Revision 75818250 nbd.c

b/nbd.c
1
/*\
1
/*
2 2
 *  Copyright (C) 2005  Anthony Liguori <anthony@codemonkey.ws>
3 3
 *
4 4
 *  Network Block Device
......
15 15
 *  You should have received a copy of the GNU General Public License
16 16
 *  along with this program; if not, write to the Free Software
17 17
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
18
\*/
18
 */
19 19

  
20 20
#include "nbd.h"
21 21

  
......
31 31
#include <arpa/inet.h>
32 32
#include <netdb.h>
33 33

  
34
#if defined(QEMU_NBD)
34 35
extern int verbose;
36
#else
37
static int verbose = 0;
38
#endif
39

  
40
#define TRACE(msg, ...) do { \
41
    if (verbose) LOG(msg, ## __VA_ARGS__); \
42
} while(0)
35 43

  
36 44
#define LOG(msg, ...) do { \
37 45
    fprintf(stderr, "%s:%s():L%d: " msg "\n", \
38 46
            __FILE__, __FUNCTION__, __LINE__, ## __VA_ARGS__); \
39 47
} while(0)
40 48

  
41
#define TRACE(msg, ...) do { \
42
    if (verbose) LOG(msg, ## __VA_ARGS__); \
43
} while(0)
44

  
45 49
/* This is all part of the "official" NBD API */
46 50

  
47 51
#define NBD_REQUEST_MAGIC       0x25609513
......
59 63

  
60 64
/* That's all folks */
61 65

  
62
#define read_sync(fd, buffer, size) wr_sync(fd, buffer, size, true)
63
#define write_sync(fd, buffer, size) wr_sync(fd, buffer, size, false)
66
#define read_sync(fd, buffer, size) nbd_wr_sync(fd, buffer, size, true)
67
#define write_sync(fd, buffer, size) nbd_wr_sync(fd, buffer, size, false)
64 68

  
65
static size_t wr_sync(int fd, void *buffer, size_t size, bool do_read)
69
size_t nbd_wr_sync(int fd, void *buffer, size_t size, bool do_read)
66 70
{
67 71
    size_t offset = 0;
68 72

  
......
76 80
        }
77 81

  
78 82
        /* recoverable error */
79
        if (len == -1 && errno == EAGAIN) {
83
        if (len == -1 && (errno == EAGAIN || errno == EINTR)) {
80 84
            continue;
81 85
        }
82 86

  
......
96 100
    return offset;
97 101
}
98 102

  
99
static int tcp_socket_outgoing(const char *address, uint16_t port)
103
int tcp_socket_outgoing(const char *address, uint16_t port)
100 104
{
101 105
    int s;
102 106
    struct in_addr in;
......
404 408
	return ret;
405 409
}
406 410

  
407
int nbd_trip(BlockDriverState *bs, int csock, off_t size, uint64_t dev_offset,
408
             off_t *offset, bool readonly, uint8_t *data, int data_size)
411
int nbd_send_request(int csock, struct nbd_request *request)
409 412
{
410 413
	uint8_t buf[4 + 4 + 8 + 8 + 4];
411
	uint32_t magic;
412
	uint32_t type;
413
	uint64_t from;
414
	uint32_t len;
415 414

  
416
	TRACE("Reading request.");
415
	cpu_to_be32w((uint32_t*)buf, NBD_REQUEST_MAGIC);
416
	cpu_to_be32w((uint32_t*)(buf + 4), request->type);
417
	cpu_to_be64w((uint64_t*)(buf + 8), request->handle);
418
	cpu_to_be64w((uint64_t*)(buf + 16), request->from);
419
	cpu_to_be32w((uint32_t*)(buf + 24), request->len);
420

  
421
	TRACE("Sending request to client");
422

  
423
	if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
424
		LOG("writing to socket failed");
425
		errno = EINVAL;
426
		return -1;
427
	}
428
	return 0;
429
}
430

  
431

  
432
static int nbd_receive_request(int csock, struct nbd_request *request)
433
{
434
	uint8_t buf[4 + 4 + 8 + 8 + 4];
435
	uint32_t magic;
417 436

  
418 437
	if (read_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
419 438
		LOG("read failed");
......
422 441
	}
423 442

  
424 443
	/* Request
425
	  [ 0 ..  3]   magic   (NBD_REQUEST_MAGIC)
426
	  [ 4 ..  7]   type    (0 == READ, 1 == WRITE)
427
	  [ 8 .. 15]   handle
428
	  [16 .. 23]   from
429
	  [24 .. 27]   len
444
	   [ 0 ..  3]   magic   (NBD_REQUEST_MAGIC)
445
	   [ 4 ..  7]   type    (0 == READ, 1 == WRITE)
446
	   [ 8 .. 15]   handle
447
	   [16 .. 23]   from
448
	   [24 .. 27]   len
430 449
	 */
431 450

  
432 451
	magic = be32_to_cpup((uint32_t*)buf);
433
	type  = be32_to_cpup((uint32_t*)(buf + 4));
434
	from  = be64_to_cpup((uint64_t*)(buf + 16));
435
	len   = be32_to_cpup((uint32_t*)(buf + 24));
452
	request->type  = be32_to_cpup((uint32_t*)(buf + 4));
453
	request->handle = be64_to_cpup((uint64_t*)(buf + 8));
454
	request->from  = be64_to_cpup((uint64_t*)(buf + 16));
455
	request->len   = be32_to_cpup((uint32_t*)(buf + 24));
436 456

  
437 457
	TRACE("Got request: "
438 458
	      "{ magic = 0x%x, .type = %d, from = %" PRIu64" , len = %u }",
439
	      magic, type, from, len);
440

  
459
	      magic, request->type, request->from, request->len);
441 460

  
442 461
	if (magic != NBD_REQUEST_MAGIC) {
443 462
		LOG("invalid magic (got 0x%x)", magic);
444 463
		errno = EINVAL;
445 464
		return -1;
446 465
	}
466
}
467

  
468
int nbd_receive_reply(int csock, struct nbd_reply *reply)
469
{
470
	uint8_t buf[4 + 4 + 8];
471
	uint32_t magic;
472

  
473
	memset(buf, 0xAA, sizeof(buf));
474

  
475
	if (read_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
476
		LOG("read failed");
477
		errno = EINVAL;
478
		return -1;
479
	}
480

  
481
	/* Reply
482
	   [ 0 ..  3]    magic   (NBD_REPLY_MAGIC)
483
	   [ 4 ..  7]    error   (0 == no error)
484
	   [ 7 .. 15]    handle
485
	 */
486

  
487
	magic = be32_to_cpup((uint32_t*)buf);
488
	reply->error  = be32_to_cpup((uint32_t*)(buf + 4));
489
	reply->handle = be64_to_cpup((uint64_t*)(buf + 8));
490

  
491
	TRACE("Got reply: "
492
	      "{ magic = 0x%x, .error = %d, handle = %" PRIu64" }",
493
	      magic, reply->error, reply->handle);
494

  
495
	if (magic != NBD_REPLY_MAGIC) {
496
		LOG("invalid magic (got 0x%x)", magic);
497
		errno = EINVAL;
498
		return -1;
499
	}
500
	return 0;
501
}
502

  
503
static int nbd_send_reply(int csock, struct nbd_reply *reply)
504
{
505
	uint8_t buf[4 + 4 + 8];
506

  
507
	/* Reply
508
	   [ 0 ..  3]    magic   (NBD_REPLY_MAGIC)
509
	   [ 4 ..  7]    error   (0 == no error)
510
	   [ 7 .. 15]    handle
511
	 */
512
	cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
513
	cpu_to_be32w((uint32_t*)(buf + 4), reply->error);
514
	cpu_to_be64w((uint64_t*)(buf + 8), reply->handle);
515

  
516
	TRACE("Sending response to client");
517

  
518
	if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {
519
		LOG("writing to socket failed");
520
		errno = EINVAL;
521
		return -1;
522
	}
523
	return 0;
524
}
447 525

  
448
	if (len > data_size) {
526
int nbd_trip(BlockDriverState *bs, int csock, off_t size, uint64_t dev_offset,
527
             off_t *offset, bool readonly, uint8_t *data, int data_size)
528
{
529
	struct nbd_request request;
530
	struct nbd_reply reply;
531

  
532
	TRACE("Reading request.");
533

  
534
	if (nbd_receive_request(csock, &request) == -1)
535
		return -1;
536

  
537
	if (request.len > data_size) {
449 538
		LOG("len (%u) is larger than max len (%u)",
450
		    len, data_size);
539
		    request.len, data_size);
451 540
		errno = EINVAL;
452 541
		return -1;
453 542
	}
454 543

  
455
	if ((from + len) < from) {
544
	if ((request.from + request.len) < request.from) {
456 545
		LOG("integer overflow detected! "
457 546
		    "you're probably being attacked");
458 547
		errno = EINVAL;
459 548
		return -1;
460 549
	}
461 550

  
462
	if ((from + len) > size) {
551
	if ((request.from + request.len) > size) {
463 552
	        LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64
464 553
		    ", Offset: %" PRIu64 "\n",
465
		     from, len, size, dev_offset);
554
		     request.from, request.len, size, dev_offset);
466 555
		LOG("requested operation past EOF--bad client?");
467 556
		errno = EINVAL;
468 557
		return -1;
469 558
	}
470 559

  
471
	/* Reply
472
	 [ 0 ..  3]    magic   (NBD_REPLY_MAGIC)
473
	 [ 4 ..  7]    error   (0 == no error)
474
         [ 7 .. 15]    handle
475
	 */
476
	cpu_to_be32w((uint32_t*)buf, NBD_REPLY_MAGIC);
477
	cpu_to_be32w((uint32_t*)(buf + 4), 0);
478

  
479 560
	TRACE("Decoding type");
480 561

  
481
	switch (type) {
482
	case 0:
562
	reply.handle = request.handle;
563
	reply.error = 0;
564

  
565
	switch (request.type) {
566
	case NBD_CMD_READ:
483 567
		TRACE("Request type is READ");
484 568

  
485
		if (bdrv_read(bs, (from + dev_offset) / 512, data, len / 512) == -1) {
569
		if (bdrv_read(bs, (request.from + dev_offset) / 512, data,
570
			      request.len / 512) == -1) {
486 571
			LOG("reading from file failed");
487 572
			errno = EINVAL;
488 573
			return -1;
489 574
		}
490
		*offset += len;
491

  
492
		TRACE("Read %u byte(s)", len);
575
		*offset += request.len;
493 576

  
494
		TRACE("Sending OK response");
577
		TRACE("Read %u byte(s)", request.len);
495 578

  
496
		if (write_sync(csock, buf, 16) != 16) {
497
			LOG("writing to socket failed");
498
			errno = EINVAL;
579
		if (nbd_send_reply(csock, &reply) == -1)
499 580
			return -1;
500
		}
501 581

  
502 582
		TRACE("Sending data to client");
503 583

  
504
		if (write_sync(csock, data, len) != len) {
584
		if (write_sync(csock, data, request.len) != request.len) {
505 585
			LOG("writing to socket failed");
506 586
			errno = EINVAL;
507 587
			return -1;
508 588
		}
509 589
		break;
510
	case 1:
590
	case NBD_CMD_WRITE:
511 591
		TRACE("Request type is WRITE");
512 592

  
513
		TRACE("Reading %u byte(s)", len);
593
		TRACE("Reading %u byte(s)", request.len);
514 594

  
515
		if (read_sync(csock, data, len) != len) {
595
		if (read_sync(csock, data, request.len) != request.len) {
516 596
			LOG("reading from socket failed");
517 597
			errno = EINVAL;
518 598
			return -1;
......
520 600

  
521 601
		if (readonly) {
522 602
			TRACE("Server is read-only, return error");
523

  
524
			cpu_to_be32w((uint32_t*)(buf + 4), 1);
603
			reply.error = 1;
525 604
		} else {
526 605
			TRACE("Writing to device");
527 606

  
528
			if (bdrv_write(bs, (from + dev_offset) / 512, data, len / 512) == -1) {
607
			if (bdrv_write(bs, (request.from + dev_offset) / 512,
608
				       data, request.len / 512) == -1) {
529 609
				LOG("writing to file failed");
530 610
				errno = EINVAL;
531 611
				return -1;
532 612
			}
533 613

  
534
			*offset += len;
614
			*offset += request.len;
535 615
		}
536 616

  
537
		TRACE("Sending response to client");
538

  
539
		if (write_sync(csock, buf, 16) != 16) {
540
			LOG("writing to socket failed");
541
			errno = EINVAL;
617
		if (nbd_send_reply(csock, &reply) == -1)
542 618
			return -1;
543
		}
544 619
		break;
545
	case 2:
620
	case NBD_CMD_DISC:
546 621
		TRACE("Request type is DISCONNECT");
547 622
		errno = 0;
548 623
		return 1;
549 624
	default:
550
		LOG("invalid request type (%u) received", type);
625
		LOG("invalid request type (%u) received", request.type);
551 626
		errno = EINVAL;
552 627
		return -1;
553 628
	}

Also available in: Unified diff