qemu/blockdev-nbd.c
<<
>>
Prefs
   1/*
   2 * Serving QEMU block devices via NBD
   3 *
   4 * Copyright (c) 2012 Red Hat, Inc.
   5 *
   6 * Author: Paolo Bonzini <pbonzini@redhat.com>
   7 *
   8 * This work is licensed under the terms of the GNU GPL, version 2 or
   9 * later.  See the COPYING file in the top-level directory.
  10 */
  11
  12#include "qemu/osdep.h"
  13#include "sysemu/blockdev.h"
  14#include "sysemu/block-backend.h"
  15#include "hw/block/block.h"
  16#include "qapi/error.h"
  17#include "qapi/qapi-commands-block.h"
  18#include "block/nbd.h"
  19#include "io/channel-socket.h"
  20#include "io/net-listener.h"
  21
  22typedef struct NBDServerData {
  23    QIONetListener *listener;
  24    QCryptoTLSCreds *tlscreds;
  25    char *tlsauthz;
  26} NBDServerData;
  27
  28static NBDServerData *nbd_server;
  29
  30static void nbd_blockdev_client_closed(NBDClient *client, bool ignored)
  31{
  32    nbd_client_put(client);
  33}
  34
  35static void nbd_accept(QIONetListener *listener, QIOChannelSocket *cioc,
  36                       gpointer opaque)
  37{
  38    qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server");
  39    nbd_client_new(cioc, nbd_server->tlscreds, nbd_server->tlsauthz,
  40                   nbd_blockdev_client_closed);
  41}
  42
  43
  44static void nbd_server_free(NBDServerData *server)
  45{
  46    if (!server) {
  47        return;
  48    }
  49
  50    qio_net_listener_disconnect(server->listener);
  51    object_unref(OBJECT(server->listener));
  52    if (server->tlscreds) {
  53        object_unref(OBJECT(server->tlscreds));
  54    }
  55    g_free(server->tlsauthz);
  56
  57    g_free(server);
  58}
  59
  60static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp)
  61{
  62    Object *obj;
  63    QCryptoTLSCreds *creds;
  64
  65    obj = object_resolve_path_component(
  66        object_get_objects_root(), id);
  67    if (!obj) {
  68        error_setg(errp, "No TLS credentials with id '%s'",
  69                   id);
  70        return NULL;
  71    }
  72    creds = (QCryptoTLSCreds *)
  73        object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS);
  74    if (!creds) {
  75        error_setg(errp, "Object with id '%s' is not TLS credentials",
  76                   id);
  77        return NULL;
  78    }
  79
  80    if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
  81        error_setg(errp,
  82                   "Expecting TLS credentials with a server endpoint");
  83        return NULL;
  84    }
  85    object_ref(obj);
  86    return creds;
  87}
  88
  89
  90void nbd_server_start(SocketAddress *addr, const char *tls_creds,
  91                      const char *tls_authz, Error **errp)
  92{
  93    if (nbd_server) {
  94        error_setg(errp, "NBD server already running");
  95        return;
  96    }
  97
  98    nbd_server = g_new0(NBDServerData, 1);
  99    nbd_server->listener = qio_net_listener_new();
 100
 101    qio_net_listener_set_name(nbd_server->listener,
 102                              "nbd-listener");
 103
 104    if (qio_net_listener_open_sync(nbd_server->listener, addr, 1, errp) < 0) {
 105        goto error;
 106    }
 107
 108    if (tls_creds) {
 109        nbd_server->tlscreds = nbd_get_tls_creds(tls_creds, errp);
 110        if (!nbd_server->tlscreds) {
 111            goto error;
 112        }
 113
 114        /* TODO SOCKET_ADDRESS_TYPE_FD where fd has AF_INET or AF_INET6 */
 115        if (addr->type != SOCKET_ADDRESS_TYPE_INET) {
 116            error_setg(errp, "TLS is only supported with IPv4/IPv6");
 117            goto error;
 118        }
 119    }
 120
 121    nbd_server->tlsauthz = g_strdup(tls_authz);
 122
 123    qio_net_listener_set_client_func(nbd_server->listener,
 124                                     nbd_accept,
 125                                     NULL,
 126                                     NULL);
 127
 128    return;
 129
 130 error:
 131    nbd_server_free(nbd_server);
 132    nbd_server = NULL;
 133}
 134
 135void nbd_server_start_options(NbdServerOptions *arg, Error **errp)
 136{
 137    nbd_server_start(arg->addr, arg->tls_creds, arg->tls_authz, errp);
 138}
 139
 140void qmp_nbd_server_start(SocketAddressLegacy *addr,
 141                          bool has_tls_creds, const char *tls_creds,
 142                          bool has_tls_authz, const char *tls_authz,
 143                          Error **errp)
 144{
 145    SocketAddress *addr_flat = socket_address_flatten(addr);
 146
 147    nbd_server_start(addr_flat, tls_creds, tls_authz, errp);
 148    qapi_free_SocketAddress(addr_flat);
 149}
 150
 151void qmp_nbd_server_add(BlockExportNbd *arg, Error **errp)
 152{
 153    BlockDriverState *bs = NULL;
 154    BlockBackend *on_eject_blk;
 155    NBDExport *exp;
 156    int64_t len;
 157    AioContext *aio_context;
 158
 159    if (!nbd_server) {
 160        error_setg(errp, "NBD server not running");
 161        return;
 162    }
 163
 164    if (!arg->has_name) {
 165        arg->name = arg->device;
 166    }
 167
 168    if (strlen(arg->name) > NBD_MAX_STRING_SIZE) {
 169        error_setg(errp, "export name '%s' too long", arg->name);
 170        return;
 171    }
 172
 173    if (arg->description && strlen(arg->description) > NBD_MAX_STRING_SIZE) {
 174        error_setg(errp, "description '%s' too long", arg->description);
 175        return;
 176    }
 177
 178    if (nbd_export_find(arg->name)) {
 179        error_setg(errp, "NBD server already has export named '%s'", arg->name);
 180        return;
 181    }
 182
 183    on_eject_blk = blk_by_name(arg->device);
 184
 185    bs = bdrv_lookup_bs(arg->device, arg->device, errp);
 186    if (!bs) {
 187        return;
 188    }
 189
 190    aio_context = bdrv_get_aio_context(bs);
 191    aio_context_acquire(aio_context);
 192    len = bdrv_getlength(bs);
 193    if (len < 0) {
 194        error_setg_errno(errp, -len,
 195                         "Failed to determine the NBD export's length");
 196        goto out;
 197    }
 198
 199    if (!arg->has_writable) {
 200        arg->writable = false;
 201    }
 202    if (bdrv_is_read_only(bs)) {
 203        arg->writable = false;
 204    }
 205
 206    exp = nbd_export_new(bs, 0, len, arg->name, arg->description, arg->bitmap,
 207                         !arg->writable, !arg->writable,
 208                         NULL, false, on_eject_blk, errp);
 209    if (!exp) {
 210        goto out;
 211    }
 212
 213    /* The list of named exports has a strong reference to this export now and
 214     * our only way of accessing it is through nbd_export_find(), so we can drop
 215     * the strong reference that is @exp. */
 216    nbd_export_put(exp);
 217
 218 out:
 219    aio_context_release(aio_context);
 220}
 221
 222void qmp_nbd_server_remove(const char *name,
 223                           bool has_mode, NbdServerRemoveMode mode,
 224                           Error **errp)
 225{
 226    NBDExport *exp;
 227    AioContext *aio_context;
 228
 229    if (!nbd_server) {
 230        error_setg(errp, "NBD server not running");
 231        return;
 232    }
 233
 234    exp = nbd_export_find(name);
 235    if (exp == NULL) {
 236        error_setg(errp, "Export '%s' is not found", name);
 237        return;
 238    }
 239
 240    if (!has_mode) {
 241        mode = NBD_SERVER_REMOVE_MODE_SAFE;
 242    }
 243
 244    aio_context = nbd_export_aio_context(exp);
 245    aio_context_acquire(aio_context);
 246    nbd_export_remove(exp, mode, errp);
 247    aio_context_release(aio_context);
 248}
 249
 250void qmp_nbd_server_stop(Error **errp)
 251{
 252    if (!nbd_server) {
 253        error_setg(errp, "NBD server not running");
 254        return;
 255    }
 256
 257    nbd_export_close_all();
 258
 259    nbd_server_free(nbd_server);
 260    nbd_server = NULL;
 261}
 262