2 * QEMU System Emulator block driver
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 #include "qemu/osdep.h"
26 #include "block/trace.h"
27 #include "block/block_int.h"
28 #include "block/blockjob.h"
29 #include "block/nbd.h"
30 #include "block/qdict.h"
31 #include "qemu/error-report.h"
32 #include "module_block.h"
33 #include "qemu/main-loop.h"
34 #include "qemu/module.h"
35 #include "qapi/error.h"
36 #include "qapi/qmp/qdict.h"
37 #include "qapi/qmp/qjson.h"
38 #include "qapi/qmp/qnull.h"
39 #include "qapi/qmp/qstring.h"
40 #include "qapi/qobject-output-visitor.h"
41 #include "qapi/qapi-visit-block-core.h"
42 #include "sysemu/block-backend.h"
43 #include "sysemu/sysemu.h"
44 #include "qemu/notify.h"
45 #include "qemu/option.h"
46 #include "qemu/coroutine.h"
47 #include "block/qapi.h"
48 #include "qemu/timer.h"
49 #include "qemu/cutils.h"
53 #include <sys/ioctl.h>
54 #include <sys/queue.h>
64 #define NOT_DONE 0x7fffffff /* used while emulated sync operation in progress */
66 static QTAILQ_HEAD(, BlockDriverState
) graph_bdrv_states
=
67 QTAILQ_HEAD_INITIALIZER(graph_bdrv_states
);
69 static QTAILQ_HEAD(, BlockDriverState
) all_bdrv_states
=
70 QTAILQ_HEAD_INITIALIZER(all_bdrv_states
);
72 static QLIST_HEAD(, BlockDriver
) bdrv_drivers
=
73 QLIST_HEAD_INITIALIZER(bdrv_drivers
);
75 static BlockDriverState
*bdrv_open_inherit(const char *filename
,
76 const char *reference
,
77 QDict
*options
, int flags
,
78 BlockDriverState
*parent
,
79 const BdrvChildClass
*child_class
,
80 BdrvChildRole child_role
,
83 /* TODO: Remove when no longer needed */
84 static void bdrv_inherited_options(BdrvChildRole role
, bool parent_is_format
,
85 int *child_flags
, QDict
*child_options
,
86 int parent_flags
, QDict
*parent_options
);
87 static void bdrv_child_cb_attach(BdrvChild
*child
);
88 static void bdrv_child_cb_detach(BdrvChild
*child
);
90 /* If non-zero, use only whitelisted block drivers */
91 static int use_bdrv_whitelist
;
94 static int is_windows_drive_prefix(const char *filename
)
96 return (((filename
[0] >= 'a' && filename
[0] <= 'z') ||
97 (filename
[0] >= 'A' && filename
[0] <= 'Z')) &&
101 int is_windows_drive(const char *filename
)
103 if (is_windows_drive_prefix(filename
) &&
106 if (strstart(filename
, "\\\\.\\", NULL
) ||
107 strstart(filename
, "//./", NULL
))
113 size_t bdrv_opt_mem_align(BlockDriverState
*bs
)
115 if (!bs
|| !bs
->drv
) {
116 /* page size or 4k (hdd sector size) should be on the safe side */
117 return MAX(4096, qemu_real_host_page_size
);
120 return bs
->bl
.opt_mem_alignment
;
123 size_t bdrv_min_mem_align(BlockDriverState
*bs
)
125 if (!bs
|| !bs
->drv
) {
126 /* page size or 4k (hdd sector size) should be on the safe side */
127 return MAX(4096, qemu_real_host_page_size
);
130 return bs
->bl
.min_mem_alignment
;
133 /* check if the path starts with "<protocol>:" */
134 int path_has_protocol(const char *path
)
139 if (is_windows_drive(path
) ||
140 is_windows_drive_prefix(path
)) {
143 p
= path
+ strcspn(path
, ":/\\");
145 p
= path
+ strcspn(path
, ":/");
151 int path_is_absolute(const char *path
)
154 /* specific case for names like: "\\.\d:" */
155 if (is_windows_drive(path
) || is_windows_drive_prefix(path
)) {
158 return (*path
== '/' || *path
== '\\');
160 return (*path
== '/');
164 /* if filename is absolute, just return its duplicate. Otherwise, build a
165 path to it by considering it is relative to base_path. URL are
167 char *path_combine(const char *base_path
, const char *filename
)
169 const char *protocol_stripped
= NULL
;
174 if (path_is_absolute(filename
)) {
175 return g_strdup(filename
);
178 if (path_has_protocol(base_path
)) {
179 protocol_stripped
= strchr(base_path
, ':');
180 if (protocol_stripped
) {
184 p
= protocol_stripped
?: base_path
;
186 p1
= strrchr(base_path
, '/');
190 p2
= strrchr(base_path
, '\\');
191 if (!p1
|| p2
> p1
) {
206 result
= g_malloc(len
+ strlen(filename
) + 1);
207 memcpy(result
, base_path
, len
);
208 strcpy(result
+ len
, filename
);
214 * Helper function for bdrv_parse_filename() implementations to remove optional
215 * protocol prefixes (especially "file:") from a filename and for putting the
216 * stripped filename into the options QDict if there is such a prefix.
218 void bdrv_parse_filename_strip_prefix(const char *filename
, const char *prefix
,
221 if (strstart(filename
, prefix
, &filename
)) {
222 /* Stripping the explicit protocol prefix may result in a protocol
223 * prefix being (wrongly) detected (if the filename contains a colon) */
224 if (path_has_protocol(filename
)) {
225 QString
*fat_filename
;
227 /* This means there is some colon before the first slash; therefore,
228 * this cannot be an absolute path */
229 assert(!path_is_absolute(filename
));
231 /* And we can thus fix the protocol detection issue by prefixing it
233 fat_filename
= qstring_from_str("./");
234 qstring_append(fat_filename
, filename
);
236 assert(!path_has_protocol(qstring_get_str(fat_filename
)));
238 qdict_put(options
, "filename", fat_filename
);
240 /* If no protocol prefix was detected, we can use the shortened
242 qdict_put_str(options
, "filename", filename
);
248 /* Returns whether the image file is opened as read-only. Note that this can
249 * return false and writing to the image file is still not possible because the
250 * image is inactivated. */
251 bool bdrv_is_read_only(BlockDriverState
*bs
)
253 return bs
->read_only
;
256 int bdrv_can_set_read_only(BlockDriverState
*bs
, bool read_only
,
257 bool ignore_allow_rdw
, Error
**errp
)
259 /* Do not set read_only if copy_on_read is enabled */
260 if (bs
->copy_on_read
&& read_only
) {
261 error_setg(errp
, "Can't set node '%s' to r/o with copy-on-read enabled",
262 bdrv_get_device_or_node_name(bs
));
266 /* Do not clear read_only if it is prohibited */
267 if (!read_only
&& !(bs
->open_flags
& BDRV_O_ALLOW_RDWR
) &&
270 error_setg(errp
, "Node '%s' is read only",
271 bdrv_get_device_or_node_name(bs
));
279 * Called by a driver that can only provide a read-only image.
281 * Returns 0 if the node is already read-only or it could switch the node to
282 * read-only because BDRV_O_AUTO_RDONLY is set.
284 * Returns -EACCES if the node is read-write and BDRV_O_AUTO_RDONLY is not set
285 * or bdrv_can_set_read_only() forbids making the node read-only. If @errmsg
286 * is not NULL, it is used as the error message for the Error object.
288 int bdrv_apply_auto_read_only(BlockDriverState
*bs
, const char *errmsg
,
293 if (!(bs
->open_flags
& BDRV_O_RDWR
)) {
296 if (!(bs
->open_flags
& BDRV_O_AUTO_RDONLY
)) {
300 ret
= bdrv_can_set_read_only(bs
, true, false, NULL
);
305 bs
->read_only
= true;
306 bs
->open_flags
&= ~BDRV_O_RDWR
;
311 error_setg(errp
, "%s", errmsg
?: "Image is read-only");
316 * If @backing is empty, this function returns NULL without setting
317 * @errp. In all other cases, NULL will only be returned with @errp
320 * Therefore, a return value of NULL without @errp set means that
321 * there is no backing file; if @errp is set, there is one but its
322 * absolute filename cannot be generated.
324 char *bdrv_get_full_backing_filename_from_filename(const char *backed
,
328 if (backing
[0] == '\0') {
330 } else if (path_has_protocol(backing
) || path_is_absolute(backing
)) {
331 return g_strdup(backing
);
332 } else if (backed
[0] == '\0' || strstart(backed
, "json:", NULL
)) {
333 error_setg(errp
, "Cannot use relative backing file names for '%s'",
337 return path_combine(backed
, backing
);
342 * If @filename is empty or NULL, this function returns NULL without
343 * setting @errp. In all other cases, NULL will only be returned with
346 static char *bdrv_make_absolute_filename(BlockDriverState
*relative_to
,
347 const char *filename
, Error
**errp
)
349 char *dir
, *full_name
;
351 if (!filename
|| filename
[0] == '\0') {
353 } else if (path_has_protocol(filename
) || path_is_absolute(filename
)) {
354 return g_strdup(filename
);
357 dir
= bdrv_dirname(relative_to
, errp
);
362 full_name
= g_strconcat(dir
, filename
, NULL
);
367 char *bdrv_get_full_backing_filename(BlockDriverState
*bs
, Error
**errp
)
369 return bdrv_make_absolute_filename(bs
, bs
->backing_file
, errp
);
372 void bdrv_register(BlockDriver
*bdrv
)
374 assert(bdrv
->format_name
);
375 QLIST_INSERT_HEAD(&bdrv_drivers
, bdrv
, list
);
378 BlockDriverState
*bdrv_new(void)
380 BlockDriverState
*bs
;
383 bs
= g_new0(BlockDriverState
, 1);
384 QLIST_INIT(&bs
->dirty_bitmaps
);
385 for (i
= 0; i
< BLOCK_OP_TYPE_MAX
; i
++) {
386 QLIST_INIT(&bs
->op_blockers
[i
]);
388 notifier_with_return_list_init(&bs
->before_write_notifiers
);
389 qemu_co_mutex_init(&bs
->reqs_lock
);
390 qemu_mutex_init(&bs
->dirty_bitmap_mutex
);
392 bs
->aio_context
= qemu_get_aio_context();
394 qemu_co_queue_init(&bs
->flush_queue
);
396 for (i
= 0; i
< bdrv_drain_all_count
; i
++) {
397 bdrv_drained_begin(bs
);
400 QTAILQ_INSERT_TAIL(&all_bdrv_states
, bs
, bs_list
);
405 static BlockDriver
*bdrv_do_find_format(const char *format_name
)
409 QLIST_FOREACH(drv1
, &bdrv_drivers
, list
) {
410 if (!strcmp(drv1
->format_name
, format_name
)) {
418 BlockDriver
*bdrv_find_format(const char *format_name
)
423 drv1
= bdrv_do_find_format(format_name
);
428 /* The driver isn't registered, maybe we need to load a module */
429 for (i
= 0; i
< (int)ARRAY_SIZE(block_driver_modules
); ++i
) {
430 if (!strcmp(block_driver_modules
[i
].format_name
, format_name
)) {
431 block_module_load_one(block_driver_modules
[i
].library_name
);
436 return bdrv_do_find_format(format_name
);
439 static int bdrv_format_is_whitelisted(const char *format_name
, bool read_only
)
441 static const char *whitelist_rw
[] = {
442 CONFIG_BDRV_RW_WHITELIST
444 static const char *whitelist_ro
[] = {
445 CONFIG_BDRV_RO_WHITELIST
449 if (!whitelist_rw
[0] && !whitelist_ro
[0]) {
450 return 1; /* no whitelist, anything goes */
453 for (p
= whitelist_rw
; *p
; p
++) {
454 if (!strcmp(format_name
, *p
)) {
459 for (p
= whitelist_ro
; *p
; p
++) {
460 if (!strcmp(format_name
, *p
)) {
468 int bdrv_is_whitelisted(BlockDriver
*drv
, bool read_only
)
470 return bdrv_format_is_whitelisted(drv
->format_name
, read_only
);
473 bool bdrv_uses_whitelist(void)
475 return use_bdrv_whitelist
;
478 typedef struct CreateCo
{
486 static void coroutine_fn
bdrv_create_co_entry(void *opaque
)
488 Error
*local_err
= NULL
;
491 CreateCo
*cco
= opaque
;
494 ret
= cco
->drv
->bdrv_co_create_opts(cco
->drv
,
495 cco
->filename
, cco
->opts
, &local_err
);
496 error_propagate(&cco
->err
, local_err
);
500 int bdrv_create(BlockDriver
*drv
, const char* filename
,
501 QemuOpts
*opts
, Error
**errp
)
508 .filename
= g_strdup(filename
),
514 if (!drv
->bdrv_co_create_opts
) {
515 error_setg(errp
, "Driver '%s' does not support image creation", drv
->format_name
);
520 if (qemu_in_coroutine()) {
521 /* Fast-path if already in coroutine context */
522 bdrv_create_co_entry(&cco
);
524 co
= qemu_coroutine_create(bdrv_create_co_entry
, &cco
);
525 qemu_coroutine_enter(co
);
526 while (cco
.ret
== NOT_DONE
) {
527 aio_poll(qemu_get_aio_context(), true);
534 error_propagate(errp
, cco
.err
);
536 error_setg_errno(errp
, -ret
, "Could not create image");
541 g_free(cco
.filename
);
546 * Helper function for bdrv_create_file_fallback(): Resize @blk to at
547 * least the given @minimum_size.
549 * On success, return @blk's actual length.
550 * Otherwise, return -errno.
552 static int64_t create_file_fallback_truncate(BlockBackend
*blk
,
553 int64_t minimum_size
, Error
**errp
)
555 Error
*local_err
= NULL
;
559 ret
= blk_truncate(blk
, minimum_size
, false, PREALLOC_MODE_OFF
, 0,
561 if (ret
< 0 && ret
!= -ENOTSUP
) {
562 error_propagate(errp
, local_err
);
566 size
= blk_getlength(blk
);
568 error_free(local_err
);
569 error_setg_errno(errp
, -size
,
570 "Failed to inquire the new image file's length");
574 if (size
< minimum_size
) {
575 /* Need to grow the image, but we failed to do that */
576 error_propagate(errp
, local_err
);
580 error_free(local_err
);
587 * Helper function for bdrv_create_file_fallback(): Zero the first
588 * sector to remove any potentially pre-existing image header.
590 static int create_file_fallback_zero_first_sector(BlockBackend
*blk
,
591 int64_t current_size
,
594 int64_t bytes_to_clear
;
597 bytes_to_clear
= MIN(current_size
, BDRV_SECTOR_SIZE
);
598 if (bytes_to_clear
) {
599 ret
= blk_pwrite_zeroes(blk
, 0, bytes_to_clear
, BDRV_REQ_MAY_UNMAP
);
601 error_setg_errno(errp
, -ret
,
602 "Failed to clear the new image's first sector");
611 * Simple implementation of bdrv_co_create_opts for protocol drivers
612 * which only support creation via opening a file
613 * (usually existing raw storage device)
615 int coroutine_fn
bdrv_co_create_opts_simple(BlockDriver
*drv
,
616 const char *filename
,
624 PreallocMode prealloc
;
625 Error
*local_err
= NULL
;
628 size
= qemu_opt_get_size_del(opts
, BLOCK_OPT_SIZE
, 0);
629 buf
= qemu_opt_get_del(opts
, BLOCK_OPT_PREALLOC
);
630 prealloc
= qapi_enum_parse(&PreallocMode_lookup
, buf
,
631 PREALLOC_MODE_OFF
, &local_err
);
634 error_propagate(errp
, local_err
);
638 if (prealloc
!= PREALLOC_MODE_OFF
) {
639 error_setg(errp
, "Unsupported preallocation mode '%s'",
640 PreallocMode_str(prealloc
));
644 options
= qdict_new();
645 qdict_put_str(options
, "driver", drv
->format_name
);
647 blk
= blk_new_open(filename
, NULL
, options
,
648 BDRV_O_RDWR
| BDRV_O_RESIZE
, errp
);
650 error_prepend(errp
, "Protocol driver '%s' does not support image "
651 "creation, and opening the image failed: ",
656 size
= create_file_fallback_truncate(blk
, size
, errp
);
662 ret
= create_file_fallback_zero_first_sector(blk
, size
, errp
);
673 int bdrv_create_file(const char *filename
, QemuOpts
*opts
, Error
**errp
)
677 drv
= bdrv_find_protocol(filename
, true, errp
);
682 return bdrv_create(drv
, filename
, opts
, errp
);
685 int coroutine_fn
bdrv_co_delete_file(BlockDriverState
*bs
, Error
**errp
)
687 Error
*local_err
= NULL
;
693 error_setg(errp
, "Block node '%s' is not opened", bs
->filename
);
697 if (!bs
->drv
->bdrv_co_delete_file
) {
698 error_setg(errp
, "Driver '%s' does not support image deletion",
699 bs
->drv
->format_name
);
703 ret
= bs
->drv
->bdrv_co_delete_file(bs
, &local_err
);
705 error_propagate(errp
, local_err
);
712 * Try to get @bs's logical and physical block size.
713 * On success, store them in @bsz struct and return 0.
714 * On failure return -errno.
715 * @bs must not be empty.
717 int bdrv_probe_blocksizes(BlockDriverState
*bs
, BlockSizes
*bsz
)
719 BlockDriver
*drv
= bs
->drv
;
721 if (drv
&& drv
->bdrv_probe_blocksizes
) {
722 return drv
->bdrv_probe_blocksizes(bs
, bsz
);
723 } else if (drv
&& drv
->is_filter
&& bs
->file
) {
724 return bdrv_probe_blocksizes(bs
->file
->bs
, bsz
);
731 * Try to get @bs's geometry (cyls, heads, sectors).
732 * On success, store them in @geo struct and return 0.
733 * On failure return -errno.
734 * @bs must not be empty.
736 int bdrv_probe_geometry(BlockDriverState
*bs
, HDGeometry
*geo
)
738 BlockDriver
*drv
= bs
->drv
;
740 if (drv
&& drv
->bdrv_probe_geometry
) {
741 return drv
->bdrv_probe_geometry(bs
, geo
);
742 } else if (drv
&& drv
->is_filter
&& bs
->file
) {
743 return bdrv_probe_geometry(bs
->file
->bs
, geo
);
750 * Create a uniquely-named empty temporary file.
751 * Return 0 upon success, otherwise a negative errno value.
753 int get_tmp_filename(char *filename
, int size
)
756 char temp_dir
[MAX_PATH
];
757 /* GetTempFileName requires that its output buffer (4th param)
758 have length MAX_PATH or greater. */
759 assert(size
>= MAX_PATH
);
760 return (GetTempPath(MAX_PATH
, temp_dir
)
761 && GetTempFileName(temp_dir
, "qem", 0, filename
)
762 ? 0 : -GetLastError());
766 tmpdir
= getenv("TMPDIR");
770 if (snprintf(filename
, size
, "%s/vl.XXXXXX", tmpdir
) >= size
) {
773 fd
= mkstemp(filename
);
777 if (close(fd
) != 0) {
786 * Detect host devices. By convention, /dev/cdrom[N] is always
787 * recognized as a host CDROM.
789 static BlockDriver
*find_hdev_driver(const char *filename
)
791 int score_max
= 0, score
;
792 BlockDriver
*drv
= NULL
, *d
;
794 QLIST_FOREACH(d
, &bdrv_drivers
, list
) {
795 if (d
->bdrv_probe_device
) {
796 score
= d
->bdrv_probe_device(filename
);
797 if (score
> score_max
) {
807 static BlockDriver
*bdrv_do_find_protocol(const char *protocol
)
811 QLIST_FOREACH(drv1
, &bdrv_drivers
, list
) {
812 if (drv1
->protocol_name
&& !strcmp(drv1
->protocol_name
, protocol
)) {
820 BlockDriver
*bdrv_find_protocol(const char *filename
,
821 bool allow_protocol_prefix
,
830 /* TODO Drivers without bdrv_file_open must be specified explicitly */
833 * XXX(hch): we really should not let host device detection
834 * override an explicit protocol specification, but moving this
835 * later breaks access to device names with colons in them.
836 * Thanks to the brain-dead persistent naming schemes on udev-
837 * based Linux systems those actually are quite common.
839 drv1
= find_hdev_driver(filename
);
844 if (!path_has_protocol(filename
) || !allow_protocol_prefix
) {
848 p
= strchr(filename
, ':');
851 if (len
> sizeof(protocol
) - 1)
852 len
= sizeof(protocol
) - 1;
853 memcpy(protocol
, filename
, len
);
854 protocol
[len
] = '\0';
856 drv1
= bdrv_do_find_protocol(protocol
);
861 for (i
= 0; i
< (int)ARRAY_SIZE(block_driver_modules
); ++i
) {
862 if (block_driver_modules
[i
].protocol_name
&&
863 !strcmp(block_driver_modules
[i
].protocol_name
, protocol
)) {
864 block_module_load_one(block_driver_modules
[i
].library_name
);
869 drv1
= bdrv_do_find_protocol(protocol
);
871 error_setg(errp
, "Unknown protocol '%s'", protocol
);
877 * Guess image format by probing its contents.
878 * This is not a good idea when your image is raw (CVE-2008-2004), but
879 * we do it anyway for backward compatibility.
881 * @buf contains the image's first @buf_size bytes.
882 * @buf_size is the buffer size in bytes (generally BLOCK_PROBE_BUF_SIZE,
883 * but can be smaller if the image file is smaller)
884 * @filename is its filename.
886 * For all block drivers, call the bdrv_probe() method to get its
888 * Return the first block driver with the highest probing score.
890 BlockDriver
*bdrv_probe_all(const uint8_t *buf
, int buf_size
,
891 const char *filename
)
893 int score_max
= 0, score
;
894 BlockDriver
*drv
= NULL
, *d
;
896 QLIST_FOREACH(d
, &bdrv_drivers
, list
) {
898 score
= d
->bdrv_probe(buf
, buf_size
, filename
);
899 if (score
> score_max
) {
909 static int find_image_format(BlockBackend
*file
, const char *filename
,
910 BlockDriver
**pdrv
, Error
**errp
)
913 uint8_t buf
[BLOCK_PROBE_BUF_SIZE
];
916 /* Return the raw BlockDriver * to scsi-generic devices or empty drives */
917 if (blk_is_sg(file
) || !blk_is_inserted(file
) || blk_getlength(file
) == 0) {
922 ret
= blk_pread(file
, 0, buf
, sizeof(buf
));
924 error_setg_errno(errp
, -ret
, "Could not read image for determining its "
930 drv
= bdrv_probe_all(buf
, ret
, filename
);
932 error_setg(errp
, "Could not determine image format: No compatible "
941 * Set the current 'total_sectors' value
942 * Return 0 on success, -errno on error.
944 int refresh_total_sectors(BlockDriverState
*bs
, int64_t hint
)
946 BlockDriver
*drv
= bs
->drv
;
952 /* Do not attempt drv->bdrv_getlength() on scsi-generic devices */
956 /* query actual device if possible, otherwise just trust the hint */
957 if (drv
->bdrv_getlength
) {
958 int64_t length
= drv
->bdrv_getlength(bs
);
962 hint
= DIV_ROUND_UP(length
, BDRV_SECTOR_SIZE
);
965 bs
->total_sectors
= hint
;
970 * Combines a QDict of new block driver @options with any missing options taken
971 * from @old_options, so that leaving out an option defaults to its old value.
973 static void bdrv_join_options(BlockDriverState
*bs
, QDict
*options
,
976 if (bs
->drv
&& bs
->drv
->bdrv_join_options
) {
977 bs
->drv
->bdrv_join_options(options
, old_options
);
979 qdict_join(options
, old_options
, false);
983 static BlockdevDetectZeroesOptions
bdrv_parse_detect_zeroes(QemuOpts
*opts
,
987 Error
*local_err
= NULL
;
988 char *value
= qemu_opt_get_del(opts
, "detect-zeroes");
989 BlockdevDetectZeroesOptions detect_zeroes
=
990 qapi_enum_parse(&BlockdevDetectZeroesOptions_lookup
, value
,
991 BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF
, &local_err
);
994 error_propagate(errp
, local_err
);
995 return detect_zeroes
;
998 if (detect_zeroes
== BLOCKDEV_DETECT_ZEROES_OPTIONS_UNMAP
&&
999 !(open_flags
& BDRV_O_UNMAP
))
1001 error_setg(errp
, "setting detect-zeroes to unmap is not allowed "
1002 "without setting discard operation to unmap");
1005 return detect_zeroes
;
1009 * Set open flags for aio engine
1011 * Return 0 on success, -1 if the engine specified is invalid
1013 int bdrv_parse_aio(const char *mode
, int *flags
)
1015 if (!strcmp(mode
, "threads")) {
1016 /* do nothing, default */
1017 } else if (!strcmp(mode
, "native")) {
1018 *flags
|= BDRV_O_NATIVE_AIO
;
1019 #ifdef CONFIG_LINUX_IO_URING
1020 } else if (!strcmp(mode
, "io_uring")) {
1021 *flags
|= BDRV_O_IO_URING
;
1031 * Set open flags for a given discard mode
1033 * Return 0 on success, -1 if the discard mode was invalid.
1035 int bdrv_parse_discard_flags(const char *mode
, int *flags
)
1037 *flags
&= ~BDRV_O_UNMAP
;
1039 if (!strcmp(mode
, "off") || !strcmp(mode
, "ignore")) {
1041 } else if (!strcmp(mode
, "on") || !strcmp(mode
, "unmap")) {
1042 *flags
|= BDRV_O_UNMAP
;
1051 * Set open flags for a given cache mode
1053 * Return 0 on success, -1 if the cache mode was invalid.
1055 int bdrv_parse_cache_mode(const char *mode
, int *flags
, bool *writethrough
)
1057 *flags
&= ~BDRV_O_CACHE_MASK
;
1059 if (!strcmp(mode
, "off") || !strcmp(mode
, "none")) {
1060 *writethrough
= false;
1061 *flags
|= BDRV_O_NOCACHE
;
1062 } else if (!strcmp(mode
, "directsync")) {
1063 *writethrough
= true;
1064 *flags
|= BDRV_O_NOCACHE
;
1065 } else if (!strcmp(mode
, "writeback")) {
1066 *writethrough
= false;
1067 } else if (!strcmp(mode
, "unsafe")) {
1068 *writethrough
= false;
1069 *flags
|= BDRV_O_NO_FLUSH
;
1070 } else if (!strcmp(mode
, "writethrough")) {
1071 *writethrough
= true;
1079 static char *bdrv_child_get_parent_desc(BdrvChild
*c
)
1081 BlockDriverState
*parent
= c
->opaque
;
1082 return g_strdup(bdrv_get_device_or_node_name(parent
));
1085 static void bdrv_child_cb_drained_begin(BdrvChild
*child
)
1087 BlockDriverState
*bs
= child
->opaque
;
1088 bdrv_do_drained_begin_quiesce(bs
, NULL
, false);
1091 static bool bdrv_child_cb_drained_poll(BdrvChild
*child
)
1093 BlockDriverState
*bs
= child
->opaque
;
1094 return bdrv_drain_poll(bs
, false, NULL
, false);
1097 static void bdrv_child_cb_drained_end(BdrvChild
*child
,
1098 int *drained_end_counter
)
1100 BlockDriverState
*bs
= child
->opaque
;
1101 bdrv_drained_end_no_poll(bs
, drained_end_counter
);
1104 static int bdrv_child_cb_inactivate(BdrvChild
*child
)
1106 BlockDriverState
*bs
= child
->opaque
;
1107 assert(bs
->open_flags
& BDRV_O_INACTIVE
);
1111 static bool bdrv_child_cb_can_set_aio_ctx(BdrvChild
*child
, AioContext
*ctx
,
1112 GSList
**ignore
, Error
**errp
)
1114 BlockDriverState
*bs
= child
->opaque
;
1115 return bdrv_can_set_aio_context(bs
, ctx
, ignore
, errp
);
1118 static void bdrv_child_cb_set_aio_ctx(BdrvChild
*child
, AioContext
*ctx
,
1121 BlockDriverState
*bs
= child
->opaque
;
1122 return bdrv_set_aio_context_ignore(bs
, ctx
, ignore
);
1126 * Returns the options and flags that a temporary snapshot should get, based on
1127 * the originally requested flags (the originally requested image will have
1128 * flags like a backing file)
1130 static void bdrv_temp_snapshot_options(int *child_flags
, QDict
*child_options
,
1131 int parent_flags
, QDict
*parent_options
)
1133 *child_flags
= (parent_flags
& ~BDRV_O_SNAPSHOT
) | BDRV_O_TEMPORARY
;
1135 /* For temporary files, unconditional cache=unsafe is fine */
1136 qdict_set_default_str(child_options
, BDRV_OPT_CACHE_DIRECT
, "off");
1137 qdict_set_default_str(child_options
, BDRV_OPT_CACHE_NO_FLUSH
, "on");
1139 /* Copy the read-only and discard options from the parent */
1140 qdict_copy_default(child_options
, parent_options
, BDRV_OPT_READ_ONLY
);
1141 qdict_copy_default(child_options
, parent_options
, BDRV_OPT_DISCARD
);
1143 /* aio=native doesn't work for cache.direct=off, so disable it for the
1144 * temporary snapshot */
1145 *child_flags
&= ~BDRV_O_NATIVE_AIO
;
1149 * Returns the options and flags that bs->file should get if a protocol driver
1150 * is expected, based on the given options and flags for the parent BDS
1152 static void bdrv_protocol_options(BdrvChildRole role
, bool parent_is_format
,
1153 int *child_flags
, QDict
*child_options
,
1154 int parent_flags
, QDict
*parent_options
)
1156 bdrv_inherited_options(BDRV_CHILD_IMAGE
, true,
1157 child_flags
, child_options
,
1158 parent_flags
, parent_options
);
1161 const BdrvChildClass child_file
= {
1162 .parent_is_bds
= true,
1163 .get_parent_desc
= bdrv_child_get_parent_desc
,
1164 .inherit_options
= bdrv_protocol_options
,
1165 .drained_begin
= bdrv_child_cb_drained_begin
,
1166 .drained_poll
= bdrv_child_cb_drained_poll
,
1167 .drained_end
= bdrv_child_cb_drained_end
,
1168 .attach
= bdrv_child_cb_attach
,
1169 .detach
= bdrv_child_cb_detach
,
1170 .inactivate
= bdrv_child_cb_inactivate
,
1171 .can_set_aio_ctx
= bdrv_child_cb_can_set_aio_ctx
,
1172 .set_aio_ctx
= bdrv_child_cb_set_aio_ctx
,
1175 static void bdrv_backing_attach(BdrvChild
*c
)
1177 BlockDriverState
*parent
= c
->opaque
;
1178 BlockDriverState
*backing_hd
= c
->bs
;
1180 assert(!parent
->backing_blocker
);
1181 error_setg(&parent
->backing_blocker
,
1182 "node is used as backing hd of '%s'",
1183 bdrv_get_device_or_node_name(parent
));
1185 bdrv_refresh_filename(backing_hd
);
1187 parent
->open_flags
&= ~BDRV_O_NO_BACKING
;
1188 pstrcpy(parent
->backing_file
, sizeof(parent
->backing_file
),
1189 backing_hd
->filename
);
1190 pstrcpy(parent
->backing_format
, sizeof(parent
->backing_format
),
1191 backing_hd
->drv
? backing_hd
->drv
->format_name
: "");
1193 bdrv_op_block_all(backing_hd
, parent
->backing_blocker
);
1194 /* Otherwise we won't be able to commit or stream */
1195 bdrv_op_unblock(backing_hd
, BLOCK_OP_TYPE_COMMIT_TARGET
,
1196 parent
->backing_blocker
);
1197 bdrv_op_unblock(backing_hd
, BLOCK_OP_TYPE_STREAM
,
1198 parent
->backing_blocker
);
1200 * We do backup in 3 ways:
1202 * The target bs is new opened, and the source is top BDS
1203 * 2. blockdev backup
1204 * Both the source and the target are top BDSes.
1205 * 3. internal backup(used for block replication)
1206 * Both the source and the target are backing file
1208 * In case 1 and 2, neither the source nor the target is the backing file.
1209 * In case 3, we will block the top BDS, so there is only one block job
1210 * for the top BDS and its backing chain.
1212 bdrv_op_unblock(backing_hd
, BLOCK_OP_TYPE_BACKUP_SOURCE
,
1213 parent
->backing_blocker
);
1214 bdrv_op_unblock(backing_hd
, BLOCK_OP_TYPE_BACKUP_TARGET
,
1215 parent
->backing_blocker
);
1218 static void bdrv_backing_detach(BdrvChild
*c
)
1220 BlockDriverState
*parent
= c
->opaque
;
1222 assert(parent
->backing_blocker
);
1223 bdrv_op_unblock_all(c
->bs
, parent
->backing_blocker
);
1224 error_free(parent
->backing_blocker
);
1225 parent
->backing_blocker
= NULL
;
1228 static int bdrv_backing_update_filename(BdrvChild
*c
, BlockDriverState
*base
,
1229 const char *filename
, Error
**errp
)
1231 BlockDriverState
*parent
= c
->opaque
;
1232 bool read_only
= bdrv_is_read_only(parent
);
1236 ret
= bdrv_reopen_set_read_only(parent
, false, errp
);
1242 ret
= bdrv_change_backing_file(parent
, filename
,
1243 base
->drv
? base
->drv
->format_name
: "");
1245 error_setg_errno(errp
, -ret
, "Could not update backing file link");
1249 bdrv_reopen_set_read_only(parent
, true, NULL
);
1256 * Returns the options and flags that a generic child of a BDS should
1257 * get, based on the given options and flags for the parent BDS.
1259 static void bdrv_inherited_options(BdrvChildRole role
, bool parent_is_format
,
1260 int *child_flags
, QDict
*child_options
,
1261 int parent_flags
, QDict
*parent_options
)
1263 int flags
= parent_flags
;
1266 * First, decide whether to set, clear, or leave BDRV_O_PROTOCOL.
1267 * Generally, the question to answer is: Should this child be
1268 * format-probed by default?
1272 * Pure and non-filtered data children of non-format nodes should
1273 * be probed by default (even when the node itself has BDRV_O_PROTOCOL
1274 * set). This only affects a very limited set of drivers (namely
1275 * quorum and blkverify when this comment was written).
1276 * Force-clear BDRV_O_PROTOCOL then.
1278 if (!parent_is_format
&&
1279 (role
& BDRV_CHILD_DATA
) &&
1280 !(role
& (BDRV_CHILD_METADATA
| BDRV_CHILD_FILTERED
)))
1282 flags
&= ~BDRV_O_PROTOCOL
;
1286 * All children of format nodes (except for COW children) and all
1287 * metadata children in general should never be format-probed.
1288 * Force-set BDRV_O_PROTOCOL then.
1290 if ((parent_is_format
&& !(role
& BDRV_CHILD_COW
)) ||
1291 (role
& BDRV_CHILD_METADATA
))
1293 flags
|= BDRV_O_PROTOCOL
;
1297 * If the cache mode isn't explicitly set, inherit direct and no-flush from
1300 qdict_copy_default(child_options
, parent_options
, BDRV_OPT_CACHE_DIRECT
);
1301 qdict_copy_default(child_options
, parent_options
, BDRV_OPT_CACHE_NO_FLUSH
);
1302 qdict_copy_default(child_options
, parent_options
, BDRV_OPT_FORCE_SHARE
);
1304 if (role
& BDRV_CHILD_COW
) {
1305 /* backing files are opened read-only by default */
1306 qdict_set_default_str(child_options
, BDRV_OPT_READ_ONLY
, "on");
1307 qdict_set_default_str(child_options
, BDRV_OPT_AUTO_READ_ONLY
, "off");
1309 /* Inherit the read-only option from the parent if it's not set */
1310 qdict_copy_default(child_options
, parent_options
, BDRV_OPT_READ_ONLY
);
1311 qdict_copy_default(child_options
, parent_options
,
1312 BDRV_OPT_AUTO_READ_ONLY
);
1316 * bdrv_co_pdiscard() respects unmap policy for the parent, so we
1317 * can default to enable it on lower layers regardless of the
1320 qdict_set_default_str(child_options
, BDRV_OPT_DISCARD
, "unmap");
1322 /* Clear flags that only apply to the top layer */
1323 flags
&= ~(BDRV_O_SNAPSHOT
| BDRV_O_NO_BACKING
| BDRV_O_COPY_ON_READ
);
1325 if (role
& BDRV_CHILD_METADATA
) {
1326 flags
&= ~BDRV_O_NO_IO
;
1328 if (role
& BDRV_CHILD_COW
) {
1329 flags
&= ~BDRV_O_TEMPORARY
;
1332 *child_flags
= flags
;
1335 static void bdrv_child_cb_attach(BdrvChild
*child
)
1337 BlockDriverState
*bs
= child
->opaque
;
1339 if (child
->role
& BDRV_CHILD_COW
) {
1340 bdrv_backing_attach(child
);
1343 bdrv_apply_subtree_drain(child
, bs
);
1346 static void bdrv_child_cb_detach(BdrvChild
*child
)
1348 BlockDriverState
*bs
= child
->opaque
;
1350 if (child
->role
& BDRV_CHILD_COW
) {
1351 bdrv_backing_detach(child
);
1354 bdrv_unapply_subtree_drain(child
, bs
);
1357 static int bdrv_child_cb_update_filename(BdrvChild
*c
, BlockDriverState
*base
,
1358 const char *filename
, Error
**errp
)
1360 if (c
->role
& BDRV_CHILD_COW
) {
1361 return bdrv_backing_update_filename(c
, base
, filename
, errp
);
1366 const BdrvChildClass child_of_bds
= {
1367 .parent_is_bds
= true,
1368 .get_parent_desc
= bdrv_child_get_parent_desc
,
1369 .inherit_options
= bdrv_inherited_options
,
1370 .drained_begin
= bdrv_child_cb_drained_begin
,
1371 .drained_poll
= bdrv_child_cb_drained_poll
,
1372 .drained_end
= bdrv_child_cb_drained_end
,
1373 .attach
= bdrv_child_cb_attach
,
1374 .detach
= bdrv_child_cb_detach
,
1375 .inactivate
= bdrv_child_cb_inactivate
,
1376 .can_set_aio_ctx
= bdrv_child_cb_can_set_aio_ctx
,
1377 .set_aio_ctx
= bdrv_child_cb_set_aio_ctx
,
1378 .update_filename
= bdrv_child_cb_update_filename
,
1381 static int bdrv_open_flags(BlockDriverState
*bs
, int flags
)
1383 int open_flags
= flags
;
1386 * Clear flags that are internal to the block layer before opening the
1389 open_flags
&= ~(BDRV_O_SNAPSHOT
| BDRV_O_NO_BACKING
| BDRV_O_PROTOCOL
);
1394 static void update_flags_from_options(int *flags
, QemuOpts
*opts
)
1396 *flags
&= ~(BDRV_O_CACHE_MASK
| BDRV_O_RDWR
| BDRV_O_AUTO_RDONLY
);
1398 if (qemu_opt_get_bool_del(opts
, BDRV_OPT_CACHE_NO_FLUSH
, false)) {
1399 *flags
|= BDRV_O_NO_FLUSH
;
1402 if (qemu_opt_get_bool_del(opts
, BDRV_OPT_CACHE_DIRECT
, false)) {
1403 *flags
|= BDRV_O_NOCACHE
;
1406 if (!qemu_opt_get_bool_del(opts
, BDRV_OPT_READ_ONLY
, false)) {
1407 *flags
|= BDRV_O_RDWR
;
1410 if (qemu_opt_get_bool_del(opts
, BDRV_OPT_AUTO_READ_ONLY
, false)) {
1411 *flags
|= BDRV_O_AUTO_RDONLY
;
1415 static void update_options_from_flags(QDict
*options
, int flags
)
1417 if (!qdict_haskey(options
, BDRV_OPT_CACHE_DIRECT
)) {
1418 qdict_put_bool(options
, BDRV_OPT_CACHE_DIRECT
, flags
& BDRV_O_NOCACHE
);
1420 if (!qdict_haskey(options
, BDRV_OPT_CACHE_NO_FLUSH
)) {
1421 qdict_put_bool(options
, BDRV_OPT_CACHE_NO_FLUSH
,
1422 flags
& BDRV_O_NO_FLUSH
);
1424 if (!qdict_haskey(options
, BDRV_OPT_READ_ONLY
)) {
1425 qdict_put_bool(options
, BDRV_OPT_READ_ONLY
, !(flags
& BDRV_O_RDWR
));
1427 if (!qdict_haskey(options
, BDRV_OPT_AUTO_READ_ONLY
)) {
1428 qdict_put_bool(options
, BDRV_OPT_AUTO_READ_ONLY
,
1429 flags
& BDRV_O_AUTO_RDONLY
);
1433 static void bdrv_assign_node_name(BlockDriverState
*bs
,
1434 const char *node_name
,
1437 char *gen_node_name
= NULL
;
1440 node_name
= gen_node_name
= id_generate(ID_BLOCK
);
1441 } else if (!id_wellformed(node_name
)) {
1443 * Check for empty string or invalid characters, but not if it is
1444 * generated (generated names use characters not available to the user)
1446 error_setg(errp
, "Invalid node name");
1450 /* takes care of avoiding namespaces collisions */
1451 if (blk_by_name(node_name
)) {
1452 error_setg(errp
, "node-name=%s is conflicting with a device id",
1457 /* takes care of avoiding duplicates node names */
1458 if (bdrv_find_node(node_name
)) {
1459 error_setg(errp
, "Duplicate node name");
1463 /* Make sure that the node name isn't truncated */
1464 if (strlen(node_name
) >= sizeof(bs
->node_name
)) {
1465 error_setg(errp
, "Node name too long");
1469 /* copy node name into the bs and insert it into the graph list */
1470 pstrcpy(bs
->node_name
, sizeof(bs
->node_name
), node_name
);
1471 QTAILQ_INSERT_TAIL(&graph_bdrv_states
, bs
, node_list
);
1473 g_free(gen_node_name
);
1476 static int bdrv_open_driver(BlockDriverState
*bs
, BlockDriver
*drv
,
1477 const char *node_name
, QDict
*options
,
1478 int open_flags
, Error
**errp
)
1480 Error
*local_err
= NULL
;
1483 bdrv_assign_node_name(bs
, node_name
, &local_err
);
1485 error_propagate(errp
, local_err
);
1490 bs
->read_only
= !(bs
->open_flags
& BDRV_O_RDWR
);
1491 bs
->opaque
= g_malloc0(drv
->instance_size
);
1493 if (drv
->bdrv_file_open
) {
1494 assert(!drv
->bdrv_needs_filename
|| bs
->filename
[0]);
1495 ret
= drv
->bdrv_file_open(bs
, options
, open_flags
, &local_err
);
1496 } else if (drv
->bdrv_open
) {
1497 ret
= drv
->bdrv_open(bs
, options
, open_flags
, &local_err
);
1504 error_propagate(errp
, local_err
);
1505 } else if (bs
->filename
[0]) {
1506 error_setg_errno(errp
, -ret
, "Could not open '%s'", bs
->filename
);
1508 error_setg_errno(errp
, -ret
, "Could not open image");
1513 ret
= refresh_total_sectors(bs
, bs
->total_sectors
);
1515 error_setg_errno(errp
, -ret
, "Could not refresh total sector count");
1519 bdrv_refresh_limits(bs
, &local_err
);
1521 error_propagate(errp
, local_err
);
1525 assert(bdrv_opt_mem_align(bs
) != 0);
1526 assert(bdrv_min_mem_align(bs
) != 0);
1527 assert(is_power_of_2(bs
->bl
.request_alignment
));
1529 for (i
= 0; i
< bs
->quiesce_counter
; i
++) {
1530 if (drv
->bdrv_co_drain_begin
) {
1531 drv
->bdrv_co_drain_begin(bs
);
1538 if (bs
->file
!= NULL
) {
1539 bdrv_unref_child(bs
, bs
->file
);
1547 BlockDriverState
*bdrv_new_open_driver(BlockDriver
*drv
, const char *node_name
,
1548 int flags
, Error
**errp
)
1550 BlockDriverState
*bs
;
1554 bs
->open_flags
= flags
;
1555 bs
->explicit_options
= qdict_new();
1556 bs
->options
= qdict_new();
1559 update_options_from_flags(bs
->options
, flags
);
1561 ret
= bdrv_open_driver(bs
, drv
, node_name
, bs
->options
, flags
, errp
);
1563 qobject_unref(bs
->explicit_options
);
1564 bs
->explicit_options
= NULL
;
1565 qobject_unref(bs
->options
);
1574 QemuOptsList bdrv_runtime_opts
= {
1575 .name
= "bdrv_common",
1576 .head
= QTAILQ_HEAD_INITIALIZER(bdrv_runtime_opts
.head
),
1579 .name
= "node-name",
1580 .type
= QEMU_OPT_STRING
,
1581 .help
= "Node name of the block device node",
1585 .type
= QEMU_OPT_STRING
,
1586 .help
= "Block driver to use for the node",
1589 .name
= BDRV_OPT_CACHE_DIRECT
,
1590 .type
= QEMU_OPT_BOOL
,
1591 .help
= "Bypass software writeback cache on the host",
1594 .name
= BDRV_OPT_CACHE_NO_FLUSH
,
1595 .type
= QEMU_OPT_BOOL
,
1596 .help
= "Ignore flush requests",
1599 .name
= BDRV_OPT_READ_ONLY
,
1600 .type
= QEMU_OPT_BOOL
,
1601 .help
= "Node is opened in read-only mode",
1604 .name
= BDRV_OPT_AUTO_READ_ONLY
,
1605 .type
= QEMU_OPT_BOOL
,
1606 .help
= "Node can become read-only if opening read-write fails",
1609 .name
= "detect-zeroes",
1610 .type
= QEMU_OPT_STRING
,
1611 .help
= "try to optimize zero writes (off, on, unmap)",
1614 .name
= BDRV_OPT_DISCARD
,
1615 .type
= QEMU_OPT_STRING
,
1616 .help
= "discard operation (ignore/off, unmap/on)",
1619 .name
= BDRV_OPT_FORCE_SHARE
,
1620 .type
= QEMU_OPT_BOOL
,
1621 .help
= "always accept other writers (default: off)",
1623 { /* end of list */ }
1627 QemuOptsList bdrv_create_opts_simple
= {
1628 .name
= "simple-create-opts",
1629 .head
= QTAILQ_HEAD_INITIALIZER(bdrv_create_opts_simple
.head
),
1632 .name
= BLOCK_OPT_SIZE
,
1633 .type
= QEMU_OPT_SIZE
,
1634 .help
= "Virtual disk size"
1637 .name
= BLOCK_OPT_PREALLOC
,
1638 .type
= QEMU_OPT_STRING
,
1639 .help
= "Preallocation mode (allowed values: off)"
1641 { /* end of list */ }
1646 * Common part for opening disk images and files
1648 * Removes all processed options from *options.
1650 static int bdrv_open_common(BlockDriverState
*bs
, BlockBackend
*file
,
1651 QDict
*options
, Error
**errp
)
1653 int ret
, open_flags
;
1654 const char *filename
;
1655 const char *driver_name
= NULL
;
1656 const char *node_name
= NULL
;
1657 const char *discard
;
1660 Error
*local_err
= NULL
;
1662 assert(bs
->file
== NULL
);
1663 assert(options
!= NULL
&& bs
->options
!= options
);
1665 opts
= qemu_opts_create(&bdrv_runtime_opts
, NULL
, 0, &error_abort
);
1666 qemu_opts_absorb_qdict(opts
, options
, &local_err
);
1668 error_propagate(errp
, local_err
);
1673 update_flags_from_options(&bs
->open_flags
, opts
);
1675 driver_name
= qemu_opt_get(opts
, "driver");
1676 drv
= bdrv_find_format(driver_name
);
1677 assert(drv
!= NULL
);
1679 bs
->force_share
= qemu_opt_get_bool(opts
, BDRV_OPT_FORCE_SHARE
, false);
1681 if (bs
->force_share
&& (bs
->open_flags
& BDRV_O_RDWR
)) {
1683 BDRV_OPT_FORCE_SHARE
1684 "=on can only be used with read-only images");
1690 bdrv_refresh_filename(blk_bs(file
));
1691 filename
= blk_bs(file
)->filename
;
1694 * Caution: while qdict_get_try_str() is fine, getting
1695 * non-string types would require more care. When @options
1696 * come from -blockdev or blockdev_add, its members are typed
1697 * according to the QAPI schema, but when they come from
1698 * -drive, they're all QString.
1700 filename
= qdict_get_try_str(options
, "filename");
1703 if (drv
->bdrv_needs_filename
&& (!filename
|| !filename
[0])) {
1704 error_setg(errp
, "The '%s' block driver requires a file name",
1710 trace_bdrv_open_common(bs
, filename
?: "", bs
->open_flags
,
1713 bs
->read_only
= !(bs
->open_flags
& BDRV_O_RDWR
);
1715 if (use_bdrv_whitelist
&& !bdrv_is_whitelisted(drv
, bs
->read_only
)) {
1716 if (!bs
->read_only
&& bdrv_is_whitelisted(drv
, true)) {
1717 ret
= bdrv_apply_auto_read_only(bs
, NULL
, NULL
);
1723 !bs
->read_only
&& bdrv_is_whitelisted(drv
, true)
1724 ? "Driver '%s' can only be used for read-only devices"
1725 : "Driver '%s' is not whitelisted",
1731 /* bdrv_new() and bdrv_close() make it so */
1732 assert(atomic_read(&bs
->copy_on_read
) == 0);
1734 if (bs
->open_flags
& BDRV_O_COPY_ON_READ
) {
1735 if (!bs
->read_only
) {
1736 bdrv_enable_copy_on_read(bs
);
1738 error_setg(errp
, "Can't use copy-on-read on read-only device");
1744 discard
= qemu_opt_get(opts
, BDRV_OPT_DISCARD
);
1745 if (discard
!= NULL
) {
1746 if (bdrv_parse_discard_flags(discard
, &bs
->open_flags
) != 0) {
1747 error_setg(errp
, "Invalid discard option");
1754 bdrv_parse_detect_zeroes(opts
, bs
->open_flags
, &local_err
);
1756 error_propagate(errp
, local_err
);
1761 if (filename
!= NULL
) {
1762 pstrcpy(bs
->filename
, sizeof(bs
->filename
), filename
);
1764 bs
->filename
[0] = '\0';
1766 pstrcpy(bs
->exact_filename
, sizeof(bs
->exact_filename
), bs
->filename
);
1768 /* Open the image, either directly or using a protocol */
1769 open_flags
= bdrv_open_flags(bs
, bs
->open_flags
);
1770 node_name
= qemu_opt_get(opts
, "node-name");
1772 assert(!drv
->bdrv_file_open
|| file
== NULL
);
1773 ret
= bdrv_open_driver(bs
, drv
, node_name
, options
, open_flags
, errp
);
1778 qemu_opts_del(opts
);
1782 qemu_opts_del(opts
);
1786 static QDict
*parse_json_filename(const char *filename
, Error
**errp
)
1788 QObject
*options_obj
;
1792 ret
= strstart(filename
, "json:", &filename
);
1795 options_obj
= qobject_from_json(filename
, errp
);
1797 error_prepend(errp
, "Could not parse the JSON options: ");
1801 options
= qobject_to(QDict
, options_obj
);
1803 qobject_unref(options_obj
);
1804 error_setg(errp
, "Invalid JSON object given");
1808 qdict_flatten(options
);
1813 static void parse_json_protocol(QDict
*options
, const char **pfilename
,
1816 QDict
*json_options
;
1817 Error
*local_err
= NULL
;
1819 /* Parse json: pseudo-protocol */
1820 if (!*pfilename
|| !g_str_has_prefix(*pfilename
, "json:")) {
1824 json_options
= parse_json_filename(*pfilename
, &local_err
);
1826 error_propagate(errp
, local_err
);
1830 /* Options given in the filename have lower priority than options
1831 * specified directly */
1832 qdict_join(options
, json_options
, false);
1833 qobject_unref(json_options
);
1838 * Fills in default options for opening images and converts the legacy
1839 * filename/flags pair to option QDict entries.
1840 * The BDRV_O_PROTOCOL flag in *flags will be set or cleared accordingly if a
1841 * block driver has been specified explicitly.
1843 static int bdrv_fill_options(QDict
**options
, const char *filename
,
1844 int *flags
, Error
**errp
)
1846 const char *drvname
;
1847 bool protocol
= *flags
& BDRV_O_PROTOCOL
;
1848 bool parse_filename
= false;
1849 BlockDriver
*drv
= NULL
;
1850 Error
*local_err
= NULL
;
1853 * Caution: while qdict_get_try_str() is fine, getting non-string
1854 * types would require more care. When @options come from
1855 * -blockdev or blockdev_add, its members are typed according to
1856 * the QAPI schema, but when they come from -drive, they're all
1859 drvname
= qdict_get_try_str(*options
, "driver");
1861 drv
= bdrv_find_format(drvname
);
1863 error_setg(errp
, "Unknown driver '%s'", drvname
);
1866 /* If the user has explicitly specified the driver, this choice should
1867 * override the BDRV_O_PROTOCOL flag */
1868 protocol
= drv
->bdrv_file_open
;
1872 *flags
|= BDRV_O_PROTOCOL
;
1874 *flags
&= ~BDRV_O_PROTOCOL
;
1877 /* Translate cache options from flags into options */
1878 update_options_from_flags(*options
, *flags
);
1880 /* Fetch the file name from the options QDict if necessary */
1881 if (protocol
&& filename
) {
1882 if (!qdict_haskey(*options
, "filename")) {
1883 qdict_put_str(*options
, "filename", filename
);
1884 parse_filename
= true;
1886 error_setg(errp
, "Can't specify 'file' and 'filename' options at "
1892 /* Find the right block driver */
1893 /* See cautionary note on accessing @options above */
1894 filename
= qdict_get_try_str(*options
, "filename");
1896 if (!drvname
&& protocol
) {
1898 drv
= bdrv_find_protocol(filename
, parse_filename
, errp
);
1903 drvname
= drv
->format_name
;
1904 qdict_put_str(*options
, "driver", drvname
);
1906 error_setg(errp
, "Must specify either driver or file");
1911 assert(drv
|| !protocol
);
1913 /* Driver-specific filename parsing */
1914 if (drv
&& drv
->bdrv_parse_filename
&& parse_filename
) {
1915 drv
->bdrv_parse_filename(filename
, *options
, &local_err
);
1917 error_propagate(errp
, local_err
);
1921 if (!drv
->bdrv_needs_filename
) {
1922 qdict_del(*options
, "filename");
1929 static int bdrv_child_check_perm(BdrvChild
*c
, BlockReopenQueue
*q
,
1930 uint64_t perm
, uint64_t shared
,
1931 GSList
*ignore_children
,
1932 bool *tighten_restrictions
, Error
**errp
);
1933 static void bdrv_child_abort_perm_update(BdrvChild
*c
);
1934 static void bdrv_child_set_perm(BdrvChild
*c
, uint64_t perm
, uint64_t shared
);
1936 typedef struct BlockReopenQueueEntry
{
1939 BDRVReopenState state
;
1940 QTAILQ_ENTRY(BlockReopenQueueEntry
) entry
;
1941 } BlockReopenQueueEntry
;
1944 * Return the flags that @bs will have after the reopens in @q have
1945 * successfully completed. If @q is NULL (or @bs is not contained in @q),
1946 * return the current flags.
1948 static int bdrv_reopen_get_flags(BlockReopenQueue
*q
, BlockDriverState
*bs
)
1950 BlockReopenQueueEntry
*entry
;
1953 QTAILQ_FOREACH(entry
, q
, entry
) {
1954 if (entry
->state
.bs
== bs
) {
1955 return entry
->state
.flags
;
1960 return bs
->open_flags
;
1963 /* Returns whether the image file can be written to after the reopen queue @q
1964 * has been successfully applied, or right now if @q is NULL. */
1965 static bool bdrv_is_writable_after_reopen(BlockDriverState
*bs
,
1966 BlockReopenQueue
*q
)
1968 int flags
= bdrv_reopen_get_flags(q
, bs
);
1970 return (flags
& (BDRV_O_RDWR
| BDRV_O_INACTIVE
)) == BDRV_O_RDWR
;
1974 * Return whether the BDS can be written to. This is not necessarily
1975 * the same as !bdrv_is_read_only(bs), as inactivated images may not
1976 * be written to but do not count as read-only images.
1978 bool bdrv_is_writable(BlockDriverState
*bs
)
1980 return bdrv_is_writable_after_reopen(bs
, NULL
);
1983 static void bdrv_child_perm(BlockDriverState
*bs
, BlockDriverState
*child_bs
,
1984 BdrvChild
*c
, const BdrvChildClass
*child_class
,
1985 BdrvChildRole role
, BlockReopenQueue
*reopen_queue
,
1986 uint64_t parent_perm
, uint64_t parent_shared
,
1987 uint64_t *nperm
, uint64_t *nshared
)
1989 assert(bs
->drv
&& bs
->drv
->bdrv_child_perm
);
1990 bs
->drv
->bdrv_child_perm(bs
, c
, child_class
, role
, reopen_queue
,
1991 parent_perm
, parent_shared
,
1993 /* TODO Take force_share from reopen_queue */
1994 if (child_bs
&& child_bs
->force_share
) {
1995 *nshared
= BLK_PERM_ALL
;
2000 * Check whether permissions on this node can be changed in a way that
2001 * @cumulative_perms and @cumulative_shared_perms are the new cumulative
2002 * permissions of all its parents. This involves checking whether all necessary
2003 * permission changes to child nodes can be performed.
2005 * Will set *tighten_restrictions to true if and only if new permissions have to
2006 * be taken or currently shared permissions are to be unshared. Otherwise,
2007 * errors are not fatal as long as the caller accepts that the restrictions
2008 * remain tighter than they need to be. The caller still has to abort the
2010 * @tighten_restrictions cannot be used together with @q: When reopening, we may
2011 * encounter fatal errors even though no restrictions are to be tightened. For
2012 * example, changing a node from RW to RO will fail if the WRITE permission is
2015 * A call to this function must always be followed by a call to bdrv_set_perm()
2016 * or bdrv_abort_perm_update().
2018 static int bdrv_check_perm(BlockDriverState
*bs
, BlockReopenQueue
*q
,
2019 uint64_t cumulative_perms
,
2020 uint64_t cumulative_shared_perms
,
2021 GSList
*ignore_children
,
2022 bool *tighten_restrictions
, Error
**errp
)
2024 BlockDriver
*drv
= bs
->drv
;
2028 assert(!q
|| !tighten_restrictions
);
2030 if (tighten_restrictions
) {
2031 uint64_t current_perms
, current_shared
;
2032 uint64_t added_perms
, removed_shared_perms
;
2034 bdrv_get_cumulative_perm(bs
, ¤t_perms
, ¤t_shared
);
2036 added_perms
= cumulative_perms
& ~current_perms
;
2037 removed_shared_perms
= current_shared
& ~cumulative_shared_perms
;
2039 *tighten_restrictions
= added_perms
|| removed_shared_perms
;
2042 /* Write permissions never work with read-only images */
2043 if ((cumulative_perms
& (BLK_PERM_WRITE
| BLK_PERM_WRITE_UNCHANGED
)) &&
2044 !bdrv_is_writable_after_reopen(bs
, q
))
2046 if (!bdrv_is_writable_after_reopen(bs
, NULL
)) {
2047 error_setg(errp
, "Block node is read-only");
2049 uint64_t current_perms
, current_shared
;
2050 bdrv_get_cumulative_perm(bs
, ¤t_perms
, ¤t_shared
);
2051 if (current_perms
& (BLK_PERM_WRITE
| BLK_PERM_WRITE_UNCHANGED
)) {
2052 error_setg(errp
, "Cannot make block node read-only, there is "
2055 error_setg(errp
, "Cannot make block node read-only and create "
2063 /* Check this node */
2068 if (drv
->bdrv_check_perm
) {
2069 return drv
->bdrv_check_perm(bs
, cumulative_perms
,
2070 cumulative_shared_perms
, errp
);
2073 /* Drivers that never have children can omit .bdrv_child_perm() */
2074 if (!drv
->bdrv_child_perm
) {
2075 assert(QLIST_EMPTY(&bs
->children
));
2079 /* Check all children */
2080 QLIST_FOREACH(c
, &bs
->children
, next
) {
2081 uint64_t cur_perm
, cur_shared
;
2082 bool child_tighten_restr
;
2084 bdrv_child_perm(bs
, c
->bs
, c
, c
->klass
, c
->role
, q
,
2085 cumulative_perms
, cumulative_shared_perms
,
2086 &cur_perm
, &cur_shared
);
2087 ret
= bdrv_child_check_perm(c
, q
, cur_perm
, cur_shared
, ignore_children
,
2088 tighten_restrictions
? &child_tighten_restr
2091 if (tighten_restrictions
) {
2092 *tighten_restrictions
|= child_tighten_restr
;
2103 * Notifies drivers that after a previous bdrv_check_perm() call, the
2104 * permission update is not performed and any preparations made for it (e.g.
2105 * taken file locks) need to be undone.
2107 * This function recursively notifies all child nodes.
2109 static void bdrv_abort_perm_update(BlockDriverState
*bs
)
2111 BlockDriver
*drv
= bs
->drv
;
2118 if (drv
->bdrv_abort_perm_update
) {
2119 drv
->bdrv_abort_perm_update(bs
);
2122 QLIST_FOREACH(c
, &bs
->children
, next
) {
2123 bdrv_child_abort_perm_update(c
);
2127 static void bdrv_set_perm(BlockDriverState
*bs
, uint64_t cumulative_perms
,
2128 uint64_t cumulative_shared_perms
)
2130 BlockDriver
*drv
= bs
->drv
;
2137 /* Update this node */
2138 if (drv
->bdrv_set_perm
) {
2139 drv
->bdrv_set_perm(bs
, cumulative_perms
, cumulative_shared_perms
);
2142 /* Drivers that never have children can omit .bdrv_child_perm() */
2143 if (!drv
->bdrv_child_perm
) {
2144 assert(QLIST_EMPTY(&bs
->children
));
2148 /* Update all children */
2149 QLIST_FOREACH(c
, &bs
->children
, next
) {
2150 uint64_t cur_perm
, cur_shared
;
2151 bdrv_child_perm(bs
, c
->bs
, c
, c
->klass
, c
->role
, NULL
,
2152 cumulative_perms
, cumulative_shared_perms
,
2153 &cur_perm
, &cur_shared
);
2154 bdrv_child_set_perm(c
, cur_perm
, cur_shared
);
2158 void bdrv_get_cumulative_perm(BlockDriverState
*bs
, uint64_t *perm
,
2159 uint64_t *shared_perm
)
2162 uint64_t cumulative_perms
= 0;
2163 uint64_t cumulative_shared_perms
= BLK_PERM_ALL
;
2165 QLIST_FOREACH(c
, &bs
->parents
, next_parent
) {
2166 cumulative_perms
|= c
->perm
;
2167 cumulative_shared_perms
&= c
->shared_perm
;
2170 *perm
= cumulative_perms
;
2171 *shared_perm
= cumulative_shared_perms
;
2174 static char *bdrv_child_user_desc(BdrvChild
*c
)
2176 if (c
->klass
->get_parent_desc
) {
2177 return c
->klass
->get_parent_desc(c
);
2180 return g_strdup("another user");
2183 char *bdrv_perm_names(uint64_t perm
)
2189 { BLK_PERM_CONSISTENT_READ
, "consistent read" },
2190 { BLK_PERM_WRITE
, "write" },
2191 { BLK_PERM_WRITE_UNCHANGED
, "write unchanged" },
2192 { BLK_PERM_RESIZE
, "resize" },
2193 { BLK_PERM_GRAPH_MOD
, "change children" },
2197 GString
*result
= g_string_sized_new(30);
2198 struct perm_name
*p
;
2200 for (p
= permissions
; p
->name
; p
++) {
2201 if (perm
& p
->perm
) {
2202 if (result
->len
> 0) {
2203 g_string_append(result
, ", ");
2205 g_string_append(result
, p
->name
);
2209 return g_string_free(result
, FALSE
);
2213 * Checks whether a new reference to @bs can be added if the new user requires
2214 * @new_used_perm/@new_shared_perm as its permissions. If @ignore_children is
2215 * set, the BdrvChild objects in this list are ignored in the calculations;
2216 * this allows checking permission updates for an existing reference.
2218 * See bdrv_check_perm() for the semantics of @tighten_restrictions.
2220 * Needs to be followed by a call to either bdrv_set_perm() or
2221 * bdrv_abort_perm_update(). */
2222 static int bdrv_check_update_perm(BlockDriverState
*bs
, BlockReopenQueue
*q
,
2223 uint64_t new_used_perm
,
2224 uint64_t new_shared_perm
,
2225 GSList
*ignore_children
,
2226 bool *tighten_restrictions
,
2230 uint64_t cumulative_perms
= new_used_perm
;
2231 uint64_t cumulative_shared_perms
= new_shared_perm
;
2233 assert(!q
|| !tighten_restrictions
);
2235 /* There is no reason why anyone couldn't tolerate write_unchanged */
2236 assert(new_shared_perm
& BLK_PERM_WRITE_UNCHANGED
);
2238 QLIST_FOREACH(c
, &bs
->parents
, next_parent
) {
2239 if (g_slist_find(ignore_children
, c
)) {
2243 if ((new_used_perm
& c
->shared_perm
) != new_used_perm
) {
2244 char *user
= bdrv_child_user_desc(c
);
2245 char *perm_names
= bdrv_perm_names(new_used_perm
& ~c
->shared_perm
);
2247 if (tighten_restrictions
) {
2248 *tighten_restrictions
= true;
2251 error_setg(errp
, "Conflicts with use by %s as '%s', which does not "
2253 user
, c
->name
, perm_names
, bdrv_get_node_name(c
->bs
));
2259 if ((c
->perm
& new_shared_perm
) != c
->perm
) {
2260 char *user
= bdrv_child_user_desc(c
);
2261 char *perm_names
= bdrv_perm_names(c
->perm
& ~new_shared_perm
);
2263 if (tighten_restrictions
) {
2264 *tighten_restrictions
= true;
2267 error_setg(errp
, "Conflicts with use by %s as '%s', which uses "
2269 user
, c
->name
, perm_names
, bdrv_get_node_name(c
->bs
));
2275 cumulative_perms
|= c
->perm
;
2276 cumulative_shared_perms
&= c
->shared_perm
;
2279 return bdrv_check_perm(bs
, q
, cumulative_perms
, cumulative_shared_perms
,
2280 ignore_children
, tighten_restrictions
, errp
);
2283 /* Needs to be followed by a call to either bdrv_child_set_perm() or
2284 * bdrv_child_abort_perm_update(). */
2285 static int bdrv_child_check_perm(BdrvChild
*c
, BlockReopenQueue
*q
,
2286 uint64_t perm
, uint64_t shared
,
2287 GSList
*ignore_children
,
2288 bool *tighten_restrictions
, Error
**errp
)
2292 ignore_children
= g_slist_prepend(g_slist_copy(ignore_children
), c
);
2293 ret
= bdrv_check_update_perm(c
->bs
, q
, perm
, shared
, ignore_children
,
2294 tighten_restrictions
, errp
);
2295 g_slist_free(ignore_children
);
2301 if (!c
->has_backup_perm
) {
2302 c
->has_backup_perm
= true;
2303 c
->backup_perm
= c
->perm
;
2304 c
->backup_shared_perm
= c
->shared_perm
;
2307 * Note: it's OK if c->has_backup_perm was already set, as we can find the
2308 * same child twice during check_perm procedure
2312 c
->shared_perm
= shared
;
2317 static void bdrv_child_set_perm(BdrvChild
*c
, uint64_t perm
, uint64_t shared
)
2319 uint64_t cumulative_perms
, cumulative_shared_perms
;
2321 c
->has_backup_perm
= false;
2324 c
->shared_perm
= shared
;
2326 bdrv_get_cumulative_perm(c
->bs
, &cumulative_perms
,
2327 &cumulative_shared_perms
);
2328 bdrv_set_perm(c
->bs
, cumulative_perms
, cumulative_shared_perms
);
2331 static void bdrv_child_abort_perm_update(BdrvChild
*c
)
2333 if (c
->has_backup_perm
) {
2334 c
->perm
= c
->backup_perm
;
2335 c
->shared_perm
= c
->backup_shared_perm
;
2336 c
->has_backup_perm
= false;
2339 bdrv_abort_perm_update(c
->bs
);
2342 int bdrv_child_try_set_perm(BdrvChild
*c
, uint64_t perm
, uint64_t shared
,
2345 Error
*local_err
= NULL
;
2347 bool tighten_restrictions
;
2349 ret
= bdrv_child_check_perm(c
, NULL
, perm
, shared
, NULL
,
2350 &tighten_restrictions
, &local_err
);
2352 bdrv_child_abort_perm_update(c
);
2353 if (tighten_restrictions
) {
2354 error_propagate(errp
, local_err
);
2357 * Our caller may intend to only loosen restrictions and
2358 * does not expect this function to fail. Errors are not
2359 * fatal in such a case, so we can just hide them from our
2362 error_free(local_err
);
2368 bdrv_child_set_perm(c
, perm
, shared
);
2373 int bdrv_child_refresh_perms(BlockDriverState
*bs
, BdrvChild
*c
, Error
**errp
)
2375 uint64_t parent_perms
, parent_shared
;
2376 uint64_t perms
, shared
;
2378 bdrv_get_cumulative_perm(bs
, &parent_perms
, &parent_shared
);
2379 bdrv_child_perm(bs
, c
->bs
, c
, c
->klass
, c
->role
, NULL
,
2380 parent_perms
, parent_shared
, &perms
, &shared
);
2382 return bdrv_child_try_set_perm(c
, perms
, shared
, errp
);
2385 void bdrv_filter_default_perms(BlockDriverState
*bs
, BdrvChild
*c
,
2386 const BdrvChildClass
*child_class
,
2388 BlockReopenQueue
*reopen_queue
,
2389 uint64_t perm
, uint64_t shared
,
2390 uint64_t *nperm
, uint64_t *nshared
)
2392 *nperm
= perm
& DEFAULT_PERM_PASSTHROUGH
;
2393 *nshared
= (shared
& DEFAULT_PERM_PASSTHROUGH
) | DEFAULT_PERM_UNCHANGED
;
2396 static void bdrv_default_perms_for_cow(BlockDriverState
*bs
, BdrvChild
*c
,
2397 const BdrvChildClass
*child_class
,
2399 BlockReopenQueue
*reopen_queue
,
2400 uint64_t perm
, uint64_t shared
,
2401 uint64_t *nperm
, uint64_t *nshared
)
2403 assert(child_class
== &child_of_bds
&& (role
& BDRV_CHILD_COW
));
2406 * We want consistent read from backing files if the parent needs it.
2407 * No other operations are performed on backing files.
2409 perm
&= BLK_PERM_CONSISTENT_READ
;
2412 * If the parent can deal with changing data, we're okay with a
2413 * writable and resizable backing file.
2414 * TODO Require !(perm & BLK_PERM_CONSISTENT_READ), too?
2416 if (shared
& BLK_PERM_WRITE
) {
2417 shared
= BLK_PERM_WRITE
| BLK_PERM_RESIZE
;
2422 shared
|= BLK_PERM_CONSISTENT_READ
| BLK_PERM_GRAPH_MOD
|
2423 BLK_PERM_WRITE_UNCHANGED
;
2425 if (bs
->open_flags
& BDRV_O_INACTIVE
) {
2426 shared
|= BLK_PERM_WRITE
| BLK_PERM_RESIZE
;
2433 static void bdrv_default_perms_for_storage(BlockDriverState
*bs
, BdrvChild
*c
,
2434 const BdrvChildClass
*child_class
,
2436 BlockReopenQueue
*reopen_queue
,
2437 uint64_t perm
, uint64_t shared
,
2438 uint64_t *nperm
, uint64_t *nshared
)
2442 assert(child_class
== &child_file
||
2443 (child_class
== &child_of_bds
&&
2444 (role
& (BDRV_CHILD_METADATA
| BDRV_CHILD_DATA
))));
2446 flags
= bdrv_reopen_get_flags(reopen_queue
, bs
);
2449 * Apart from the modifications below, the same permissions are
2450 * forwarded and left alone as for filters
2452 bdrv_filter_default_perms(bs
, c
, child_class
, role
, reopen_queue
,
2453 perm
, shared
, &perm
, &shared
);
2455 if (role
& BDRV_CHILD_METADATA
) {
2456 /* Format drivers may touch metadata even if the guest doesn't write */
2457 if (bdrv_is_writable_after_reopen(bs
, reopen_queue
)) {
2458 perm
|= BLK_PERM_WRITE
| BLK_PERM_RESIZE
;
2462 * bs->file always needs to be consistent because of the
2463 * metadata. We can never allow other users to resize or write
2466 if (!(flags
& BDRV_O_NO_IO
)) {
2467 perm
|= BLK_PERM_CONSISTENT_READ
;
2469 shared
&= ~(BLK_PERM_WRITE
| BLK_PERM_RESIZE
);
2472 if (role
& BDRV_CHILD_DATA
) {
2474 * Technically, everything in this block is a subset of the
2475 * BDRV_CHILD_METADATA path taken above, and so this could
2476 * be an "else if" branch. However, that is not obvious, and
2477 * this function is not performance critical, therefore we let
2478 * this be an independent "if".
2482 * We cannot allow other users to resize the file because the
2483 * format driver might have some assumptions about the size
2484 * (e.g. because it is stored in metadata, or because the file
2485 * is split into fixed-size data files).
2487 shared
&= ~BLK_PERM_RESIZE
;
2490 * WRITE_UNCHANGED often cannot be performed as such on the
2491 * data file. For example, the qcow2 driver may still need to
2492 * write copied clusters on copy-on-read.
2494 if (perm
& BLK_PERM_WRITE_UNCHANGED
) {
2495 perm
|= BLK_PERM_WRITE
;
2499 * If the data file is written to, the format driver may
2500 * expect to be able to resize it by writing beyond the EOF.
2502 if (perm
& BLK_PERM_WRITE
) {
2503 perm
|= BLK_PERM_RESIZE
;
2507 if (bs
->open_flags
& BDRV_O_INACTIVE
) {
2508 shared
|= BLK_PERM_WRITE
| BLK_PERM_RESIZE
;
2515 void bdrv_format_default_perms(BlockDriverState
*bs
, BdrvChild
*c
,
2516 const BdrvChildClass
*child_class
,
2518 BlockReopenQueue
*reopen_queue
,
2519 uint64_t perm
, uint64_t shared
,
2520 uint64_t *nperm
, uint64_t *nshared
)
2522 if (child_class
== &child_of_bds
) {
2523 bdrv_default_perms(bs
, c
, child_class
, role
, reopen_queue
,
2524 perm
, shared
, nperm
, nshared
);
2528 assert(child_class
== &child_file
);
2530 bdrv_default_perms_for_storage(bs
, c
, child_class
, role
, reopen_queue
,
2531 perm
, shared
, nperm
, nshared
);
2534 void bdrv_default_perms(BlockDriverState
*bs
, BdrvChild
*c
,
2535 const BdrvChildClass
*child_class
, BdrvChildRole role
,
2536 BlockReopenQueue
*reopen_queue
,
2537 uint64_t perm
, uint64_t shared
,
2538 uint64_t *nperm
, uint64_t *nshared
)
2540 assert(child_class
== &child_of_bds
);
2542 if (role
& BDRV_CHILD_FILTERED
) {
2543 assert(!(role
& (BDRV_CHILD_DATA
| BDRV_CHILD_METADATA
|
2545 bdrv_filter_default_perms(bs
, c
, child_class
, role
, reopen_queue
,
2546 perm
, shared
, nperm
, nshared
);
2547 } else if (role
& BDRV_CHILD_COW
) {
2548 assert(!(role
& (BDRV_CHILD_DATA
| BDRV_CHILD_METADATA
)));
2549 bdrv_default_perms_for_cow(bs
, c
, child_class
, role
, reopen_queue
,
2550 perm
, shared
, nperm
, nshared
);
2551 } else if (role
& (BDRV_CHILD_METADATA
| BDRV_CHILD_DATA
)) {
2552 bdrv_default_perms_for_storage(bs
, c
, child_class
, role
, reopen_queue
,
2553 perm
, shared
, nperm
, nshared
);
2555 g_assert_not_reached();
2559 uint64_t bdrv_qapi_perm_to_blk_perm(BlockPermission qapi_perm
)
2561 static const uint64_t permissions
[] = {
2562 [BLOCK_PERMISSION_CONSISTENT_READ
] = BLK_PERM_CONSISTENT_READ
,
2563 [BLOCK_PERMISSION_WRITE
] = BLK_PERM_WRITE
,
2564 [BLOCK_PERMISSION_WRITE_UNCHANGED
] = BLK_PERM_WRITE_UNCHANGED
,
2565 [BLOCK_PERMISSION_RESIZE
] = BLK_PERM_RESIZE
,
2566 [BLOCK_PERMISSION_GRAPH_MOD
] = BLK_PERM_GRAPH_MOD
,
2569 QEMU_BUILD_BUG_ON(ARRAY_SIZE(permissions
) != BLOCK_PERMISSION__MAX
);
2570 QEMU_BUILD_BUG_ON(1UL << ARRAY_SIZE(permissions
) != BLK_PERM_ALL
+ 1);
2572 assert(qapi_perm
< BLOCK_PERMISSION__MAX
);
2574 return permissions
[qapi_perm
];
2577 static void bdrv_replace_child_noperm(BdrvChild
*child
,
2578 BlockDriverState
*new_bs
)
2580 BlockDriverState
*old_bs
= child
->bs
;
2581 int new_bs_quiesce_counter
;
2584 assert(!child
->frozen
);
2586 if (old_bs
&& new_bs
) {
2587 assert(bdrv_get_aio_context(old_bs
) == bdrv_get_aio_context(new_bs
));
2590 new_bs_quiesce_counter
= (new_bs
? new_bs
->quiesce_counter
: 0);
2591 drain_saldo
= new_bs_quiesce_counter
- child
->parent_quiesce_counter
;
2594 * If the new child node is drained but the old one was not, flush
2595 * all outstanding requests to the old child node.
2597 while (drain_saldo
> 0 && child
->klass
->drained_begin
) {
2598 bdrv_parent_drained_begin_single(child
, true);
2603 /* Detach first so that the recursive drain sections coming from @child
2604 * are already gone and we only end the drain sections that came from
2606 if (child
->klass
->detach
) {
2607 child
->klass
->detach(child
);
2609 QLIST_REMOVE(child
, next_parent
);
2615 QLIST_INSERT_HEAD(&new_bs
->parents
, child
, next_parent
);
2618 * Detaching the old node may have led to the new node's
2619 * quiesce_counter having been decreased. Not a problem, we
2620 * just need to recognize this here and then invoke
2621 * drained_end appropriately more often.
2623 assert(new_bs
->quiesce_counter
<= new_bs_quiesce_counter
);
2624 drain_saldo
+= new_bs
->quiesce_counter
- new_bs_quiesce_counter
;
2626 /* Attach only after starting new drained sections, so that recursive
2627 * drain sections coming from @child don't get an extra .drained_begin
2629 if (child
->klass
->attach
) {
2630 child
->klass
->attach(child
);
2635 * If the old child node was drained but the new one is not, allow
2636 * requests to come in only after the new node has been attached.
2638 while (drain_saldo
< 0 && child
->klass
->drained_end
) {
2639 bdrv_parent_drained_end_single(child
);
2645 * Updates @child to change its reference to point to @new_bs, including
2646 * checking and applying the necessary permisson updates both to the old node
2649 * NULL is passed as @new_bs for removing the reference before freeing @child.
2651 * If @new_bs is not NULL, bdrv_check_perm() must be called beforehand, as this
2652 * function uses bdrv_set_perm() to update the permissions according to the new
2653 * reference that @new_bs gets.
2655 static void bdrv_replace_child(BdrvChild
*child
, BlockDriverState
*new_bs
)
2657 BlockDriverState
*old_bs
= child
->bs
;
2658 uint64_t perm
, shared_perm
;
2660 bdrv_replace_child_noperm(child
, new_bs
);
2663 * Start with the new node's permissions. If @new_bs is a (direct
2664 * or indirect) child of @old_bs, we must complete the permission
2665 * update on @new_bs before we loosen the restrictions on @old_bs.
2666 * Otherwise, bdrv_check_perm() on @old_bs would re-initiate
2667 * updating the permissions of @new_bs, and thus not purely loosen
2671 bdrv_get_cumulative_perm(new_bs
, &perm
, &shared_perm
);
2672 bdrv_set_perm(new_bs
, perm
, shared_perm
);
2676 /* Update permissions for old node. This is guaranteed to succeed
2677 * because we're just taking a parent away, so we're loosening
2679 bool tighten_restrictions
;
2682 bdrv_get_cumulative_perm(old_bs
, &perm
, &shared_perm
);
2683 ret
= bdrv_check_perm(old_bs
, NULL
, perm
, shared_perm
, NULL
,
2684 &tighten_restrictions
, NULL
);
2685 assert(tighten_restrictions
== false);
2687 /* We only tried to loosen restrictions, so errors are not fatal */
2688 bdrv_abort_perm_update(old_bs
);
2690 bdrv_set_perm(old_bs
, perm
, shared_perm
);
2693 /* When the parent requiring a non-default AioContext is removed, the
2694 * node moves back to the main AioContext */
2695 bdrv_try_set_aio_context(old_bs
, qemu_get_aio_context(), NULL
);
2700 * This function steals the reference to child_bs from the caller.
2701 * That reference is later dropped by bdrv_root_unref_child().
2703 * On failure NULL is returned, errp is set and the reference to
2704 * child_bs is also dropped.
2706 * The caller must hold the AioContext lock @child_bs, but not that of @ctx
2707 * (unless @child_bs is already in @ctx).
2709 BdrvChild
*bdrv_root_attach_child(BlockDriverState
*child_bs
,
2710 const char *child_name
,
2711 const BdrvChildClass
*child_class
,
2712 BdrvChildRole child_role
,
2714 uint64_t perm
, uint64_t shared_perm
,
2715 void *opaque
, Error
**errp
)
2718 Error
*local_err
= NULL
;
2721 ret
= bdrv_check_update_perm(child_bs
, NULL
, perm
, shared_perm
, NULL
, NULL
,
2724 bdrv_abort_perm_update(child_bs
);
2725 bdrv_unref(child_bs
);
2729 child
= g_new(BdrvChild
, 1);
2730 *child
= (BdrvChild
) {
2732 .name
= g_strdup(child_name
),
2733 .klass
= child_class
,
2736 .shared_perm
= shared_perm
,
2740 /* If the AioContexts don't match, first try to move the subtree of
2741 * child_bs into the AioContext of the new parent. If this doesn't work,
2742 * try moving the parent into the AioContext of child_bs instead. */
2743 if (bdrv_get_aio_context(child_bs
) != ctx
) {
2744 ret
= bdrv_try_set_aio_context(child_bs
, ctx
, &local_err
);
2745 if (ret
< 0 && child_class
->can_set_aio_ctx
) {
2746 GSList
*ignore
= g_slist_prepend(NULL
, child
);
2747 ctx
= bdrv_get_aio_context(child_bs
);
2748 if (child_class
->can_set_aio_ctx(child
, ctx
, &ignore
, NULL
)) {
2749 error_free(local_err
);
2751 g_slist_free(ignore
);
2752 ignore
= g_slist_prepend(NULL
, child
);
2753 child_class
->set_aio_ctx(child
, ctx
, &ignore
);
2755 g_slist_free(ignore
);
2758 error_propagate(errp
, local_err
);
2760 bdrv_abort_perm_update(child_bs
);
2761 bdrv_unref(child_bs
);
2766 /* This performs the matching bdrv_set_perm() for the above check. */
2767 bdrv_replace_child(child
, child_bs
);
2773 * This function transfers the reference to child_bs from the caller
2774 * to parent_bs. That reference is later dropped by parent_bs on
2775 * bdrv_close() or if someone calls bdrv_unref_child().
2777 * On failure NULL is returned, errp is set and the reference to
2778 * child_bs is also dropped.
2780 * If @parent_bs and @child_bs are in different AioContexts, the caller must
2781 * hold the AioContext lock for @child_bs, but not for @parent_bs.
2783 BdrvChild
*bdrv_attach_child(BlockDriverState
*parent_bs
,
2784 BlockDriverState
*child_bs
,
2785 const char *child_name
,
2786 const BdrvChildClass
*child_class
,
2787 BdrvChildRole child_role
,
2791 uint64_t perm
, shared_perm
;
2793 bdrv_get_cumulative_perm(parent_bs
, &perm
, &shared_perm
);
2795 assert(parent_bs
->drv
);
2796 bdrv_child_perm(parent_bs
, child_bs
, NULL
, child_class
, child_role
, NULL
,
2797 perm
, shared_perm
, &perm
, &shared_perm
);
2799 child
= bdrv_root_attach_child(child_bs
, child_name
, child_class
,
2800 child_role
, bdrv_get_aio_context(parent_bs
),
2801 perm
, shared_perm
, parent_bs
, errp
);
2802 if (child
== NULL
) {
2806 QLIST_INSERT_HEAD(&parent_bs
->children
, child
, next
);
2810 static void bdrv_detach_child(BdrvChild
*child
)
2812 QLIST_SAFE_REMOVE(child
, next
);
2814 bdrv_replace_child(child
, NULL
);
2816 g_free(child
->name
);
2820 void bdrv_root_unref_child(BdrvChild
*child
)
2822 BlockDriverState
*child_bs
;
2824 child_bs
= child
->bs
;
2825 bdrv_detach_child(child
);
2826 bdrv_unref(child_bs
);
2830 * Clear all inherits_from pointers from children and grandchildren of
2831 * @root that point to @root, where necessary.
2833 static void bdrv_unset_inherits_from(BlockDriverState
*root
, BdrvChild
*child
)
2837 if (child
->bs
->inherits_from
== root
) {
2839 * Remove inherits_from only when the last reference between root and
2840 * child->bs goes away.
2842 QLIST_FOREACH(c
, &root
->children
, next
) {
2843 if (c
!= child
&& c
->bs
== child
->bs
) {
2848 child
->bs
->inherits_from
= NULL
;
2852 QLIST_FOREACH(c
, &child
->bs
->children
, next
) {
2853 bdrv_unset_inherits_from(root
, c
);
2857 void bdrv_unref_child(BlockDriverState
*parent
, BdrvChild
*child
)
2859 if (child
== NULL
) {
2863 bdrv_unset_inherits_from(parent
, child
);
2864 bdrv_root_unref_child(child
);
2868 static void bdrv_parent_cb_change_media(BlockDriverState
*bs
, bool load
)
2871 QLIST_FOREACH(c
, &bs
->parents
, next_parent
) {
2872 if (c
->klass
->change_media
) {
2873 c
->klass
->change_media(c
, load
);
2878 /* Return true if you can reach parent going through child->inherits_from
2879 * recursively. If parent or child are NULL, return false */
2880 static bool bdrv_inherits_from_recursive(BlockDriverState
*child
,
2881 BlockDriverState
*parent
)
2883 while (child
&& child
!= parent
) {
2884 child
= child
->inherits_from
;
2887 return child
!= NULL
;
2891 * Return the BdrvChildRole for @bs's backing child. bs->backing is
2892 * mostly used for COW backing children (role = COW), but also for
2893 * filtered children (role = FILTERED | PRIMARY).
2895 static BdrvChildRole
bdrv_backing_role(BlockDriverState
*bs
)
2897 if (bs
->drv
&& bs
->drv
->is_filter
) {
2898 return BDRV_CHILD_FILTERED
| BDRV_CHILD_PRIMARY
;
2900 return BDRV_CHILD_COW
;
2905 * Sets the backing file link of a BDS. A new reference is created; callers
2906 * which don't need their own reference any more must call bdrv_unref().
2908 void bdrv_set_backing_hd(BlockDriverState
*bs
, BlockDriverState
*backing_hd
,
2911 bool update_inherits_from
= bdrv_chain_contains(bs
, backing_hd
) &&
2912 bdrv_inherits_from_recursive(backing_hd
, bs
);
2914 if (bdrv_is_backing_chain_frozen(bs
, backing_bs(bs
), errp
)) {
2919 bdrv_ref(backing_hd
);
2923 bdrv_unref_child(bs
, bs
->backing
);
2931 bs
->backing
= bdrv_attach_child(bs
, backing_hd
, "backing", &child_of_bds
,
2932 bdrv_backing_role(bs
), errp
);
2933 /* If backing_hd was already part of bs's backing chain, and
2934 * inherits_from pointed recursively to bs then let's update it to
2935 * point directly to bs (else it will become NULL). */
2936 if (bs
->backing
&& update_inherits_from
) {
2937 backing_hd
->inherits_from
= bs
;
2941 bdrv_refresh_limits(bs
, NULL
);
2945 * Opens the backing file for a BlockDriverState if not yet open
2947 * bdref_key specifies the key for the image's BlockdevRef in the options QDict.
2948 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict
2949 * itself, all options starting with "${bdref_key}." are considered part of the
2952 * TODO Can this be unified with bdrv_open_image()?
2954 int bdrv_open_backing_file(BlockDriverState
*bs
, QDict
*parent_options
,
2955 const char *bdref_key
, Error
**errp
)
2957 char *backing_filename
= NULL
;
2958 char *bdref_key_dot
;
2959 const char *reference
= NULL
;
2961 bool implicit_backing
= false;
2962 BlockDriverState
*backing_hd
;
2964 QDict
*tmp_parent_options
= NULL
;
2965 Error
*local_err
= NULL
;
2967 if (bs
->backing
!= NULL
) {
2971 /* NULL means an empty set of options */
2972 if (parent_options
== NULL
) {
2973 tmp_parent_options
= qdict_new();
2974 parent_options
= tmp_parent_options
;
2977 bs
->open_flags
&= ~BDRV_O_NO_BACKING
;
2979 bdref_key_dot
= g_strdup_printf("%s.", bdref_key
);
2980 qdict_extract_subqdict(parent_options
, &options
, bdref_key_dot
);
2981 g_free(bdref_key_dot
);
2984 * Caution: while qdict_get_try_str() is fine, getting non-string
2985 * types would require more care. When @parent_options come from
2986 * -blockdev or blockdev_add, its members are typed according to
2987 * the QAPI schema, but when they come from -drive, they're all
2990 reference
= qdict_get_try_str(parent_options
, bdref_key
);
2991 if (reference
|| qdict_haskey(options
, "file.filename")) {
2992 /* keep backing_filename NULL */
2993 } else if (bs
->backing_file
[0] == '\0' && qdict_size(options
) == 0) {
2994 qobject_unref(options
);
2997 if (qdict_size(options
) == 0) {
2998 /* If the user specifies options that do not modify the
2999 * backing file's behavior, we might still consider it the
3000 * implicit backing file. But it's easier this way, and
3001 * just specifying some of the backing BDS's options is
3002 * only possible with -drive anyway (otherwise the QAPI
3003 * schema forces the user to specify everything). */
3004 implicit_backing
= !strcmp(bs
->auto_backing_file
, bs
->backing_file
);
3007 backing_filename
= bdrv_get_full_backing_filename(bs
, &local_err
);
3010 error_propagate(errp
, local_err
);
3011 qobject_unref(options
);
3016 if (!bs
->drv
|| !bs
->drv
->supports_backing
) {
3018 error_setg(errp
, "Driver doesn't support backing files");
3019 qobject_unref(options
);
3024 bs
->backing_format
[0] != '\0' && !qdict_haskey(options
, "driver")) {
3025 qdict_put_str(options
, "driver", bs
->backing_format
);
3028 backing_hd
= bdrv_open_inherit(backing_filename
, reference
, options
, 0, bs
,
3029 &child_of_bds
, bdrv_backing_role(bs
), errp
);
3031 bs
->open_flags
|= BDRV_O_NO_BACKING
;
3032 error_prepend(errp
, "Could not open backing file: ");
3037 if (implicit_backing
) {
3038 bdrv_refresh_filename(backing_hd
);
3039 pstrcpy(bs
->auto_backing_file
, sizeof(bs
->auto_backing_file
),
3040 backing_hd
->filename
);
3043 /* Hook up the backing file link; drop our reference, bs owns the
3044 * backing_hd reference now */
3045 bdrv_set_backing_hd(bs
, backing_hd
, &local_err
);
3046 bdrv_unref(backing_hd
);
3048 error_propagate(errp
, local_err
);
3053 qdict_del(parent_options
, bdref_key
);
3056 g_free(backing_filename
);
3057 qobject_unref(tmp_parent_options
);
3061 static BlockDriverState
*
3062 bdrv_open_child_bs(const char *filename
, QDict
*options
, const char *bdref_key
,
3063 BlockDriverState
*parent
, const BdrvChildClass
*child_class
,
3064 BdrvChildRole child_role
, bool allow_none
, Error
**errp
)
3066 BlockDriverState
*bs
= NULL
;
3067 QDict
*image_options
;
3068 char *bdref_key_dot
;
3069 const char *reference
;
3071 assert(child_class
!= NULL
);
3073 bdref_key_dot
= g_strdup_printf("%s.", bdref_key
);
3074 qdict_extract_subqdict(options
, &image_options
, bdref_key_dot
);
3075 g_free(bdref_key_dot
);
3078 * Caution: while qdict_get_try_str() is fine, getting non-string
3079 * types would require more care. When @options come from
3080 * -blockdev or blockdev_add, its members are typed according to
3081 * the QAPI schema, but when they come from -drive, they're all
3084 reference
= qdict_get_try_str(options
, bdref_key
);
3085 if (!filename
&& !reference
&& !qdict_size(image_options
)) {
3087 error_setg(errp
, "A block device must be specified for \"%s\"",
3090 qobject_unref(image_options
);
3094 bs
= bdrv_open_inherit(filename
, reference
, image_options
, 0,
3095 parent
, child_class
, child_role
, errp
);
3101 qdict_del(options
, bdref_key
);
3106 * Opens a disk image whose options are given as BlockdevRef in another block
3109 * If allow_none is true, no image will be opened if filename is false and no
3110 * BlockdevRef is given. NULL will be returned, but errp remains unset.
3112 * bdrev_key specifies the key for the image's BlockdevRef in the options QDict.
3113 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict
3114 * itself, all options starting with "${bdref_key}." are considered part of the
3117 * The BlockdevRef will be removed from the options QDict.
3119 BdrvChild
*bdrv_open_child(const char *filename
,
3120 QDict
*options
, const char *bdref_key
,
3121 BlockDriverState
*parent
,
3122 const BdrvChildClass
*child_class
,
3123 BdrvChildRole child_role
,
3124 bool allow_none
, Error
**errp
)
3126 BlockDriverState
*bs
;
3128 bs
= bdrv_open_child_bs(filename
, options
, bdref_key
, parent
, child_class
,
3129 child_role
, allow_none
, errp
);
3134 return bdrv_attach_child(parent
, bs
, bdref_key
, child_class
, child_role
,
3139 * TODO Future callers may need to specify parent/child_class in order for
3140 * option inheritance to work. Existing callers use it for the root node.
3142 BlockDriverState
*bdrv_open_blockdev_ref(BlockdevRef
*ref
, Error
**errp
)
3144 BlockDriverState
*bs
= NULL
;
3145 QObject
*obj
= NULL
;
3146 QDict
*qdict
= NULL
;
3147 const char *reference
= NULL
;
3150 if (ref
->type
== QTYPE_QSTRING
) {
3151 reference
= ref
->u
.reference
;
3153 BlockdevOptions
*options
= &ref
->u
.definition
;
3154 assert(ref
->type
== QTYPE_QDICT
);
3156 v
= qobject_output_visitor_new(&obj
);
3157 visit_type_BlockdevOptions(v
, NULL
, &options
, &error_abort
);
3158 visit_complete(v
, &obj
);
3160 qdict
= qobject_to(QDict
, obj
);
3161 qdict_flatten(qdict
);
3163 /* bdrv_open_inherit() defaults to the values in bdrv_flags (for
3164 * compatibility with other callers) rather than what we want as the
3165 * real defaults. Apply the defaults here instead. */
3166 qdict_set_default_str(qdict
, BDRV_OPT_CACHE_DIRECT
, "off");
3167 qdict_set_default_str(qdict
, BDRV_OPT_CACHE_NO_FLUSH
, "off");
3168 qdict_set_default_str(qdict
, BDRV_OPT_READ_ONLY
, "off");
3169 qdict_set_default_str(qdict
, BDRV_OPT_AUTO_READ_ONLY
, "off");
3173 bs
= bdrv_open_inherit(NULL
, reference
, qdict
, 0, NULL
, NULL
, 0, errp
);
3180 static BlockDriverState
*bdrv_append_temp_snapshot(BlockDriverState
*bs
,
3182 QDict
*snapshot_options
,
3185 /* TODO: extra byte is a hack to ensure MAX_PATH space on Windows. */
3186 char *tmp_filename
= g_malloc0(PATH_MAX
+ 1);
3188 QemuOpts
*opts
= NULL
;
3189 BlockDriverState
*bs_snapshot
= NULL
;
3190 Error
*local_err
= NULL
;
3193 /* if snapshot, we create a temporary backing file and open it
3194 instead of opening 'filename' directly */
3196 /* Get the required size from the image */
3197 total_size
= bdrv_getlength(bs
);
3198 if (total_size
< 0) {
3199 error_setg_errno(errp
, -total_size
, "Could not get image size");
3203 /* Create the temporary image */
3204 ret
= get_tmp_filename(tmp_filename
, PATH_MAX
+ 1);
3206 error_setg_errno(errp
, -ret
, "Could not get temporary filename");
3210 opts
= qemu_opts_create(bdrv_qcow2
.create_opts
, NULL
, 0,
3212 qemu_opt_set_number(opts
, BLOCK_OPT_SIZE
, total_size
, &error_abort
);
3213 ret
= bdrv_create(&bdrv_qcow2
, tmp_filename
, opts
, errp
);
3214 qemu_opts_del(opts
);
3216 error_prepend(errp
, "Could not create temporary overlay '%s': ",
3221 /* Prepare options QDict for the temporary file */
3222 qdict_put_str(snapshot_options
, "file.driver", "file");
3223 qdict_put_str(snapshot_options
, "file.filename", tmp_filename
);
3224 qdict_put_str(snapshot_options
, "driver", "qcow2");
3226 bs_snapshot
= bdrv_open(NULL
, NULL
, snapshot_options
, flags
, errp
);
3227 snapshot_options
= NULL
;
3232 /* bdrv_append() consumes a strong reference to bs_snapshot
3233 * (i.e. it will call bdrv_unref() on it) even on error, so in
3234 * order to be able to return one, we have to increase
3235 * bs_snapshot's refcount here */
3236 bdrv_ref(bs_snapshot
);
3237 bdrv_append(bs_snapshot
, bs
, &local_err
);
3239 error_propagate(errp
, local_err
);
3245 qobject_unref(snapshot_options
);
3246 g_free(tmp_filename
);
3251 * Opens a disk image (raw, qcow2, vmdk, ...)
3253 * options is a QDict of options to pass to the block drivers, or NULL for an
3254 * empty set of options. The reference to the QDict belongs to the block layer
3255 * after the call (even on failure), so if the caller intends to reuse the
3256 * dictionary, it needs to use qobject_ref() before calling bdrv_open.
3258 * If *pbs is NULL, a new BDS will be created with a pointer to it stored there.
3259 * If it is not NULL, the referenced BDS will be reused.
3261 * The reference parameter may be used to specify an existing block device which
3262 * should be opened. If specified, neither options nor a filename may be given,
3263 * nor can an existing BDS be reused (that is, *pbs has to be NULL).
3265 static BlockDriverState
*bdrv_open_inherit(const char *filename
,
3266 const char *reference
,
3267 QDict
*options
, int flags
,
3268 BlockDriverState
*parent
,
3269 const BdrvChildClass
*child_class
,
3270 BdrvChildRole child_role
,
3274 BlockBackend
*file
= NULL
;
3275 BlockDriverState
*bs
;
3276 BlockDriver
*drv
= NULL
;
3278 const char *drvname
;
3279 const char *backing
;
3280 Error
*local_err
= NULL
;
3281 QDict
*snapshot_options
= NULL
;
3282 int snapshot_flags
= 0;
3284 assert(!child_class
|| !flags
);
3285 assert(!child_class
== !parent
);
3288 bool options_non_empty
= options
? qdict_size(options
) : false;
3289 qobject_unref(options
);
3291 if (filename
|| options_non_empty
) {
3292 error_setg(errp
, "Cannot reference an existing block device with "
3293 "additional options or a new filename");
3297 bs
= bdrv_lookup_bs(reference
, reference
, errp
);
3308 /* NULL means an empty set of options */
3309 if (options
== NULL
) {
3310 options
= qdict_new();
3313 /* json: syntax counts as explicit options, as if in the QDict */
3314 parse_json_protocol(options
, &filename
, &local_err
);
3319 bs
->explicit_options
= qdict_clone_shallow(options
);
3322 bool parent_is_format
;
3325 parent_is_format
= parent
->drv
->is_format
;
3328 * parent->drv is not set yet because this node is opened for
3329 * (potential) format probing. That means that @parent is going
3330 * to be a format node.
3332 parent_is_format
= true;
3335 bs
->inherits_from
= parent
;
3336 child_class
->inherit_options(child_role
, parent_is_format
,
3338 parent
->open_flags
, parent
->options
);
3341 ret
= bdrv_fill_options(&options
, filename
, &flags
, &local_err
);
3347 * Set the BDRV_O_RDWR and BDRV_O_ALLOW_RDWR flags.
3348 * Caution: getting a boolean member of @options requires care.
3349 * When @options come from -blockdev or blockdev_add, members are
3350 * typed according to the QAPI schema, but when they come from
3351 * -drive, they're all QString.
3353 if (g_strcmp0(qdict_get_try_str(options
, BDRV_OPT_READ_ONLY
), "on") &&
3354 !qdict_get_try_bool(options
, BDRV_OPT_READ_ONLY
, false)) {
3355 flags
|= (BDRV_O_RDWR
| BDRV_O_ALLOW_RDWR
);
3357 flags
&= ~BDRV_O_RDWR
;
3360 if (flags
& BDRV_O_SNAPSHOT
) {
3361 snapshot_options
= qdict_new();
3362 bdrv_temp_snapshot_options(&snapshot_flags
, snapshot_options
,
3364 /* Let bdrv_backing_options() override "read-only" */
3365 qdict_del(options
, BDRV_OPT_READ_ONLY
);
3366 bdrv_inherited_options(BDRV_CHILD_COW
, true,
3367 &flags
, options
, flags
, options
);
3370 bs
->open_flags
= flags
;
3371 bs
->options
= options
;
3372 options
= qdict_clone_shallow(options
);
3374 /* Find the right image format driver */
3375 /* See cautionary note on accessing @options above */
3376 drvname
= qdict_get_try_str(options
, "driver");
3378 drv
= bdrv_find_format(drvname
);
3380 error_setg(errp
, "Unknown driver: '%s'", drvname
);
3385 assert(drvname
|| !(flags
& BDRV_O_PROTOCOL
));
3387 /* See cautionary note on accessing @options above */
3388 backing
= qdict_get_try_str(options
, "backing");
3389 if (qobject_to(QNull
, qdict_get(options
, "backing")) != NULL
||
3390 (backing
&& *backing
== '\0'))
3393 warn_report("Use of \"backing\": \"\" is deprecated; "
3394 "use \"backing\": null instead");
3396 flags
|= BDRV_O_NO_BACKING
;
3397 qdict_del(bs
->explicit_options
, "backing");
3398 qdict_del(bs
->options
, "backing");
3399 qdict_del(options
, "backing");
3402 /* Open image file without format layer. This BlockBackend is only used for
3403 * probing, the block drivers will do their own bdrv_open_child() for the
3404 * same BDS, which is why we put the node name back into options. */
3405 if ((flags
& BDRV_O_PROTOCOL
) == 0) {
3406 BlockDriverState
*file_bs
;
3408 file_bs
= bdrv_open_child_bs(filename
, options
, "file", bs
,
3409 &child_of_bds
, BDRV_CHILD_IMAGE
,
3414 if (file_bs
!= NULL
) {
3415 /* Not requesting BLK_PERM_CONSISTENT_READ because we're only
3416 * looking at the header to guess the image format. This works even
3417 * in cases where a guest would not see a consistent state. */
3418 file
= blk_new(bdrv_get_aio_context(file_bs
), 0, BLK_PERM_ALL
);
3419 blk_insert_bs(file
, file_bs
, &local_err
);
3420 bdrv_unref(file_bs
);
3425 qdict_put_str(options
, "file", bdrv_get_node_name(file_bs
));
3429 /* Image format probing */
3432 ret
= find_image_format(file
, filename
, &drv
, &local_err
);
3437 * This option update would logically belong in bdrv_fill_options(),
3438 * but we first need to open bs->file for the probing to work, while
3439 * opening bs->file already requires the (mostly) final set of options
3440 * so that cache mode etc. can be inherited.
3442 * Adding the driver later is somewhat ugly, but it's not an option
3443 * that would ever be inherited, so it's correct. We just need to make
3444 * sure to update both bs->options (which has the full effective
3445 * options for bs) and options (which has file.* already removed).
3447 qdict_put_str(bs
->options
, "driver", drv
->format_name
);
3448 qdict_put_str(options
, "driver", drv
->format_name
);
3450 error_setg(errp
, "Must specify either driver or file");
3454 /* BDRV_O_PROTOCOL must be set iff a protocol BDS is about to be created */
3455 assert(!!(flags
& BDRV_O_PROTOCOL
) == !!drv
->bdrv_file_open
);
3456 /* file must be NULL if a protocol BDS is about to be created
3457 * (the inverse results in an error message from bdrv_open_common()) */
3458 assert(!(flags
& BDRV_O_PROTOCOL
) || !file
);
3460 /* Open the image */
3461 ret
= bdrv_open_common(bs
, file
, options
, &local_err
);
3471 /* If there is a backing file, use it */
3472 if ((flags
& BDRV_O_NO_BACKING
) == 0) {
3473 ret
= bdrv_open_backing_file(bs
, options
, "backing", &local_err
);
3475 goto close_and_fail
;
3479 /* Remove all children options and references
3480 * from bs->options and bs->explicit_options */
3481 QLIST_FOREACH(child
, &bs
->children
, next
) {
3482 char *child_key_dot
;
3483 child_key_dot
= g_strdup_printf("%s.", child
->name
);
3484 qdict_extract_subqdict(bs
->explicit_options
, NULL
, child_key_dot
);
3485 qdict_extract_subqdict(bs
->options
, NULL
, child_key_dot
);
3486 qdict_del(bs
->explicit_options
, child
->name
);
3487 qdict_del(bs
->options
, child
->name
);
3488 g_free(child_key_dot
);
3491 /* Check if any unknown options were used */
3492 if (qdict_size(options
) != 0) {
3493 const QDictEntry
*entry
= qdict_first(options
);
3494 if (flags
& BDRV_O_PROTOCOL
) {
3495 error_setg(errp
, "Block protocol '%s' doesn't support the option "
3496 "'%s'", drv
->format_name
, entry
->key
);
3499 "Block format '%s' does not support the option '%s'",
3500 drv
->format_name
, entry
->key
);
3503 goto close_and_fail
;
3506 bdrv_parent_cb_change_media(bs
, true);
3508 qobject_unref(options
);
3511 /* For snapshot=on, create a temporary qcow2 overlay. bs points to the
3512 * temporary snapshot afterwards. */
3513 if (snapshot_flags
) {
3514 BlockDriverState
*snapshot_bs
;
3515 snapshot_bs
= bdrv_append_temp_snapshot(bs
, snapshot_flags
,
3516 snapshot_options
, &local_err
);
3517 snapshot_options
= NULL
;
3519 goto close_and_fail
;
3521 /* We are not going to return bs but the overlay on top of it
3522 * (snapshot_bs); thus, we have to drop the strong reference to bs
3523 * (which we obtained by calling bdrv_new()). bs will not be deleted,
3524 * though, because the overlay still has a reference to it. */
3533 qobject_unref(snapshot_options
);
3534 qobject_unref(bs
->explicit_options
);
3535 qobject_unref(bs
->options
);
3536 qobject_unref(options
);
3538 bs
->explicit_options
= NULL
;
3540 error_propagate(errp
, local_err
);
3545 qobject_unref(snapshot_options
);
3546 qobject_unref(options
);
3547 error_propagate(errp
, local_err
);
3551 BlockDriverState
*bdrv_open(const char *filename
, const char *reference
,
3552 QDict
*options
, int flags
, Error
**errp
)
3554 return bdrv_open_inherit(filename
, reference
, options
, flags
, NULL
,
3558 /* Return true if the NULL-terminated @list contains @str */
3559 static bool is_str_in_list(const char *str
, const char *const *list
)
3563 for (i
= 0; list
[i
] != NULL
; i
++) {
3564 if (!strcmp(str
, list
[i
])) {
3573 * Check that every option set in @bs->options is also set in
3576 * Options listed in the common_options list and in
3577 * @bs->drv->mutable_opts are skipped.
3579 * Return 0 on success, otherwise return -EINVAL and set @errp.
3581 static int bdrv_reset_options_allowed(BlockDriverState
*bs
,
3582 const QDict
*new_opts
, Error
**errp
)
3584 const QDictEntry
*e
;
3585 /* These options are common to all block drivers and are handled
3586 * in bdrv_reopen_prepare() so they can be left out of @new_opts */
3587 const char *const common_options
[] = {
3588 "node-name", "discard", "cache.direct", "cache.no-flush",
3589 "read-only", "auto-read-only", "detect-zeroes", NULL
3592 for (e
= qdict_first(bs
->options
); e
; e
= qdict_next(bs
->options
, e
)) {
3593 if (!qdict_haskey(new_opts
, e
->key
) &&
3594 !is_str_in_list(e
->key
, common_options
) &&
3595 !is_str_in_list(e
->key
, bs
->drv
->mutable_opts
)) {
3596 error_setg(errp
, "Option '%s' cannot be reset "
3597 "to its default value", e
->key
);
3606 * Returns true if @child can be reached recursively from @bs
3608 static bool bdrv_recurse_has_child(BlockDriverState
*bs
,
3609 BlockDriverState
*child
)
3617 QLIST_FOREACH(c
, &bs
->children
, next
) {
3618 if (bdrv_recurse_has_child(c
->bs
, child
)) {
3627 * Adds a BlockDriverState to a simple queue for an atomic, transactional
3628 * reopen of multiple devices.
3630 * bs_queue can either be an existing BlockReopenQueue that has had QTAILQ_INIT
3631 * already performed, or alternatively may be NULL a new BlockReopenQueue will
3632 * be created and initialized. This newly created BlockReopenQueue should be
3633 * passed back in for subsequent calls that are intended to be of the same
3636 * bs is the BlockDriverState to add to the reopen queue.
3638 * options contains the changed options for the associated bs
3639 * (the BlockReopenQueue takes ownership)
3641 * flags contains the open flags for the associated bs
3643 * returns a pointer to bs_queue, which is either the newly allocated
3644 * bs_queue, or the existing bs_queue being used.
3646 * bs must be drained between bdrv_reopen_queue() and bdrv_reopen_multiple().
3648 static BlockReopenQueue
*bdrv_reopen_queue_child(BlockReopenQueue
*bs_queue
,
3649 BlockDriverState
*bs
,
3651 const BdrvChildClass
*klass
,
3653 bool parent_is_format
,
3654 QDict
*parent_options
,
3660 BlockReopenQueueEntry
*bs_entry
;
3662 QDict
*old_options
, *explicit_options
, *options_copy
;
3666 /* Make sure that the caller remembered to use a drained section. This is
3667 * important to avoid graph changes between the recursive queuing here and
3668 * bdrv_reopen_multiple(). */
3669 assert(bs
->quiesce_counter
> 0);
3671 if (bs_queue
== NULL
) {
3672 bs_queue
= g_new0(BlockReopenQueue
, 1);
3673 QTAILQ_INIT(bs_queue
);
3677 options
= qdict_new();
3680 /* Check if this BlockDriverState is already in the queue */
3681 QTAILQ_FOREACH(bs_entry
, bs_queue
, entry
) {
3682 if (bs
== bs_entry
->state
.bs
) {
3688 * Precedence of options:
3689 * 1. Explicitly passed in options (highest)
3690 * 2. Retained from explicitly set options of bs
3691 * 3. Inherited from parent node
3692 * 4. Retained from effective options of bs
3695 /* Old explicitly set values (don't overwrite by inherited value) */
3696 if (bs_entry
|| keep_old_opts
) {
3697 old_options
= qdict_clone_shallow(bs_entry
?
3698 bs_entry
->state
.explicit_options
:
3699 bs
->explicit_options
);
3700 bdrv_join_options(bs
, options
, old_options
);
3701 qobject_unref(old_options
);
3704 explicit_options
= qdict_clone_shallow(options
);
3706 /* Inherit from parent node */
3707 if (parent_options
) {
3709 klass
->inherit_options(role
, parent_is_format
, &flags
, options
,
3710 parent_flags
, parent_options
);
3712 flags
= bdrv_get_flags(bs
);
3715 if (keep_old_opts
) {
3716 /* Old values are used for options that aren't set yet */
3717 old_options
= qdict_clone_shallow(bs
->options
);
3718 bdrv_join_options(bs
, options
, old_options
);
3719 qobject_unref(old_options
);
3722 /* We have the final set of options so let's update the flags */
3723 options_copy
= qdict_clone_shallow(options
);
3724 opts
= qemu_opts_create(&bdrv_runtime_opts
, NULL
, 0, &error_abort
);
3725 qemu_opts_absorb_qdict(opts
, options_copy
, NULL
);
3726 update_flags_from_options(&flags
, opts
);
3727 qemu_opts_del(opts
);
3728 qobject_unref(options_copy
);
3730 /* bdrv_open_inherit() sets and clears some additional flags internally */
3731 flags
&= ~BDRV_O_PROTOCOL
;
3732 if (flags
& BDRV_O_RDWR
) {
3733 flags
|= BDRV_O_ALLOW_RDWR
;
3737 bs_entry
= g_new0(BlockReopenQueueEntry
, 1);
3738 QTAILQ_INSERT_TAIL(bs_queue
, bs_entry
, entry
);
3740 qobject_unref(bs_entry
->state
.options
);
3741 qobject_unref(bs_entry
->state
.explicit_options
);
3744 bs_entry
->state
.bs
= bs
;
3745 bs_entry
->state
.options
= options
;
3746 bs_entry
->state
.explicit_options
= explicit_options
;
3747 bs_entry
->state
.flags
= flags
;
3749 /* This needs to be overwritten in bdrv_reopen_prepare() */
3750 bs_entry
->state
.perm
= UINT64_MAX
;
3751 bs_entry
->state
.shared_perm
= 0;
3754 * If keep_old_opts is false then it means that unspecified
3755 * options must be reset to their original value. We don't allow
3756 * resetting 'backing' but we need to know if the option is
3757 * missing in order to decide if we have to return an error.
3759 if (!keep_old_opts
) {
3760 bs_entry
->state
.backing_missing
=
3761 !qdict_haskey(options
, "backing") &&
3762 !qdict_haskey(options
, "backing.driver");
3765 QLIST_FOREACH(child
, &bs
->children
, next
) {
3766 QDict
*new_child_options
= NULL
;
3767 bool child_keep_old
= keep_old_opts
;
3769 /* reopen can only change the options of block devices that were
3770 * implicitly created and inherited options. For other (referenced)
3771 * block devices, a syntax like "backing.foo" results in an error. */
3772 if (child
->bs
->inherits_from
!= bs
) {
3776 /* Check if the options contain a child reference */
3777 if (qdict_haskey(options
, child
->name
)) {
3778 const char *childref
= qdict_get_try_str(options
, child
->name
);
3780 * The current child must not be reopened if the child
3781 * reference is null or points to a different node.
3783 if (g_strcmp0(childref
, child
->bs
->node_name
)) {
3787 * If the child reference points to the current child then
3788 * reopen it with its existing set of options (note that
3789 * it can still inherit new options from the parent).
3791 child_keep_old
= true;
3793 /* Extract child options ("child-name.*") */
3794 char *child_key_dot
= g_strdup_printf("%s.", child
->name
);
3795 qdict_extract_subqdict(explicit_options
, NULL
, child_key_dot
);
3796 qdict_extract_subqdict(options
, &new_child_options
, child_key_dot
);
3797 g_free(child_key_dot
);
3800 bdrv_reopen_queue_child(bs_queue
, child
->bs
, new_child_options
,
3801 child
->klass
, child
->role
, bs
->drv
->is_format
,
3802 options
, flags
, child_keep_old
);
3808 BlockReopenQueue
*bdrv_reopen_queue(BlockReopenQueue
*bs_queue
,
3809 BlockDriverState
*bs
,
3810 QDict
*options
, bool keep_old_opts
)
3812 return bdrv_reopen_queue_child(bs_queue
, bs
, options
, NULL
, 0, false,
3813 NULL
, 0, keep_old_opts
);
3817 * Reopen multiple BlockDriverStates atomically & transactionally.
3819 * The queue passed in (bs_queue) must have been built up previous
3820 * via bdrv_reopen_queue().
3822 * Reopens all BDS specified in the queue, with the appropriate
3823 * flags. All devices are prepared for reopen, and failure of any
3824 * device will cause all device changes to be abandoned, and intermediate
3827 * If all devices prepare successfully, then the changes are committed
3830 * All affected nodes must be drained between bdrv_reopen_queue() and
3831 * bdrv_reopen_multiple().
3833 int bdrv_reopen_multiple(BlockReopenQueue
*bs_queue
, Error
**errp
)
3836 BlockReopenQueueEntry
*bs_entry
, *next
;
3838 assert(bs_queue
!= NULL
);
3840 QTAILQ_FOREACH(bs_entry
, bs_queue
, entry
) {
3841 assert(bs_entry
->state
.bs
->quiesce_counter
> 0);
3842 if (bdrv_reopen_prepare(&bs_entry
->state
, bs_queue
, errp
)) {
3845 bs_entry
->prepared
= true;
3848 QTAILQ_FOREACH(bs_entry
, bs_queue
, entry
) {
3849 BDRVReopenState
*state
= &bs_entry
->state
;
3850 ret
= bdrv_check_perm(state
->bs
, bs_queue
, state
->perm
,
3851 state
->shared_perm
, NULL
, NULL
, errp
);
3855 /* Check if new_backing_bs would accept the new permissions */
3856 if (state
->replace_backing_bs
&& state
->new_backing_bs
) {
3857 uint64_t nperm
, nshared
;
3858 bdrv_child_perm(state
->bs
, state
->new_backing_bs
,
3859 NULL
, &child_of_bds
, bdrv_backing_role(state
->bs
),
3860 bs_queue
, state
->perm
, state
->shared_perm
,
3862 ret
= bdrv_check_update_perm(state
->new_backing_bs
, NULL
,
3863 nperm
, nshared
, NULL
, NULL
, errp
);
3868 bs_entry
->perms_checked
= true;
3872 * If we reach this point, we have success and just need to apply the
3875 * Reverse order is used to comfort qcow2 driver: on commit it need to write
3876 * IN_USE flag to the image, to mark bitmaps in the image as invalid. But
3877 * children are usually goes after parents in reopen-queue, so go from last
3880 QTAILQ_FOREACH_REVERSE(bs_entry
, bs_queue
, entry
) {
3881 bdrv_reopen_commit(&bs_entry
->state
);
3886 QTAILQ_FOREACH_SAFE(bs_entry
, bs_queue
, entry
, next
) {
3887 BDRVReopenState
*state
= &bs_entry
->state
;
3889 if (!bs_entry
->perms_checked
) {
3894 bdrv_set_perm(state
->bs
, state
->perm
, state
->shared_perm
);
3896 bdrv_abort_perm_update(state
->bs
);
3897 if (state
->replace_backing_bs
&& state
->new_backing_bs
) {
3898 bdrv_abort_perm_update(state
->new_backing_bs
);
3904 QTAILQ_FOREACH_REVERSE(bs_entry
, bs_queue
, entry
) {
3905 BlockDriverState
*bs
= bs_entry
->state
.bs
;
3907 if (bs
->drv
->bdrv_reopen_commit_post
)
3908 bs
->drv
->bdrv_reopen_commit_post(&bs_entry
->state
);
3912 QTAILQ_FOREACH_SAFE(bs_entry
, bs_queue
, entry
, next
) {
3914 if (bs_entry
->prepared
) {
3915 bdrv_reopen_abort(&bs_entry
->state
);
3917 qobject_unref(bs_entry
->state
.explicit_options
);
3918 qobject_unref(bs_entry
->state
.options
);
3920 if (bs_entry
->state
.new_backing_bs
) {
3921 bdrv_unref(bs_entry
->state
.new_backing_bs
);
3930 int bdrv_reopen_set_read_only(BlockDriverState
*bs
, bool read_only
,
3934 BlockReopenQueue
*queue
;
3935 QDict
*opts
= qdict_new();
3937 qdict_put_bool(opts
, BDRV_OPT_READ_ONLY
, read_only
);
3939 bdrv_subtree_drained_begin(bs
);
3940 queue
= bdrv_reopen_queue(NULL
, bs
, opts
, true);
3941 ret
= bdrv_reopen_multiple(queue
, errp
);
3942 bdrv_subtree_drained_end(bs
);
3947 static BlockReopenQueueEntry
*find_parent_in_reopen_queue(BlockReopenQueue
*q
,
3950 BlockReopenQueueEntry
*entry
;
3952 QTAILQ_FOREACH(entry
, q
, entry
) {
3953 BlockDriverState
*bs
= entry
->state
.bs
;
3956 QLIST_FOREACH(child
, &bs
->children
, next
) {
3966 static void bdrv_reopen_perm(BlockReopenQueue
*q
, BlockDriverState
*bs
,
3967 uint64_t *perm
, uint64_t *shared
)
3970 BlockReopenQueueEntry
*parent
;
3971 uint64_t cumulative_perms
= 0;
3972 uint64_t cumulative_shared_perms
= BLK_PERM_ALL
;
3974 QLIST_FOREACH(c
, &bs
->parents
, next_parent
) {
3975 parent
= find_parent_in_reopen_queue(q
, c
);
3977 cumulative_perms
|= c
->perm
;
3978 cumulative_shared_perms
&= c
->shared_perm
;
3980 uint64_t nperm
, nshared
;
3982 bdrv_child_perm(parent
->state
.bs
, bs
, c
, c
->klass
, c
->role
, q
,
3983 parent
->state
.perm
, parent
->state
.shared_perm
,
3986 cumulative_perms
|= nperm
;
3987 cumulative_shared_perms
&= nshared
;
3990 *perm
= cumulative_perms
;
3991 *shared
= cumulative_shared_perms
;
3994 static bool bdrv_reopen_can_attach(BlockDriverState
*parent
,
3996 BlockDriverState
*new_child
,
3999 AioContext
*parent_ctx
= bdrv_get_aio_context(parent
);
4000 AioContext
*child_ctx
= bdrv_get_aio_context(new_child
);
4004 ignore
= g_slist_prepend(NULL
, child
);
4005 ret
= bdrv_can_set_aio_context(new_child
, parent_ctx
, &ignore
, NULL
);
4006 g_slist_free(ignore
);
4011 ignore
= g_slist_prepend(NULL
, child
);
4012 ret
= bdrv_can_set_aio_context(parent
, child_ctx
, &ignore
, errp
);
4013 g_slist_free(ignore
);
4018 * Take a BDRVReopenState and check if the value of 'backing' in the
4019 * reopen_state->options QDict is valid or not.
4021 * If 'backing' is missing from the QDict then return 0.
4023 * If 'backing' contains the node name of the backing file of
4024 * reopen_state->bs then return 0.
4026 * If 'backing' contains a different node name (or is null) then check
4027 * whether the current backing file can be replaced with the new one.
4028 * If that's the case then reopen_state->replace_backing_bs is set to
4029 * true and reopen_state->new_backing_bs contains a pointer to the new
4030 * backing BlockDriverState (or NULL).
4032 * Return 0 on success, otherwise return < 0 and set @errp.
4034 static int bdrv_reopen_parse_backing(BDRVReopenState
*reopen_state
,
4037 BlockDriverState
*bs
= reopen_state
->bs
;
4038 BlockDriverState
*overlay_bs
, *new_backing_bs
;
4042 value
= qdict_get(reopen_state
->options
, "backing");
4043 if (value
== NULL
) {
4047 switch (qobject_type(value
)) {
4049 new_backing_bs
= NULL
;
4052 str
= qobject_get_try_str(value
);
4053 new_backing_bs
= bdrv_lookup_bs(NULL
, str
, errp
);
4054 if (new_backing_bs
== NULL
) {
4056 } else if (bdrv_recurse_has_child(new_backing_bs
, bs
)) {
4057 error_setg(errp
, "Making '%s' a backing file of '%s' "
4058 "would create a cycle", str
, bs
->node_name
);
4063 /* 'backing' does not allow any other data type */
4064 g_assert_not_reached();
4068 * Check AioContext compatibility so that the bdrv_set_backing_hd() call in
4069 * bdrv_reopen_commit() won't fail.
4071 if (new_backing_bs
) {
4072 if (!bdrv_reopen_can_attach(bs
, bs
->backing
, new_backing_bs
, errp
)) {
4078 * Find the "actual" backing file by skipping all links that point
4079 * to an implicit node, if any (e.g. a commit filter node).
4082 while (backing_bs(overlay_bs
) && backing_bs(overlay_bs
)->implicit
) {
4083 overlay_bs
= backing_bs(overlay_bs
);
4086 /* If we want to replace the backing file we need some extra checks */
4087 if (new_backing_bs
!= backing_bs(overlay_bs
)) {
4088 /* Check for implicit nodes between bs and its backing file */
4089 if (bs
!= overlay_bs
) {
4090 error_setg(errp
, "Cannot change backing link if '%s' has "
4091 "an implicit backing file", bs
->node_name
);
4094 /* Check if the backing link that we want to replace is frozen */
4095 if (bdrv_is_backing_chain_frozen(overlay_bs
, backing_bs(overlay_bs
),
4099 reopen_state
->replace_backing_bs
= true;
4100 if (new_backing_bs
) {
4101 bdrv_ref(new_backing_bs
);
4102 reopen_state
->new_backing_bs
= new_backing_bs
;
4110 * Prepares a BlockDriverState for reopen. All changes are staged in the
4111 * 'opaque' field of the BDRVReopenState, which is used and allocated by
4112 * the block driver layer .bdrv_reopen_prepare()
4114 * bs is the BlockDriverState to reopen
4115 * flags are the new open flags
4116 * queue is the reopen queue
4118 * Returns 0 on success, non-zero on error. On error errp will be set
4121 * On failure, bdrv_reopen_abort() will be called to clean up any data.
4122 * It is the responsibility of the caller to then call the abort() or
4123 * commit() for any other BDS that have been left in a prepare() state
4126 int bdrv_reopen_prepare(BDRVReopenState
*reopen_state
, BlockReopenQueue
*queue
,
4131 Error
*local_err
= NULL
;
4134 QDict
*orig_reopen_opts
;
4135 char *discard
= NULL
;
4137 bool drv_prepared
= false;
4139 assert(reopen_state
!= NULL
);
4140 assert(reopen_state
->bs
->drv
!= NULL
);
4141 drv
= reopen_state
->bs
->drv
;
4143 /* This function and each driver's bdrv_reopen_prepare() remove
4144 * entries from reopen_state->options as they are processed, so
4145 * we need to make a copy of the original QDict. */
4146 orig_reopen_opts
= qdict_clone_shallow(reopen_state
->options
);
4148 /* Process generic block layer options */
4149 opts
= qemu_opts_create(&bdrv_runtime_opts
, NULL
, 0, &error_abort
);
4150 qemu_opts_absorb_qdict(opts
, reopen_state
->options
, &local_err
);
4152 error_propagate(errp
, local_err
);
4157 /* This was already called in bdrv_reopen_queue_child() so the flags
4158 * are up-to-date. This time we simply want to remove the options from
4159 * QemuOpts in order to indicate that they have been processed. */
4160 old_flags
= reopen_state
->flags
;
4161 update_flags_from_options(&reopen_state
->flags
, opts
);
4162 assert(old_flags
== reopen_state
->flags
);
4164 discard
= qemu_opt_get_del(opts
, BDRV_OPT_DISCARD
);
4165 if (discard
!= NULL
) {
4166 if (bdrv_parse_discard_flags(discard
, &reopen_state
->flags
) != 0) {
4167 error_setg(errp
, "Invalid discard option");
4173 reopen_state
->detect_zeroes
=
4174 bdrv_parse_detect_zeroes(opts
, reopen_state
->flags
, &local_err
);
4176 error_propagate(errp
, local_err
);
4181 /* All other options (including node-name and driver) must be unchanged.
4182 * Put them back into the QDict, so that they are checked at the end
4183 * of this function. */
4184 qemu_opts_to_qdict(opts
, reopen_state
->options
);
4186 /* If we are to stay read-only, do not allow permission change
4187 * to r/w. Attempting to set to r/w may fail if either BDRV_O_ALLOW_RDWR is
4188 * not set, or if the BDS still has copy_on_read enabled */
4189 read_only
= !(reopen_state
->flags
& BDRV_O_RDWR
);
4190 ret
= bdrv_can_set_read_only(reopen_state
->bs
, read_only
, true, &local_err
);
4192 error_propagate(errp
, local_err
);
4196 /* Calculate required permissions after reopening */
4197 bdrv_reopen_perm(queue
, reopen_state
->bs
,
4198 &reopen_state
->perm
, &reopen_state
->shared_perm
);
4200 ret
= bdrv_flush(reopen_state
->bs
);
4202 error_setg_errno(errp
, -ret
, "Error flushing drive");
4206 if (drv
->bdrv_reopen_prepare
) {
4208 * If a driver-specific option is missing, it means that we
4209 * should reset it to its default value.
4210 * But not all options allow that, so we need to check it first.
4212 ret
= bdrv_reset_options_allowed(reopen_state
->bs
,
4213 reopen_state
->options
, errp
);
4218 ret
= drv
->bdrv_reopen_prepare(reopen_state
, queue
, &local_err
);
4220 if (local_err
!= NULL
) {
4221 error_propagate(errp
, local_err
);
4223 bdrv_refresh_filename(reopen_state
->bs
);
4224 error_setg(errp
, "failed while preparing to reopen image '%s'",
4225 reopen_state
->bs
->filename
);
4230 /* It is currently mandatory to have a bdrv_reopen_prepare()
4231 * handler for each supported drv. */
4232 error_setg(errp
, "Block format '%s' used by node '%s' "
4233 "does not support reopening files", drv
->format_name
,
4234 bdrv_get_device_or_node_name(reopen_state
->bs
));
4239 drv_prepared
= true;
4242 * We must provide the 'backing' option if the BDS has a backing
4243 * file or if the image file has a backing file name as part of
4244 * its metadata. Otherwise the 'backing' option can be omitted.
4246 if (drv
->supports_backing
&& reopen_state
->backing_missing
&&
4247 (backing_bs(reopen_state
->bs
) || reopen_state
->bs
->backing_file
[0])) {
4248 error_setg(errp
, "backing is missing for '%s'",
4249 reopen_state
->bs
->node_name
);
4255 * Allow changing the 'backing' option. The new value can be
4256 * either a reference to an existing node (using its node name)
4257 * or NULL to simply detach the current backing file.
4259 ret
= bdrv_reopen_parse_backing(reopen_state
, errp
);
4263 qdict_del(reopen_state
->options
, "backing");
4265 /* Options that are not handled are only okay if they are unchanged
4266 * compared to the old state. It is expected that some options are only
4267 * used for the initial open, but not reopen (e.g. filename) */
4268 if (qdict_size(reopen_state
->options
)) {
4269 const QDictEntry
*entry
= qdict_first(reopen_state
->options
);
4272 QObject
*new = entry
->value
;
4273 QObject
*old
= qdict_get(reopen_state
->bs
->options
, entry
->key
);
4275 /* Allow child references (child_name=node_name) as long as they
4276 * point to the current child (i.e. everything stays the same). */
4277 if (qobject_type(new) == QTYPE_QSTRING
) {
4279 QLIST_FOREACH(child
, &reopen_state
->bs
->children
, next
) {
4280 if (!strcmp(child
->name
, entry
->key
)) {
4286 const char *str
= qobject_get_try_str(new);
4287 if (!strcmp(child
->bs
->node_name
, str
)) {
4288 continue; /* Found child with this name, skip option */
4294 * TODO: When using -drive to specify blockdev options, all values
4295 * will be strings; however, when using -blockdev, blockdev-add or
4296 * filenames using the json:{} pseudo-protocol, they will be
4298 * In contrast, reopening options are (currently) always strings
4299 * (because you can only specify them through qemu-io; all other
4300 * callers do not specify any options).
4301 * Therefore, when using anything other than -drive to create a BDS,
4302 * this cannot detect non-string options as unchanged, because
4303 * qobject_is_equal() always returns false for objects of different
4304 * type. In the future, this should be remedied by correctly typing
4305 * all options. For now, this is not too big of an issue because
4306 * the user can simply omit options which cannot be changed anyway,
4307 * so they will stay unchanged.
4309 if (!qobject_is_equal(new, old
)) {
4310 error_setg(errp
, "Cannot change the option '%s'", entry
->key
);
4314 } while ((entry
= qdict_next(reopen_state
->options
, entry
)));
4319 /* Restore the original reopen_state->options QDict */
4320 qobject_unref(reopen_state
->options
);
4321 reopen_state
->options
= qobject_ref(orig_reopen_opts
);
4324 if (ret
< 0 && drv_prepared
) {
4325 /* drv->bdrv_reopen_prepare() has succeeded, so we need to
4326 * call drv->bdrv_reopen_abort() before signaling an error
4327 * (bdrv_reopen_multiple() will not call bdrv_reopen_abort()
4328 * when the respective bdrv_reopen_prepare() has failed) */
4329 if (drv
->bdrv_reopen_abort
) {
4330 drv
->bdrv_reopen_abort(reopen_state
);
4333 qemu_opts_del(opts
);
4334 qobject_unref(orig_reopen_opts
);
4340 * Takes the staged changes for the reopen from bdrv_reopen_prepare(), and
4341 * makes them final by swapping the staging BlockDriverState contents into
4342 * the active BlockDriverState contents.
4344 void bdrv_reopen_commit(BDRVReopenState
*reopen_state
)
4347 BlockDriverState
*bs
;
4350 assert(reopen_state
!= NULL
);
4351 bs
= reopen_state
->bs
;
4353 assert(drv
!= NULL
);
4355 /* If there are any driver level actions to take */
4356 if (drv
->bdrv_reopen_commit
) {
4357 drv
->bdrv_reopen_commit(reopen_state
);
4360 /* set BDS specific flags now */
4361 qobject_unref(bs
->explicit_options
);
4362 qobject_unref(bs
->options
);
4364 bs
->explicit_options
= reopen_state
->explicit_options
;
4365 bs
->options
= reopen_state
->options
;
4366 bs
->open_flags
= reopen_state
->flags
;
4367 bs
->read_only
= !(reopen_state
->flags
& BDRV_O_RDWR
);
4368 bs
->detect_zeroes
= reopen_state
->detect_zeroes
;
4370 if (reopen_state
->replace_backing_bs
) {
4371 qdict_del(bs
->explicit_options
, "backing");
4372 qdict_del(bs
->options
, "backing");
4375 /* Remove child references from bs->options and bs->explicit_options.
4376 * Child options were already removed in bdrv_reopen_queue_child() */
4377 QLIST_FOREACH(child
, &bs
->children
, next
) {
4378 qdict_del(bs
->explicit_options
, child
->name
);
4379 qdict_del(bs
->options
, child
->name
);
4383 * Change the backing file if a new one was specified. We do this
4384 * after updating bs->options, so bdrv_refresh_filename() (called
4385 * from bdrv_set_backing_hd()) has the new values.
4387 if (reopen_state
->replace_backing_bs
) {
4388 BlockDriverState
*old_backing_bs
= backing_bs(bs
);
4389 assert(!old_backing_bs
|| !old_backing_bs
->implicit
);
4390 /* Abort the permission update on the backing bs we're detaching */
4391 if (old_backing_bs
) {
4392 bdrv_abort_perm_update(old_backing_bs
);
4394 bdrv_set_backing_hd(bs
, reopen_state
->new_backing_bs
, &error_abort
);
4397 bdrv_refresh_limits(bs
, NULL
);
4401 * Abort the reopen, and delete and free the staged changes in
4404 void bdrv_reopen_abort(BDRVReopenState
*reopen_state
)
4408 assert(reopen_state
!= NULL
);
4409 drv
= reopen_state
->bs
->drv
;
4410 assert(drv
!= NULL
);
4412 if (drv
->bdrv_reopen_abort
) {
4413 drv
->bdrv_reopen_abort(reopen_state
);
4418 static void bdrv_close(BlockDriverState
*bs
)
4420 BdrvAioNotifier
*ban
, *ban_next
;
4421 BdrvChild
*child
, *next
;
4423 assert(!bs
->refcnt
);
4425 bdrv_drained_begin(bs
); /* complete I/O */
4427 bdrv_drain(bs
); /* in case flush left pending I/O */
4430 if (bs
->drv
->bdrv_close
) {
4431 bs
->drv
->bdrv_close(bs
);
4436 QLIST_FOREACH_SAFE(child
, &bs
->children
, next
, next
) {
4437 bdrv_unref_child(bs
, child
);
4444 atomic_set(&bs
->copy_on_read
, 0);
4445 bs
->backing_file
[0] = '\0';
4446 bs
->backing_format
[0] = '\0';
4447 bs
->total_sectors
= 0;
4448 bs
->encrypted
= false;
4450 qobject_unref(bs
->options
);
4451 qobject_unref(bs
->explicit_options
);
4453 bs
->explicit_options
= NULL
;
4454 qobject_unref(bs
->full_open_options
);
4455 bs
->full_open_options
= NULL
;
4457 bdrv_release_named_dirty_bitmaps(bs
);
4458 assert(QLIST_EMPTY(&bs
->dirty_bitmaps
));
4460 QLIST_FOREACH_SAFE(ban
, &bs
->aio_notifiers
, list
, ban_next
) {
4463 QLIST_INIT(&bs
->aio_notifiers
);
4464 bdrv_drained_end(bs
);
4467 void bdrv_close_all(void)
4469 assert(job_next(NULL
) == NULL
);
4470 nbd_export_close_all();
4472 /* Drop references from requests still in flight, such as canceled block
4473 * jobs whose AIO context has not been polled yet */
4476 blk_remove_all_bs();
4477 blockdev_close_all_bdrv_states();
4479 assert(QTAILQ_EMPTY(&all_bdrv_states
));
4482 static bool should_update_child(BdrvChild
*c
, BlockDriverState
*to
)
4488 if (c
->klass
->stay_at_node
) {
4492 /* If the child @c belongs to the BDS @to, replacing the current
4493 * c->bs by @to would mean to create a loop.
4495 * Such a case occurs when appending a BDS to a backing chain.
4496 * For instance, imagine the following chain:
4498 * guest device -> node A -> further backing chain...
4500 * Now we create a new BDS B which we want to put on top of this
4501 * chain, so we first attach A as its backing node:
4506 * guest device -> node A -> further backing chain...
4508 * Finally we want to replace A by B. When doing that, we want to
4509 * replace all pointers to A by pointers to B -- except for the
4510 * pointer from B because (1) that would create a loop, and (2)
4511 * that pointer should simply stay intact:
4513 * guest device -> node B
4516 * node A -> further backing chain...
4518 * In general, when replacing a node A (c->bs) by a node B (@to),
4519 * if A is a child of B, that means we cannot replace A by B there
4520 * because that would create a loop. Silently detaching A from B
4521 * is also not really an option. So overall just leaving A in
4522 * place there is the most sensible choice.
4524 * We would also create a loop in any cases where @c is only
4525 * indirectly referenced by @to. Prevent this by returning false
4526 * if @c is found (by breadth-first search) anywhere in the whole
4531 found
= g_hash_table_new(NULL
, NULL
);
4532 g_hash_table_add(found
, to
);
4533 queue
= g_queue_new();
4534 g_queue_push_tail(queue
, to
);
4536 while (!g_queue_is_empty(queue
)) {
4537 BlockDriverState
*v
= g_queue_pop_head(queue
);
4540 QLIST_FOREACH(c2
, &v
->children
, next
) {
4546 if (g_hash_table_contains(found
, c2
->bs
)) {
4550 g_queue_push_tail(queue
, c2
->bs
);
4551 g_hash_table_add(found
, c2
->bs
);
4555 g_queue_free(queue
);
4556 g_hash_table_destroy(found
);
4561 void bdrv_replace_node(BlockDriverState
*from
, BlockDriverState
*to
,
4564 BdrvChild
*c
, *next
;
4565 GSList
*list
= NULL
, *p
;
4566 uint64_t perm
= 0, shared
= BLK_PERM_ALL
;
4569 /* Make sure that @from doesn't go away until we have successfully attached
4570 * all of its parents to @to. */
4573 assert(qemu_get_current_aio_context() == qemu_get_aio_context());
4574 assert(bdrv_get_aio_context(from
) == bdrv_get_aio_context(to
));
4575 bdrv_drained_begin(from
);
4577 /* Put all parents into @list and calculate their cumulative permissions */
4578 QLIST_FOREACH_SAFE(c
, &from
->parents
, next_parent
, next
) {
4579 assert(c
->bs
== from
);
4580 if (!should_update_child(c
, to
)) {
4584 error_setg(errp
, "Cannot change '%s' link to '%s'",
4585 c
->name
, from
->node_name
);
4588 list
= g_slist_prepend(list
, c
);
4590 shared
&= c
->shared_perm
;
4593 /* Check whether the required permissions can be granted on @to, ignoring
4594 * all BdrvChild in @list so that they can't block themselves. */
4595 ret
= bdrv_check_update_perm(to
, NULL
, perm
, shared
, list
, NULL
, errp
);
4597 bdrv_abort_perm_update(to
);
4601 /* Now actually perform the change. We performed the permission check for
4602 * all elements of @list at once, so set the permissions all at once at the
4604 for (p
= list
; p
!= NULL
; p
= p
->next
) {
4608 bdrv_replace_child_noperm(c
, to
);
4612 bdrv_get_cumulative_perm(to
, &perm
, &shared
);
4613 bdrv_set_perm(to
, perm
, shared
);
4617 bdrv_drained_end(from
);
4622 * Add new bs contents at the top of an image chain while the chain is
4623 * live, while keeping required fields on the top layer.
4625 * This will modify the BlockDriverState fields, and swap contents
4626 * between bs_new and bs_top. Both bs_new and bs_top are modified.
4628 * bs_new must not be attached to a BlockBackend.
4630 * This function does not create any image files.
4632 * bdrv_append() takes ownership of a bs_new reference and unrefs it because
4633 * that's what the callers commonly need. bs_new will be referenced by the old
4634 * parents of bs_top after bdrv_append() returns. If the caller needs to keep a
4635 * reference of its own, it must call bdrv_ref().
4637 void bdrv_append(BlockDriverState
*bs_new
, BlockDriverState
*bs_top
,
4640 Error
*local_err
= NULL
;
4642 bdrv_set_backing_hd(bs_new
, bs_top
, &local_err
);
4644 error_propagate(errp
, local_err
);
4648 bdrv_replace_node(bs_top
, bs_new
, &local_err
);
4650 error_propagate(errp
, local_err
);
4651 bdrv_set_backing_hd(bs_new
, NULL
, &error_abort
);
4655 /* bs_new is now referenced by its new parents, we don't need the
4656 * additional reference any more. */
4661 static void bdrv_delete(BlockDriverState
*bs
)
4663 assert(bdrv_op_blocker_is_empty(bs
));
4664 assert(!bs
->refcnt
);
4666 /* remove from list, if necessary */
4667 if (bs
->node_name
[0] != '\0') {
4668 QTAILQ_REMOVE(&graph_bdrv_states
, bs
, node_list
);
4670 QTAILQ_REMOVE(&all_bdrv_states
, bs
, bs_list
);
4678 * Run consistency checks on an image
4680 * Returns 0 if the check could be completed (it doesn't mean that the image is
4681 * free of errors) or -errno when an internal error occurred. The results of the
4682 * check are stored in res.
4684 static int coroutine_fn
bdrv_co_check(BlockDriverState
*bs
,
4685 BdrvCheckResult
*res
, BdrvCheckMode fix
)
4687 if (bs
->drv
== NULL
) {
4690 if (bs
->drv
->bdrv_co_check
== NULL
) {
4694 memset(res
, 0, sizeof(*res
));
4695 return bs
->drv
->bdrv_co_check(bs
, res
, fix
);
4698 typedef struct CheckCo
{
4699 BlockDriverState
*bs
;
4700 BdrvCheckResult
*res
;
4705 static void coroutine_fn
bdrv_check_co_entry(void *opaque
)
4707 CheckCo
*cco
= opaque
;
4708 cco
->ret
= bdrv_co_check(cco
->bs
, cco
->res
, cco
->fix
);
4712 int bdrv_check(BlockDriverState
*bs
,
4713 BdrvCheckResult
*res
, BdrvCheckMode fix
)
4719 .ret
= -EINPROGRESS
,
4723 if (qemu_in_coroutine()) {
4724 /* Fast-path if already in coroutine context */
4725 bdrv_check_co_entry(&cco
);
4727 co
= qemu_coroutine_create(bdrv_check_co_entry
, &cco
);
4728 bdrv_coroutine_enter(bs
, co
);
4729 BDRV_POLL_WHILE(bs
, cco
.ret
== -EINPROGRESS
);
4738 * -EINVAL - backing format specified, but no file
4739 * -ENOSPC - can't update the backing file because no space is left in the
4741 * -ENOTSUP - format driver doesn't support changing the backing file
4743 int bdrv_change_backing_file(BlockDriverState
*bs
,
4744 const char *backing_file
, const char *backing_fmt
)
4746 BlockDriver
*drv
= bs
->drv
;
4753 /* Backing file format doesn't make sense without a backing file */
4754 if (backing_fmt
&& !backing_file
) {
4758 if (drv
->bdrv_change_backing_file
!= NULL
) {
4759 ret
= drv
->bdrv_change_backing_file(bs
, backing_file
, backing_fmt
);
4765 pstrcpy(bs
->backing_file
, sizeof(bs
->backing_file
), backing_file
?: "");
4766 pstrcpy(bs
->backing_format
, sizeof(bs
->backing_format
), backing_fmt
?: "");
4767 pstrcpy(bs
->auto_backing_file
, sizeof(bs
->auto_backing_file
),
4768 backing_file
?: "");
4774 * Finds the image layer in the chain that has 'bs' as its backing file.
4776 * active is the current topmost image.
4778 * Returns NULL if bs is not found in active's image chain,
4779 * or if active == bs.
4781 * Returns the bottommost base image if bs == NULL.
4783 BlockDriverState
*bdrv_find_overlay(BlockDriverState
*active
,
4784 BlockDriverState
*bs
)
4786 while (active
&& bs
!= backing_bs(active
)) {
4787 active
= backing_bs(active
);
4793 /* Given a BDS, searches for the base layer. */
4794 BlockDriverState
*bdrv_find_base(BlockDriverState
*bs
)
4796 return bdrv_find_overlay(bs
, NULL
);
4800 * Return true if at least one of the backing links between @bs and
4801 * @base is frozen. @errp is set if that's the case.
4802 * @base must be reachable from @bs, or NULL.
4804 bool bdrv_is_backing_chain_frozen(BlockDriverState
*bs
, BlockDriverState
*base
,
4807 BlockDriverState
*i
;
4809 for (i
= bs
; i
!= base
; i
= backing_bs(i
)) {
4810 if (i
->backing
&& i
->backing
->frozen
) {
4811 error_setg(errp
, "Cannot change '%s' link from '%s' to '%s'",
4812 i
->backing
->name
, i
->node_name
,
4813 backing_bs(i
)->node_name
);
4822 * Freeze all backing links between @bs and @base.
4823 * If any of the links is already frozen the operation is aborted and
4824 * none of the links are modified.
4825 * @base must be reachable from @bs, or NULL.
4826 * Returns 0 on success. On failure returns < 0 and sets @errp.
4828 int bdrv_freeze_backing_chain(BlockDriverState
*bs
, BlockDriverState
*base
,
4831 BlockDriverState
*i
;
4833 if (bdrv_is_backing_chain_frozen(bs
, base
, errp
)) {
4837 for (i
= bs
; i
!= base
; i
= backing_bs(i
)) {
4838 if (i
->backing
&& backing_bs(i
)->never_freeze
) {
4839 error_setg(errp
, "Cannot freeze '%s' link to '%s'",
4840 i
->backing
->name
, backing_bs(i
)->node_name
);
4845 for (i
= bs
; i
!= base
; i
= backing_bs(i
)) {
4847 i
->backing
->frozen
= true;
4855 * Unfreeze all backing links between @bs and @base. The caller must
4856 * ensure that all links are frozen before using this function.
4857 * @base must be reachable from @bs, or NULL.
4859 void bdrv_unfreeze_backing_chain(BlockDriverState
*bs
, BlockDriverState
*base
)
4861 BlockDriverState
*i
;
4863 for (i
= bs
; i
!= base
; i
= backing_bs(i
)) {
4865 assert(i
->backing
->frozen
);
4866 i
->backing
->frozen
= false;
4872 * Drops images above 'base' up to and including 'top', and sets the image
4873 * above 'top' to have base as its backing file.
4875 * Requires that the overlay to 'top' is opened r/w, so that the backing file
4876 * information in 'bs' can be properly updated.
4878 * E.g., this will convert the following chain:
4879 * bottom <- base <- intermediate <- top <- active
4883 * bottom <- base <- active
4885 * It is allowed for bottom==base, in which case it converts:
4887 * base <- intermediate <- top <- active
4893 * If backing_file_str is non-NULL, it will be used when modifying top's
4894 * overlay image metadata.
4897 * if active == top, that is considered an error
4900 int bdrv_drop_intermediate(BlockDriverState
*top
, BlockDriverState
*base
,
4901 const char *backing_file_str
)
4903 BlockDriverState
*explicit_top
= top
;
4904 bool update_inherits_from
;
4905 BdrvChild
*c
, *next
;
4906 Error
*local_err
= NULL
;
4910 bdrv_subtree_drained_begin(top
);
4912 if (!top
->drv
|| !base
->drv
) {
4916 /* Make sure that base is in the backing chain of top */
4917 if (!bdrv_chain_contains(top
, base
)) {
4921 /* This function changes all links that point to top and makes
4922 * them point to base. Check that none of them is frozen. */
4923 QLIST_FOREACH(c
, &top
->parents
, next_parent
) {
4929 /* If 'base' recursively inherits from 'top' then we should set
4930 * base->inherits_from to top->inherits_from after 'top' and all
4931 * other intermediate nodes have been dropped.
4932 * If 'top' is an implicit node (e.g. "commit_top") we should skip
4933 * it because no one inherits from it. We use explicit_top for that. */
4934 while (explicit_top
&& explicit_top
->implicit
) {
4935 explicit_top
= backing_bs(explicit_top
);
4937 update_inherits_from
= bdrv_inherits_from_recursive(base
, explicit_top
);
4939 /* success - we can delete the intermediate states, and link top->base */
4940 /* TODO Check graph modification op blockers (BLK_PERM_GRAPH_MOD) once
4941 * we've figured out how they should work. */
4942 if (!backing_file_str
) {
4943 bdrv_refresh_filename(base
);
4944 backing_file_str
= base
->filename
;
4947 QLIST_FOREACH_SAFE(c
, &top
->parents
, next_parent
, next
) {
4948 /* Check whether we are allowed to switch c from top to base */
4949 GSList
*ignore_children
= g_slist_prepend(NULL
, c
);
4950 ret
= bdrv_check_update_perm(base
, NULL
, c
->perm
, c
->shared_perm
,
4951 ignore_children
, NULL
, &local_err
);
4952 g_slist_free(ignore_children
);
4954 error_report_err(local_err
);
4958 /* If so, update the backing file path in the image file */
4959 if (c
->klass
->update_filename
) {
4960 ret
= c
->klass
->update_filename(c
, base
, backing_file_str
,
4963 bdrv_abort_perm_update(base
);
4964 error_report_err(local_err
);
4969 /* Do the actual switch in the in-memory graph.
4970 * Completes bdrv_check_update_perm() transaction internally. */
4972 bdrv_replace_child(c
, base
);
4976 if (update_inherits_from
) {
4977 base
->inherits_from
= explicit_top
->inherits_from
;
4982 bdrv_subtree_drained_end(top
);
4988 * Length of a allocated file in bytes. Sparse files are counted by actual
4989 * allocated space. Return < 0 if error or unknown.
4991 int64_t bdrv_get_allocated_file_size(BlockDriverState
*bs
)
4993 BlockDriver
*drv
= bs
->drv
;
4997 if (drv
->bdrv_get_allocated_file_size
) {
4998 return drv
->bdrv_get_allocated_file_size(bs
);
5001 return bdrv_get_allocated_file_size(bs
->file
->bs
);
5008 * @drv: Format driver
5009 * @opts: Creation options for new image
5010 * @in_bs: Existing image containing data for new image (may be NULL)
5011 * @errp: Error object
5012 * Returns: A #BlockMeasureInfo (free using qapi_free_BlockMeasureInfo())
5015 * Calculate file size required to create a new image.
5017 * If @in_bs is given then space for allocated clusters and zero clusters
5018 * from that image are included in the calculation. If @opts contains a
5019 * backing file that is shared by @in_bs then backing clusters may be omitted
5020 * from the calculation.
5022 * If @in_bs is NULL then the calculation includes no allocated clusters
5023 * unless a preallocation option is given in @opts.
5025 * Note that @in_bs may use a different BlockDriver from @drv.
5027 * If an error occurs the @errp pointer is set.
5029 BlockMeasureInfo
*bdrv_measure(BlockDriver
*drv
, QemuOpts
*opts
,
5030 BlockDriverState
*in_bs
, Error
**errp
)
5032 if (!drv
->bdrv_measure
) {
5033 error_setg(errp
, "Block driver '%s' does not support size measurement",
5038 return drv
->bdrv_measure(opts
, in_bs
, errp
);
5042 * Return number of sectors on success, -errno on error.
5044 int64_t bdrv_nb_sectors(BlockDriverState
*bs
)
5046 BlockDriver
*drv
= bs
->drv
;
5051 if (drv
->has_variable_length
) {
5052 int ret
= refresh_total_sectors(bs
, bs
->total_sectors
);
5057 return bs
->total_sectors
;
5061 * Return length in bytes on success, -errno on error.
5062 * The length is always a multiple of BDRV_SECTOR_SIZE.
5064 int64_t bdrv_getlength(BlockDriverState
*bs
)
5066 int64_t ret
= bdrv_nb_sectors(bs
);
5068 ret
= ret
> INT64_MAX
/ BDRV_SECTOR_SIZE
? -EFBIG
: ret
;
5069 return ret
< 0 ? ret
: ret
* BDRV_SECTOR_SIZE
;
5072 /* return 0 as number of sectors if no device present or error */
5073 void bdrv_get_geometry(BlockDriverState
*bs
, uint64_t *nb_sectors_ptr
)
5075 int64_t nb_sectors
= bdrv_nb_sectors(bs
);
5077 *nb_sectors_ptr
= nb_sectors
< 0 ? 0 : nb_sectors
;
5080 bool bdrv_is_sg(BlockDriverState
*bs
)
5085 bool bdrv_is_encrypted(BlockDriverState
*bs
)
5087 if (bs
->backing
&& bs
->backing
->bs
->encrypted
) {
5090 return bs
->encrypted
;
5093 const char *bdrv_get_format_name(BlockDriverState
*bs
)
5095 return bs
->drv
? bs
->drv
->format_name
: NULL
;
5098 static int qsort_strcmp(const void *a
, const void *b
)
5100 return strcmp(*(char *const *)a
, *(char *const *)b
);
5103 void bdrv_iterate_format(void (*it
)(void *opaque
, const char *name
),
5104 void *opaque
, bool read_only
)
5109 const char **formats
= NULL
;
5111 QLIST_FOREACH(drv
, &bdrv_drivers
, list
) {
5112 if (drv
->format_name
) {
5116 if (use_bdrv_whitelist
&& !bdrv_is_whitelisted(drv
, read_only
)) {
5120 while (formats
&& i
&& !found
) {
5121 found
= !strcmp(formats
[--i
], drv
->format_name
);
5125 formats
= g_renew(const char *, formats
, count
+ 1);
5126 formats
[count
++] = drv
->format_name
;
5131 for (i
= 0; i
< (int)ARRAY_SIZE(block_driver_modules
); i
++) {
5132 const char *format_name
= block_driver_modules
[i
].format_name
;
5138 if (use_bdrv_whitelist
&&
5139 !bdrv_format_is_whitelisted(format_name
, read_only
)) {
5143 while (formats
&& j
&& !found
) {
5144 found
= !strcmp(formats
[--j
], format_name
);
5148 formats
= g_renew(const char *, formats
, count
+ 1);
5149 formats
[count
++] = format_name
;
5154 qsort(formats
, count
, sizeof(formats
[0]), qsort_strcmp
);
5156 for (i
= 0; i
< count
; i
++) {
5157 it(opaque
, formats
[i
]);
5163 /* This function is to find a node in the bs graph */
5164 BlockDriverState
*bdrv_find_node(const char *node_name
)
5166 BlockDriverState
*bs
;
5170 QTAILQ_FOREACH(bs
, &graph_bdrv_states
, node_list
) {
5171 if (!strcmp(node_name
, bs
->node_name
)) {
5178 /* Put this QMP function here so it can access the static graph_bdrv_states. */
5179 BlockDeviceInfoList
*bdrv_named_nodes_list(bool flat
,
5182 BlockDeviceInfoList
*list
, *entry
;
5183 BlockDriverState
*bs
;
5186 QTAILQ_FOREACH(bs
, &graph_bdrv_states
, node_list
) {
5187 BlockDeviceInfo
*info
= bdrv_block_device_info(NULL
, bs
, flat
, errp
);
5189 qapi_free_BlockDeviceInfoList(list
);
5192 entry
= g_malloc0(sizeof(*entry
));
5193 entry
->value
= info
;
5201 #define QAPI_LIST_ADD(list, element) do { \
5202 typeof(list) _tmp = g_new(typeof(*(list)), 1); \
5203 _tmp->value = (element); \
5204 _tmp->next = (list); \
5208 typedef struct XDbgBlockGraphConstructor
{
5209 XDbgBlockGraph
*graph
;
5210 GHashTable
*graph_nodes
;
5211 } XDbgBlockGraphConstructor
;
5213 static XDbgBlockGraphConstructor
*xdbg_graph_new(void)
5215 XDbgBlockGraphConstructor
*gr
= g_new(XDbgBlockGraphConstructor
, 1);
5217 gr
->graph
= g_new0(XDbgBlockGraph
, 1);
5218 gr
->graph_nodes
= g_hash_table_new(NULL
, NULL
);
5223 static XDbgBlockGraph
*xdbg_graph_finalize(XDbgBlockGraphConstructor
*gr
)
5225 XDbgBlockGraph
*graph
= gr
->graph
;
5227 g_hash_table_destroy(gr
->graph_nodes
);
5233 static uintptr_t xdbg_graph_node_num(XDbgBlockGraphConstructor
*gr
, void *node
)
5235 uintptr_t ret
= (uintptr_t)g_hash_table_lookup(gr
->graph_nodes
, node
);
5242 * Start counting from 1, not 0, because 0 interferes with not-found (NULL)
5243 * answer of g_hash_table_lookup.
5245 ret
= g_hash_table_size(gr
->graph_nodes
) + 1;
5246 g_hash_table_insert(gr
->graph_nodes
, node
, (void *)ret
);
5251 static void xdbg_graph_add_node(XDbgBlockGraphConstructor
*gr
, void *node
,
5252 XDbgBlockGraphNodeType type
, const char *name
)
5254 XDbgBlockGraphNode
*n
;
5256 n
= g_new0(XDbgBlockGraphNode
, 1);
5258 n
->id
= xdbg_graph_node_num(gr
, node
);
5260 n
->name
= g_strdup(name
);
5262 QAPI_LIST_ADD(gr
->graph
->nodes
, n
);
5265 static void xdbg_graph_add_edge(XDbgBlockGraphConstructor
*gr
, void *parent
,
5266 const BdrvChild
*child
)
5268 BlockPermission qapi_perm
;
5269 XDbgBlockGraphEdge
*edge
;
5271 edge
= g_new0(XDbgBlockGraphEdge
, 1);
5273 edge
->parent
= xdbg_graph_node_num(gr
, parent
);
5274 edge
->child
= xdbg_graph_node_num(gr
, child
->bs
);
5275 edge
->name
= g_strdup(child
->name
);
5277 for (qapi_perm
= 0; qapi_perm
< BLOCK_PERMISSION__MAX
; qapi_perm
++) {
5278 uint64_t flag
= bdrv_qapi_perm_to_blk_perm(qapi_perm
);
5280 if (flag
& child
->perm
) {
5281 QAPI_LIST_ADD(edge
->perm
, qapi_perm
);
5283 if (flag
& child
->shared_perm
) {
5284 QAPI_LIST_ADD(edge
->shared_perm
, qapi_perm
);
5288 QAPI_LIST_ADD(gr
->graph
->edges
, edge
);
5292 XDbgBlockGraph
*bdrv_get_xdbg_block_graph(Error
**errp
)
5296 BlockDriverState
*bs
;
5298 XDbgBlockGraphConstructor
*gr
= xdbg_graph_new();
5300 for (blk
= blk_all_next(NULL
); blk
; blk
= blk_all_next(blk
)) {
5301 char *allocated_name
= NULL
;
5302 const char *name
= blk_name(blk
);
5305 name
= allocated_name
= blk_get_attached_dev_id(blk
);
5307 xdbg_graph_add_node(gr
, blk
, X_DBG_BLOCK_GRAPH_NODE_TYPE_BLOCK_BACKEND
,
5309 g_free(allocated_name
);
5310 if (blk_root(blk
)) {
5311 xdbg_graph_add_edge(gr
, blk
, blk_root(blk
));
5315 for (job
= block_job_next(NULL
); job
; job
= block_job_next(job
)) {
5318 xdbg_graph_add_node(gr
, job
, X_DBG_BLOCK_GRAPH_NODE_TYPE_BLOCK_JOB
,
5320 for (el
= job
->nodes
; el
; el
= el
->next
) {
5321 xdbg_graph_add_edge(gr
, job
, (BdrvChild
*)el
->data
);
5325 QTAILQ_FOREACH(bs
, &graph_bdrv_states
, node_list
) {
5326 xdbg_graph_add_node(gr
, bs
, X_DBG_BLOCK_GRAPH_NODE_TYPE_BLOCK_DRIVER
,
5328 QLIST_FOREACH(child
, &bs
->children
, next
) {
5329 xdbg_graph_add_edge(gr
, bs
, child
);
5333 return xdbg_graph_finalize(gr
);
5336 BlockDriverState
*bdrv_lookup_bs(const char *device
,
5337 const char *node_name
,
5341 BlockDriverState
*bs
;
5344 blk
= blk_by_name(device
);
5349 error_setg(errp
, "Device '%s' has no medium", device
);
5357 bs
= bdrv_find_node(node_name
);
5364 error_setg(errp
, "Cannot find device=%s nor node_name=%s",
5365 device
? device
: "",
5366 node_name
? node_name
: "");
5370 /* If 'base' is in the same chain as 'top', return true. Otherwise,
5371 * return false. If either argument is NULL, return false. */
5372 bool bdrv_chain_contains(BlockDriverState
*top
, BlockDriverState
*base
)
5374 while (top
&& top
!= base
) {
5375 top
= backing_bs(top
);
5381 BlockDriverState
*bdrv_next_node(BlockDriverState
*bs
)
5384 return QTAILQ_FIRST(&graph_bdrv_states
);
5386 return QTAILQ_NEXT(bs
, node_list
);
5389 BlockDriverState
*bdrv_next_all_states(BlockDriverState
*bs
)
5392 return QTAILQ_FIRST(&all_bdrv_states
);
5394 return QTAILQ_NEXT(bs
, bs_list
);
5397 const char *bdrv_get_node_name(const BlockDriverState
*bs
)
5399 return bs
->node_name
;
5402 const char *bdrv_get_parent_name(const BlockDriverState
*bs
)
5407 /* If multiple parents have a name, just pick the first one. */
5408 QLIST_FOREACH(c
, &bs
->parents
, next_parent
) {
5409 if (c
->klass
->get_name
) {
5410 name
= c
->klass
->get_name(c
);
5411 if (name
&& *name
) {
5420 /* TODO check what callers really want: bs->node_name or blk_name() */
5421 const char *bdrv_get_device_name(const BlockDriverState
*bs
)
5423 return bdrv_get_parent_name(bs
) ?: "";
5426 /* This can be used to identify nodes that might not have a device
5427 * name associated. Since node and device names live in the same
5428 * namespace, the result is unambiguous. The exception is if both are
5429 * absent, then this returns an empty (non-null) string. */
5430 const char *bdrv_get_device_or_node_name(const BlockDriverState
*bs
)
5432 return bdrv_get_parent_name(bs
) ?: bs
->node_name
;
5435 int bdrv_get_flags(BlockDriverState
*bs
)
5437 return bs
->open_flags
;
5440 int bdrv_has_zero_init_1(BlockDriverState
*bs
)
5445 int bdrv_has_zero_init(BlockDriverState
*bs
)
5451 /* If BS is a copy on write image, it is initialized to
5452 the contents of the base image, which may not be zeroes. */
5456 if (bs
->drv
->bdrv_has_zero_init
) {
5457 return bs
->drv
->bdrv_has_zero_init(bs
);
5459 if (bs
->file
&& bs
->drv
->is_filter
) {
5460 return bdrv_has_zero_init(bs
->file
->bs
);
5467 bool bdrv_unallocated_blocks_are_zero(BlockDriverState
*bs
)
5469 BlockDriverInfo bdi
;
5475 if (bdrv_get_info(bs
, &bdi
) == 0) {
5476 return bdi
.unallocated_blocks_are_zero
;
5482 bool bdrv_can_write_zeroes_with_unmap(BlockDriverState
*bs
)
5484 if (!(bs
->open_flags
& BDRV_O_UNMAP
)) {
5488 return bs
->supported_zero_flags
& BDRV_REQ_MAY_UNMAP
;
5491 void bdrv_get_backing_filename(BlockDriverState
*bs
,
5492 char *filename
, int filename_size
)
5494 pstrcpy(filename
, filename_size
, bs
->backing_file
);
5497 int bdrv_get_info(BlockDriverState
*bs
, BlockDriverInfo
*bdi
)
5499 BlockDriver
*drv
= bs
->drv
;
5500 /* if bs->drv == NULL, bs is closed, so there's nothing to do here */
5504 if (!drv
->bdrv_get_info
) {
5505 if (bs
->file
&& drv
->is_filter
) {
5506 return bdrv_get_info(bs
->file
->bs
, bdi
);
5510 memset(bdi
, 0, sizeof(*bdi
));
5511 return drv
->bdrv_get_info(bs
, bdi
);
5514 ImageInfoSpecific
*bdrv_get_specific_info(BlockDriverState
*bs
,
5517 BlockDriver
*drv
= bs
->drv
;
5518 if (drv
&& drv
->bdrv_get_specific_info
) {
5519 return drv
->bdrv_get_specific_info(bs
, errp
);
5524 BlockStatsSpecific
*bdrv_get_specific_stats(BlockDriverState
*bs
)
5526 BlockDriver
*drv
= bs
->drv
;
5527 if (!drv
|| !drv
->bdrv_get_specific_stats
) {
5530 return drv
->bdrv_get_specific_stats(bs
);
5533 void bdrv_debug_event(BlockDriverState
*bs
, BlkdebugEvent event
)
5535 if (!bs
|| !bs
->drv
|| !bs
->drv
->bdrv_debug_event
) {
5539 bs
->drv
->bdrv_debug_event(bs
, event
);
5542 static BlockDriverState
*bdrv_find_debug_node(BlockDriverState
*bs
)
5544 while (bs
&& bs
->drv
&& !bs
->drv
->bdrv_debug_breakpoint
) {
5550 if (bs
->drv
->is_filter
&& bs
->backing
) {
5551 bs
= bs
->backing
->bs
;
5558 if (bs
&& bs
->drv
&& bs
->drv
->bdrv_debug_breakpoint
) {
5559 assert(bs
->drv
->bdrv_debug_remove_breakpoint
);
5566 int bdrv_debug_breakpoint(BlockDriverState
*bs
, const char *event
,
5569 bs
= bdrv_find_debug_node(bs
);
5571 return bs
->drv
->bdrv_debug_breakpoint(bs
, event
, tag
);
5577 int bdrv_debug_remove_breakpoint(BlockDriverState
*bs
, const char *tag
)
5579 bs
= bdrv_find_debug_node(bs
);
5581 return bs
->drv
->bdrv_debug_remove_breakpoint(bs
, tag
);
5587 int bdrv_debug_resume(BlockDriverState
*bs
, const char *tag
)
5589 while (bs
&& (!bs
->drv
|| !bs
->drv
->bdrv_debug_resume
)) {
5590 bs
= bs
->file
? bs
->file
->bs
: NULL
;
5593 if (bs
&& bs
->drv
&& bs
->drv
->bdrv_debug_resume
) {
5594 return bs
->drv
->bdrv_debug_resume(bs
, tag
);
5600 bool bdrv_debug_is_suspended(BlockDriverState
*bs
, const char *tag
)
5602 while (bs
&& bs
->drv
&& !bs
->drv
->bdrv_debug_is_suspended
) {
5603 bs
= bs
->file
? bs
->file
->bs
: NULL
;
5606 if (bs
&& bs
->drv
&& bs
->drv
->bdrv_debug_is_suspended
) {
5607 return bs
->drv
->bdrv_debug_is_suspended(bs
, tag
);
5613 /* backing_file can either be relative, or absolute, or a protocol. If it is
5614 * relative, it must be relative to the chain. So, passing in bs->filename
5615 * from a BDS as backing_file should not be done, as that may be relative to
5616 * the CWD rather than the chain. */
5617 BlockDriverState
*bdrv_find_backing_image(BlockDriverState
*bs
,
5618 const char *backing_file
)
5620 char *filename_full
= NULL
;
5621 char *backing_file_full
= NULL
;
5622 char *filename_tmp
= NULL
;
5623 int is_protocol
= 0;
5624 BlockDriverState
*curr_bs
= NULL
;
5625 BlockDriverState
*retval
= NULL
;
5627 if (!bs
|| !bs
->drv
|| !backing_file
) {
5631 filename_full
= g_malloc(PATH_MAX
);
5632 backing_file_full
= g_malloc(PATH_MAX
);
5634 is_protocol
= path_has_protocol(backing_file
);
5636 for (curr_bs
= bs
; curr_bs
->backing
; curr_bs
= curr_bs
->backing
->bs
) {
5638 /* If either of the filename paths is actually a protocol, then
5639 * compare unmodified paths; otherwise make paths relative */
5640 if (is_protocol
|| path_has_protocol(curr_bs
->backing_file
)) {
5641 char *backing_file_full_ret
;
5643 if (strcmp(backing_file
, curr_bs
->backing_file
) == 0) {
5644 retval
= curr_bs
->backing
->bs
;
5647 /* Also check against the full backing filename for the image */
5648 backing_file_full_ret
= bdrv_get_full_backing_filename(curr_bs
,
5650 if (backing_file_full_ret
) {
5651 bool equal
= strcmp(backing_file
, backing_file_full_ret
) == 0;
5652 g_free(backing_file_full_ret
);
5654 retval
= curr_bs
->backing
->bs
;
5659 /* If not an absolute filename path, make it relative to the current
5660 * image's filename path */
5661 filename_tmp
= bdrv_make_absolute_filename(curr_bs
, backing_file
,
5663 /* We are going to compare canonicalized absolute pathnames */
5664 if (!filename_tmp
|| !realpath(filename_tmp
, filename_full
)) {
5665 g_free(filename_tmp
);
5668 g_free(filename_tmp
);
5670 /* We need to make sure the backing filename we are comparing against
5671 * is relative to the current image filename (or absolute) */
5672 filename_tmp
= bdrv_get_full_backing_filename(curr_bs
, NULL
);
5673 if (!filename_tmp
|| !realpath(filename_tmp
, backing_file_full
)) {
5674 g_free(filename_tmp
);
5677 g_free(filename_tmp
);
5679 if (strcmp(backing_file_full
, filename_full
) == 0) {
5680 retval
= curr_bs
->backing
->bs
;
5686 g_free(filename_full
);
5687 g_free(backing_file_full
);
5691 void bdrv_init(void)
5693 module_call_init(MODULE_INIT_BLOCK
);
5696 void bdrv_init_with_whitelist(void)
5698 use_bdrv_whitelist
= 1;
5702 static void coroutine_fn
bdrv_co_invalidate_cache(BlockDriverState
*bs
,
5705 BdrvChild
*child
, *parent
;
5706 uint64_t perm
, shared_perm
;
5707 Error
*local_err
= NULL
;
5709 BdrvDirtyBitmap
*bm
;
5715 QLIST_FOREACH(child
, &bs
->children
, next
) {
5716 bdrv_co_invalidate_cache(child
->bs
, &local_err
);
5718 error_propagate(errp
, local_err
);
5724 * Update permissions, they may differ for inactive nodes.
5726 * Note that the required permissions of inactive images are always a
5727 * subset of the permissions required after activating the image. This
5728 * allows us to just get the permissions upfront without restricting
5729 * drv->bdrv_invalidate_cache().
5731 * It also means that in error cases, we don't have to try and revert to
5732 * the old permissions (which is an operation that could fail, too). We can
5733 * just keep the extended permissions for the next time that an activation
5734 * of the image is tried.
5736 if (bs
->open_flags
& BDRV_O_INACTIVE
) {
5737 bs
->open_flags
&= ~BDRV_O_INACTIVE
;
5738 bdrv_get_cumulative_perm(bs
, &perm
, &shared_perm
);
5739 ret
= bdrv_check_perm(bs
, NULL
, perm
, shared_perm
, NULL
, NULL
, &local_err
);
5741 bs
->open_flags
|= BDRV_O_INACTIVE
;
5742 error_propagate(errp
, local_err
);
5745 bdrv_set_perm(bs
, perm
, shared_perm
);
5747 if (bs
->drv
->bdrv_co_invalidate_cache
) {
5748 bs
->drv
->bdrv_co_invalidate_cache(bs
, &local_err
);
5750 bs
->open_flags
|= BDRV_O_INACTIVE
;
5751 error_propagate(errp
, local_err
);
5756 FOR_EACH_DIRTY_BITMAP(bs
, bm
) {
5757 bdrv_dirty_bitmap_skip_store(bm
, false);
5760 ret
= refresh_total_sectors(bs
, bs
->total_sectors
);
5762 bs
->open_flags
|= BDRV_O_INACTIVE
;
5763 error_setg_errno(errp
, -ret
, "Could not refresh total sector count");
5768 QLIST_FOREACH(parent
, &bs
->parents
, next_parent
) {
5769 if (parent
->klass
->activate
) {
5770 parent
->klass
->activate(parent
, &local_err
);
5772 bs
->open_flags
|= BDRV_O_INACTIVE
;
5773 error_propagate(errp
, local_err
);
5780 typedef struct InvalidateCacheCo
{
5781 BlockDriverState
*bs
;
5784 } InvalidateCacheCo
;
5786 static void coroutine_fn
bdrv_invalidate_cache_co_entry(void *opaque
)
5788 InvalidateCacheCo
*ico
= opaque
;
5789 bdrv_co_invalidate_cache(ico
->bs
, ico
->errp
);
5794 void bdrv_invalidate_cache(BlockDriverState
*bs
, Error
**errp
)
5797 InvalidateCacheCo ico
= {
5803 if (qemu_in_coroutine()) {
5804 /* Fast-path if already in coroutine context */
5805 bdrv_invalidate_cache_co_entry(&ico
);
5807 co
= qemu_coroutine_create(bdrv_invalidate_cache_co_entry
, &ico
);
5808 bdrv_coroutine_enter(bs
, co
);
5809 BDRV_POLL_WHILE(bs
, !ico
.done
);
5813 void bdrv_invalidate_cache_all(Error
**errp
)
5815 BlockDriverState
*bs
;
5816 Error
*local_err
= NULL
;
5817 BdrvNextIterator it
;
5819 for (bs
= bdrv_first(&it
); bs
; bs
= bdrv_next(&it
)) {
5820 AioContext
*aio_context
= bdrv_get_aio_context(bs
);
5822 aio_context_acquire(aio_context
);
5823 bdrv_invalidate_cache(bs
, &local_err
);
5824 aio_context_release(aio_context
);
5826 error_propagate(errp
, local_err
);
5827 bdrv_next_cleanup(&it
);
5833 static bool bdrv_has_bds_parent(BlockDriverState
*bs
, bool only_active
)
5837 QLIST_FOREACH(parent
, &bs
->parents
, next_parent
) {
5838 if (parent
->klass
->parent_is_bds
) {
5839 BlockDriverState
*parent_bs
= parent
->opaque
;
5840 if (!only_active
|| !(parent_bs
->open_flags
& BDRV_O_INACTIVE
)) {
5849 static int bdrv_inactivate_recurse(BlockDriverState
*bs
)
5851 BdrvChild
*child
, *parent
;
5852 bool tighten_restrictions
;
5853 uint64_t perm
, shared_perm
;
5860 /* Make sure that we don't inactivate a child before its parent.
5861 * It will be covered by recursion from the yet active parent. */
5862 if (bdrv_has_bds_parent(bs
, true)) {
5866 assert(!(bs
->open_flags
& BDRV_O_INACTIVE
));
5868 /* Inactivate this node */
5869 if (bs
->drv
->bdrv_inactivate
) {
5870 ret
= bs
->drv
->bdrv_inactivate(bs
);
5876 QLIST_FOREACH(parent
, &bs
->parents
, next_parent
) {
5877 if (parent
->klass
->inactivate
) {
5878 ret
= parent
->klass
->inactivate(parent
);
5885 bs
->open_flags
|= BDRV_O_INACTIVE
;
5887 /* Update permissions, they may differ for inactive nodes */
5888 bdrv_get_cumulative_perm(bs
, &perm
, &shared_perm
);
5889 ret
= bdrv_check_perm(bs
, NULL
, perm
, shared_perm
, NULL
,
5890 &tighten_restrictions
, NULL
);
5891 assert(tighten_restrictions
== false);
5893 /* We only tried to loosen restrictions, so errors are not fatal */
5894 bdrv_abort_perm_update(bs
);
5896 bdrv_set_perm(bs
, perm
, shared_perm
);
5900 /* Recursively inactivate children */
5901 QLIST_FOREACH(child
, &bs
->children
, next
) {
5902 ret
= bdrv_inactivate_recurse(child
->bs
);
5911 int bdrv_inactivate_all(void)
5913 BlockDriverState
*bs
= NULL
;
5914 BdrvNextIterator it
;
5916 GSList
*aio_ctxs
= NULL
, *ctx
;
5918 for (bs
= bdrv_first(&it
); bs
; bs
= bdrv_next(&it
)) {
5919 AioContext
*aio_context
= bdrv_get_aio_context(bs
);
5921 if (!g_slist_find(aio_ctxs
, aio_context
)) {
5922 aio_ctxs
= g_slist_prepend(aio_ctxs
, aio_context
);
5923 aio_context_acquire(aio_context
);
5927 for (bs
= bdrv_first(&it
); bs
; bs
= bdrv_next(&it
)) {
5928 /* Nodes with BDS parents are covered by recursion from the last
5929 * parent that gets inactivated. Don't inactivate them a second
5930 * time if that has already happened. */
5931 if (bdrv_has_bds_parent(bs
, false)) {
5934 ret
= bdrv_inactivate_recurse(bs
);
5936 bdrv_next_cleanup(&it
);
5942 for (ctx
= aio_ctxs
; ctx
!= NULL
; ctx
= ctx
->next
) {
5943 AioContext
*aio_context
= ctx
->data
;
5944 aio_context_release(aio_context
);
5946 g_slist_free(aio_ctxs
);
5951 /**************************************************************/
5952 /* removable device support */
5955 * Return TRUE if the media is present
5957 bool bdrv_is_inserted(BlockDriverState
*bs
)
5959 BlockDriver
*drv
= bs
->drv
;
5965 if (drv
->bdrv_is_inserted
) {
5966 return drv
->bdrv_is_inserted(bs
);
5968 QLIST_FOREACH(child
, &bs
->children
, next
) {
5969 if (!bdrv_is_inserted(child
->bs
)) {
5977 * If eject_flag is TRUE, eject the media. Otherwise, close the tray
5979 void bdrv_eject(BlockDriverState
*bs
, bool eject_flag
)
5981 BlockDriver
*drv
= bs
->drv
;
5983 if (drv
&& drv
->bdrv_eject
) {
5984 drv
->bdrv_eject(bs
, eject_flag
);
5989 * Lock or unlock the media (if it is locked, the user won't be able
5990 * to eject it manually).
5992 void bdrv_lock_medium(BlockDriverState
*bs
, bool locked
)
5994 BlockDriver
*drv
= bs
->drv
;
5996 trace_bdrv_lock_medium(bs
, locked
);
5998 if (drv
&& drv
->bdrv_lock_medium
) {
5999 drv
->bdrv_lock_medium(bs
, locked
);
6003 /* Get a reference to bs */
6004 void bdrv_ref(BlockDriverState
*bs
)
6009 /* Release a previously grabbed reference to bs.
6010 * If after releasing, reference count is zero, the BlockDriverState is
6012 void bdrv_unref(BlockDriverState
*bs
)
6017 assert(bs
->refcnt
> 0);
6018 if (--bs
->refcnt
== 0) {
6023 struct BdrvOpBlocker
{
6025 QLIST_ENTRY(BdrvOpBlocker
) list
;
6028 bool bdrv_op_is_blocked(BlockDriverState
*bs
, BlockOpType op
, Error
**errp
)
6030 BdrvOpBlocker
*blocker
;
6031 assert((int) op
>= 0 && op
< BLOCK_OP_TYPE_MAX
);
6032 if (!QLIST_EMPTY(&bs
->op_blockers
[op
])) {
6033 blocker
= QLIST_FIRST(&bs
->op_blockers
[op
]);
6034 error_propagate_prepend(errp
, error_copy(blocker
->reason
),
6035 "Node '%s' is busy: ",
6036 bdrv_get_device_or_node_name(bs
));
6042 void bdrv_op_block(BlockDriverState
*bs
, BlockOpType op
, Error
*reason
)
6044 BdrvOpBlocker
*blocker
;
6045 assert((int) op
>= 0 && op
< BLOCK_OP_TYPE_MAX
);
6047 blocker
= g_new0(BdrvOpBlocker
, 1);
6048 blocker
->reason
= reason
;
6049 QLIST_INSERT_HEAD(&bs
->op_blockers
[op
], blocker
, list
);
6052 void bdrv_op_unblock(BlockDriverState
*bs
, BlockOpType op
, Error
*reason
)
6054 BdrvOpBlocker
*blocker
, *next
;
6055 assert((int) op
>= 0 && op
< BLOCK_OP_TYPE_MAX
);
6056 QLIST_FOREACH_SAFE(blocker
, &bs
->op_blockers
[op
], list
, next
) {
6057 if (blocker
->reason
== reason
) {
6058 QLIST_REMOVE(blocker
, list
);
6064 void bdrv_op_block_all(BlockDriverState
*bs
, Error
*reason
)
6067 for (i
= 0; i
< BLOCK_OP_TYPE_MAX
; i
++) {
6068 bdrv_op_block(bs
, i
, reason
);
6072 void bdrv_op_unblock_all(BlockDriverState
*bs
, Error
*reason
)
6075 for (i
= 0; i
< BLOCK_OP_TYPE_MAX
; i
++) {
6076 bdrv_op_unblock(bs
, i
, reason
);
6080 bool bdrv_op_blocker_is_empty(BlockDriverState
*bs
)
6084 for (i
= 0; i
< BLOCK_OP_TYPE_MAX
; i
++) {
6085 if (!QLIST_EMPTY(&bs
->op_blockers
[i
])) {
6092 void bdrv_img_create(const char *filename
, const char *fmt
,
6093 const char *base_filename
, const char *base_fmt
,
6094 char *options
, uint64_t img_size
, int flags
, bool quiet
,
6097 QemuOptsList
*create_opts
= NULL
;
6098 QemuOpts
*opts
= NULL
;
6099 const char *backing_fmt
, *backing_file
;
6101 BlockDriver
*drv
, *proto_drv
;
6102 Error
*local_err
= NULL
;
6105 /* Find driver and parse its options */
6106 drv
= bdrv_find_format(fmt
);
6108 error_setg(errp
, "Unknown file format '%s'", fmt
);
6112 proto_drv
= bdrv_find_protocol(filename
, true, errp
);
6117 if (!drv
->create_opts
) {
6118 error_setg(errp
, "Format driver '%s' does not support image creation",
6123 if (!proto_drv
->create_opts
) {
6124 error_setg(errp
, "Protocol driver '%s' does not support image creation",
6125 proto_drv
->format_name
);
6129 /* Create parameter list */
6130 create_opts
= qemu_opts_append(create_opts
, drv
->create_opts
);
6131 create_opts
= qemu_opts_append(create_opts
, proto_drv
->create_opts
);
6133 opts
= qemu_opts_create(create_opts
, NULL
, 0, &error_abort
);
6135 /* Parse -o options */
6137 qemu_opts_do_parse(opts
, options
, NULL
, &local_err
);
6143 if (!qemu_opt_get(opts
, BLOCK_OPT_SIZE
)) {
6144 qemu_opt_set_number(opts
, BLOCK_OPT_SIZE
, img_size
, &error_abort
);
6145 } else if (img_size
!= UINT64_C(-1)) {
6146 error_setg(errp
, "The image size must be specified only once");
6150 if (base_filename
) {
6151 qemu_opt_set(opts
, BLOCK_OPT_BACKING_FILE
, base_filename
, &local_err
);
6153 error_setg(errp
, "Backing file not supported for file format '%s'",
6160 qemu_opt_set(opts
, BLOCK_OPT_BACKING_FMT
, base_fmt
, &local_err
);
6162 error_setg(errp
, "Backing file format not supported for file "
6163 "format '%s'", fmt
);
6168 backing_file
= qemu_opt_get(opts
, BLOCK_OPT_BACKING_FILE
);
6170 if (!strcmp(filename
, backing_file
)) {
6171 error_setg(errp
, "Error: Trying to create an image with the "
6172 "same filename as the backing file");
6177 backing_fmt
= qemu_opt_get(opts
, BLOCK_OPT_BACKING_FMT
);
6179 /* The size for the image must always be specified, unless we have a backing
6180 * file and we have not been forbidden from opening it. */
6181 size
= qemu_opt_get_size(opts
, BLOCK_OPT_SIZE
, img_size
);
6182 if (backing_file
&& !(flags
& BDRV_O_NO_BACKING
)) {
6183 BlockDriverState
*bs
;
6186 QDict
*backing_options
= NULL
;
6189 bdrv_get_full_backing_filename_from_filename(filename
, backing_file
,
6194 assert(full_backing
);
6196 /* backing files always opened read-only */
6198 back_flags
&= ~(BDRV_O_RDWR
| BDRV_O_SNAPSHOT
| BDRV_O_NO_BACKING
);
6200 backing_options
= qdict_new();
6202 qdict_put_str(backing_options
, "driver", backing_fmt
);
6204 qdict_put_bool(backing_options
, BDRV_OPT_FORCE_SHARE
, true);
6206 bs
= bdrv_open(full_backing
, NULL
, backing_options
, back_flags
,
6208 g_free(full_backing
);
6209 if (!bs
&& size
!= -1) {
6210 /* Couldn't open BS, but we have a size, so it's nonfatal */
6211 warn_reportf_err(local_err
,
6212 "Could not verify backing image. "
6213 "This may become an error in future versions.\n");
6216 /* Couldn't open bs, do not have size */
6217 error_append_hint(&local_err
,
6218 "Could not open backing image to determine size.\n");
6222 /* Opened BS, have no size */
6223 size
= bdrv_getlength(bs
);
6225 error_setg_errno(errp
, -size
, "Could not get size of '%s'",
6230 qemu_opt_set_number(opts
, BLOCK_OPT_SIZE
, size
, &error_abort
);
6234 } /* (backing_file && !(flags & BDRV_O_NO_BACKING)) */
6237 error_setg(errp
, "Image creation needs a size parameter");
6242 printf("Formatting '%s', fmt=%s ", filename
, fmt
);
6243 qemu_opts_print(opts
, " ");
6247 ret
= bdrv_create(drv
, filename
, opts
, &local_err
);
6249 if (ret
== -EFBIG
) {
6250 /* This is generally a better message than whatever the driver would
6251 * deliver (especially because of the cluster_size_hint), since that
6252 * is most probably not much different from "image too large". */
6253 const char *cluster_size_hint
= "";
6254 if (qemu_opt_get_size(opts
, BLOCK_OPT_CLUSTER_SIZE
, 0)) {
6255 cluster_size_hint
= " (try using a larger cluster size)";
6257 error_setg(errp
, "The image size is too large for file format '%s'"
6258 "%s", fmt
, cluster_size_hint
);
6259 error_free(local_err
);
6264 qemu_opts_del(opts
);
6265 qemu_opts_free(create_opts
);
6266 error_propagate(errp
, local_err
);
6269 AioContext
*bdrv_get_aio_context(BlockDriverState
*bs
)
6271 return bs
? bs
->aio_context
: qemu_get_aio_context();
6274 void bdrv_coroutine_enter(BlockDriverState
*bs
, Coroutine
*co
)
6276 aio_co_enter(bdrv_get_aio_context(bs
), co
);
6279 static void bdrv_do_remove_aio_context_notifier(BdrvAioNotifier
*ban
)
6281 QLIST_REMOVE(ban
, list
);
6285 static void bdrv_detach_aio_context(BlockDriverState
*bs
)
6287 BdrvAioNotifier
*baf
, *baf_tmp
;
6289 assert(!bs
->walking_aio_notifiers
);
6290 bs
->walking_aio_notifiers
= true;
6291 QLIST_FOREACH_SAFE(baf
, &bs
->aio_notifiers
, list
, baf_tmp
) {
6293 bdrv_do_remove_aio_context_notifier(baf
);
6295 baf
->detach_aio_context(baf
->opaque
);
6298 /* Never mind iterating again to check for ->deleted. bdrv_close() will
6299 * remove remaining aio notifiers if we aren't called again.
6301 bs
->walking_aio_notifiers
= false;
6303 if (bs
->drv
&& bs
->drv
->bdrv_detach_aio_context
) {
6304 bs
->drv
->bdrv_detach_aio_context(bs
);
6307 if (bs
->quiesce_counter
) {
6308 aio_enable_external(bs
->aio_context
);
6310 bs
->aio_context
= NULL
;
6313 static void bdrv_attach_aio_context(BlockDriverState
*bs
,
6314 AioContext
*new_context
)
6316 BdrvAioNotifier
*ban
, *ban_tmp
;
6318 if (bs
->quiesce_counter
) {
6319 aio_disable_external(new_context
);
6322 bs
->aio_context
= new_context
;
6324 if (bs
->drv
&& bs
->drv
->bdrv_attach_aio_context
) {
6325 bs
->drv
->bdrv_attach_aio_context(bs
, new_context
);
6328 assert(!bs
->walking_aio_notifiers
);
6329 bs
->walking_aio_notifiers
= true;
6330 QLIST_FOREACH_SAFE(ban
, &bs
->aio_notifiers
, list
, ban_tmp
) {
6332 bdrv_do_remove_aio_context_notifier(ban
);
6334 ban
->attached_aio_context(new_context
, ban
->opaque
);
6337 bs
->walking_aio_notifiers
= false;
6341 * Changes the AioContext used for fd handlers, timers, and BHs by this
6342 * BlockDriverState and all its children and parents.
6344 * Must be called from the main AioContext.
6346 * The caller must own the AioContext lock for the old AioContext of bs, but it
6347 * must not own the AioContext lock for new_context (unless new_context is the
6348 * same as the current context of bs).
6350 * @ignore will accumulate all visited BdrvChild object. The caller is
6351 * responsible for freeing the list afterwards.
6353 void bdrv_set_aio_context_ignore(BlockDriverState
*bs
,
6354 AioContext
*new_context
, GSList
**ignore
)
6356 AioContext
*old_context
= bdrv_get_aio_context(bs
);
6359 g_assert(qemu_get_current_aio_context() == qemu_get_aio_context());
6361 if (old_context
== new_context
) {
6365 bdrv_drained_begin(bs
);
6367 QLIST_FOREACH(child
, &bs
->children
, next
) {
6368 if (g_slist_find(*ignore
, child
)) {
6371 *ignore
= g_slist_prepend(*ignore
, child
);
6372 bdrv_set_aio_context_ignore(child
->bs
, new_context
, ignore
);
6374 QLIST_FOREACH(child
, &bs
->parents
, next_parent
) {
6375 if (g_slist_find(*ignore
, child
)) {
6378 assert(child
->klass
->set_aio_ctx
);
6379 *ignore
= g_slist_prepend(*ignore
, child
);
6380 child
->klass
->set_aio_ctx(child
, new_context
, ignore
);
6383 bdrv_detach_aio_context(bs
);
6385 /* Acquire the new context, if necessary */
6386 if (qemu_get_aio_context() != new_context
) {
6387 aio_context_acquire(new_context
);
6390 bdrv_attach_aio_context(bs
, new_context
);
6393 * If this function was recursively called from
6394 * bdrv_set_aio_context_ignore(), there may be nodes in the
6395 * subtree that have not yet been moved to the new AioContext.
6396 * Release the old one so bdrv_drained_end() can poll them.
6398 if (qemu_get_aio_context() != old_context
) {
6399 aio_context_release(old_context
);
6402 bdrv_drained_end(bs
);
6404 if (qemu_get_aio_context() != old_context
) {
6405 aio_context_acquire(old_context
);
6407 if (qemu_get_aio_context() != new_context
) {
6408 aio_context_release(new_context
);
6412 static bool bdrv_parent_can_set_aio_context(BdrvChild
*c
, AioContext
*ctx
,
6413 GSList
**ignore
, Error
**errp
)
6415 if (g_slist_find(*ignore
, c
)) {
6418 *ignore
= g_slist_prepend(*ignore
, c
);
6421 * A BdrvChildClass that doesn't handle AioContext changes cannot
6422 * tolerate any AioContext changes
6424 if (!c
->klass
->can_set_aio_ctx
) {
6425 char *user
= bdrv_child_user_desc(c
);
6426 error_setg(errp
, "Changing iothreads is not supported by %s", user
);
6430 if (!c
->klass
->can_set_aio_ctx(c
, ctx
, ignore
, errp
)) {
6431 assert(!errp
|| *errp
);
6437 bool bdrv_child_can_set_aio_context(BdrvChild
*c
, AioContext
*ctx
,
6438 GSList
**ignore
, Error
**errp
)
6440 if (g_slist_find(*ignore
, c
)) {
6443 *ignore
= g_slist_prepend(*ignore
, c
);
6444 return bdrv_can_set_aio_context(c
->bs
, ctx
, ignore
, errp
);
6447 /* @ignore will accumulate all visited BdrvChild object. The caller is
6448 * responsible for freeing the list afterwards. */
6449 bool bdrv_can_set_aio_context(BlockDriverState
*bs
, AioContext
*ctx
,
6450 GSList
**ignore
, Error
**errp
)
6454 if (bdrv_get_aio_context(bs
) == ctx
) {
6458 QLIST_FOREACH(c
, &bs
->parents
, next_parent
) {
6459 if (!bdrv_parent_can_set_aio_context(c
, ctx
, ignore
, errp
)) {
6463 QLIST_FOREACH(c
, &bs
->children
, next
) {
6464 if (!bdrv_child_can_set_aio_context(c
, ctx
, ignore
, errp
)) {
6472 int bdrv_child_try_set_aio_context(BlockDriverState
*bs
, AioContext
*ctx
,
6473 BdrvChild
*ignore_child
, Error
**errp
)
6478 ignore
= ignore_child
? g_slist_prepend(NULL
, ignore_child
) : NULL
;
6479 ret
= bdrv_can_set_aio_context(bs
, ctx
, &ignore
, errp
);
6480 g_slist_free(ignore
);
6486 ignore
= ignore_child
? g_slist_prepend(NULL
, ignore_child
) : NULL
;
6487 bdrv_set_aio_context_ignore(bs
, ctx
, &ignore
);
6488 g_slist_free(ignore
);
6493 int bdrv_try_set_aio_context(BlockDriverState
*bs
, AioContext
*ctx
,
6496 return bdrv_child_try_set_aio_context(bs
, ctx
, NULL
, errp
);
6499 void bdrv_add_aio_context_notifier(BlockDriverState
*bs
,
6500 void (*attached_aio_context
)(AioContext
*new_context
, void *opaque
),
6501 void (*detach_aio_context
)(void *opaque
), void *opaque
)
6503 BdrvAioNotifier
*ban
= g_new(BdrvAioNotifier
, 1);
6504 *ban
= (BdrvAioNotifier
){
6505 .attached_aio_context
= attached_aio_context
,
6506 .detach_aio_context
= detach_aio_context
,
6510 QLIST_INSERT_HEAD(&bs
->aio_notifiers
, ban
, list
);
6513 void bdrv_remove_aio_context_notifier(BlockDriverState
*bs
,
6514 void (*attached_aio_context
)(AioContext
*,
6516 void (*detach_aio_context
)(void *),
6519 BdrvAioNotifier
*ban
, *ban_next
;
6521 QLIST_FOREACH_SAFE(ban
, &bs
->aio_notifiers
, list
, ban_next
) {
6522 if (ban
->attached_aio_context
== attached_aio_context
&&
6523 ban
->detach_aio_context
== detach_aio_context
&&
6524 ban
->opaque
== opaque
&&
6525 ban
->deleted
== false)
6527 if (bs
->walking_aio_notifiers
) {
6528 ban
->deleted
= true;
6530 bdrv_do_remove_aio_context_notifier(ban
);
6539 int bdrv_amend_options(BlockDriverState
*bs
, QemuOpts
*opts
,
6540 BlockDriverAmendStatusCB
*status_cb
, void *cb_opaque
,
6544 error_setg(errp
, "Node is ejected");
6547 if (!bs
->drv
->bdrv_amend_options
) {
6548 error_setg(errp
, "Block driver '%s' does not support option amendment",
6549 bs
->drv
->format_name
);
6552 return bs
->drv
->bdrv_amend_options(bs
, opts
, status_cb
, cb_opaque
, errp
);
6556 * This function checks whether the given @to_replace is allowed to be
6557 * replaced by a node that always shows the same data as @bs. This is
6558 * used for example to verify whether the mirror job can replace
6559 * @to_replace by the target mirrored from @bs.
6560 * To be replaceable, @bs and @to_replace may either be guaranteed to
6561 * always show the same data (because they are only connected through
6562 * filters), or some driver may allow replacing one of its children
6563 * because it can guarantee that this child's data is not visible at
6564 * all (for example, for dissenting quorum children that have no other
6567 bool bdrv_recurse_can_replace(BlockDriverState
*bs
,
6568 BlockDriverState
*to_replace
)
6570 if (!bs
|| !bs
->drv
) {
6574 if (bs
== to_replace
) {
6578 /* See what the driver can do */
6579 if (bs
->drv
->bdrv_recurse_can_replace
) {
6580 return bs
->drv
->bdrv_recurse_can_replace(bs
, to_replace
);
6583 /* For filters without an own implementation, we can recurse on our own */
6584 if (bs
->drv
->is_filter
) {
6585 BdrvChild
*child
= bs
->file
?: bs
->backing
;
6586 return bdrv_recurse_can_replace(child
->bs
, to_replace
);
6594 * Check whether the given @node_name can be replaced by a node that
6595 * has the same data as @parent_bs. If so, return @node_name's BDS;
6598 * @node_name must be a (recursive) *child of @parent_bs (or this
6599 * function will return NULL).
6601 * The result (whether the node can be replaced or not) is only valid
6602 * for as long as no graph or permission changes occur.
6604 BlockDriverState
*check_to_replace_node(BlockDriverState
*parent_bs
,
6605 const char *node_name
, Error
**errp
)
6607 BlockDriverState
*to_replace_bs
= bdrv_find_node(node_name
);
6608 AioContext
*aio_context
;
6610 if (!to_replace_bs
) {
6611 error_setg(errp
, "Node name '%s' not found", node_name
);
6615 aio_context
= bdrv_get_aio_context(to_replace_bs
);
6616 aio_context_acquire(aio_context
);
6618 if (bdrv_op_is_blocked(to_replace_bs
, BLOCK_OP_TYPE_REPLACE
, errp
)) {
6619 to_replace_bs
= NULL
;
6623 /* We don't want arbitrary node of the BDS chain to be replaced only the top
6624 * most non filter in order to prevent data corruption.
6625 * Another benefit is that this tests exclude backing files which are
6626 * blocked by the backing blockers.
6628 if (!bdrv_recurse_can_replace(parent_bs
, to_replace_bs
)) {
6629 error_setg(errp
, "Cannot replace '%s' by a node mirrored from '%s', "
6630 "because it cannot be guaranteed that doing so would not "
6631 "lead to an abrupt change of visible data",
6632 node_name
, parent_bs
->node_name
);
6633 to_replace_bs
= NULL
;
6638 aio_context_release(aio_context
);
6639 return to_replace_bs
;
6643 * Iterates through the list of runtime option keys that are said to
6644 * be "strong" for a BDS. An option is called "strong" if it changes
6645 * a BDS's data. For example, the null block driver's "size" and
6646 * "read-zeroes" options are strong, but its "latency-ns" option is
6649 * If a key returned by this function ends with a dot, all options
6650 * starting with that prefix are strong.
6652 static const char *const *strong_options(BlockDriverState
*bs
,
6653 const char *const *curopt
)
6655 static const char *const global_options
[] = {
6656 "driver", "filename", NULL
6660 return &global_options
[0];
6664 if (curopt
== &global_options
[ARRAY_SIZE(global_options
) - 1] && bs
->drv
) {
6665 curopt
= bs
->drv
->strong_runtime_opts
;
6668 return (curopt
&& *curopt
) ? curopt
: NULL
;
6672 * Copies all strong runtime options from bs->options to the given
6673 * QDict. The set of strong option keys is determined by invoking
6676 * Returns true iff any strong option was present in bs->options (and
6677 * thus copied to the target QDict) with the exception of "filename"
6678 * and "driver". The caller is expected to use this value to decide
6679 * whether the existence of strong options prevents the generation of
6682 static bool append_strong_runtime_options(QDict
*d
, BlockDriverState
*bs
)
6684 bool found_any
= false;
6685 const char *const *option_name
= NULL
;
6691 while ((option_name
= strong_options(bs
, option_name
))) {
6692 bool option_given
= false;
6694 assert(strlen(*option_name
) > 0);
6695 if ((*option_name
)[strlen(*option_name
) - 1] != '.') {
6696 QObject
*entry
= qdict_get(bs
->options
, *option_name
);
6701 qdict_put_obj(d
, *option_name
, qobject_ref(entry
));
6702 option_given
= true;
6704 const QDictEntry
*entry
;
6705 for (entry
= qdict_first(bs
->options
); entry
;
6706 entry
= qdict_next(bs
->options
, entry
))
6708 if (strstart(qdict_entry_key(entry
), *option_name
, NULL
)) {
6709 qdict_put_obj(d
, qdict_entry_key(entry
),
6710 qobject_ref(qdict_entry_value(entry
)));
6711 option_given
= true;
6716 /* While "driver" and "filename" need to be included in a JSON filename,
6717 * their existence does not prohibit generation of a plain filename. */
6718 if (!found_any
&& option_given
&&
6719 strcmp(*option_name
, "driver") && strcmp(*option_name
, "filename"))
6725 if (!qdict_haskey(d
, "driver")) {
6726 /* Drivers created with bdrv_new_open_driver() may not have a
6727 * @driver option. Add it here. */
6728 qdict_put_str(d
, "driver", bs
->drv
->format_name
);
6734 /* Note: This function may return false positives; it may return true
6735 * even if opening the backing file specified by bs's image header
6736 * would result in exactly bs->backing. */
6737 static bool bdrv_backing_overridden(BlockDriverState
*bs
)
6740 return strcmp(bs
->auto_backing_file
,
6741 bs
->backing
->bs
->filename
);
6743 /* No backing BDS, so if the image header reports any backing
6744 * file, it must have been suppressed */
6745 return bs
->auto_backing_file
[0] != '\0';
6749 /* Updates the following BDS fields:
6750 * - exact_filename: A filename which may be used for opening a block device
6751 * which (mostly) equals the given BDS (even without any
6752 * other options; so reading and writing must return the same
6753 * results, but caching etc. may be different)
6754 * - full_open_options: Options which, when given when opening a block device
6755 * (without a filename), result in a BDS (mostly)
6756 * equalling the given one
6757 * - filename: If exact_filename is set, it is copied here. Otherwise,
6758 * full_open_options is converted to a JSON object, prefixed with
6759 * "json:" (for use through the JSON pseudo protocol) and put here.
6761 void bdrv_refresh_filename(BlockDriverState
*bs
)
6763 BlockDriver
*drv
= bs
->drv
;
6766 bool backing_overridden
;
6767 bool generate_json_filename
; /* Whether our default implementation should
6768 fill exact_filename (false) or not (true) */
6774 /* This BDS's file name may depend on any of its children's file names, so
6775 * refresh those first */
6776 QLIST_FOREACH(child
, &bs
->children
, next
) {
6777 bdrv_refresh_filename(child
->bs
);
6781 /* For implicit nodes, just copy everything from the single child */
6782 child
= QLIST_FIRST(&bs
->children
);
6783 assert(QLIST_NEXT(child
, next
) == NULL
);
6785 pstrcpy(bs
->exact_filename
, sizeof(bs
->exact_filename
),
6786 child
->bs
->exact_filename
);
6787 pstrcpy(bs
->filename
, sizeof(bs
->filename
), child
->bs
->filename
);
6789 qobject_unref(bs
->full_open_options
);
6790 bs
->full_open_options
= qobject_ref(child
->bs
->full_open_options
);
6795 backing_overridden
= bdrv_backing_overridden(bs
);
6797 if (bs
->open_flags
& BDRV_O_NO_IO
) {
6798 /* Without I/O, the backing file does not change anything.
6799 * Therefore, in such a case (primarily qemu-img), we can
6800 * pretend the backing file has not been overridden even if
6801 * it technically has been. */
6802 backing_overridden
= false;
6805 /* Gather the options QDict */
6807 generate_json_filename
= append_strong_runtime_options(opts
, bs
);
6808 generate_json_filename
|= backing_overridden
;
6810 if (drv
->bdrv_gather_child_options
) {
6811 /* Some block drivers may not want to present all of their children's
6812 * options, or name them differently from BdrvChild.name */
6813 drv
->bdrv_gather_child_options(bs
, opts
, backing_overridden
);
6815 QLIST_FOREACH(child
, &bs
->children
, next
) {
6816 if (child
== bs
->backing
&& !backing_overridden
) {
6817 /* We can skip the backing BDS if it has not been overridden */
6821 qdict_put(opts
, child
->name
,
6822 qobject_ref(child
->bs
->full_open_options
));
6825 if (backing_overridden
&& !bs
->backing
) {
6826 /* Force no backing file */
6827 qdict_put_null(opts
, "backing");
6831 qobject_unref(bs
->full_open_options
);
6832 bs
->full_open_options
= opts
;
6834 if (drv
->bdrv_refresh_filename
) {
6835 /* Obsolete information is of no use here, so drop the old file name
6836 * information before refreshing it */
6837 bs
->exact_filename
[0] = '\0';
6839 drv
->bdrv_refresh_filename(bs
);
6840 } else if (bs
->file
) {
6841 /* Try to reconstruct valid information from the underlying file */
6843 bs
->exact_filename
[0] = '\0';
6846 * We can use the underlying file's filename if:
6847 * - it has a filename,
6848 * - the file is a protocol BDS, and
6849 * - opening that file (as this BDS's format) will automatically create
6850 * the BDS tree we have right now, that is:
6851 * - the user did not significantly change this BDS's behavior with
6852 * some explicit (strong) options
6853 * - no non-file child of this BDS has been overridden by the user
6854 * Both of these conditions are represented by generate_json_filename.
6856 if (bs
->file
->bs
->exact_filename
[0] &&
6857 bs
->file
->bs
->drv
->bdrv_file_open
&&
6858 !generate_json_filename
)
6860 strcpy(bs
->exact_filename
, bs
->file
->bs
->exact_filename
);
6864 if (bs
->exact_filename
[0]) {
6865 pstrcpy(bs
->filename
, sizeof(bs
->filename
), bs
->exact_filename
);
6867 QString
*json
= qobject_to_json(QOBJECT(bs
->full_open_options
));
6868 snprintf(bs
->filename
, sizeof(bs
->filename
), "json:%s",
6869 qstring_get_str(json
));
6870 qobject_unref(json
);
6874 char *bdrv_dirname(BlockDriverState
*bs
, Error
**errp
)
6876 BlockDriver
*drv
= bs
->drv
;
6879 error_setg(errp
, "Node '%s' is ejected", bs
->node_name
);
6883 if (drv
->bdrv_dirname
) {
6884 return drv
->bdrv_dirname(bs
, errp
);
6888 return bdrv_dirname(bs
->file
->bs
, errp
);
6891 bdrv_refresh_filename(bs
);
6892 if (bs
->exact_filename
[0] != '\0') {
6893 return path_combine(bs
->exact_filename
, "");
6896 error_setg(errp
, "Cannot generate a base directory for %s nodes",
6902 * Hot add/remove a BDS's child. So the user can take a child offline when
6903 * it is broken and take a new child online
6905 void bdrv_add_child(BlockDriverState
*parent_bs
, BlockDriverState
*child_bs
,
6909 if (!parent_bs
->drv
|| !parent_bs
->drv
->bdrv_add_child
) {
6910 error_setg(errp
, "The node %s does not support adding a child",
6911 bdrv_get_device_or_node_name(parent_bs
));
6915 if (!QLIST_EMPTY(&child_bs
->parents
)) {
6916 error_setg(errp
, "The node %s already has a parent",
6917 child_bs
->node_name
);
6921 parent_bs
->drv
->bdrv_add_child(parent_bs
, child_bs
, errp
);
6924 void bdrv_del_child(BlockDriverState
*parent_bs
, BdrvChild
*child
, Error
**errp
)
6928 if (!parent_bs
->drv
|| !parent_bs
->drv
->bdrv_del_child
) {
6929 error_setg(errp
, "The node %s does not support removing a child",
6930 bdrv_get_device_or_node_name(parent_bs
));
6934 QLIST_FOREACH(tmp
, &parent_bs
->children
, next
) {
6941 error_setg(errp
, "The node %s does not have a child named %s",
6942 bdrv_get_device_or_node_name(parent_bs
),
6943 bdrv_get_device_or_node_name(child
->bs
));
6947 parent_bs
->drv
->bdrv_del_child(parent_bs
, child
, errp
);
6950 int bdrv_make_empty(BdrvChild
*c
, Error
**errp
)
6952 BlockDriver
*drv
= c
->bs
->drv
;
6955 assert(c
->perm
& (BLK_PERM_WRITE
| BLK_PERM_WRITE_UNCHANGED
));
6957 if (!drv
->bdrv_make_empty
) {
6958 error_setg(errp
, "%s does not support emptying nodes",
6963 ret
= drv
->bdrv_make_empty(c
->bs
);
6965 error_setg_errno(errp
, -ret
, "Failed to empty %s",