aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-06-16nbd: Reject unknown request flagsEric Blake
The NBD protocol says that clients should not send a command flag that has not been negotiated (whether by the client requesting an option during a handshake, or because we advertise support for the flag in response to NBD_OPT_EXPORT_NAME), and that servers should reject invalid flags with EINVAL. We were silently ignoring the flags instead. The client can't rely on our behavior, since it is their fault for passing the bad flag in the first place, but it's better to be robust up front than to possibly behave differently than the client was expecting with the attempted flag. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Alex Bligh <alex@alex.org.uk> Message-Id: <1463006384-7734-6-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: Improve server handling of bogus commandsEric Blake
We have a few bugs in how we handle invalid client commands: - A client can send an NBD_CMD_DISC where from + len overflows, convincing us to reply with an error and stay connected, even though the protocol requires us to silently disconnect. Fix by hoisting the special case sooner. - A client can send an NBD_CMD_WRITE where from + len overflows, where we reply to the client with EINVAL without consuming the payload; this will normally cause us to fail if the next thing read is not the right magic, but in rare cases, could cause us to interpret the data payload as valid commands and do things not requested by the client. Fix by adding a complete flag to track whether we are in sync or must disconnect. Furthermore, we have split the checks for bogus from/len across two functions, when it is easier to do it all at once. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1463006384-7734-5-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: Quit server after any write errorEric Blake
We should never ignore failure from nbd_negotiate_send_rep(); if we are unable to write to the client, then it is not worth trying to continue the negotiation. Fortunately, the problem is not too severe - chances are that the errors being ignored here (mainly inability to write the reply to the client) are indications of a closed connection or something similar, which will also affect the next attempt to interact with the client and eventually reach a point where the errors are detected to end the loop. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1463006384-7734-4-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: More debug typo fixes, use correct formatsEric Blake
Clean up some debug message oddities missed earlier; this includes some typos, and recognizing that %d is not necessarily compatible with uint32_t. Also add a couple messages that I found useful while debugging things. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1463006384-7734-3-git-send-email-eblake@redhat.com> [Do not use PRIx16, clang complains. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: Use BDRV_REQ_FUA for better FUA where supportedEric Blake
Rather than always flushing ourselves, let the block layer forward the FUA on to the underlying device - where all underlying layers also understand FUA, we are now more efficient; and where any underlying layer doesn't understand it, now the block layer takes care of the full flush fallback on our behalf. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1463006384-7734-2-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16vl.c: Add '-L help' which lists data dirs.Richard W.M. Jones
QEMU compiles a list of data directories from various sources. When consuming a QEMU binary it's useful to be able to get this list of data directories: a primary reason is so you can list what BIOSes or keymaps ship with this version of QEMU. However without reproducing the method that QEMU uses internally, it's not possible to get the list of data directories. This commit adds a simple '-L help' option that just lists out the data directories as qemu calculates them: $ ./x86_64-softmmu/qemu-system-x86_64 -L help /home/rjones/d/qemu/pc-bios /usr/local/share/qemu $ ./x86_64-softmmu/qemu-system-x86_64 -L /tmp -L help /tmp /home/rjones/d/qemu/pc-bios /usr/local/share/qemu Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1463416475-11728-2-git-send-email-rjones@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16KVM: use KVM_CAP_MAX_VCPU_IDGreg Kurz
As stated in linux/Documentation/virtual/kvm/api.txt: The maximum possible value for max_vcpu_id can be retrieved using the KVM_CAP_MAX_VCPU_ID of the KVM_CHECK_EXTENSION ioctl() at run-time. If the KVM_CAP_MAX_VCPU_ID does not exist, you should assume that max_vcpu_id is the same as the value returned from KVM_CAP_MAX_VCPUS. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Message-Id: <146424974323.5666.5471538288045048119.stgit@bahia.huguette.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16scsi-disk: Use (unsigned long) typecasts when using "%lu" format stringThomas Huth
Some source code analyzers like cppcheck spill out a warning if the sign of the argument does not match the format string. Ticket: https://bugs.launchpad.net/qemu/+bug/1589564 Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1465805418-15906-1-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16target-i386: kvm: cache KVM_GET_SUPPORTED_CPUID dataChao Peng
KVM_GET_SUPPORTED_CPUID ioctl is called frequently when initializing CPU. Depends on CPU features and CPU count, the number of calls can be extremely high which slows down QEMU booting significantly. In our testing, we saw 5922 calls with switches: -cpu SandyBridge -smp 6,sockets=6,cores=1,threads=1 This ioctl takes more than 100ms, which is almost half of the total QEMU startup time. While for most cases the data returned from two different invocations are not changed, that means, we can cache the data to avoid trapping into kernel for the second time. To make sure the cache safe one assumption is desirable: the ioctl is stateless. This is not true for CPUID leaves in general (such as CPUID leaf 0xD, whose value depends on guest XCR0 and IA32_XSS) but it is true of KVM_GET_SUPPORTED_CPUID, which runs before there is a value for XCR0 and IA32_XSS. Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> Message-Id: <1465784487-23482-1-git-send-email-chao.p.peng@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: simplify the nbd_request and nbd_reply structsPaolo Bonzini
These structs are never used to represent the bytes that go over the network. The big-endian network data is built into a uint8_t array in nbd_{receive,send}_{request,reply}. Remove the unused magic field, reorder the struct to avoid holes, and remove the packed attribute. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: Don't use cpu_to_*w() functionsPeter Maydell
The cpu_to_*w() functions just compose a pointer dereference with a byteswap. Instead use st*_p(), which handles potential pointer misalignment and avoids the need to cast the pointer. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <1465575342-12146-1-git-send-email-peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16nbd: Don't use *_to_cpup() functionsPeter Maydell
The *_to_cpup() functions are not very useful, as they simply do a pointer dereference and then a *_to_cpu(). Instead use either: * ld*_*_p(), if the data is at an address that might not be correctly aligned for the load * a local dereference and *_to_cpu(), if the pointer is the correct type and known to be correctly aligned Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <1465570836-22211-1-git-send-email-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16configure: Remove unused CONFIG_SIGEV_THREAD_ID switchThomas Huth
The CONFIG_SIGEV_THREAD_ID switch is unused since the related code has been removed by commit 6d327171551a12b937c5718073b9848d0274c74d ("aio / timers: Remove alarm timers"), so it can safely be removed nowadays. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1465571084-19885-1-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16avx2 configure: Use primitives in testDr. David Alan Gilbert
Use the avx2 primitives during the test, thus making sure that the compiler and assembler could actually use avx2. This also detects the failure case on gcc 4.8.x with -save-temps and avoids the need for the gcc version check in cutils. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <1465557378-24105-3-git-send-email-dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16Make avx2 configure test work with -O2Dr. David Alan Gilbert
When configured with --extra-cflags=-O2 gcc optimised out the test and the readelf failed the check leaving avx2 disabled. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <1465557378-24105-2-git-send-email-dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16Makefile: Fix tag file generation targetsSergey Fedorov
"ctags" produces a file named "tags", not "ctags". It doesn't look reasonable to use phony target name as a file name to remove. Just use exact file names to remove in "ctags" and "TAGS" target receipts. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Signed-off-by: Sergey Fedorov <sergey.fedorov@linaro.org> Message-Id: <1465495115-24665-1-git-send-email-sergey.fedorov@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16configure: Enable -Werror for MinGW builds, tooThomas Huth
MinGW seems to compile currently without warnings, so it should be safe to enable -Werror now for this environment, too. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1465373606-18486-1-git-send-email-thuth@redhat.com> Tested-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16clean-includes: run it once morePaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16os-posix: include sys/mman.hPaolo Bonzini
qemu/osdep.h checks whether MAP_ANONYMOUS is defined, but this check is bogus without a previous inclusion of sys/mman.h. Include it in sysemu/os-posix.h and remove it from everywhere else. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16configure: Remove unused CONFIG_ZERO_MALLOC settingThomas Huth
CONFIG_ZERO_MALLOC was only used in qemu-malloc.c and this file has been removed with the following commit: 41a748265f4879b52b0e87ff9c93bed975163886 Remove qemu_malloc/qemu_free So we don't need this configuration setting anymore. This patch also removes the z_version variable, since this is now also not needed anymore. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Message-Id: <1465398683-3152-1-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell
Block layer patches # gpg: Signature made Thu 16 Jun 2016 15:01:27 BST # gpg: using RSA key 0x7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: (39 commits) hbitmap: add 'pos < size' asserts iotests: Add test for oVirt-like storage migration iotests: Add test for post-mirror backing chains block/null: Implement bdrv_refresh_filename() block/mirror: Fix target backing BDS block: Allow replacement of a BDS by its overlay rbd:change error_setg() to error_setg_errno() iotests: 095: Clean up QEMU before showing image info block: Create the commit block job before reopening any image block: Prevent sleeping jobs from resuming if they have been paused block: use the block job list in qmp_query_block_jobs() block: use the block job list in bdrv_drain_all() block: Fix snapshot=on with aio=native block: Remove bs->zero_beyond_eof qcow2: Let vmstate call qcow2_co_preadv/pwrite directly block: Make bdrv_load/save_vmstate coroutine_fns block: Allow .bdrv_load/save_vmstate() to return 0/-errno block: Make .bdrv_load_vmstate() vectored block: Introduce bdrv_preadv() doc: Fix mailing list address in tests/qemu-iotests/README ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-16Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2016-06-16' ↵Kevin Wolf
into queue-block Block patches # gpg: Signature made Thu Jun 16 15:21:35 2016 CEST # gpg: using RSA key 0x3BB14202E838ACAD # gpg: Good signature from "Max Reitz <mreitz@redhat.com>" # Primary key fingerprint: 91BE B60A 30DB 3E88 57D1 1829 F407 DB00 61D5 CF40 # Subkey fingerprint: 58B3 81CE 2DC8 9CF9 9730 EE64 3BB1 4202 E838 ACAD * mreitz/tags/pull-block-for-kevin-2016-06-16: hbitmap: add 'pos < size' asserts iotests: Add test for oVirt-like storage migration iotests: Add test for post-mirror backing chains block/null: Implement bdrv_refresh_filename() block/mirror: Fix target backing BDS block: Allow replacement of a BDS by its overlay rbd:change error_setg() to error_setg_errno() iotests: 095: Clean up QEMU before showing image info block: Create the commit block job before reopening any image block: Prevent sleeping jobs from resuming if they have been paused block: use the block job list in qmp_query_block_jobs() block: use the block job list in bdrv_drain_all() Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-06-16hbitmap: add 'pos < size' assertsVladimir Sementsov-Ogievskiy
For now, fail in hbitmap_set on start + count > size will come from hbitmap_set hb_count_between hbitmap_iter_init assert(pos < hb->size) This patch adds such checks to set/get/reset functions of hbitmap. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-id: 1465924093-76875-2-git-send-email-vsementsov@virtuozzo.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16iotests: Add test for oVirt-like storage migrationMax Reitz
Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20160610185750.30956-6-mreitz@redhat.com Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16iotests: Add test for post-mirror backing chainsMax Reitz
Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20160610185750.30956-5-mreitz@redhat.com Reviewed-by: Fam Zheng <famz@redhat.com> [mreitz@redhat.com: Removed unnecessary imports] Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block/null: Implement bdrv_refresh_filename()Max Reitz
The null block driver ignores any filename used for creating its BDSs, which allows creating such BDSs even without any filename at all. In that case, we currently construct a JSON filename when queried instead of a plain "null-co://" or "null-aio://". This patch implements bdrv_refresh_filename() to remedy this behavior. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20160610185750.30956-4-mreitz@redhat.com [mreitz@redhat.com: Added commit message] Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block/mirror: Fix target backing BDSMax Reitz
Currently, we are trying to move the backing BDS from the source to the target in bdrv_replace_in_backing_chain() which is called from mirror_exit(). However, mirror_complete() already tries to open the target's backing chain with a call to bdrv_open_backing_file(). First, we should only set the target's backing BDS once. Second, the mirroring block job has a better idea of what to set it to than the generic code in bdrv_replace_in_backing_chain() (in fact, the latter's conditions on when to move the backing BDS from source to target are not really correct). Therefore, remove that code from bdrv_replace_in_backing_chain() and leave it to mirror_complete(). Depending on what kind of mirroring is performed, we furthermore want to use different strategies to open the target's backing chain: - If blockdev-mirror is used, we can assume the user made sure that the target already has the correct backing chain. In particular, we should not try to open a backing file if the target does not have any yet. - If drive-mirror with mode=absolute-paths is used, we can and should reuse the already existing chain of nodes that the source BDS is in. In case of sync=full, no backing BDS is required; with sync=top, we just link the source's backing BDS to the target, and with sync=none, we use the source BDS as the target's backing BDS. We should not try to open these backing files anew because this would lead to two BDSs existing per physical file in the backing chain, and we would like to avoid such concurrent access. - If drive-mirror with mode=existing is used, we have to use the information provided in the physical image file which means opening the target's backing chain completely anew, just as it has been done already. If the target's backing chain shares images with the source, this may lead to multiple BDSs per physical image file. But since we cannot reliably ascertain this case, there is nothing we can do about it. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20160610185750.30956-3-mreitz@redhat.com Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block: Allow replacement of a BDS by its overlayMax Reitz
change_parent_backing_link() asserts that the BDS to be replaced is not used as a backing file. However, we may want to replace a BDS by its overlay in which case that very link should not be redirected. For instance, when doing a sync=none drive-mirror operation, we may have the following BDS/BB forest before block job completion: target base <- source <- BlockBackend During job completion, we want to establish the source BDS as the target's backing node: target | v base <- source <- BlockBackend This makes the target a valid replacement for the source: target <- BlockBackend | v base <- source Without this modification to change_parent_backing_link() we have to inject the target into the graph before the source is its backing node, thus temporarily creating a wrong graph: target <- BlockBackend base <- source Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20160610185750.30956-2-mreitz@redhat.com Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16rbd:change error_setg() to error_setg_errno()Vikhyat Umrao
Ceph RBD block driver does not use error_setg_errno() where it is possible to use. This patch replaces error_setg() from error_setg_errno(). Signed-off-by: Vikhyat Umrao <vumrao@redhat.com> Message-id: 1462780319-5796-1-git-send-email-vumrao@redhat.com Reviewed-by: Josh Durgin <jdurgin@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16iotests: 095: Clean up QEMU before showing image infoFam Zheng
Signed-off-by: Fam Zheng <famz@redhat.com> Message-id: 1464944872-24484-1-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block: Create the commit block job before reopening any imageAlberto Garcia
If the base or overlay images need to be reopened in read-write mode but the block_job_create() call fails then no one will put those images back in read-only mode. We can solve this problem easily by calling block_job_create() first. Signed-off-by: Alberto Garcia <berto@igalia.com> Message-id: aa495045770a6f1a7cc5d408397a17c75097fdd8.1464346103.git.berto@igalia.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block: Prevent sleeping jobs from resuming if they have been pausedAlberto Garcia
If we pause a block job and drain its BlockDriverState we want that the job remains inactive until we call block_job_resume() again. However if we pause the job while it is sleeping then it will resume when the sleep timer fires. This patch prevents that from happening by checking if the job has been paused after it comes back from sleeping. Signed-off-by: Alberto Garcia <berto@igalia.com> Suggested-by: Kevin Wolf <kwolf@redhat.com> Message-id: 3d9011151512326b890d22bdab3530244ef349d7.1464346103.git.berto@igalia.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block: use the block job list in qmp_query_block_jobs()Alberto Garcia
qmp_query_block_jobs() uses bdrv_next() to look for block jobs, but this function can only find those in top-level BlockDriverStates. This patch uses block_job_next() instead. Signed-off-by: Alberto Garcia <berto@igalia.com> Message-id: a8b7e5497b7c1fa67c12fcceae1630d01c3b1f96.1464346103.git.berto@igalia.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block: use the block job list in bdrv_drain_all()Alberto Garcia
bdrv_drain_all() pauses all block jobs by using bdrv_next() to iterate over all top-level BlockDriverStates. Therefore the code is unable to find block jobs in other nodes. This patch uses block_job_next() to iterate over all block jobs. Signed-off-by: Alberto Garcia <berto@igalia.com> Message-id: 55ee7d7d4a65c28aa1a1b28823897ef326f328e2.1464346103.git.berto@igalia.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-06-16block: Fix snapshot=on with aio=nativeKevin Wolf
snapshot=on creates a temporary overlay that is always opened with cache=unsafe (the cache mode specified by the user is only for the actual image file and its children). This means that we must not inherit the BDRV_O_NATIVE_AIO flag for the temporary overlay because trying to use Linux AIO with cache=unsafe results in an error. Reproducer without this patch: $ x86_64-softmmu/qemu-system-x86_64 -drive file=/tmp/test.qcow2,cache=none,aio=native,snapshot=on qemu-system-x86_64: -drive file=/tmp/test.qcow2,cache=none,aio=native,snapshot=on: aio=native was specified, but it requires cache.direct=on, which was not specified. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-06-16block: Remove bs->zero_beyond_eofKevin Wolf
It is always true for open images now. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16qcow2: Let vmstate call qcow2_co_preadv/pwrite directlyKevin Wolf
We don't really want to go through the block layer in order to read from or write to the vmstate in a qcow2 image. Doing so required a few ugly hacks like saving and restoring the old image size (because writing to vmstate offsets would increase the image size) or disabling the "reads after EOF = zeroes" logic. When calling the right functions directly, these hacks aren't necessary any more. Note that .bdrv_vmstate_load/save() return 0 instead of the number of bytes in case of success now. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Make bdrv_load/save_vmstate coroutine_fnsKevin Wolf
This allows drivers to share code between normal I/O and vmstate accesses. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Allow .bdrv_load/save_vmstate() to return 0/-errnoKevin Wolf
The return value of .bdrv_load/save_vmstate() can be any non-negative number in case of success now. It used to be bytes/-errno. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Make .bdrv_load_vmstate() vectoredKevin Wolf
This brings it in line with .bdrv_save_vmstate(). Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Introduce bdrv_preadv()Kevin Wolf
We already have a byte-based bdrv_pwritev(), but the read counterpart was still missing. This commit adds it. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16doc: Fix mailing list address in tests/qemu-iotests/READMEThomas Huth
The address of the mailing list is qemu-devel@nongnu.org instead of qemu-devel@savannah.nongnu.org. And while we're at it, also mention the qemu-block mailing list here. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-06-16linux-aio: Cancel BH if not neededKevin Wolf
linux-aio uses a BH in order to make sure that the remaining completions are processed even in nested event loops of completion callbacks in order to avoid deadlocks. There is no need, however, to have the BH overhead for the first call into qemu_laio_completion_bh() or after all pending completions have already been processed. Therefore, this patch calls directly into qemu_laio_completion_bh() in qemu_laio_completion_cb() and cancels the BH after qemu_laio_completion_bh() has processed all pending completions. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16block: Don't enforce 512 byte minimum alignmentKevin Wolf
If block drivers say that they can do an alignment < 512 bytes, let's just suppose they mean it. raw-posix used to be an offender with respect to this, but it can actually deal with byte-aligned requests now. The default is still 512 bytes for any drivers that only implement sector-based interfaces, but it is 1 now for drivers that implement .bdrv_co_preadv. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16raw-posix: Implement .bdrv_co_preadv/pwritevKevin Wolf
The raw-posix block driver actually supports byte-aligned requests now on non-O_DIRECT images, like it already (and previously incorrectly) claimed in bs->request_alignment. For some block drivers this means that a RMW cycle can be avoided when they write sub-sector metadata e.g. for cluster allocation. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16raw-posix: Switch to bdrv_co_* interfacesKevin Wolf
In order to use the modern byte-based .bdrv_co_preadv/pwritev() interface, this patch switches raw-posix to coroutine-based interfaces as a first step. In terms of semantics and performance, it doesn't make a difference with the existing code whether we go from a coroutine to a callback-based interface already in block/io.c or only in linux-aio.c As there have been concerns in the past that this change may be a step in the wrong direction with respect to a possible AIO fast path, the old callback-based interface for linux-aio is left around and can be reactivated when a fast path (e.g. directly from virtio-blk dataplane, bypassing the whole block layer) is implemented. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Prepare bdrv_aligned_pwritev() for byte-aligned requestsKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Prepare bdrv_aligned_preadv() for byte-aligned requestsKevin Wolf
This patch makes bdrv_aligned_preadv() ready to accept byte-aligned requests. Note that this doesn't mean that such requests are actually made. The caller still ensures that all requests are aligned to at least 512 bytes. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: Byte-based bdrv_co_do_copy_on_readv()Kevin Wolf
In a first step to convert the common I/O path to work on bytes rather than sectors, this converts the copy-on-read logic that is used by bdrv_aligned_preadv(). Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-16block: drop support for using qcow[2] encryption with system emulatorsDaniel P. Berrange
Back in the 2.3.0 release we declared qcow[2] encryption as deprecated, warning people that it would be removed in a future release. commit a1f688f4152e65260b94f37543521ceff8bfebe4 Author: Markus Armbruster <armbru@redhat.com> Date: Fri Mar 13 21:09:40 2015 +0100 block: Deprecate QCOW/QCOW2 encryption The code still exists today, but by a (happy?) accident we entirely broke the ability to use qcow[2] encryption in the system emulators in the 2.4.0 release due to commit 8336aafae1451d54c81dd2b187b45f7c45d2428e Author: Daniel P. Berrange <berrange@redhat.com> Date: Tue May 12 17:09:18 2015 +0100 qcow2/qcow: protect against uninitialized encryption key This commit was designed to prevent future coding bugs which might cause QEMU to read/write data on an encrypted block device in plain text mode before a decryption key is set. It turns out this preventative measure was a little too good, because we already had a long standing bug where QEMU read encrypted data in plain text mode during system emulator startup, in order to guess disk geometry: Thread 10 (Thread 0x7fffd3fff700 (LWP 30373)): #0 0x00007fffe90b1a28 in raise () at /lib64/libc.so.6 #1 0x00007fffe90b362a in abort () at /lib64/libc.so.6 #2 0x00007fffe90aa227 in __assert_fail_base () at /lib64/libc.so.6 #3 0x00007fffe90aa2d2 in () at /lib64/libc.so.6 #4 0x000055555587ae19 in qcow2_co_readv (bs=0x5555562accb0, sector_num=0, remaining_sectors=1, qiov=0x7fffffffd260) at block/qcow2.c:1229 #5 0x000055555589b60d in bdrv_aligned_preadv (bs=bs@entry=0x5555562accb0, req=req@entry=0x7fffd3ffea50, offset=offset@entry=0, bytes=bytes@entry=512, align=align@entry=512, qiov=qiov@entry=0x7fffffffd260, flags=0) at block/io.c:908 #6 0x000055555589b8bc in bdrv_co_do_preadv (bs=0x5555562accb0, offset=0, bytes=512, qiov=0x7fffffffd260, flags=<optimized out>) at block/io.c:999 #7 0x000055555589c375 in bdrv_rw_co_entry (opaque=0x7fffffffd210) at block/io.c:544 #8 0x000055555586933b in coroutine_thread (opaque=0x555557876310) at coroutine-gthread.c:134 #9 0x00007ffff64e1835 in g_thread_proxy (data=0x5555562b5590) at gthread.c:778 #10 0x00007ffff6bb760a in start_thread () at /lib64/libpthread.so.0 #11 0x00007fffe917f59d in clone () at /lib64/libc.so.6 Thread 1 (Thread 0x7ffff7ecab40 (LWP 30343)): #0 0x00007fffe91797a9 in syscall () at /lib64/libc.so.6 #1 0x00007ffff64ff87f in g_cond_wait (cond=cond@entry=0x555555e085f0 <coroutine_cond>, mutex=mutex@entry=0x555555e08600 <coroutine_lock>) at gthread-posix.c:1397 #2 0x00005555558692c3 in qemu_coroutine_switch (co=<optimized out>) at coroutine-gthread.c:117 #3 0x00005555558692c3 in qemu_coroutine_switch (from_=0x5555562b5e30, to_=to_@entry=0x555557876310, action=action@entry=COROUTINE_ENTER) at coroutine-gthread.c:175 #4 0x0000555555868a90 in qemu_coroutine_enter (co=0x555557876310, opaque=0x0) at qemu-coroutine.c:116 #5 0x0000555555859b84 in thread_pool_completion_bh (opaque=0x7fffd40010e0) at thread-pool.c:187 #6 0x0000555555859514 in aio_bh_poll (ctx=ctx@entry=0x5555562953b0) at async.c:85 #7 0x0000555555864d10 in aio_dispatch (ctx=ctx@entry=0x5555562953b0) at aio-posix.c:135 #8 0x0000555555864f75 in aio_poll (ctx=ctx@entry=0x5555562953b0, blocking=blocking@entry=true) at aio-posix.c:291 #9 0x000055555589c40d in bdrv_prwv_co (bs=bs@entry=0x5555562accb0, offset=offset@entry=0, qiov=qiov@entry=0x7fffffffd260, is_write=is_write@entry=false, flags=flags@entry=(unknown: 0)) at block/io.c:591 #10 0x000055555589c503 in bdrv_rw_co (bs=bs@entry=0x5555562accb0, sector_num=sector_num@entry=0, buf=buf@entry=0x7fffffffd2e0 "\321,", nb_sectors=nb_sectors@entry=21845, is_write=is_write@entry=false, flags=flags@entry=(unknown: 0)) at block/io.c:614 #11 0x000055555589c562 in bdrv_read_unthrottled (nb_sectors=21845, buf=0x7fffffffd2e0 "\321,", sector_num=0, bs=0x5555562accb0) at block/io.c:622 #12 0x000055555589c562 in bdrv_read_unthrottled (bs=0x5555562accb0, sector_num=sector_num@entry=0, buf=buf@entry=0x7fffffffd2e0 "\321,", nb_sectors=nb_sectors@entry=21845) at block/io.c:634 nb_sectors@entry=1) at block/block-backend.c:504 #14 0x0000555555752e9f in guess_disk_lchs (blk=blk@entry=0x5555562a5290, pcylinders=pcylinders@entry=0x7fffffffd52c, pheads=pheads@entry=0x7fffffffd530, psectors=psectors@entry=0x7fffffffd534) at hw/block/hd-geometry.c:68 #15 0x0000555555752ff7 in hd_geometry_guess (blk=0x5555562a5290, pcyls=pcyls@entry=0x555557875d1c, pheads=pheads@entry=0x555557875d20, psecs=psecs@entry=0x555557875d24, ptrans=ptrans@entry=0x555557875d28) at hw/block/hd-geometry.c:133 #16 0x0000555555752b87 in blkconf_geometry (conf=conf@entry=0x555557875d00, ptrans=ptrans@entry=0x555557875d28, cyls_max=cyls_max@entry=65536, heads_max=heads_max@entry=16, secs_max=secs_max@entry=255, errp=errp@entry=0x7fffffffd5e0) at hw/block/block.c:71 #17 0x0000555555799bc4 in ide_dev_initfn (dev=0x555557875c80, kind=IDE_HD) at hw/ide/qdev.c:174 #18 0x0000555555768394 in device_realize (dev=0x555557875c80, errp=0x7fffffffd640) at hw/core/qdev.c:247 #19 0x0000555555769a81 in device_set_realized (obj=0x555557875c80, value=<optimized out>, errp=0x7fffffffd730) at hw/core/qdev.c:1058 #20 0x00005555558240ce in property_set_bool (obj=0x555557875c80, v=<optimized out>, opaque=0x555557875de0, name=<optimized out>, errp=0x7fffffffd730) at qom/object.c:1514 #21 0x0000555555826c87 in object_property_set_qobject (obj=obj@entry=0x555557875c80, value=value@entry=0x55555784bcb0, name=name@entry=0x55555591cb3d "realized", errp=errp@entry=0x7fffffffd730) at qom/qom-qobject.c:24 #22 0x0000555555825760 in object_property_set_bool (obj=obj@entry=0x555557875c80, value=value@entry=true, name=name@entry=0x55555591cb3d "realized", errp=errp@entry=0x7fffffffd730) at qom/object.c:905 #23 0x000055555576897b in qdev_init_nofail (dev=dev@entry=0x555557875c80) at hw/core/qdev.c:380 #24 0x0000555555799ead in ide_create_drive (bus=bus@entry=0x555557629630, unit=unit@entry=0, drive=0x5555562b77e0) at hw/ide/qdev.c:122 #25 0x000055555579a746 in pci_ide_create_devs (dev=dev@entry=0x555557628db0, hd_table=hd_table@entry=0x7fffffffd830) at hw/ide/pci.c:440 #26 0x000055555579b165 in pci_piix3_ide_init (bus=<optimized out>, hd_table=0x7fffffffd830, devfn=<optimized out>) at hw/ide/piix.c:218 #27 0x000055555568ca55 in pc_init1 (machine=0x5555562960a0, pci_enabled=1, kvmclock_enabled=<optimized out>) at /home/berrange/src/virt/qemu/hw/i386/pc_piix.c:256 #28 0x0000555555603ab2 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4249 So the safety net is correctly preventing QEMU reading cipher text as if it were plain text, during startup and aborting QEMU to avoid bad usage of this data. For added fun this bug only happens if the encrypted qcow2 file happens to have data written to the first cluster, otherwise the cluster won't be allocated and so qcow2 would not try the decryption routines at all, just return all 0's. That no one even noticed, let alone reported, this bug that has shipped in 2.4.0, 2.5.0 and 2.6.0 shows that the number of actual users of encrypted qcow2 is approximately zero. So rather than fix the crash, and backport it to stable releases, just go ahead with what we have warned users about and disable any use of qcow2 encryption in the system emulators. qemu-img/qemu-io/qemu-nbd are still able to access qcow2 encrypted images for the sake of data conversion. In the future, qcow2 will gain support for the alternative luks format, but when this happens it'll be using the '-object secret' infrastructure for getting keys, which avoids this problematic scenario entirely. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>