2 * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 of the License.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
24 #include <sys/ioctl.h>
26 #if defined(__sun__) || defined(__HAIKU__)
27 #include <sys/ioccom.h>
32 #include "qemu_socket.h"
37 #define TRACE(msg, ...) do { \
38 LOG(msg, ## __VA_ARGS__); \
41 #define TRACE(msg, ...) \
45 #define LOG(msg, ...) do { \
46 fprintf(stderr, "%s:%s():L%d: " msg "\n", \
47 __FILE__, __FUNCTION__, __LINE__, ## __VA_ARGS__); \
50 /* This is all part of the "official" NBD API */
52 #define NBD_REPLY_SIZE (4 + 4 + 8)
53 #define NBD_REQUEST_MAGIC 0x25609513
54 #define NBD_REPLY_MAGIC 0x67446698
56 #define NBD_SET_SOCK _IO(0xab, 0)
57 #define NBD_SET_BLKSIZE _IO(0xab, 1)
58 #define NBD_SET_SIZE _IO(0xab, 2)
59 #define NBD_DO_IT _IO(0xab, 3)
60 #define NBD_CLEAR_SOCK _IO(0xab, 4)
61 #define NBD_CLEAR_QUE _IO(0xab, 5)
62 #define NBD_PRINT_DEBUG _IO(0xab, 6)
63 #define NBD_SET_SIZE_BLOCKS _IO(0xab, 7)
64 #define NBD_DISCONNECT _IO(0xab, 8)
66 #define NBD_OPT_EXPORT_NAME (1 << 0)
68 /* That's all folks */
70 #define read_sync(fd, buffer, size) nbd_wr_sync(fd, buffer, size, true)
71 #define write_sync(fd, buffer, size) nbd_wr_sync(fd, buffer, size, false)
73 size_t nbd_wr_sync(int fd, void *buffer, size_t size, bool do_read)
77 while (offset < size) {
81 len = recv(fd, buffer + offset, size - offset, 0);
83 len = send(fd, buffer + offset, size - offset, 0);
87 errno = socket_error();
89 /* recoverable error */
90 if (len == -1 && (errno == EAGAIN || errno == EINTR)) {
99 /* unrecoverable error */
110 int tcp_socket_outgoing(const char *address, uint16_t port)
115 struct sockaddr_in addr;
117 s = socket(PF_INET, SOCK_STREAM, 0);
122 if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&i, sizeof(int)) == -1) {
126 if (inet_aton(address, &in) == 0) {
129 ent = gethostbyname(address);
134 memcpy(&in, ent->h_addr, sizeof(in));
137 addr.sin_family = AF_INET;
138 addr.sin_port = htons(port);
139 memcpy(&addr.sin_addr.s_addr, &in, sizeof(in));
141 if (connect(s, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
151 int tcp_socket_incoming(const char *address, uint16_t port)
155 struct sockaddr_in addr;
158 s = socket(PF_INET, SOCK_STREAM, 0);
163 if (inet_aton(address, &in) == 0) {
166 ent = gethostbyname(address);
171 memcpy(&in, ent->h_addr, sizeof(in));
174 addr.sin_family = AF_INET;
175 addr.sin_port = htons(port);
176 memcpy(&addr.sin_addr.s_addr, &in, sizeof(in));
179 if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
180 (const void *) &opt, sizeof(opt)) == -1) {
184 if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
188 if (listen(s, 128) == -1) {
199 int unix_socket_incoming(const char *path)
202 struct sockaddr_un addr;
204 s = socket(PF_UNIX, SOCK_STREAM, 0);
209 memset(&addr, 0, sizeof(addr));
210 addr.sun_family = AF_UNIX;
211 pstrcpy(addr.sun_path, sizeof(addr.sun_path), path);
213 if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
217 if (listen(s, 128) == -1) {
227 int unix_socket_outgoing(const char *path)
230 struct sockaddr_un addr;
232 s = socket(PF_UNIX, SOCK_STREAM, 0);
237 memset(&addr, 0, sizeof(addr));
238 addr.sun_family = AF_UNIX;
239 pstrcpy(addr.sun_path, sizeof(addr.sun_path), path);
241 if (connect(s, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
251 int unix_socket_incoming(const char *path)
257 int unix_socket_outgoing(const char *path)
279 int nbd_negotiate(int csock, off_t size)
281 char buf[8 + 8 + 8 + 128];
284 [ 0 .. 7] passwd ("NBDMAGIC")
285 [ 8 .. 15] magic (0x00420281861253)
287 [24 .. 151] reserved (0)
290 TRACE("Beginning negotiation.");
291 memcpy(buf, "NBDMAGIC", 8);
292 cpu_to_be64w((uint64_t*)(buf + 8), 0x00420281861253LL);
293 cpu_to_be64w((uint64_t*)(buf + 16), size);
294 memset(buf + 24, 0, 128);
296 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
302 TRACE("Negotation succeeded.");
307 int nbd_receive_negotiate(int csock, const char *name, uint32_t *flags,
308 off_t *size, size_t *blocksize)
314 TRACE("Receiving negotation.");
316 if (read_sync(csock, buf, 8) != 8) {
323 if (strlen(buf) == 0) {
324 LOG("server connection closed");
329 TRACE("Magic is %c%c%c%c%c%c%c%c",
330 qemu_isprint(buf[0]) ? buf[0] : '.',
331 qemu_isprint(buf[1]) ? buf[1] : '.',
332 qemu_isprint(buf[2]) ? buf[2] : '.',
333 qemu_isprint(buf[3]) ? buf[3] : '.',
334 qemu_isprint(buf[4]) ? buf[4] : '.',
335 qemu_isprint(buf[5]) ? buf[5] : '.',
336 qemu_isprint(buf[6]) ? buf[6] : '.',
337 qemu_isprint(buf[7]) ? buf[7] : '.');
339 if (memcmp(buf, "NBDMAGIC", 8) != 0) {
340 LOG("Invalid magic received");
345 if (read_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
350 magic = be64_to_cpu(magic);
351 TRACE("Magic is 0x%" PRIx64, magic);
354 uint32_t reserved = 0;
358 TRACE("Checking magic (opts_magic)");
359 if (magic != 0x49484156454F5054LL) {
360 LOG("Bad magic received");
364 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
365 LOG("flags read failed");
369 *flags = be16_to_cpu(tmp) << 16;
370 /* reserved for future use */
371 if (write_sync(csock, &reserved, sizeof(reserved)) !=
373 LOG("write failed (reserved)");
377 /* write the export name */
378 magic = cpu_to_be64(magic);
379 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
380 LOG("write failed (magic)");
384 opt = cpu_to_be32(NBD_OPT_EXPORT_NAME);
385 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
386 LOG("write failed (opt)");
390 namesize = cpu_to_be32(strlen(name));
391 if (write_sync(csock, &namesize, sizeof(namesize)) !=
393 LOG("write failed (namesize)");
397 if (write_sync(csock, (char*)name, strlen(name)) != strlen(name)) {
398 LOG("write failed (name)");
403 TRACE("Checking magic (cli_magic)");
405 if (magic != 0x00420281861253LL) {
406 LOG("Bad magic received");
412 if (read_sync(csock, &s, sizeof(s)) != sizeof(s)) {
417 *size = be64_to_cpu(s);
419 TRACE("Size is %" PRIu64, *size);
422 if (read_sync(csock, flags, sizeof(*flags)) != sizeof(*flags)) {
423 LOG("read failed (flags)");
427 *flags = be32_to_cpup(flags);
429 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
430 LOG("read failed (tmp)");
434 *flags |= be32_to_cpu(tmp);
436 if (read_sync(csock, &buf, 124) != 124) {
437 LOG("read failed (buf)");
445 int nbd_init(int fd, int csock, off_t size, size_t blocksize)
447 TRACE("Setting block size to %lu", (unsigned long)blocksize);
449 if (ioctl(fd, NBD_SET_BLKSIZE, blocksize) == -1) {
451 LOG("Failed setting NBD block size");
456 TRACE("Setting size to %zd block(s)", (size_t)(size / blocksize));
458 if (ioctl(fd, NBD_SET_SIZE_BLOCKS, size / blocksize) == -1) {
460 LOG("Failed setting size (in blocks)");
465 TRACE("Clearing NBD socket");
467 if (ioctl(fd, NBD_CLEAR_SOCK) == -1) {
469 LOG("Failed clearing NBD socket");
474 TRACE("Setting NBD socket");
476 if (ioctl(fd, NBD_SET_SOCK, csock) == -1) {
478 LOG("Failed to set NBD socket");
483 TRACE("Negotiation ended");
488 int nbd_disconnect(int fd)
490 ioctl(fd, NBD_CLEAR_QUE);
491 ioctl(fd, NBD_DISCONNECT);
492 ioctl(fd, NBD_CLEAR_SOCK);
496 int nbd_client(int fd)
501 TRACE("Doing NBD loop");
503 ret = ioctl(fd, NBD_DO_IT);
506 TRACE("NBD loop returned %d: %s", ret, strerror(serrno));
508 TRACE("Clearing NBD queue");
509 ioctl(fd, NBD_CLEAR_QUE);
511 TRACE("Clearing NBD socket");
512 ioctl(fd, NBD_CLEAR_SOCK);
518 int nbd_init(int fd, int csock, off_t size, size_t blocksize)
524 int nbd_disconnect(int fd)
530 int nbd_client(int fd)
537 int nbd_send_request(int csock, struct nbd_request *request)
539 uint8_t buf[4 + 4 + 8 + 8 + 4];
541 cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC);
542 cpu_to_be32w((uint32_t*)(buf + 4), request->type);
543 cpu_to_be64w((uint64_t*)(buf + 8), request->handle);
544 cpu_to_be64w((uint64_t*)(buf + 16), request->from);
545 cpu_to_be32w((uint32_t*)(buf + 24), request->len);
547 TRACE("Sending request to client");
549 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
550 LOG("writing to socket failed");
558 static int nbd_receive_request(int csock, struct nbd_request *request)
560 uint8_t buf[4 + 4 + 8 + 8 + 4];
563 if (read_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
570 [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
571 [ 4 .. 7] type (0 == READ, 1 == WRITE)
577 magic = be32_to_cpup((uint32_t*)buf);
578 request->type = be32_to_cpup((uint32_t*)(buf + 4));
579 request->handle = be64_to_cpup((uint64_t*)(buf + 8));
580 request->from = be64_to_cpup((uint64_t*)(buf + 16));
581 request->len = be32_to_cpup((uint32_t*)(buf + 24));
583 TRACE("Got request: "
584 "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
585 magic, request->type, request->from, request->len);
587 if (magic != NBD_REQUEST_MAGIC) {
588 LOG("invalid magic (got 0x%x)", magic);
595 int nbd_receive_reply(int csock, struct nbd_reply *reply)
597 uint8_t buf[NBD_REPLY_SIZE];
600 memset(buf, 0xAA, sizeof(buf));
602 if (read_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
609 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
610 [ 4 .. 7] error (0 == no error)
614 magic = be32_to_cpup((uint32_t*)buf);
615 reply->error = be32_to_cpup((uint32_t*)(buf + 4));
616 reply->handle = be64_to_cpup((uint64_t*)(buf + 8));
619 "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }",
620 magic, reply->error, reply->handle);
622 if (magic != NBD_REPLY_MAGIC) {
623 LOG("invalid magic (got 0x%x)", magic);
630 static int nbd_send_reply(int csock, struct nbd_reply *reply)
632 uint8_t buf[4 + 4 + 8];
635 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
636 [ 4 .. 7] error (0 == no error)
639 cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
640 cpu_to_be32w((uint32_t*)(buf + 4), reply->error);
641 cpu_to_be64w((uint64_t*)(buf + 8), reply->handle);
643 TRACE("Sending response to client");
645 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
646 LOG("writing to socket failed");
653 int nbd_trip(BlockDriverState *bs, int csock, off_t size, uint64_t dev_offset,
654 off_t *offset, bool readonly, uint8_t *data, int data_size)
656 struct nbd_request request;
657 struct nbd_reply reply;
659 TRACE("Reading request.");
661 if (nbd_receive_request(csock, &request) == -1)
664 if (request.len + NBD_REPLY_SIZE > data_size) {
665 LOG("len (%u) is larger than max len (%u)",
666 request.len + NBD_REPLY_SIZE, data_size);
671 if ((request.from + request.len) < request.from) {
672 LOG("integer overflow detected! "
673 "you're probably being attacked");
678 if ((request.from + request.len) > size) {
679 LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
680 ", Offset: %" PRIu64 "\n",
681 request.from, request.len, (uint64_t)size, dev_offset);
682 LOG("requested operation past EOF--bad client?");
687 TRACE("Decoding type");
689 reply.handle = request.handle;
692 switch (request.type) {
694 TRACE("Request type is READ");
696 if (bdrv_read(bs, (request.from + dev_offset) / 512,
697 data + NBD_REPLY_SIZE,
698 request.len / 512) == -1) {
699 LOG("reading from file failed");
703 *offset += request.len;
705 TRACE("Read %u byte(s)", request.len);
708 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
709 [ 4 .. 7] error (0 == no error)
713 cpu_to_be32w((uint32_t*)data, NBD_REPLY_MAGIC);
714 cpu_to_be32w((uint32_t*)(data + 4), reply.error);
715 cpu_to_be64w((uint64_t*)(data + 8), reply.handle);
717 TRACE("Sending data to client");
719 if (write_sync(csock, data,
720 request.len + NBD_REPLY_SIZE) !=
721 request.len + NBD_REPLY_SIZE) {
722 LOG("writing to socket failed");
728 TRACE("Request type is WRITE");
730 TRACE("Reading %u byte(s)", request.len);
732 if (read_sync(csock, data, request.len) != request.len) {
733 LOG("reading from socket failed");
739 TRACE("Server is read-only, return error");
742 TRACE("Writing to device");
744 if (bdrv_write(bs, (request.from + dev_offset) / 512,
745 data, request.len / 512) == -1) {
746 LOG("writing to file failed");
751 *offset += request.len;
754 if (nbd_send_reply(csock, &reply) == -1)
758 TRACE("Request type is DISCONNECT");
762 LOG("invalid request type (%u) received", request.type);
767 TRACE("Request/Reply complete");
projects / sdk / emulator / qemu.git / blob