xref: /qemu/blockdev-nbd.c (revision 6402cbbb) 
1 /*
2  * Serving QEMU block devices via NBD
3  *
4  * Copyright (c) 2012 Red Hat, Inc.
5  *
6  * Author: Paolo Bonzini <pbonzini@redhat.com>
7  *
8  * This work is licensed under the terms of the GNU GPL, version 2 or
9  * later.  See the COPYING file in the top-level directory.
10  */
11 
12 #include "qemu/osdep.h"
13 #include "sysemu/blockdev.h"
14 #include "sysemu/block-backend.h"
15 #include "hw/block/block.h"
16 #include "qapi/qmp/qerror.h"
17 #include "sysemu/sysemu.h"
18 #include "qmp-commands.h"
19 #include "block/nbd.h"
20 #include "io/channel-socket.h"
21 
22 typedef struct NBDServerData {
23     QIOChannelSocket *listen_ioc;
24     int watch;
25     QCryptoTLSCreds *tlscreds;
26 } NBDServerData;
27 
28 static NBDServerData *nbd_server;
29 
30 static void nbd_blockdev_client_closed(NBDClient *client, bool ignored)
31 {
32     nbd_client_put(client);
33 }
34 
35 static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition,
36                            gpointer opaque)
37 {
38     QIOChannelSocket *cioc;
39 
40     if (!nbd_server) {
41         return FALSE;
42     }
43 
44     cioc = qio_channel_socket_accept(QIO_CHANNEL_SOCKET(ioc),
45                                      NULL);
46     if (!cioc) {
47         return TRUE;
48     }
49 
50     qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server");
51     nbd_client_new(NULL, cioc,
52                    nbd_server->tlscreds, NULL,
53                    nbd_blockdev_client_closed);
54     object_unref(OBJECT(cioc));
55     return TRUE;
56 }
57 
58 
59 static void nbd_server_free(NBDServerData *server)
60 {
61     if (!server) {
62         return;
63     }
64 
65     if (server->watch != -1) {
66         g_source_remove(server->watch);
67     }
68     object_unref(OBJECT(server->listen_ioc));
69     if (server->tlscreds) {
70         object_unref(OBJECT(server->tlscreds));
71     }
72 
73     g_free(server);
74 }
75 
76 static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp)
77 {
78     Object *obj;
79     QCryptoTLSCreds *creds;
80 
81     obj = object_resolve_path_component(
82         object_get_objects_root(), id);
83     if (!obj) {
84         error_setg(errp, "No TLS credentials with id '%s'",
85                    id);
86         return NULL;
87     }
88     creds = (QCryptoTLSCreds *)
89         object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS);
90     if (!creds) {
91         error_setg(errp, "Object with id '%s' is not TLS credentials",
92                    id);
93         return NULL;
94     }
95 
96     if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
97         error_setg(errp,
98                    "Expecting TLS credentials with a server endpoint");
99         return NULL;
100     }
101     object_ref(obj);
102     return creds;
103 }
104 
105 
106 void nbd_server_start(SocketAddress *addr, const char *tls_creds,
107                       Error **errp)
108 {
109     if (nbd_server) {
110         error_setg(errp, "NBD server already running");
111         return;
112     }
113 
114     nbd_server = g_new0(NBDServerData, 1);
115     nbd_server->watch = -1;
116     nbd_server->listen_ioc = qio_channel_socket_new();
117     qio_channel_set_name(QIO_CHANNEL(nbd_server->listen_ioc),
118                          "nbd-listener");
119     if (qio_channel_socket_listen_sync(
120             nbd_server->listen_ioc, addr, errp) < 0) {
121         goto error;
122     }
123 
124     if (tls_creds) {
125         nbd_server->tlscreds = nbd_get_tls_creds(tls_creds, errp);
126         if (!nbd_server->tlscreds) {
127             goto error;
128         }
129 
130         /* TODO SOCKET_ADDRESS_TYPE_FD where fd has AF_INET or AF_INET6 */
131         if (addr->type != SOCKET_ADDRESS_TYPE_INET) {
132             error_setg(errp, "TLS is only supported with IPv4/IPv6");
133             goto error;
134         }
135     }
136 
137     nbd_server->watch = qio_channel_add_watch(
138         QIO_CHANNEL(nbd_server->listen_ioc),
139         G_IO_IN,
140         nbd_accept,
141         NULL,
142         NULL);
143 
144     return;
145 
146  error:
147     nbd_server_free(nbd_server);
148     nbd_server = NULL;
149 }
150 
151 void qmp_nbd_server_start(SocketAddressLegacy *addr,
152                           bool has_tls_creds, const char *tls_creds,
153                           Error **errp)
154 {
155     SocketAddress *addr_flat = socket_address_flatten(addr);
156 
157     nbd_server_start(addr_flat, tls_creds, errp);
158     qapi_free_SocketAddress(addr_flat);
159 }
160 
161 void qmp_nbd_server_add(const char *device, bool has_writable, bool writable,
162                         Error **errp)
163 {
164     BlockDriverState *bs = NULL;
165     BlockBackend *on_eject_blk;
166     NBDExport *exp;
167 
168     if (!nbd_server) {
169         error_setg(errp, "NBD server not running");
170         return;
171     }
172 
173     if (nbd_export_find(device)) {
174         error_setg(errp, "NBD server already exporting device '%s'", device);
175         return;
176     }
177 
178     on_eject_blk = blk_by_name(device);
179 
180     bs = bdrv_lookup_bs(device, device, errp);
181     if (!bs) {
182         return;
183     }
184 
185     if (!has_writable) {
186         writable = false;
187     }
188     if (bdrv_is_read_only(bs)) {
189         writable = false;
190     }
191 
192     exp = nbd_export_new(bs, 0, -1, writable ? 0 : NBD_FLAG_READ_ONLY,
193                          NULL, false, on_eject_blk, errp);
194     if (!exp) {
195         return;
196     }
197 
198     nbd_export_set_name(exp, device);
199 
200     /* The list of named exports has a strong reference to this export now and
201      * our only way of accessing it is through nbd_export_find(), so we can drop
202      * the strong reference that is @exp. */
203     nbd_export_put(exp);
204 }
205 
206 void qmp_nbd_server_stop(Error **errp)
207 {
208     nbd_export_close_all();
209 
210     nbd_server_free(nbd_server);
211     nbd_server = NULL;
212 }
213