1
2
3
4
5
6
7
8
9
10
11
12#include "qemu/osdep.h"
13#include "sysemu/blockdev.h"
14#include "sysemu/block-backend.h"
15#include "hw/block/block.h"
16#include "qapi/error.h"
17#include "qapi/qapi-commands-block.h"
18#include "block/nbd.h"
19#include "io/channel-socket.h"
20#include "io/net-listener.h"
21
22typedef struct NBDServerData {
23 QIONetListener *listener;
24 QCryptoTLSCreds *tlscreds;
25 char *tlsauthz;
26} NBDServerData;
27
28static NBDServerData *nbd_server;
29
30static void nbd_blockdev_client_closed(NBDClient *client, bool ignored)
31{
32 nbd_client_put(client);
33}
34
35static void nbd_accept(QIONetListener *listener, QIOChannelSocket *cioc,
36 gpointer opaque)
37{
38 qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server");
39 nbd_client_new(cioc, nbd_server->tlscreds, nbd_server->tlsauthz,
40 nbd_blockdev_client_closed);
41}
42
43
44static void nbd_server_free(NBDServerData *server)
45{
46 if (!server) {
47 return;
48 }
49
50 qio_net_listener_disconnect(server->listener);
51 object_unref(OBJECT(server->listener));
52 if (server->tlscreds) {
53 object_unref(OBJECT(server->tlscreds));
54 }
55 g_free(server->tlsauthz);
56
57 g_free(server);
58}
59
60static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp)
61{
62 Object *obj;
63 QCryptoTLSCreds *creds;
64
65 obj = object_resolve_path_component(
66 object_get_objects_root(), id);
67 if (!obj) {
68 error_setg(errp, "No TLS credentials with id '%s'",
69 id);
70 return NULL;
71 }
72 creds = (QCryptoTLSCreds *)
73 object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS);
74 if (!creds) {
75 error_setg(errp, "Object with id '%s' is not TLS credentials",
76 id);
77 return NULL;
78 }
79
80 if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
81 error_setg(errp,
82 "Expecting TLS credentials with a server endpoint");
83 return NULL;
84 }
85 object_ref(obj);
86 return creds;
87}
88
89
90void nbd_server_start(SocketAddress *addr, const char *tls_creds,
91 const char *tls_authz, Error **errp)
92{
93 if (nbd_server) {
94 error_setg(errp, "NBD server already running");
95 return;
96 }
97
98 nbd_server = g_new0(NBDServerData, 1);
99 nbd_server->listener = qio_net_listener_new();
100
101 qio_net_listener_set_name(nbd_server->listener,
102 "nbd-listener");
103
104 if (qio_net_listener_open_sync(nbd_server->listener, addr, 1, errp) < 0) {
105 goto error;
106 }
107
108 if (tls_creds) {
109 nbd_server->tlscreds = nbd_get_tls_creds(tls_creds, errp);
110 if (!nbd_server->tlscreds) {
111 goto error;
112 }
113
114
115 if (addr->type != SOCKET_ADDRESS_TYPE_INET) {
116 error_setg(errp, "TLS is only supported with IPv4/IPv6");
117 goto error;
118 }
119 }
120
121 nbd_server->tlsauthz = g_strdup(tls_authz);
122
123 qio_net_listener_set_client_func(nbd_server->listener,
124 nbd_accept,
125 NULL,
126 NULL);
127
128 return;
129
130 error:
131 nbd_server_free(nbd_server);
132 nbd_server = NULL;
133}
134
135void nbd_server_start_options(NbdServerOptions *arg, Error **errp)
136{
137 nbd_server_start(arg->addr, arg->tls_creds, arg->tls_authz, errp);
138}
139
140void qmp_nbd_server_start(SocketAddressLegacy *addr,
141 bool has_tls_creds, const char *tls_creds,
142 bool has_tls_authz, const char *tls_authz,
143 Error **errp)
144{
145 SocketAddress *addr_flat = socket_address_flatten(addr);
146
147 nbd_server_start(addr_flat, tls_creds, tls_authz, errp);
148 qapi_free_SocketAddress(addr_flat);
149}
150
151void qmp_nbd_server_add(BlockExportNbd *arg, Error **errp)
152{
153 BlockDriverState *bs = NULL;
154 BlockBackend *on_eject_blk;
155 NBDExport *exp;
156 int64_t len;
157 AioContext *aio_context;
158
159 if (!nbd_server) {
160 error_setg(errp, "NBD server not running");
161 return;
162 }
163
164 if (!arg->has_name) {
165 arg->name = arg->device;
166 }
167
168 if (strlen(arg->name) > NBD_MAX_STRING_SIZE) {
169 error_setg(errp, "export name '%s' too long", arg->name);
170 return;
171 }
172
173 if (arg->description && strlen(arg->description) > NBD_MAX_STRING_SIZE) {
174 error_setg(errp, "description '%s' too long", arg->description);
175 return;
176 }
177
178 if (nbd_export_find(arg->name)) {
179 error_setg(errp, "NBD server already has export named '%s'", arg->name);
180 return;
181 }
182
183 on_eject_blk = blk_by_name(arg->device);
184
185 bs = bdrv_lookup_bs(arg->device, arg->device, errp);
186 if (!bs) {
187 return;
188 }
189
190 aio_context = bdrv_get_aio_context(bs);
191 aio_context_acquire(aio_context);
192 len = bdrv_getlength(bs);
193 if (len < 0) {
194 error_setg_errno(errp, -len,
195 "Failed to determine the NBD export's length");
196 goto out;
197 }
198
199 if (!arg->has_writable) {
200 arg->writable = false;
201 }
202 if (bdrv_is_read_only(bs)) {
203 arg->writable = false;
204 }
205
206 exp = nbd_export_new(bs, 0, len, arg->name, arg->description, arg->bitmap,
207 !arg->writable, !arg->writable,
208 NULL, false, on_eject_blk, errp);
209 if (!exp) {
210 goto out;
211 }
212
213
214
215
216 nbd_export_put(exp);
217
218 out:
219 aio_context_release(aio_context);
220}
221
222void qmp_nbd_server_remove(const char *name,
223 bool has_mode, NbdServerRemoveMode mode,
224 Error **errp)
225{
226 NBDExport *exp;
227 AioContext *aio_context;
228
229 if (!nbd_server) {
230 error_setg(errp, "NBD server not running");
231 return;
232 }
233
234 exp = nbd_export_find(name);
235 if (exp == NULL) {
236 error_setg(errp, "Export '%s' is not found", name);
237 return;
238 }
239
240 if (!has_mode) {
241 mode = NBD_SERVER_REMOVE_MODE_SAFE;
242 }
243
244 aio_context = nbd_export_aio_context(exp);
245 aio_context_acquire(aio_context);
246 nbd_export_remove(exp, mode, errp);
247 aio_context_release(aio_context);
248}
249
250void qmp_nbd_server_stop(Error **errp)
251{
252 if (!nbd_server) {
253 error_setg(errp, "NBD server not running");
254 return;
255 }
256
257 nbd_export_close_all();
258
259 nbd_server_free(nbd_server);
260 nbd_server = NULL;
261}
262
