]> git.proxmox.com Git - mirror_qemu.git/blob - block/commit.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
block: Freeze the backing chain for the duration of the commit job
[mirror_qemu.git] / block / commit.c
1 /*
2 * Live block commit
3 *
4 * Copyright Red Hat, Inc. 2012
5 *
6 * Authors:
7 * Jeff Cody <jcody@redhat.com>
8 * Based on stream.c by Stefan Hajnoczi
9 *
10 * This work is licensed under the terms of the GNU LGPL, version 2 or later.
11 * See the COPYING.LIB file in the top-level directory.
12 *
13 */
14
15 #include "qemu/osdep.h"
16 #include "qemu/cutils.h"
17 #include "trace.h"
18 #include "block/block_int.h"
19 #include "block/blockjob_int.h"
20 #include "qapi/error.h"
21 #include "qapi/qmp/qerror.h"
22 #include "qemu/ratelimit.h"
23 #include "sysemu/block-backend.h"
24
25 enum {
26 /*
27 * Size of data buffer for populating the image file. This should be large
28 * enough to process multiple clusters in a single call, so that populating
29 * contiguous regions of the image is efficient.
30 */
31 COMMIT_BUFFER_SIZE = 512 * 1024, /* in bytes */
32 };
33
34 typedef struct CommitBlockJob {
35 BlockJob common;
36 BlockDriverState *commit_top_bs;
37 BlockBackend *top;
38 BlockBackend *base;
39 BlockDriverState *base_bs;
40 BlockdevOnError on_error;
41 bool base_read_only;
42 bool chain_frozen;
43 char *backing_file_str;
44 } CommitBlockJob;
45
46 static int coroutine_fn commit_populate(BlockBackend *bs, BlockBackend *base,
47 int64_t offset, uint64_t bytes,
48 void *buf)
49 {
50 int ret = 0;
51 QEMUIOVector qiov = QEMU_IOVEC_INIT_BUF(qiov, buf, bytes);
52
53 assert(bytes < SIZE_MAX);
54
55 ret = blk_co_preadv(bs, offset, qiov.size, &qiov, 0);
56 if (ret < 0) {
57 return ret;
58 }
59
60 ret = blk_co_pwritev(base, offset, qiov.size, &qiov, 0);
61 if (ret < 0) {
62 return ret;
63 }
64
65 return 0;
66 }
67
68 static int commit_prepare(Job *job)
69 {
70 CommitBlockJob *s = container_of(job, CommitBlockJob, common.job);
71
72 bdrv_unfreeze_backing_chain(s->commit_top_bs, s->base_bs);
73 s->chain_frozen = false;
74
75 /* Remove base node parent that still uses BLK_PERM_WRITE/RESIZE before
76 * the normal backing chain can be restored. */
77 blk_unref(s->base);
78 s->base = NULL;
79
80 /* FIXME: bdrv_drop_intermediate treats total failures and partial failures
81 * identically. Further work is needed to disambiguate these cases. */
82 return bdrv_drop_intermediate(s->commit_top_bs, s->base_bs,
83 s->backing_file_str);
84 }
85
86 static void commit_abort(Job *job)
87 {
88 CommitBlockJob *s = container_of(job, CommitBlockJob, common.job);
89 BlockDriverState *top_bs = blk_bs(s->top);
90
91 if (s->chain_frozen) {
92 bdrv_unfreeze_backing_chain(s->commit_top_bs, s->base_bs);
93 }
94
95 /* Make sure commit_top_bs and top stay around until bdrv_replace_node() */
96 bdrv_ref(top_bs);
97 bdrv_ref(s->commit_top_bs);
98
99 if (s->base) {
100 blk_unref(s->base);
101 }
102
103 /* free the blockers on the intermediate nodes so that bdrv_replace_nodes
104 * can succeed */
105 block_job_remove_all_bdrv(&s->common);
106
107 /* If bdrv_drop_intermediate() failed (or was not invoked), remove the
108 * commit filter driver from the backing chain now. Do this as the final
109 * step so that the 'consistent read' permission can be granted.
110 *
111 * XXX Can (or should) we somehow keep 'consistent read' blocked even
112 * after the failed/cancelled commit job is gone? If we already wrote
113 * something to base, the intermediate images aren't valid any more. */
114 bdrv_child_try_set_perm(s->commit_top_bs->backing, 0, BLK_PERM_ALL,
115 &error_abort);
116 bdrv_replace_node(s->commit_top_bs, backing_bs(s->commit_top_bs),
117 &error_abort);
118
119 bdrv_unref(s->commit_top_bs);
120 bdrv_unref(top_bs);
121 }
122
123 static void commit_clean(Job *job)
124 {
125 CommitBlockJob *s = container_of(job, CommitBlockJob, common.job);
126
127 /* restore base open flags here if appropriate (e.g., change the base back
128 * to r/o). These reopens do not need to be atomic, since we won't abort
129 * even on failure here */
130 if (s->base_read_only) {
131 bdrv_reopen_set_read_only(s->base_bs, true, NULL);
132 }
133
134 g_free(s->backing_file_str);
135 blk_unref(s->top);
136 }
137
138 static int coroutine_fn commit_run(Job *job, Error **errp)
139 {
140 CommitBlockJob *s = container_of(job, CommitBlockJob, common.job);
141 int64_t offset;
142 uint64_t delay_ns = 0;
143 int ret = 0;
144 int64_t n = 0; /* bytes */
145 void *buf = NULL;
146 int bytes_written = 0;
147 int64_t len, base_len;
148
149 ret = len = blk_getlength(s->top);
150 if (len < 0) {
151 goto out;
152 }
153 job_progress_set_remaining(&s->common.job, len);
154
155 ret = base_len = blk_getlength(s->base);
156 if (base_len < 0) {
157 goto out;
158 }
159
160 if (base_len < len) {
161 ret = blk_truncate(s->base, len, PREALLOC_MODE_OFF, NULL);
162 if (ret) {
163 goto out;
164 }
165 }
166
167 buf = blk_blockalign(s->top, COMMIT_BUFFER_SIZE);
168
169 for (offset = 0; offset < len; offset += n) {
170 bool copy;
171
172 /* Note that even when no rate limit is applied we need to yield
173 * with no pending I/O here so that bdrv_drain_all() returns.
174 */
175 job_sleep_ns(&s->common.job, delay_ns);
176 if (job_is_cancelled(&s->common.job)) {
177 break;
178 }
179 /* Copy if allocated above the base */
180 ret = bdrv_is_allocated_above(blk_bs(s->top), blk_bs(s->base),
181 offset, COMMIT_BUFFER_SIZE, &n);
182 copy = (ret == 1);
183 trace_commit_one_iteration(s, offset, n, ret);
184 if (copy) {
185 ret = commit_populate(s->top, s->base, offset, n, buf);
186 bytes_written += n;
187 }
188 if (ret < 0) {
189 BlockErrorAction action =
190 block_job_error_action(&s->common, false, s->on_error, -ret);
191 if (action == BLOCK_ERROR_ACTION_REPORT) {
192 goto out;
193 } else {
194 n = 0;
195 continue;
196 }
197 }
198 /* Publish progress */
199 job_progress_update(&s->common.job, n);
200
201 if (copy) {
202 delay_ns = block_job_ratelimit_get_delay(&s->common, n);
203 } else {
204 delay_ns = 0;
205 }
206 }
207
208 ret = 0;
209
210 out:
211 qemu_vfree(buf);
212
213 return ret;
214 }
215
216 static const BlockJobDriver commit_job_driver = {
217 .job_driver = {
218 .instance_size = sizeof(CommitBlockJob),
219 .job_type = JOB_TYPE_COMMIT,
220 .free = block_job_free,
221 .user_resume = block_job_user_resume,
222 .drain = block_job_drain,
223 .run = commit_run,
224 .prepare = commit_prepare,
225 .abort = commit_abort,
226 .clean = commit_clean
227 },
228 };
229
230 static int coroutine_fn bdrv_commit_top_preadv(BlockDriverState *bs,
231 uint64_t offset, uint64_t bytes, QEMUIOVector *qiov, int flags)
232 {
233 return bdrv_co_preadv(bs->backing, offset, bytes, qiov, flags);
234 }
235
236 static void bdrv_commit_top_refresh_filename(BlockDriverState *bs)
237 {
238 pstrcpy(bs->exact_filename, sizeof(bs->exact_filename),
239 bs->backing->bs->filename);
240 }
241
242 static void bdrv_commit_top_child_perm(BlockDriverState *bs, BdrvChild *c,
243 const BdrvChildRole *role,
244 BlockReopenQueue *reopen_queue,
245 uint64_t perm, uint64_t shared,
246 uint64_t *nperm, uint64_t *nshared)
247 {
248 *nperm = 0;
249 *nshared = BLK_PERM_ALL;
250 }
251
252 /* Dummy node that provides consistent read to its users without requiring it
253 * from its backing file and that allows writes on the backing file chain. */
254 static BlockDriver bdrv_commit_top = {
255 .format_name = "commit_top",
256 .bdrv_co_preadv = bdrv_commit_top_preadv,
257 .bdrv_co_block_status = bdrv_co_block_status_from_backing,
258 .bdrv_refresh_filename = bdrv_commit_top_refresh_filename,
259 .bdrv_child_perm = bdrv_commit_top_child_perm,
260 };
261
262 void commit_start(const char *job_id, BlockDriverState *bs,
263 BlockDriverState *base, BlockDriverState *top,
264 int creation_flags, int64_t speed,
265 BlockdevOnError on_error, const char *backing_file_str,
266 const char *filter_node_name, Error **errp)
267 {
268 CommitBlockJob *s;
269 BlockDriverState *iter;
270 BlockDriverState *commit_top_bs = NULL;
271 Error *local_err = NULL;
272 int ret;
273
274 assert(top != bs);
275 if (top == base) {
276 error_setg(errp, "Invalid files for merge: top and base are the same");
277 return;
278 }
279
280 s = block_job_create(job_id, &commit_job_driver, NULL, bs, 0, BLK_PERM_ALL,
281 speed, creation_flags, NULL, NULL, errp);
282 if (!s) {
283 return;
284 }
285
286 /* convert base to r/w, if necessary */
287 s->base_read_only = bdrv_is_read_only(base);
288 if (s->base_read_only) {
289 if (bdrv_reopen_set_read_only(base, false, errp) != 0) {
290 goto fail;
291 }
292 }
293
294 /* Insert commit_top block node above top, so we can block consistent read
295 * on the backing chain below it */
296 commit_top_bs = bdrv_new_open_driver(&bdrv_commit_top, filter_node_name, 0,
297 errp);
298 if (commit_top_bs == NULL) {
299 goto fail;
300 }
301 if (!filter_node_name) {
302 commit_top_bs->implicit = true;
303 }
304 commit_top_bs->total_sectors = top->total_sectors;
305 bdrv_set_aio_context(commit_top_bs, bdrv_get_aio_context(top));
306
307 bdrv_set_backing_hd(commit_top_bs, top, &local_err);
308 if (local_err) {
309 bdrv_unref(commit_top_bs);
310 commit_top_bs = NULL;
311 error_propagate(errp, local_err);
312 goto fail;
313 }
314 bdrv_replace_node(top, commit_top_bs, &local_err);
315 if (local_err) {
316 bdrv_unref(commit_top_bs);
317 commit_top_bs = NULL;
318 error_propagate(errp, local_err);
319 goto fail;
320 }
321
322 s->commit_top_bs = commit_top_bs;
323 bdrv_unref(commit_top_bs);
324
325 /* Block all nodes between top and base, because they will
326 * disappear from the chain after this operation. */
327 assert(bdrv_chain_contains(top, base));
328 for (iter = top; iter != base; iter = backing_bs(iter)) {
329 /* XXX BLK_PERM_WRITE needs to be allowed so we don't block ourselves
330 * at s->base (if writes are blocked for a node, they are also blocked
331 * for its backing file). The other options would be a second filter
332 * driver above s->base. */
333 ret = block_job_add_bdrv(&s->common, "intermediate node", iter, 0,
334 BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE,
335 errp);
336 if (ret < 0) {
337 goto fail;
338 }
339 }
340
341 if (bdrv_freeze_backing_chain(commit_top_bs, base, errp) < 0) {
342 goto fail;
343 }
344 s->chain_frozen = true;
345
346 ret = block_job_add_bdrv(&s->common, "base", base, 0, BLK_PERM_ALL, errp);
347 if (ret < 0) {
348 goto fail;
349 }
350
351 s->base = blk_new(BLK_PERM_CONSISTENT_READ
352 | BLK_PERM_WRITE
353 | BLK_PERM_RESIZE,
354 BLK_PERM_CONSISTENT_READ
355 | BLK_PERM_GRAPH_MOD
356 | BLK_PERM_WRITE_UNCHANGED);
357 ret = blk_insert_bs(s->base, base, errp);
358 if (ret < 0) {
359 goto fail;
360 }
361 s->base_bs = base;
362
363 /* Required permissions are already taken with block_job_add_bdrv() */
364 s->top = blk_new(0, BLK_PERM_ALL);
365 ret = blk_insert_bs(s->top, top, errp);
366 if (ret < 0) {
367 goto fail;
368 }
369
370 s->backing_file_str = g_strdup(backing_file_str);
371 s->on_error = on_error;
372
373 trace_commit_start(bs, base, top, s);
374 job_start(&s->common.job);
375 return;
376
377 fail:
378 if (s->chain_frozen) {
379 bdrv_unfreeze_backing_chain(commit_top_bs, base);
380 }
381 if (s->base) {
382 blk_unref(s->base);
383 }
384 if (s->top) {
385 blk_unref(s->top);
386 }
387 job_early_fail(&s->common.job);
388 /* commit_top_bs has to be replaced after deleting the block job,
389 * otherwise this would fail because of lack of permissions. */
390 if (commit_top_bs) {
391 bdrv_replace_node(commit_top_bs, top, &error_abort);
392 }
393 }
394
395
396 #define COMMIT_BUF_SIZE (2048 * BDRV_SECTOR_SIZE)
397
398 /* commit COW file into the raw image */
399 int bdrv_commit(BlockDriverState *bs)
400 {
401 BlockBackend *src, *backing;
402 BlockDriverState *backing_file_bs = NULL;
403 BlockDriverState *commit_top_bs = NULL;
404 BlockDriver *drv = bs->drv;
405 int64_t offset, length, backing_length;
406 int ro;
407 int64_t n;
408 int ret = 0;
409 uint8_t *buf = NULL;
410 Error *local_err = NULL;
411
412 if (!drv)
413 return -ENOMEDIUM;
414
415 if (!bs->backing) {
416 return -ENOTSUP;
417 }
418
419 if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_COMMIT_SOURCE, NULL) ||
420 bdrv_op_is_blocked(bs->backing->bs, BLOCK_OP_TYPE_COMMIT_TARGET, NULL)) {
421 return -EBUSY;
422 }
423
424 ro = bs->backing->bs->read_only;
425
426 if (ro) {
427 if (bdrv_reopen_set_read_only(bs->backing->bs, false, NULL)) {
428 return -EACCES;
429 }
430 }
431
432 src = blk_new(BLK_PERM_CONSISTENT_READ, BLK_PERM_ALL);
433 backing = blk_new(BLK_PERM_WRITE | BLK_PERM_RESIZE, BLK_PERM_ALL);
434
435 ret = blk_insert_bs(src, bs, &local_err);
436 if (ret < 0) {
437 error_report_err(local_err);
438 goto ro_cleanup;
439 }
440
441 /* Insert commit_top block node above backing, so we can write to it */
442 backing_file_bs = backing_bs(bs);
443
444 commit_top_bs = bdrv_new_open_driver(&bdrv_commit_top, NULL, BDRV_O_RDWR,
445 &local_err);
446 if (commit_top_bs == NULL) {
447 error_report_err(local_err);
448 goto ro_cleanup;
449 }
450 bdrv_set_aio_context(commit_top_bs, bdrv_get_aio_context(backing_file_bs));
451
452 bdrv_set_backing_hd(commit_top_bs, backing_file_bs, &error_abort);
453 bdrv_set_backing_hd(bs, commit_top_bs, &error_abort);
454
455 ret = blk_insert_bs(backing, backing_file_bs, &local_err);
456 if (ret < 0) {
457 error_report_err(local_err);
458 goto ro_cleanup;
459 }
460
461 length = blk_getlength(src);
462 if (length < 0) {
463 ret = length;
464 goto ro_cleanup;
465 }
466
467 backing_length = blk_getlength(backing);
468 if (backing_length < 0) {
469 ret = backing_length;
470 goto ro_cleanup;
471 }
472
473 /* If our top snapshot is larger than the backing file image,
474 * grow the backing file image if possible. If not possible,
475 * we must return an error */
476 if (length > backing_length) {
477 ret = blk_truncate(backing, length, PREALLOC_MODE_OFF, &local_err);
478 if (ret < 0) {
479 error_report_err(local_err);
480 goto ro_cleanup;
481 }
482 }
483
484 /* blk_try_blockalign() for src will choose an alignment that works for
485 * backing as well, so no need to compare the alignment manually. */
486 buf = blk_try_blockalign(src, COMMIT_BUF_SIZE);
487 if (buf == NULL) {
488 ret = -ENOMEM;
489 goto ro_cleanup;
490 }
491
492 for (offset = 0; offset < length; offset += n) {
493 ret = bdrv_is_allocated(bs, offset, COMMIT_BUF_SIZE, &n);
494 if (ret < 0) {
495 goto ro_cleanup;
496 }
497 if (ret) {
498 ret = blk_pread(src, offset, buf, n);
499 if (ret < 0) {
500 goto ro_cleanup;
501 }
502
503 ret = blk_pwrite(backing, offset, buf, n, 0);
504 if (ret < 0) {
505 goto ro_cleanup;
506 }
507 }
508 }
509
510 if (drv->bdrv_make_empty) {
511 ret = drv->bdrv_make_empty(bs);
512 if (ret < 0) {
513 goto ro_cleanup;
514 }
515 blk_flush(src);
516 }
517
518 /*
519 * Make sure all data we wrote to the backing device is actually
520 * stable on disk.
521 */
522 blk_flush(backing);
523
524 ret = 0;
525 ro_cleanup:
526 qemu_vfree(buf);
527
528 blk_unref(backing);
529 if (backing_file_bs) {
530 bdrv_set_backing_hd(bs, backing_file_bs, &error_abort);
531 }
532 bdrv_unref(commit_top_bs);
533 blk_unref(src);
534
535 if (ro) {
536 /* ignoring error return here */
537 bdrv_reopen_set_read_only(bs->backing->bs, true, NULL);
538 }
539
540 return ret;
541 }
QEMU mirror