History | View | Annotate | Download (118.9 kB)
block: prevent snapshot mode $TMPDIR symlink attack
In snapshot mode, bdrv_open creates an empty temporary file withoutchecking for mkstemp or close failure, and ignoring the possibilityof a buffer overrun given a surprisingly long $TMPDIR.Change the get_tmp_filename function to return int (not void),...
block: fix snapshot on QED
QED's opaque data includes a pointer back to the BlockDriverState.This breaks when bdrv_append shuffles data between bs_new and bs_top.To avoid this, add a "rebind" function that tells the driver aboutthe new relationship between the BlockDriverState and its opaque....
block: another bdrv_append fix
bdrv_append must also copy open_flags to the top, because the snapshothas BDRV_O_NO_BACKING set. This causes interesting results if youlater use drive-reopen (not upstream) to reopen the image, and losethe backing file in the process....
block: do not reuse the backing file across bdrv_close/bdrv_open
This is another bug caused by not doing a full cleanup of the BDSacross close/open. This was found with mirroring by Shaolong Hu,but it can probably be reproduced also with eject or change....
block: fully delete bs->file when closing
We are reusing bs->file across close/open, which may not cause anyknown bugs but is a recipe for trouble. Prefer bdrv_delete, andenjoy the new invariant in the implementation of bdrv_delete.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>...
block: add block_job_sleep_ns
This function abstracts the pretty complex semantics of the "busy" member of BlockJob.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: wait for job callback in block_job_cancel_sync
The limitation on not having I/O after cancellation cannot really bekept. Even streaming has a very small race window where you couldcancel a job and have it report completion. If this window is hit,...
block: simplify path_is_absolute
On Windows, all the logic is already in is_windows_drive andis_windows_drive_prefix. On POSIX, there is no need to lookout for colons.
The win32 code changes the behaviour in some cases, we could havesomething like "d:foo.img". The old code would treat it as relative...
block: protect path_has_protocol from filenames with colons
path_has_protocol will erroneously return "true" if the colon is partof a filename. These names are common with stable device names producedby udev. We cannot fully protect against this in case the filename...
block: move field reset from bdrv_open_common to bdrv_close
bdrv_close should leave fields in the same state as bdrv_new. It isnot up to bdrv_open_common to fix the mess.
Also, backing_format was not being re-initialized.
qemu-img: make "info" backing file output correct and easier to use
qemu-img info should use the same logic as qemu when printing thebacking file path, or debugging becomes quite tricky. We can alsosimplify the output in case the backing file has an absolute path...
block: add the support to drain throttled requests
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>[ Iterate until all block devices have processed all requests, add comments. - Paolo ]Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: push bdrv_change_backing_file error checking up from drivers
This check applies to all drivers, but QED lacks it.
Reviewed-by: Kevin Wolf <kwolf@redhat.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: update in-memory backing file and format
These are needed to print "info block" output correctly. QCOW2 does thisbecause it needs it to write the header, but QED does not, and common codeis the right place to do it.
Reviewed-by: Kevin Wolf <kwolf@redhat.com>...
block: open backing file as read-only when probing for size
bdrv_img_create will temporarily open the backing file to probe its size.However, this could be done with a read-write open if the wrong flags arepassed to bdrv_img_create. Since there is really no documentation on...
block: fix allocation size for dirty bitmap
Also reuse elsewhere the new constant for sizeof(unsigned long) * 8.
The dirty bitmap is allocated in bits but declared as unsigned long.Thus, its memory block is accessed beyond its end unless the imageis a multiple of 64 chunks (i.e. a multiple of 64 MB)....
block: make bdrv_create adopt coroutine
The current qemu.git introduces failure with preallocation and somesizes:
qemu-img create f qcow2 new.img 976563K -o preallocation=metadataqemu-img: qemu-coroutine-lock.c:111: qemu_co_mutex_unlock: Assertion`mutex>locked == 1' failed....
block: use Error mechanism instead of -errno for block_job_create()
The block job API uses -errno return values internally and we convertthese to Error in the QMP functions. This is ugly because the Errorshould be created at the point where we still have all the relevant...
block: use Error mechanism instead of -errno for block_job_set_speed()
There are at least two different errors that can occur inblock_job_set_speed(): the job might not support setting speeds or thevalue might be invalid.
Use the Error mechanism to report the error where it occurs....
block: change block-job-set-speed argument from 'value' to 'speed'
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>Acked-by: Kevin Wolf <kwolf@redhat.com>Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
block: add 'speed' optional parameter to block-stream
Allow streaming operations to be started with an initial speed limit.This eliminates the window of time between starting streaming andissuing block-job-set-speed. Users should use the new optional 'speed'...
qcow2: Zero write support
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qemu-img: let 'qemu-img convert' flush data
The 'qemu-img convert -h' advertise that the default cache mode is'writeback', while in fact it is 'unsafe'.
This patch 1) fix the help manual and 2) let bdrv_close() call bdrv_flush()
2) is needed because some backend storage doesn't have a self-flush...
block: Drain requests in bdrv_close
If an AIO request is in flight that refers to a BlockDriverState thathas been closed and possibly even freed, more or less anything couldhappen. I have seen segfaults, -EBADF return values and qcow2 sometimesactually catches the situation in bdrv_close() and abort()s....
block: add a function to clear incoming live migration flags
This function will clear all BDRV_O_INCOMING flags.
Signed-off-by: Benoit Canet <benoit.canet@gmail.com>Reviewed-by: Stefan Hajnoczi <stefanha@gmail.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: bdrv_append() fixes
A few fixups for bdrv_append():
The new bs (bs_new) passed into bdrv_append() should be anonymous. Ratherthan call bdrv_make_anon() to enforce this, use an assert to catch when a calleris passing in a bs_new that is not anonymous....
block: disable I/O throttling on sync api
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: fix streaming/closing race
Streaming can issue I/O while qcow2_close is running. This causes theL2 caches to become very confused or, alternatively, could cause asegfault when the streaming coroutine is reentered after closing itsblock device. The fix is to cancel streaming jobs when closing their...
block: set job->speed in block_set_speed
There is no need to do this in every implementation of set_speed(even though there is only one right now).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>...
block: push recursive flushing up from drivers
block: handle -EBUSY in bdrv_commit_all()
Monitor operations that manipulate image files must not execute while abackground job (like image streaming) is in progress. This preventscorruptions from happening when two pieces of code are manipulating the...
qapi: Introduce blockdev-group-snapshot-sync command
This is a QAPI/QMP only command to take a snapshot of a group ofdevices. This is similar to the blockdev-snapshot-sync command, exceptblockdev-group-snapshot-sync accepts a list devices, filenames, and...
block: drop aio_multiwrite in BlockDriver
These were never used.
block: add a transfer rate for floppy types
Floppies must be read at a specific transfer rate, depending of its own format.Update floppy description table to include required transfer rate.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qmp: add DEVICE_TRAY_MOVED event
It's emitted whenever the tray is moved by the guest or by HMP/QMPcommands.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>Reviewed-by: Markus Armbruster <armbru@redhat.com>Acked-by: Kevin Wolf <kwolf@redhat.com>
block: bdrv_eject(): Make eject_flag a real bool
block: Rename bdrv_mon_event() & BlockMonEventAction
They are QMP events, not monitor events. Rename them accordingly.
Also, move bdrv_emit_qmp_error_event() up in the file. A new event willbe added soon and it's good to have them next each other.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>...
block: add .bdrv_co_write_zeroes() interface
The ability to zero regions of an image file is a useful primitive forhigher-level features such as image streaming or zero write detection.
Image formats may support an optimized metadata representation instead...
block: perform zero-detection during copy-on-read
Copy-on-Read populates the image file with data read from a backingimage. In order to avoid bloating the image file when all zeroes areread we should scan the buffer and perform an optimized zero write...
block: add bdrv_find_backing_image
Add bdrv_find_backing_image: given a BlockDriverState pointer, and an id,traverse the backing image chain to locate the id.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>...
block: check bdrv_in_use() before blockdev operations
Long-running block operations like block migration and image streamingmust have continual access to their block device. It is not safe toperform operations like hotplug, eject, change, resize, commit, or...
block: make copy-on-read a per-request flag
Previously copy-on-read could only be enabled for all requests to ablock device. This means requests coming from the guest as well asQEMU's internal requests would perform copy-on-read when enabled.
For image streaming we want to support finer-grained behavior than just...
block: add BlockJob interface for long-running operations
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: avoid useless checks on acb->bh
Coverity is confused by this "if" and reports leaks on acb->bh.The bottom half is always deleted before releasing the AIOCB,in either bdrv_aio_cancel_em or bdrv_aio_bh_cb.
block: bdrv_aio_* do not return NULL
Initially done with the following semantic patch:
rule1 expression E;statement S;@@ E =( bdrv_aio_readv | bdrv_aio_writev | bdrv_aio_flush | bdrv_aio_discard | bdrv_aio_ioctl) (...);(- if (E == NULL) { ... }...
rule1
block: simplify failure handling for bdrv_aio_multiwrite
Now that early failure of bdrv_aio_writev is not possible anymore,mcb->num_requests can be set before the loop starts.
block: convert qemu_aio_flush() calls to bdrv_drain_all()
Many places in QEMU call qemu_aio_flush() to complete all pendingasynchronous I/O. Most of these places actually want to drain all blockrequests but there is no block layer API to do so.
This patch introduces the bdrv_drain_all() API to wait for requests...
block: wait_for_overlapping_requests() deadlock detection
Debugging a reentrant request deadlock was fun but in the future we needa quick and obvious way of detecting such bugs. Add an assert thatchecks we are not about to deadlock when waiting for another request....
block: implement bdrv_co_is_allocated() boundary cases
Cases beyond the end of the disk image are only implemented for blockdrivers that do not provide .bdrv_co_is_allocated(). It's worth makingthese cases generic so that block drivers that do implement...
block: add request tracking
The block layer does not know about pending requests. This informationis necessary for copy-on-read since overlapping requests must beserialized to prevent races that corrupt the image.
The BlockDriverState gets a new tracked_request list field which...
block: add interface to toggle copy-on-read
The bdrv_enable_copy_on_read()/bdrv_disable_copy_on_read() functions canbe used to programmatically enable or disable copy-on-read for a blockdevice. Later patches add the actual copy-on-read logic.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>...
block: wait for overlapping requests
When copy-on-read is enabled it is necessary to wait for overlappingrequests before issuing new requests. This prevents races between thecopy-on-read and a write request.
block: request overlap detection
Detect overlapping requests and remember to align to cluster boundariesif the image format uses them. This assumes that allocating I/O isperformed in cluster granularity - which is true for qcow2, qed, etc.
block: core copy-on-read logic
block: drop .bdrv_is_allocated() interface
Now that all block drivers have been converted to.bdrv_co_is_allocated() we can drop .bdrv_is_allocated().
Note that the public bdrv_is_allocated() interface is still availablebut is in fact a synchronous wrapper around .bdrv_co_is_allocated()....
block: add bdrv_co_is_allocated() interface
This patch introduces the public bdrv_co_is_allocated() interface whichcan be used to query image allocation status while the VM is running.
block: use public bdrv_is_allocated() interface
There is no need for bdrv_commit() to use the BlockDriver.bdrv_is_allocated() interface directly. Converting to the publicinterface gives us the freedom to drop .bdrv_is_allocated() entirely infavor of a new .bdrv_co_is_allocated() in the future....
block: add .bdrv_co_is_allocated()
This patch adds the .bdrv_co_is_allocated() interface which is identicalto .bdrv_is_allocated() but runs in coroutine context. Running incoroutine context implies that other coroutines might be performing I/Oat the same time. Therefore it must be safe to run while the following...
block: add the blockio limits command line support
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: add I/O throttling algorithm
hmp/qmp: add block_set_io_throttle
block: allow migration to work with image files (v3)
Image files have two types of data: immutable data that describes things likeimage size, backing files, etc. and mutable data that includes offset andreference count tables.
Today, image formats aggressively cache mutable data to improve performance. In...
block: Rename bdrv_co_flush to bdrv_co_flush_to_disk
There are two different types of flush that you can do: Flushing one level upto the OS (i.e. writing data to the host page cache) or flushing it all the waydown to the disk. The existing functions flush to the disk, reflect this in the...
block: Introduce bdrv_co_flush_to_os
qcow2 has a writeback metadata cache, so flushing a qcow2 image actuallyconsists of writing back that cache to the protocol and only then flushes theprotocol in order to get everything stable on disk.
This introduces a separate bdrv_co_flush_to_os to reflect the split....
block: Make cache=unsafe flush to the OS
cache=unsafe completely ignored bdrv_flush, because flushing the host diskcosts a lot of performance. However, this means that qcow2 images (andpotentially any other format) can lose data even after the guest has issued a...
block: add eject request callback
Recent versions of udev always keep the tray locked so that the kernelcan observe "eject request" events (aka tray button presses) even ondiscs that aren't mounted. Add support for these events in the ATAPIand SCSI cd drive device models....
Merge remote-tracking branch 'kwolf/for-anthony' into staging
Conflicts: block/vmdk.c
block: reinitialize across bdrv_close()/bdrv_open()
Several BlockDriverState fields are not being reinitialized acrossbdrv_close()/bdrv_open(). Make sure they are reset to their defaultvalues.
block: Remove dead code
block: Fix bdrv_open use after free
tmp_filename was used outside the block it was defined in, i.e. after it wentout of scope. Move its declaration to the top level.
block: set bs->read_only before .bdrv_open()
Several block drivers set bs->read_only in .bdrv_open() butblock.c:bdrv_open_common() clobbers its value. Additionally, QED usesbdrv_is_read_only() in .bdrv_open() to decide whether to performconsistency checks....
block: iostatus: Drop BDRV_IOS_INVAL
A future commit will convert bdrv_info() to the QAPI and it won'tprovide IOS_INVAL.
Luckily all we have to do is to add a new 'iostatus_enabled'member to BlockDriverState and use it instead.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
block: Rename the BlockIOStatus enum values
The biggest change is to rename its prefix from BDRV_IOS toBLOCK_DEVICE_IO_STATUS.
Next commit will convert the query-block command to the QAPIand that's how the enumeration is going to be generated.
qapi: Convert query-block
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
qapi: Convert query-blockstats
Drop qemu-objects.h from modules that don't require it
Previous commits dropped most qobjects usage from qemu modules(now they are a low level interface used by the QAPI). However,some modules still include the qemu-objects.h header file.
This commit drops qemu-objects.h from some of those modules...
block: change flush to co_flush
Since coroutine operation is now mandatory, convert all bdrv_flushimplementations to coroutines. For qcow2, this means taking the lock.Other implementations are simpler and just forward bdrv_flush to theunderlying protocol, so they can avoid the lock....
block: change discard to co_discard
Since coroutine operation is now mandatory, convert both bdrv_discardimplementations to coroutines. For qcow2, this means taking the lockaround the operation. raw-posix remains synchronous.
The bdrv_discard callback is then unused and can be eliminated....
block: unify flush implementations
Add coroutine support for flush and apply the same emulation thatwe already do for read/write. bdrv_aio_flush is simplified to alwaysgo through a coroutine.
block: add bdrv_co_discard and bdrv_aio_discard support
This similarly adds support for coroutine and asynchronous discard.
block: rename bdrv_co_rw_bh
block: drop emulation functions that use coroutines
Block drivers that implement coroutine functions used to get sync andaio wrappers. This is no longer necessary since all request processingnow happens in a coroutine. If a block driver implements the coroutine...
block: drop .bdrv_read()/.bdrv_write() emulation
There is no need to emulate .bdrv_read()/.bdrv_write() since theseinterfaces are only called if aio and coroutine interfaces are notpresent. All valid BlockDrivers must implement either sync, aio, orcoroutine interfaces....
block: drop bdrv_has_async_rw()
Commit cd74d83345e0e3b708330ab8c4cd9111bb82cda6 ("block: switchbdrv_read()/bdrv_write() to coroutines") removed the bdrv_has_async_rw()callers. This patch removes bdrv_has_async_rw() since it is no longerused.
block: switch bdrv_aio_readv() to coroutines
More sync, aio, and coroutine unification. Make bdrv_aio_readv() gothrough coroutine request processing.
block: mark blocks dirty on coroutine write completion
The aio write operation marks blocks dirty when the write operationcompletes. The coroutine write operation marks blocks dirty beforeissuing the write operation.
It seems safest to mark the block dirty when the operation completes so...
block: switch bdrv_aio_writev() to coroutines
More sync, aio, and coroutine unification. Make bdrv_aio_writev() gothrough coroutine request processing.
Remove the dirty block callback mechanism which was needed only for aioprocessing and can be done more naturally in coroutine context....
block: directly invoke .bdrv_* from emulation functions
The emulation functions which supply default BlockDriver .bdrv_*()functions given another implemented .bdrv_*() function should not usepublic bdrv_*() interfaces. This patch ensures they invoke .bdrv_*()...
block: split out bdrv_co_do_readv() and bdrv_co_do_writev()
The public interface for I/O in coroutine context is bdrv_co_readv() andbdrv_co_writev(). Split out the request processing code intobdrv_co_do_readv() and bdrv_co_writev() so that it can be called...
block: switch bdrv_read()/bdrv_write() to coroutines
The bdrv_read()/bdrv_write() functions call .bdrv_read()/.bdrv_write().They should go through bdrv_co_do_readv() and bdrv_co_do_writev()instead in order to unify request processing code across sync, aio, and...
block: directly invoke .bdrv_aio_*() in bdrv_co_io_em()
We will unify block layer request processing across sync, aio, andcoroutines and this means a .bdrv_co_*() emulation function should notcall back into the public interface. There's no need here, just call...
QMP: query-status: Add 'io-status' key
Contains the I/O status for the given device. The key is only presentif the device supports it and the VM is configured to stop on errors.
Please, check the documentation being added in this commit for moreinformation....
HMP: Print 'io-status' information
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>Reviewed-by: Markus Armbruster <armbru@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: Keep track of devices' I/O status
This commit adds support to the BlockDriverState type to keep trackof devices' I/O status.
There are three possible status: BDRV_IOS_OK (no error), BDRV_IOS_ENOSPC(no space error) and BDRV_IOS_FAILED (any other error). The distinction...
trace: add arguments to bdrv_co_io_em() trace event
It is useful to know the BlockDriverState as well as thesector_num/nb_sectors of an emulated .bdrv_co_*() request.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
trace: trace bdrv_open_common()
bdrv_open_common() is a useful point to trace since it reveals thefilename and block driver for a given BlockDriverState.
block: New bdrv_set_buffer_alignment()
Device models should be able to set it without an unclean include ofblock_int.h.
Signed-off-by: Markus Armbruster <armbru@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: Reset buffer alignment on detach
BlockDriverState member buffer_alignment is initially 512. The devicemodel may set them, with bdrv_set_buffer_alignment(). If the devicemodel gets detached (hot unplug), the device's alignment is leftbehind. Only okay because device hot unplug automatically destroys...
block: New change_media_cb() parameter load
To let device models distinguish between eject and load.
block: Show whether the virtual tray is open in info block
Need to ask the device, so this requires new BlockDevOps memberis_tray_open().