2 * Copyright (C) 2005 Anthony Liguori <anthony@codemonkey.ws>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; under version 2 of the License.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "qemu-coroutine.h"
27 #include <sys/ioctl.h>
29 #if defined(__sun__) || defined(__HAIKU__)
30 #include <sys/ioccom.h>
39 #include "qemu_socket.h"
40 #include "qemu-queue.h"
45 #define TRACE(msg, ...) do { \
46 LOG(msg, ## __VA_ARGS__); \
49 #define TRACE(msg, ...) \
53 #define LOG(msg, ...) do { \
54 fprintf(stderr, "%s:%s():L%d: " msg "\n", \
55 __FILE__, __FUNCTION__, __LINE__, ## __VA_ARGS__); \
58 /* This is all part of the "official" NBD API */
60 #define NBD_REQUEST_SIZE (4 + 4 + 8 + 8 + 4)
61 #define NBD_REPLY_SIZE (4 + 4 + 8)
62 #define NBD_REQUEST_MAGIC 0x25609513
63 #define NBD_REPLY_MAGIC 0x67446698
64 #define NBD_OPTS_MAGIC 0x49484156454F5054LL
65 #define NBD_CLIENT_MAGIC 0x0000420281861253LL
67 #define NBD_SET_SOCK _IO(0xab, 0)
68 #define NBD_SET_BLKSIZE _IO(0xab, 1)
69 #define NBD_SET_SIZE _IO(0xab, 2)
70 #define NBD_DO_IT _IO(0xab, 3)
71 #define NBD_CLEAR_SOCK _IO(0xab, 4)
72 #define NBD_CLEAR_QUE _IO(0xab, 5)
73 #define NBD_PRINT_DEBUG _IO(0xab, 6)
74 #define NBD_SET_SIZE_BLOCKS _IO(0xab, 7)
75 #define NBD_DISCONNECT _IO(0xab, 8)
76 #define NBD_SET_TIMEOUT _IO(0xab, 9)
77 #define NBD_SET_FLAGS _IO(0xab, 10)
79 #define NBD_OPT_EXPORT_NAME (1 << 0)
81 /* Definitions for opaque data types */
83 typedef struct NBDRequest NBDRequest;
86 QSIMPLEQ_ENTRY(NBDRequest) entry;
97 QTAILQ_HEAD(, NBDClient) clients;
98 QSIMPLEQ_HEAD(, NBDRequest) requests;
103 void (*close)(NBDClient *client);
108 Coroutine *recv_coroutine;
111 Coroutine *send_coroutine;
113 QTAILQ_ENTRY(NBDClient) next;
118 /* That's all folks */
120 ssize_t nbd_wr_sync(int fd, void *buffer, size_t size, bool do_read)
125 if (qemu_in_coroutine()) {
127 return qemu_co_recv(fd, buffer, size);
129 return qemu_co_send(fd, buffer, size);
133 while (offset < size) {
137 len = qemu_recv(fd, buffer + offset, size - offset, 0);
139 len = send(fd, buffer + offset, size - offset, 0);
143 err = socket_error();
145 /* recoverable error */
146 if (err == EINTR || (offset > 0 && err == EAGAIN)) {
150 /* unrecoverable error */
165 static ssize_t read_sync(int fd, void *buffer, size_t size)
167 /* Sockets are kept in blocking mode in the negotiation phase. After
168 * that, a non-readable socket simply means that another thread stole
169 * our request/reply. Synchronization is done with recv_coroutine, so
170 * that this is coroutine-safe.
172 return nbd_wr_sync(fd, buffer, size, true);
175 static ssize_t write_sync(int fd, void *buffer, size_t size)
179 /* For writes, we do expect the socket to be writable. */
180 ret = nbd_wr_sync(fd, buffer, size, false);
181 } while (ret == -EAGAIN);
185 static void combine_addr(char *buf, size_t len, const char* address,
188 /* If the address-part contains a colon, it's an IPv6 IP so needs [] */
189 if (strstr(address, ":")) {
190 snprintf(buf, len, "[%s]:%u", address, port);
192 snprintf(buf, len, "%s:%u", address, port);
196 int tcp_socket_outgoing(const char *address, uint16_t port)
198 char address_and_port[128];
199 combine_addr(address_and_port, 128, address, port);
200 return tcp_socket_outgoing_spec(address_and_port);
203 int tcp_socket_outgoing_spec(const char *address_and_port)
205 return inet_connect(address_and_port, true, NULL, NULL);
208 int tcp_socket_incoming(const char *address, uint16_t port)
210 char address_and_port[128];
211 combine_addr(address_and_port, 128, address, port);
212 return tcp_socket_incoming_spec(address_and_port);
215 int tcp_socket_incoming_spec(const char *address_and_port)
219 return inet_listen(address_and_port, ostr, olen, SOCK_STREAM, 0, NULL);
222 int unix_socket_incoming(const char *path)
227 return unix_listen(path, ostr, olen);
230 int unix_socket_outgoing(const char *path)
232 return unix_connect(path);
249 static int nbd_send_negotiate(NBDClient *client)
251 int csock = client->sock;
252 char buf[8 + 8 + 8 + 128];
256 [ 0 .. 7] passwd ("NBDMAGIC")
257 [ 8 .. 15] magic (NBD_CLIENT_MAGIC)
260 [28 .. 151] reserved (0)
263 socket_set_block(csock);
266 TRACE("Beginning negotiation.");
267 memcpy(buf, "NBDMAGIC", 8);
268 cpu_to_be64w((uint64_t*)(buf + 8), NBD_CLIENT_MAGIC);
269 cpu_to_be64w((uint64_t*)(buf + 16), client->exp->size);
270 cpu_to_be32w((uint32_t*)(buf + 24),
271 client->exp->nbdflags | NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_TRIM |
272 NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA);
273 memset(buf + 28, 0, 124);
275 if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
280 TRACE("Negotiation succeeded.");
283 socket_set_nonblock(csock);
287 int nbd_receive_negotiate(int csock, const char *name, uint32_t *flags,
288 off_t *size, size_t *blocksize)
295 TRACE("Receiving negotiation.");
297 socket_set_block(csock);
300 if (read_sync(csock, buf, 8) != 8) {
306 if (strlen(buf) == 0) {
307 LOG("server connection closed");
311 TRACE("Magic is %c%c%c%c%c%c%c%c",
312 qemu_isprint(buf[0]) ? buf[0] : '.',
313 qemu_isprint(buf[1]) ? buf[1] : '.',
314 qemu_isprint(buf[2]) ? buf[2] : '.',
315 qemu_isprint(buf[3]) ? buf[3] : '.',
316 qemu_isprint(buf[4]) ? buf[4] : '.',
317 qemu_isprint(buf[5]) ? buf[5] : '.',
318 qemu_isprint(buf[6]) ? buf[6] : '.',
319 qemu_isprint(buf[7]) ? buf[7] : '.');
321 if (memcmp(buf, "NBDMAGIC", 8) != 0) {
322 LOG("Invalid magic received");
326 if (read_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
330 magic = be64_to_cpu(magic);
331 TRACE("Magic is 0x%" PRIx64, magic);
334 uint32_t reserved = 0;
338 TRACE("Checking magic (opts_magic)");
339 if (magic != NBD_OPTS_MAGIC) {
340 LOG("Bad magic received");
343 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
344 LOG("flags read failed");
347 *flags = be16_to_cpu(tmp) << 16;
348 /* reserved for future use */
349 if (write_sync(csock, &reserved, sizeof(reserved)) !=
351 LOG("write failed (reserved)");
354 /* write the export name */
355 magic = cpu_to_be64(magic);
356 if (write_sync(csock, &magic, sizeof(magic)) != sizeof(magic)) {
357 LOG("write failed (magic)");
360 opt = cpu_to_be32(NBD_OPT_EXPORT_NAME);
361 if (write_sync(csock, &opt, sizeof(opt)) != sizeof(opt)) {
362 LOG("write failed (opt)");
365 namesize = cpu_to_be32(strlen(name));
366 if (write_sync(csock, &namesize, sizeof(namesize)) !=
368 LOG("write failed (namesize)");
371 if (write_sync(csock, (char*)name, strlen(name)) != strlen(name)) {
372 LOG("write failed (name)");
376 TRACE("Checking magic (cli_magic)");
378 if (magic != NBD_CLIENT_MAGIC) {
379 LOG("Bad magic received");
384 if (read_sync(csock, &s, sizeof(s)) != sizeof(s)) {
388 *size = be64_to_cpu(s);
390 TRACE("Size is %" PRIu64, *size);
393 if (read_sync(csock, flags, sizeof(*flags)) != sizeof(*flags)) {
394 LOG("read failed (flags)");
397 *flags = be32_to_cpup(flags);
399 if (read_sync(csock, &tmp, sizeof(tmp)) != sizeof(tmp)) {
400 LOG("read failed (tmp)");
403 *flags |= be32_to_cpu(tmp);
405 if (read_sync(csock, &buf, 124) != 124) {
406 LOG("read failed (buf)");
412 socket_set_nonblock(csock);
417 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
419 TRACE("Setting NBD socket");
421 if (ioctl(fd, NBD_SET_SOCK, csock) < 0) {
423 LOG("Failed to set NBD socket");
427 TRACE("Setting block size to %lu", (unsigned long)blocksize);
429 if (ioctl(fd, NBD_SET_BLKSIZE, blocksize) < 0) {
431 LOG("Failed setting NBD block size");
435 TRACE("Setting size to %zd block(s)", (size_t)(size / blocksize));
437 if (ioctl(fd, NBD_SET_SIZE_BLOCKS, size / blocksize) < 0) {
439 LOG("Failed setting size (in blocks)");
443 if (flags & NBD_FLAG_READ_ONLY) {
445 TRACE("Setting readonly attribute");
447 if (ioctl(fd, BLKROSET, (unsigned long) &read_only) < 0) {
449 LOG("Failed setting read-only attribute");
454 if (ioctl(fd, NBD_SET_FLAGS, flags) < 0
455 && errno != ENOTTY) {
457 LOG("Failed setting flags");
461 TRACE("Negotiation ended");
466 int nbd_disconnect(int fd)
468 ioctl(fd, NBD_CLEAR_QUE);
469 ioctl(fd, NBD_DISCONNECT);
470 ioctl(fd, NBD_CLEAR_SOCK);
474 int nbd_client(int fd)
479 TRACE("Doing NBD loop");
481 ret = ioctl(fd, NBD_DO_IT);
482 if (ret < 0 && errno == EPIPE) {
483 /* NBD_DO_IT normally returns EPIPE when someone has disconnected
484 * the socket via NBD_DISCONNECT. We do not want to return 1 in
491 TRACE("NBD loop returned %d: %s", ret, strerror(serrno));
493 TRACE("Clearing NBD queue");
494 ioctl(fd, NBD_CLEAR_QUE);
496 TRACE("Clearing NBD socket");
497 ioctl(fd, NBD_CLEAR_SOCK);
503 int nbd_init(int fd, int csock, uint32_t flags, off_t size, size_t blocksize)
508 int nbd_disconnect(int fd)
513 int nbd_client(int fd)
519 ssize_t nbd_send_request(int csock, struct nbd_request *request)
521 uint8_t buf[NBD_REQUEST_SIZE];
524 cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC);
525 cpu_to_be32w((uint32_t*)(buf + 4), request->type);
526 cpu_to_be64w((uint64_t*)(buf + 8), request->handle);
527 cpu_to_be64w((uint64_t*)(buf + 16), request->from);
528 cpu_to_be32w((uint32_t*)(buf + 24), request->len);
530 TRACE("Sending request to client: "
531 "{ .from = %" PRIu64", .len = %u, .handle = %" PRIu64", .type=%i}",
532 request->from, request->len, request->handle, request->type);
534 ret = write_sync(csock, buf, sizeof(buf));
539 if (ret != sizeof(buf)) {
540 LOG("writing to socket failed");
546 static ssize_t nbd_receive_request(int csock, struct nbd_request *request)
548 uint8_t buf[NBD_REQUEST_SIZE];
552 ret = read_sync(csock, buf, sizeof(buf));
557 if (ret != sizeof(buf)) {
563 [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
564 [ 4 .. 7] type (0 == READ, 1 == WRITE)
570 magic = be32_to_cpup((uint32_t*)buf);
571 request->type = be32_to_cpup((uint32_t*)(buf + 4));
572 request->handle = be64_to_cpup((uint64_t*)(buf + 8));
573 request->from = be64_to_cpup((uint64_t*)(buf + 16));
574 request->len = be32_to_cpup((uint32_t*)(buf + 24));
576 TRACE("Got request: "
577 "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
578 magic, request->type, request->from, request->len);
580 if (magic != NBD_REQUEST_MAGIC) {
581 LOG("invalid magic (got 0x%x)", magic);
587 ssize_t nbd_receive_reply(int csock, struct nbd_reply *reply)
589 uint8_t buf[NBD_REPLY_SIZE];
593 ret = read_sync(csock, buf, sizeof(buf));
598 if (ret != sizeof(buf)) {
604 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
605 [ 4 .. 7] error (0 == no error)
609 magic = be32_to_cpup((uint32_t*)buf);
610 reply->error = be32_to_cpup((uint32_t*)(buf + 4));
611 reply->handle = be64_to_cpup((uint64_t*)(buf + 8));
614 "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }",
615 magic, reply->error, reply->handle);
617 if (magic != NBD_REPLY_MAGIC) {
618 LOG("invalid magic (got 0x%x)", magic);
624 static ssize_t nbd_send_reply(int csock, struct nbd_reply *reply)
626 uint8_t buf[NBD_REPLY_SIZE];
630 [ 0 .. 3] magic (NBD_REPLY_MAGIC)
631 [ 4 .. 7] error (0 == no error)
634 cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
635 cpu_to_be32w((uint32_t*)(buf + 4), reply->error);
636 cpu_to_be64w((uint64_t*)(buf + 8), reply->handle);
638 TRACE("Sending response to client");
640 ret = write_sync(csock, buf, sizeof(buf));
645 if (ret != sizeof(buf)) {
646 LOG("writing to socket failed");
652 #define MAX_NBD_REQUESTS 16
654 void nbd_client_get(NBDClient *client)
659 void nbd_client_put(NBDClient *client)
661 if (--client->refcount == 0) {
662 /* The last reference should be dropped by client->close,
663 * which is called by nbd_client_close.
665 assert(client->closing);
667 qemu_set_fd_handler2(client->sock, NULL, NULL, NULL, NULL);
670 QTAILQ_REMOVE(&client->exp->clients, client, next);
671 nbd_export_put(client->exp);
676 void nbd_client_close(NBDClient *client)
678 if (client->closing) {
682 client->closing = true;
684 /* Force requests to finish. They will drop their own references,
685 * then we'll close the socket and free the NBDClient.
687 shutdown(client->sock, 2);
689 /* Also tell the client, so that they release their reference. */
691 client->close(client);
695 static NBDRequest *nbd_request_get(NBDClient *client)
698 NBDExport *exp = client->exp;
700 assert(client->nb_requests <= MAX_NBD_REQUESTS - 1);
701 client->nb_requests++;
703 if (QSIMPLEQ_EMPTY(&exp->requests)) {
704 req = g_malloc0(sizeof(NBDRequest));
705 req->data = qemu_blockalign(exp->bs, NBD_BUFFER_SIZE);
707 req = QSIMPLEQ_FIRST(&exp->requests);
708 QSIMPLEQ_REMOVE_HEAD(&exp->requests, entry);
710 nbd_client_get(client);
711 req->client = client;
715 static void nbd_request_put(NBDRequest *req)
717 NBDClient *client = req->client;
718 QSIMPLEQ_INSERT_HEAD(&client->exp->requests, req, entry);
719 if (client->nb_requests-- == MAX_NBD_REQUESTS) {
722 nbd_client_put(client);
725 NBDExport *nbd_export_new(BlockDriverState *bs, off_t dev_offset,
726 off_t size, uint32_t nbdflags)
728 NBDExport *exp = g_malloc0(sizeof(NBDExport));
729 QSIMPLEQ_INIT(&exp->requests);
731 QTAILQ_INIT(&exp->clients);
733 exp->dev_offset = dev_offset;
734 exp->nbdflags = nbdflags;
735 exp->size = size == -1 ? bdrv_getlength(bs) : size;
739 void nbd_export_close(NBDExport *exp)
741 NBDClient *client, *next;
744 QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) {
745 nbd_client_close(client);
750 void nbd_export_get(NBDExport *exp)
752 assert(exp->refcount > 0);
756 void nbd_export_put(NBDExport *exp)
758 assert(exp->refcount > 0);
759 if (exp->refcount == 1) {
760 nbd_export_close(exp);
763 if (--exp->refcount == 0) {
764 while (!QSIMPLEQ_EMPTY(&exp->requests)) {
765 NBDRequest *first = QSIMPLEQ_FIRST(&exp->requests);
766 QSIMPLEQ_REMOVE_HEAD(&exp->requests, entry);
767 qemu_vfree(first->data);
775 static int nbd_can_read(void *opaque);
776 static void nbd_read(void *opaque);
777 static void nbd_restart_write(void *opaque);
779 static ssize_t nbd_co_send_reply(NBDRequest *req, struct nbd_reply *reply,
782 NBDClient *client = req->client;
783 int csock = client->sock;
786 qemu_co_mutex_lock(&client->send_lock);
787 qemu_set_fd_handler2(csock, nbd_can_read, nbd_read,
788 nbd_restart_write, client);
789 client->send_coroutine = qemu_coroutine_self();
792 rc = nbd_send_reply(csock, reply);
794 socket_set_cork(csock, 1);
795 rc = nbd_send_reply(csock, reply);
797 ret = qemu_co_send(csock, req->data, len);
802 socket_set_cork(csock, 0);
805 client->send_coroutine = NULL;
806 qemu_set_fd_handler2(csock, nbd_can_read, nbd_read, NULL, client);
807 qemu_co_mutex_unlock(&client->send_lock);
811 static ssize_t nbd_co_receive_request(NBDRequest *req, struct nbd_request *request)
813 NBDClient *client = req->client;
814 int csock = client->sock;
817 client->recv_coroutine = qemu_coroutine_self();
818 rc = nbd_receive_request(csock, request);
826 if (request->len > NBD_BUFFER_SIZE) {
827 LOG("len (%u) is larger than max len (%u)",
828 request->len, NBD_BUFFER_SIZE);
833 if ((request->from + request->len) < request->from) {
834 LOG("integer overflow detected! "
835 "you're probably being attacked");
840 TRACE("Decoding type");
842 if ((request->type & NBD_CMD_MASK_COMMAND) == NBD_CMD_WRITE) {
843 TRACE("Reading %u byte(s)", request->len);
845 if (qemu_co_recv(csock, req->data, request->len) != request->len) {
846 LOG("reading from socket failed");
854 client->recv_coroutine = NULL;
858 static void nbd_trip(void *opaque)
860 NBDClient *client = opaque;
861 NBDExport *exp = client->exp;
863 struct nbd_request request;
864 struct nbd_reply reply;
867 TRACE("Reading request.");
868 if (client->closing) {
872 req = nbd_request_get(client);
873 ret = nbd_co_receive_request(req, &request);
874 if (ret == -EAGAIN) {
881 reply.handle = request.handle;
889 if ((request.from + request.len) > exp->size) {
890 LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
891 ", Offset: %" PRIu64 "\n",
892 request.from, request.len,
893 (uint64_t)exp->size, (uint64_t)exp->dev_offset);
894 LOG("requested operation past EOF--bad client?");
895 goto invalid_request;
898 switch (request.type & NBD_CMD_MASK_COMMAND) {
900 TRACE("Request type is READ");
902 if (request.type & NBD_CMD_FLAG_FUA) {
903 ret = bdrv_co_flush(exp->bs);
911 ret = bdrv_read(exp->bs, (request.from + exp->dev_offset) / 512,
912 req->data, request.len / 512);
914 LOG("reading from file failed");
919 TRACE("Read %u byte(s)", request.len);
920 if (nbd_co_send_reply(req, &reply, request.len) < 0)
924 TRACE("Request type is WRITE");
926 if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
927 TRACE("Server is read-only, return error");
932 TRACE("Writing to device");
934 ret = bdrv_write(exp->bs, (request.from + exp->dev_offset) / 512,
935 req->data, request.len / 512);
937 LOG("writing to file failed");
942 if (request.type & NBD_CMD_FLAG_FUA) {
943 ret = bdrv_co_flush(exp->bs);
951 if (nbd_co_send_reply(req, &reply, 0) < 0) {
956 TRACE("Request type is DISCONNECT");
960 TRACE("Request type is FLUSH");
962 ret = bdrv_co_flush(exp->bs);
967 if (nbd_co_send_reply(req, &reply, 0) < 0) {
972 TRACE("Request type is TRIM");
973 ret = bdrv_co_discard(exp->bs, (request.from + exp->dev_offset) / 512,
976 LOG("discard failed");
979 if (nbd_co_send_reply(req, &reply, 0) < 0) {
984 LOG("invalid request type (%u) received", request.type);
986 reply.error = -EINVAL;
988 if (nbd_co_send_reply(req, &reply, 0) < 0) {
994 TRACE("Request/Reply complete");
997 nbd_request_put(req);
1001 nbd_request_put(req);
1002 nbd_client_close(client);
1005 static int nbd_can_read(void *opaque)
1007 NBDClient *client = opaque;
1009 return client->recv_coroutine || client->nb_requests < MAX_NBD_REQUESTS;
1012 static void nbd_read(void *opaque)
1014 NBDClient *client = opaque;
1016 if (client->recv_coroutine) {
1017 qemu_coroutine_enter(client->recv_coroutine, NULL);
1019 qemu_coroutine_enter(qemu_coroutine_create(nbd_trip), client);
1023 static void nbd_restart_write(void *opaque)
1025 NBDClient *client = opaque;
1027 qemu_coroutine_enter(client->send_coroutine, NULL);
1030 NBDClient *nbd_client_new(NBDExport *exp, int csock,
1031 void (*close)(NBDClient *))
1034 client = g_malloc0(sizeof(NBDClient));
1035 client->refcount = 1;
1037 client->sock = csock;
1038 if (nbd_send_negotiate(client) < 0) {
1042 client->close = close;
1043 qemu_co_mutex_init(&client->send_lock);
1044 qemu_set_fd_handler2(csock, nbd_can_read, nbd_read, NULL, client);
1046 QTAILQ_INSERT_TAIL(&exp->clients, client, next);
1047 nbd_export_get(exp);
projects / sdk / emulator / qemu.git / blob