen(buf) == 0) {
226 LOG("server connection closed");
231 TRACE("Magic is %c%c%c%c%c%c%c%c",
232 qemu_isprint(buf[0]) ? buf[0] : '.',
233 qemu_isprint(buf[1]) ? buf[1] : '.',
234 qemu_isprint(buf[2]) ? buf[2] : '.',
235 qemu_isprint(buf[3]) ? buf[3] : '.',
236 qemu_isprint(buf[4]) ? buf[4] : '.',
237 qemu_isprint(buf[5]) ? buf[5] : '.',
238 qemu_isprint(buf[6]) ? buf[6] : '.',
239 qemu_isprint(buf[7]) ? buf[7] : '.');
241 if (memcmp(buf, "NBDMAGIC", 8) != 0) {
242 LOG("Invalid magic received");
247 if (read_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
252 magic = be64_to_cpu(magic);
253 TRACE("Magic is 0x%" PRIx64, magic);
256 uint32_t reserved = 0;
260 TRACE("Checking magic (opts_magic)");
261 if (magic != 0x49484156454F5054LL) {
262 LOG("Bad magic received");
266 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
267 LOG("flags read failed");
271 *flags = be16_to_cpu(tmp) << 16;
272 /* reserved for future use */
273 if (write_sync(csock, &reserved, sizeof(reserved)) !=
275 LOG("write failed (reserved)");
279 /* write the export name */
280 magic = cpu_to_be64(magic);
281 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
282 LOG("write failed (magic)");
286 opt = cpu_to_be32(NBD_OPT_EXPORT_NAME);
287 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
288 LOG("write failed (opt)");
292 namesize = cpu_to_be32(strlen(name));
293 if (write_sync(csock, &namesize, sizeof(namesize)) !=
295 LOG("write failed (namesize)");
299 if (write_sync(csock, (char*)name, strlen(name)) != strlen(name)) {
300 LOG("write failed (name)");
305 TRACE("Checking magic (cli_magic)");
307 if (magic != 0x00420281861253LL) {
308 LOG("Bad magic received");
314 if (read_sync(csock, &s, sizeof(s)) != sizeof(s)) {
319 *size = be64_to_cpu(s);
321 TRACE("Size is %" PRIu64, *size);
324 if (read_sync(csock, flags, sizeof(*flags)) != sizeof(*flags)) {
325 LOG("read failed (flags)");
329 *flags = be32_to_cpup(flags);
331 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
332 LOG("read failed (tmp)");
336 *flags |= be32_to_cpu(tmp);
338 if (read_sync(csock, &buf, 124) != 124) {
339 LOG("read failed (buf)");
347 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
349 TRACE("Setting block size to %lu", (unsigned long)blocksize);
351 if (ioctl(fd, NBD_SET_BLKSIZE, blocksize) == -1) {
353 LOG("Failed setting NBD block size");
358 TRACE("Setting size to %zd block(s)", (size_t)(size / blocksize));
360 if (ioctl(fd, NBD_SET_SIZE_BLOCKS, size / blocksize) == -1) {
362 LOG("Failed setting size (in blocks)");
367 if (flags & NBD_FLAG_READ_ONLY) {
369 TRACE("Setting readonly attribute");
371 if (ioctl(fd, BLKROSET, (unsigned long) &read_only) < 0) {
373 LOG("Failed setting read-only attribute");
379 TRACE("Clearing NBD socket");
381 if (ioctl(fd, NBD_CLEAR_SOCK) == -1) {
383 LOG("Failed clearing NBD socket");
388 TRACE("Setting NBD socket");
390 if (ioctl(fd, NBD_SET_SOCK, csock) == -1) {
392 LOG("Failed to set NBD socket");
397 TRACE("Negotiation ended");
402 int nbd_disconnect(int fd)
404 ioctl(fd, NBD_CLEAR_QUE);
405 ioctl(fd, NBD_DISCONNECT);
406 ioctl(fd, NBD_CLEAR_SOCK);
410 int nbd_client(int fd)
415 TRACE("Doing NBD loop");
417 ret = ioctl(fd, NBD_DO_IT);
420 TRACE("NBD loop returned %d: %s", ret, strerror(serrno));
422 TRACE("Clearing NBD queue");
423 ioctl(fd, NBD_CLEAR_QUE);
425 TRACE("Clearing NBD socket");
426 ioctl(fd, NBD_CLEAR_SOCK);
432 int nbd_init(int fd, int csock, off_t size, size_t blocksize)
438 int nbd_disconnect(int fd)
444 int nbd_client(int fd)
451 int nbd_send_request(int csock, struct nbd_request *request)
453 uint8_t buf[4 + 4 + 8 + 8 + 4];
455 cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC);
456 cpu_to_be32w((uint32_t*)(buf + 4), request->type);
457 cpu_to_be64w((uint64_t*)(buf + 8), request->handle);
458 cpu_to_be64w((uint64_t*)(buf + 16), request->from);
459 cpu_to_be32w((uint32_t*)(buf + 24), request->len);
461 TRACE("Sending request to client: "
462 "{ .from = %" PRIu64", .len = %u, .handle = %" PRIu64", .type=%i}",
463 request->from, request->len, request->handle, request->type);
465 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
466 LOG("writing to socket failed");
473 static int nbd_receive_request(int csock, struct nbd_request *request)
475 uint8_t buf[4 + 4 + 8 + 8 + 4];
478 if (read_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
485 [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
486 [ 4 .. 7] type (0 == READ, 1 == WRITE)
492 magic = be32_to_cpup((uint32_t*)buf);
493 request->type = be32_to_cpup((uint32_t*)(buf + 4));
494 request->handle = be64_to_cpup((uint64_t*)(buf + 8));
495 request->from = be64_to_cpup((uint64_t*)(buf + 16));
496 request->len = be32_to_cpup((uint32_t*)(buf + 24));
498 TRACE("Got request: "
499 "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
500 magic, request->type, request->from, request->len);
502 if (magic != NBD_REQUEST_MAGIC) {
503 LOG("invalid magic (got 0x%x)", magic);
510 int nbd_receive_reply(int csock, struct nbd_reply *reply)
512 uint8_t buf[NBD_REPLY_SIZE];
515 memset(buf, 0xAA, sizeof(buf));
517 if (read_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
524 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
525 [ 4 .. 7] error (0 == no error)
529 magic = be32_to_cpup((uint32_t*)buf);
530 reply->error = be32_to_cpup((uint32_t*)(buf + 4));
531 reply->handle = be64_to_cpup((uint64_t*)(buf + 8));
534 "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }",
535 magic, reply->error, reply->handle);
537 if (magic != NBD_REPLY_MAGIC) {
538 LOG("invalid magic (got 0x%x)", magic);
545 static int nbd_send_reply(int csock, struct nbd_reply *reply)
547 uint8_t buf[4 + 4 + 8];
550 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
551 [ 4 .. 7] error (0 == no error)
554 cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
555 cpu_to_be32w((uint32_t*)(buf + 4), reply->error);
556 cpu_to_be64w((uint64_t*)(buf + 8), reply->handle);
558 TRACE("Sending response to client");
560 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
561 LOG("writing to socket failed");
568 int nbd_trip(BlockDriverState *bs, int csock, off_t size, uint64_t dev_offset,
569 off_t *offset, uint32_t nbdflags, uint8_t *data, int data_size)
571 struct nbd_request request;
572 struct nbd_reply reply;
574 TRACE("Reading request.");
576 if (nbd_receive_request(csock, &request) == -1)
579 if (request.len + NBD_REPLY_SIZE > data_size) {
580 LOG("len (%u) is larger than max len (%u)",
581 request.len + NBD_REPLY_SIZE, data_size);
586 if ((request.from + request.len) < request.from) {
587 LOG("integer overflow detected! "
588 "you're probably being attacked");
593 if ((request.from + request.len) > size) {
594 LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
595 ", Offset: %" PRIu64 "\n",
596 request.from, request.len, (uint64_t)size, dev_offset);
597 LOG("requested operation past EOF--bad client?");
602 TRACE("Decoding type");
604 reply.handle = request.handle;
607 switch (request.type) {
609 TRACE("Request type is READ");
611 if (bdrv_read(bs, (request.from + dev_offset) / 512,
612 data + NBD_REPLY_SIZE,
613 request.len / 512) == -1) {
614 LOG("reading from file failed");
618 *offset += request.len;
620 TRACE("Read %u byte(s)", request.len);
623 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
624 [ 4 .. 7] error (0 == no error)
628 cpu_to_be32w((uint32_t*)data, NBD_REPLY_MAGIC);
629 cpu_to_be32w((uint32_t*)(data + 4), reply.error);
630 cpu_to_be64w((uint64_t*)(data + 8), reply.handle);
632 TRACE("Sending data to client");
634 if (write_sync(csock, data,
635 request.len + NBD_REPLY_SIZE) !=
636 request.len + NBD_REPLY_SIZE) {
637 LOG("writing to socket failed");
643 TRACE("Request type is WRITE");
645 TRACE("Reading %u byte(s)", request.len);
647 if (read_sync(csock, data, request.len) != request.len) {
648 LOG("reading from socket failed");
653 if (nbdflags & NBD_FLAG_READ_ONLY) {
654 TRACE("Server is read-only, return error");
657 TRACE("Writing to device");
659 if (bdrv_write(bs, (request.from + dev_offset) / 512,
660 data, request.len / 512) == -1) {
661 LOG("writing to file failed");
666 *offset += request.len;
669 if (nbd_send_reply(csock, &reply) == -1)
673 TRACE("Request type is DISCONNECT");
677 LOG("invalid request type (%u) received", request.type);
682 TRACE("Request/Reply complete");
projects / qemu.git / blob