summaryrefslogtreecommitdiff
path: root/qemu-nbd.texi
AgeCommit message (Collapse)Author
2019-03-06qemu-nbd: add support for authorization of TLS clientsDaniel P. Berrange
Currently any client which can complete the TLS handshake is able to use the NBD server. The server admin can turn on the 'verify-peer' option for the x509 creds to require the client to provide a x509 certificate. This means the client will have to acquire a certificate from the CA before they are permitted to use the NBD server. This is still a fairly low bar to cross. This adds a '--tls-authz OBJECT-ID' option to the qemu-nbd command which takes the ID of a previously added 'QAuthZ' object instance. This will be used to validate the client's x509 distinguished name. Clients failing the authorization check will not be permitted to use the NBD server. For example to setup authorization that only allows connection from a client whose x509 certificate distinguished name is CN=laptop.example.com,O=Example Org,L=London,ST=London,C=GB escape the commas in the name and use: qemu-nbd --object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\ endpoint=server,verify-peer=yes \ --object 'authz-simple,id=auth0,identity=CN=laptop.example.com,,\ O=Example Org,,L=London,,ST=London,,C=GB' \ --tls-creds tls0 \ --tls-authz authz0 \ ....other qemu-nbd args... NB: a real shell command line would not have leading whitespace after the line continuation, it is just included here for clarity. Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <20190227162035.18543-2-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: split long line in --help text, tweak 233 to show that whitespace after ,, in identity= portion is actually okay] Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-04qemu-nbd: Deprecate qemu-nbd --partitionEric Blake
The existing qemu-nbd --partition code claims to handle logical partitions up to 8, since its introduction in 2008 (commit 7a5ca86). However, the implementation is bogus (actual MBR logical partitions form a sort of linked list, with one partition per extended table entry, rather than four logical partitions in a single extended table), making the code unlikely to work for anything beyond -P5 on actual guest images. What's more, the code does not support GPT partitions, which are becoming more popular, and maintaining device subsetting in both NBD and the raw device is unnecessary duplication of effort (even if it is not too difficult). Note that obtaining the offsets of a partition (MBR or GPT) can be learned by using 'qemu-nbd -c /dev/nbd0 file.qcow2 && sfdisk --dump /dev/nbd0', but by the time you've done that, you might as well just mount /dev/nbd0p1 that the kernel creates for you instead of bothering with qemu exporting a subset. Or, keeping to just user-space code, use nbdkit's partition filter, which has already known both GPT and primary MBR partitions for a while, and was just recently enhanced to support arbitrary logical MBR parititions. Start the clock on the deprecation cycle, with examples of how to accomplish device subsetting without using -P. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20190125234837.2272-1-eblake@redhat.com> Reviewed-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
2019-01-21qemu-nbd: Add --list optionEric Blake
We want to be able to detect whether a given qemu NBD server is exposing the right export(s) and dirty bitmaps, at least for regression testing. We could use 'nbd-client -l' from the upstream NBD project to list exports, but it's annoying to rely on out-of-tree binaries; furthermore, nbd-client doesn't necessarily know about all of the qemu NBD extensions. Thus, it is time to add a new mode to qemu-nbd that merely sniffs all possible information from the server during handshake phase, then disconnects and dumps the information. This patch actually implements --list/-L, while reusing other options such as --tls-creds for now designating how to connect as the client (rather than their non-list usage of how to operate as the server). I debated about adding this functionality to something akin to 'qemu-img info' - but that tool does not readily lend itself to connecting to an arbitrary NBD server without also tying to a specific export (I may, however, still add ImageInfoSpecificNBD for reporting the bitmaps available when connecting to a single export). And, while it may feel a bit odd that normally qemu-nbd is a server but 'qemu-nbd -L' is a client, we are not really making the qemu-nbd binary that much larger, because 'qemu-nbd -c' has to operate as both server and client simultaneously across two threads when feeding the kernel module for /dev/nbdN access. Sample output: $ qemu-nbd -L exports available: 1 export: '' size: 65536 flags: 0x4ed ( flush fua trim zeroes df cache ) min block: 512 opt block: 4096 max block: 33554432 available meta contexts: 1 base:allocation Note that the output only lists sizes if the server sent NBD_FLAG_HAS_FLAGS, because a newstyle server does not give the size otherwise. It has the side effect that for really old servers that did not send any flags, the size is not output even though it was available. However, I'm not too concerned about that - oldstyle servers are (rightfully) getting less common to encounter (qemu 3.0 was the last version where we even serve it), and most existing servers that still even offer oldstyle negotiation (such as nbdkit) still send flags (since that was added to the NBD protocol in 2007 to permit read-only connections). Not done here, but maybe worth future experiments: capture the meat of NBDExportInfo into a QAPI struct, and use the generated QAPI pretty-printers instead of hand-rolling our output loop. It would also permit us to add a JSON output mode for machine parsing. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Richard W.M. Jones <rjones@redhat.com> Message-Id: <20190117193658.16413-20-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-01-21qemu-nbd: Enhance man pageEric Blake
Document some useful qemu-nbd command lines. Mention some restrictions on particular options, like -p being only for MBR images, or -c/-d being Linux-only. Update some text given the recent change to no longer serve oldstyle protocol (missed in commit 7f7dfe2a). Also, consistently use trailing '.' in describing options. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Richard W.M. Jones <rjones@redhat.com> Message-Id: <20190117193658.16413-4-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-01-14qemu-nbd: Add --bitmap=NAME optionEric Blake
Having to fire up qemu, then use QMP commands for nbd-server-start and nbd-server-add, just to expose a persistent dirty bitmap, is rather tedious. Make it possible to expose a dirty bitmap using just qemu-nbd (of course, for now this only works when qemu-nbd is visiting a BDS formatted as qcow2). Of course, any good feature also needs unit testing, so expand iotest 223 to cover it. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20190111194720.15671-9-eblake@redhat.com>
2016-11-02nbd: Add qemu-nbd -D for human-readable descriptionEric Blake
The NBD protocol allows servers to advertise a human-readable description alongside an export name during NBD_OPT_LIST. Add an option to pass through the user's string to the NBD client. Doing this also makes it easier to test commit 200650d4, which is the client counterpart of receiving the description. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1476469998-28592-2-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24qemu-nbd: Add --fork optionMax Reitz
Using the --fork option, one can make qemu-nbd fork the worker process. The original process will exit on error of the worker or once the worker enters the main loop. Suggested-by: Sascha Silbe <silbe@linux.vnet.ibm.com> Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-06-28trace: enable tracing in qemu-nbdDenis V. Lunev
Please note, trace_init_backends() must be called in the final process, i.e. after daemonization. This is necessary to keep tracing thread in the proper process. Signed-off-by: Denis V. Lunev <den@openvz.org> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1466174654-30130-6-git-send-email-den@openvz.org CC: Paolo Bonzini <pbonzini@redhat.com> CC: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-02-22qemu-nbd: allow specifying image as a set of options argsDaniel P. Berrange
Currently qemu-nbd allows an image filename to be passed on the command line, but unless using the JSON format, it does not have a way to set any options except the format eg qemu-nbd https://127.0.0.1/images/centos7.iso qemu-nbd /home/berrange/demo.qcow2 This adds a --image-opts arg that indicates that the positional filename should be interpreted as a full option string, not just a filename. qemu-nbd --image-opts driver=https,url=https://127.0.0.1/images,sslverify=off qemu-nbd --image-opts driver=file,filename=/home/berrange/demo.qcow2 This flag is mutually exclusive with the '-f' flag. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-02-16nbd: enable use of TLS with qemu-nbd serverDaniel P. Berrange
This modifies the qemu-nbd program so that it is possible to request the use of TLS with the server. It simply adds a new command line option --tls-creds which is used to provide the ID of a QCryptoTLSCreds object previously created via the --object command line option. For example qemu-nbd --object tls-creds-x509,id=tls0,endpoint=server,\ dir=/home/berrange/security/qemutls \ --tls-creds tls0 \ --exportname default TLS requires the new style NBD protocol, so if no export name is set (via --export-name), then we use the default NBD protocol export name "" TLS is only supported when using an IPv4/IPv6 socket listener. It is not possible to use with UNIX sockets, which includes when connecting the NBD server to a host device. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1455129674-17255-16-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-16nbd: allow setting of an export name for qemu-nbd serverDaniel P. Berrange
The qemu-nbd server currently always uses the old style protocol since it never sets any export name. This is a problem because future TLS support will require use of the new style protocol negotiation. This adds "--exportname NAME" / "-x NAME" arguments to qemu-nbd which allow the user to set an explicit export name. When an export name is set the server will always use the new style NBD protocol. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1455129674-17255-11-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-16qemu-nbd: add support for --object command line argDaniel P. Berrange
Allow creation of user creatable object types with qemu-nbd via a new --object command line arg. This will be used to supply passwords and/or encryption keys to the various block driver backends via the recently added 'secret' object type. # printf letmein > mypasswd.txt # qemu-nbd --object secret,id=sec0,file=mypasswd.txt \ ...other nbd args... Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1455129674-17255-3-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-09qemu-nbd: Fix texi sentence capitalisationSitsofe Wheeler
Capitalise the first letter of sentences (and reword for grammar) the options section of qemu-nbd.texi. Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com> Message-Id: <1451979212-25479-4-git-send-email-sitsofe@yahoo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-09qemu-nbd: Minor texi updatesSitsofe Wheeler
- Change some spacing. - Add disconnect usage to synopsis. - Highlight the command and its options in the synopsis. - Fix up the grammar in the description. - Move filename variable description out of the option table. - Add a description of the dev variable. - Remove duplicate entry for --format. - Reword --discard documentation. - Add --detect-zeroes documentation. - Add reference to qemu man page to see also section. Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com> Message-Id: <1451979212-25479-3-git-send-email-sitsofe@yahoo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-09qemu-nbd: Fix unintended texi verbatim formattingSitsofe Wheeler
Indented lines in the texi meant the perlpod produced interpreted the paragraph as being verbatim (thus formatting codes were not interpreted). Fix this by un-indenting problem lines. Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com> Message-Id: <1451979212-25479-2-git-send-email-sitsofe@yahoo.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-05-24nbd: Miscellaneous typo fixes.Hani Benhabiles
Signed-off-by: Hani Benhabiles <hani@linux.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-12-04qemu-nbd: add doc for option -fWenchao Xia
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-12-04qemu-nbd: support internal snapshot exportWenchao Xia
Now it is possible to directly export an internal snapshot, which can be used to probe the snapshot's contents without qemu-img convert. Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-04-15Add -f FMT / --format FMT arg to qemu-nbdDaniel P. Berrange
Currently the qemu-nbd program will auto-detect the format of any disk it is given. This behaviour is known to be insecure. For example, if qemu-nbd initially exposes a 'raw' file to an unprivileged app, and that app runs 'qemu-img create -f qcow2 -o backing_file=/etc/shadow /dev/nbd0' then the next time the app is started, the qemu-nbd will now detect it as a 'qcow2' file and expose /etc/shadow to the unprivileged app. The only way to avoid this is to explicitly tell qemu-nbd what disk format to use on the command line, completely disabling auto-detection. This patch adds a '-f' / '--format' arg for this purpose, mirroring what is already available via qemu-img and qemu commands. qemu-nbd --format raw -p 9000 evil.img will now always use raw, regardless of what format 'evil.img' looks like it contains Signed-off-by: Daniel P. Berrange <berrange@redhat.com> [Use errx, not err. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-22qemu-nbd: add --discard optionPaolo Bonzini
Similar to --cache and --aio, this option mimics the discard suboption of "-drive". Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-02-08qemu-nbd: document --cache and --aio optionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-07Replace Qemu by QEMU in user visible documentationStefan Weil
The official spelling is QEMU. Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-06qemu-nbd: Fix wrong description in qemu-nbd.texiRyota Ozaki
-c option needs argument <dev> but it's missing now. This patch fixes it. Signed-off-by: Ryota Ozaki <ozaki.ryota@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2008-09-22Fix formatting of documentation (Stefan Weil)aliguori
Fix formatting for documentation of nbd command line options. Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5301 c046a42c-6fe2-441c-8c8c-71466251a162
2008-07-03Allow QEMU to connect directly to an NBD server, by Laurent Vivier.ths
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4838 c046a42c-6fe2-441c-8c8c-71466251a162
2008-07-03Allow to share a disk image via nbd, by Laurent Vivier.ths
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4837 c046a42c-6fe2-441c-8c8c-71466251a162
2008-07-03Add a parameter to disable host cache, by Laurent Vivier.ths
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4836 c046a42c-6fe2-441c-8c8c-71466251a162
2008-07-03Merge NBD client/server, by Laurent Vivier.ths
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4834 c046a42c-6fe2-441c-8c8c-71466251a162
2008-05-27qemu-nbd tool (Anthony Liguori)bellard
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4596 c046a42c-6fe2-441c-8c8c-71466251a162