Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / jsnbd / 17cf7fcf9d6780477fa45920ea44e426639caaf7
commit17cf7fcf9d6780477fa45920ea44e426639caaf7[log] [tgz]
authorPatrick Williams <patrick@stwcx.xyz>Wed Dec 18 11:22:32 2024 -0500
committerPatrick Williams <patrick@stwcx.xyz>Wed Dec 18 11:22:32 2024 -0500
tree695a45c20ca9915a3a9d9bfbbc54bf85ea6f3b02
parent22a2a9028a58b7bab87871a62e17e3628941a873 [diff]
clang-format: re-format for clang-19

clang-format-19 isn't compatible with the clang-format-18 output, so we
need to reformat the code with the latest version.  A few parameters
in clang-tidy have been deprecated, so adjust the style file
accordingly.

See Ie2f6eb3b043f2d655c9df806815afd7971fd0947 for updated style.
See I88192b41ab7a95599a90915013579608af7bc56f for clang-19 enablement.

Change-Id: I95c32f952918903c7d1d21e93cfec4ef854cb387
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
1 file changed
tree: 695a45c20ca9915a3a9d9bfbbc54bf85ea6f3b02
  1. m4/
  2. web/
  3. .clang-format
  4. .gitignore
  5. bootstrap.sh
  6. config.sample.json
  7. configure.ac
  8. LICENCE
  9. Makefile.am
  10. meson.build
  11. meson_options.txt
  12. nbd-proxy.c
  13. OWNERS
  14. README.md
README.md

nbd-proxy

Prototype javascript+websocket NBD server; this code demonstrates a javascript NBD implementation connected to the kernel nbd device over a websocket.

There are two components here:

nbd-proxy: a little binary to initialise a nbd client, connected to a unix domain socket, then proxy data between that socket and stdio. This can be used with a websocket proxy to expose that stdio as a websocket.

nbd.js: a javascript implementation of a NBD server.

Running

You'll need a websocket proxy This connects the nbd-proxy component to a websocket endpoint.

For experimentation, I use the websocketd infrastrcture to expose the websocket endpoint, plus serve the static HTML+js client:

git clone https://github.com/joewalnes/websocketd
(cd websocketd && make)

sudo websocketd/websocketd --port=8000 --staticdir=web --binary ./nbd-proxy <config>
  • where <config> is a name of a configuration in the config.json file.

Note that this type of invocation is very insecure, and intended just for experimentation. See the Security section below.

For real deployments, you want your websocket-enabled service to run nbd-proxy, and connect its stdio to a websocket, running in binary mode. Your web interface will interact with this using an instance of the NBDServer object (defined in web/js/nbd.js):

var server = NBDServer(endpoint, file);
server.start();
  • where endpoint is the websocket URL (ws://...) and file is a File object. See web/index.html for an example.

Security

This code allows potentially-untrusted clients to export arbitrary block device data to your kernel. Therefore, you should ensure that only trusted clients can connect as NBD servers.

There is no authentication or authorisation implemented in the nbd proxy. Your websocket proxy should implement proper authentication before nbd-proxy is connected to the websocket endpoint.

State hook

The nbd-proxy has a facility to run an program on state change. When a nbd session is established or shut down, the proxy will run the executable at /etc/nbd-proxy/state.

This executable is called with two arguments: the action ("start" or "stop"), and the name of the configuration (as specified in the config.json file).