aboutsummaryrefslogtreecommitdiff
path: root/block.c
AgeCommit message (Collapse)Author
2011-08-20Use glib memory allocation and free functionsAnthony Liguori
qemu_malloc/qemu_free no longer exist after this commit. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-04block: Use bdrv_co_* instead of synchronous versions in coroutinesKevin Wolf
If we're already in a coroutine, there is no reason to use the synchronous version of block layer functions when a coroutine one exists. This makes bdrv_read/write/flush use bdrv_co_* when used inside a coroutine. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02async: Remove AsyncContextKevin Wolf
The purpose of AsyncContexts was to protect qcow and qcow2 against reentrancy during an emulated bdrv_read/write (which includes a qemu_aio_wait() call and can run AIO callbacks of different requests if it weren't for AsyncContexts). Now both qcow and qcow2 are protected by CoMutexes and AsyncContexts can be removed. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02block: Add bdrv_co_readv/writev emulationKevin Wolf
In order to be able to call bdrv_co_readv/writev for drivers that don't implement the functions natively, add an emulation that uses the AIO functions to implement them. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02block: Emulate AIO functions with bdrv_co_readv/writevKevin Wolf
Use the bdrv_co_readv/writev callbacks to implement bdrv_aio_readv/writev and bdrv_read/write if a driver provides the coroutine version instead of the synchronous or AIO version. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02block: Add bdrv_co_readv/writevKevin Wolf
Add new block driver callbacks bdrv_co_readv/writev, which work on a QEMUIOVector like bdrv_aio_*, but don't need a callback. The function may only be called inside a coroutine, so a block driver implementing this interface can yield instead of blocking during I/O. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-01block: Removed unused function bdrv_write_syncFrediano Ziglio
Signed-off-by: Frediano Ziglio <freddy77@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-01block: Don't let locked flag prevent medium loadMarkus Armbruster
Commit aea2a33c made bdrv_eject() obey the locked flag. Correct for medium eject (eject_flag set), incorrect for medium load (eject_flag clear). See MMC-5 Table 341 "Actions for Lock/Unlock/Eject". Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-01block: Make BlockDriver method bdrv_eject() return voidMarkus Armbruster
Callees always return 0, except for FreeBSD's cdrom_eject(), which returns -ENOTSUP when the device is in a terminally wedged state. The only caller is bdrv_eject(), and it maps -ENOTSUP to 0 since commit 4be9762a. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-01block: Reset device model callbacks on detachMarkus Armbruster
BlockDriverState members change_cb and change_opaque are initially null. The device model may set them, with bdrv_set_change_cb(). If the device model gets detached (hot unplug), they're left dangling. Only safe because device hot unplug automatically destroys the BlockDriverState. But that's a questionable feature, best not to rely on it. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-07-19block: add bdrv_get_allocated_file_size() operationFam Zheng
qemu-img.c wants to count allocated file size of image. Previously it counts a single bs->file by 'stat' or Window API. As VMDK introduces multiple file support, the operation becomes format specific with platform specific meanwhile. The functions are moved to block/raw-{posix,win32}.c and qemu-img.c calls bdrv_get_allocated_file_size to count the bs. And also added VMDK code to count his own extents. Signed-off-by: Fam Zheng <famcool@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-06-08bdrv_img_create: Fix segfaultKevin Wolf
Block drivers that don't support creating images don't have a size option. Fail gracefully instead of segfaulting when trying to access the option's value. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-06-08block: clarify the meaning of BDRV_O_NOCACHEChristoph Hellwig
Change BDRV_O_NOCACHE to only imply bypassing the host OS file cache, but no writeback semantics. All existing callers are changed to also specify BDRV_O_CACHE_WB to give them writeback semantics. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-05-19block: Remove type hint, it's guest matter, doesn't belong hereMarkus Armbruster
No users of bdrv_get_type_hint() left. bdrv_set_type_hint() can make the media removable by side effect. Make that explicit. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-05-19block QMP: Deprecate query-block's "type", drop info block's "type="Markus Armbruster
query-block's specification documents response member "type" with values "hd", "cdrom", "floppy", "unknown". Its value is unreliable: a block device used as floppy has type "floppy" if created with if=floppy, but type "hd" if created with if=none. That's because with if=none, the type is at best a declaration of intent: the drive can be connected to any guest device. Its type is really the guest device's business. Reporting it here is wrong. No known user of QMP uses "type". It's unlikely that any unknown users exist, because its value is useless unless you know how the block device was created. But then you also know the true value. Fixing the broken value risks breaking (hypothetical!) clients that somehow rely on the current behavior. Not fixing the value risks breaking (hypothetical!) clients that rely on the value to be accurate. Can't entirely avoid hypothetical lossage. Change the value to be always "unknown". This makes "info block" always report "type=unknown". Pointless. Change it to not report the type. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-05-08Fix typos in comments and code (occured -> occurred and related)Stefan Weil
The code changed here is an unused data type name (evt_flush_occurred). Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-05-06Fix typo in code and commentsStefan Weil
Replace writeable -> writable Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-04-07block: Do not cache device size for removable mediaStefan Hajnoczi
The block layer caches the device size to avoid doing lseek(fd, 0, SEEK_END) every time this value is needed. For removable media the device size becomes stale if a new medium is inserted. This patch simply prevents device size caching for removable media. A smarter solution is to update the cached device size when a new medium is inserted. Given that there are currently bugs with CD-ROM media change I do not want to implement that approach until we've gotten things correct first. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-04-07trace: Trace bdrv_set_locked()Stefan Hajnoczi
It can be handy to know when the guest locks/unlocks the CD-ROM tray. This trace event makes that possible. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-04-07Do not delete BlockDriverState when deleting the driveRyan Harper
When removing a drive from the host-side via drive_del we currently have the following path: drive_del qemu_aio_flush() bdrv_close() // zaps bs->drv, which makes any subsequent I/O get // dropped. Works as designed drive_uninit() bdrv_delete() // frees the bs. Since the device is still connected to // bs, any subsequent I/O is a use-after-free. The value of bs->drv becomes unpredictable on free. As long as it remains null, I/O still gets dropped, however it could become non-null at any point after the free resulting SEGVs or other QEMU state corruption. To resolve this issue as simply as possible, we can chose to not actually delete the BlockDriverState pointer. Since bdrv_close() handles setting the drv pointer to NULL, we just need to remove the BlockDriverState from the QLIST that is used to enumerate the block devices. This is currently handled within bdrv_delete, so move this into its own function, bdrv_make_anon(). The result is that we can now invoke drive_del, this closes the file descriptors and sets BlockDriverState->drv to NULL which prevents futher IO to the device, and since we do not free BlockDriverState, we don't have to worry about the copy retained in the block devices. We also don't attempt to remove the qdev property since we are no longer deleting the BlockDriverState on drives with associated drives. This also allows for removing Drives with no devices associated either. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Ryan Harper <ryanh@us.ibm.com> Acked-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-03-15Don't allow multiwrites against a block device without underlying mediumRyan Harper
If the block device has been closed, we no longer have a medium to submit IO against, check for this before submitting io. This prevents a segfault further in the code where we dereference elements of the block driver. Signed-off-by: Ryan Harper <ryanh@us.ibm.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-03-07trace: Trace bdrv_aio_flush()Stefan Hajnoczi
Add a trace event for bdrv_aio_flush() to complement the existing bdrv_aio_readv() and bdrv_aio_writev() events. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-02-20fdc: move floppy geometry guessing to block.cBlue Swirl
Other geometry guessing functions already reside in block.c. Remove some unused or debugging only fields. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-02-07block: enable in_use flagMarcelo Tosatti
Set block device in use during block migration, disallow drive_del and bdrv_truncate for in use devices. Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-02-07Add flag to indicate external users to block deviceMarcelo Tosatti
Certain operations such as drive_del or resize cannot be performed while external users (eg. block migration) reference the block device. Add a flag to indicate that. Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-01-31block: tell drivers about an image resizeChristoph Hellwig
Extend the change_cb callback with a reason argument, and use it to tell drivers about size changes. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-01-24block: Use backing format driver during image creationStefan Hajnoczi
The backing format should be honored during image creation. For some reason we currently use the image format to open the backing file. This fails when the backing file has a different format than the image being created. Keep the image and backing format drivers completely separate. Also print the backing filename if there is an error opening the backing file instead of the image filename. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Acked-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-01-06block: delete a write-only variableBlue Swirl
Avoid a warning with GCC 4.6.0: /src/qemu/block.c: In function 'bdrv_img_create': /src/qemu/block.c:2862:25: error: variable 'fmt' set but not used [-Werror=unused-but-set-variable] CC: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-12-17block: add discard supportChristoph Hellwig
Add a new bdrv_discard method to free blocks in a mapping image, and a new drive property to set the granularity for these discard. If no discard granularity support is set discard support is disabled. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-12-17bdrv_img_create() use proper errno return valuesJes Sorensen
Kevin suggested to have bdrv_img_create() return proper -errno values on error. Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-12-17Prevent creating an image with the same filename as backing fileJes Sorensen
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-12-17qemu-img.c: Re-factor img_create()Jes Sorensen
This patch re-factors img_create() moving the code doing the actual work into block.c where it can be shared with QEMU. This is needed to be able to create images from QEMU to be used for live snapshots. Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-12-17block: Fix the use of protocols in backing filesStefan Hajnoczi
Backing filenames may contain a protocol. The code currently doesn't consider this case and produces filenames that embed "<protocol>:". Don't combine filenames if the backing filename contains a protocol. Based on an earlier patch by Anthony Liguori <aliguori@us.ibm.com>. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-12-17block: Introduce path_has_protocol() functionStefan Hajnoczi
The bdrv_find_protocol() function returns NULL if an unknown protocol name is given. It returns the "file" protocol when the filename contains no protocol at all. This makes it difficult to distinguish between paths which contain a protocol and those which do not. Factor out a helper function that tests whether or not a filename has a protocol. The next patch makes use of this function. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-12-14block: Make bdrv_create_file() ':' handling consistentStefan Hajnoczi
Filenames may start with "<protocol>:" to explicitly use a protocol like nbd. Filenames with unknown protocols are rejected in most of QEMU except for bdrv_create_file(). Even if a file with an invalid filename can be created, QEMU cannot use it since all the other relevant functions reject such paths. Make bdrv_create_file() consistent. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-11-21block: set sector dirty on AIO write completionMarcelo Tosatti
Sectors are marked dirty in the bitmap on AIO submission. This is wrong since data has not reached storage. Set a given sector as dirty in the dirty bitmap on AIO completion, so that reading a sector marked as dirty is guaranteed to return uptodate data. Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-11-21block: fix shift in dirty bitmap calculationMarcelo Tosatti
Otherwise upper 32 bits of bitmap entries are not correctly calculated. Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-11-04block: Allow bdrv_flush to return errorsKevin Wolf
This changes bdrv_flush to return 0 on success and -errno in case of failure. It's a requirement for implementing proper error handle in users of bdrv_flush. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2010-10-22Copy snapshots out of QCOW2 diskedison
In order to backup snapshots, created from QCOW2 iamge, we want to copy snapshots out of QCOW2 disk to a seperate storage. The following patch adds a new option in "qemu-img": qemu-img convert -f qcow2 -O qcow2 -s snapshot_name src_img bck_img. Right now, it only supports to copy the full snapshot, delta snapshot is on the way. Changes from V1: all the comments from Kevin are addressed: Add read-only checking Fix coding style Change the name from bdrv_snapshot_load to bdrv_snapshot_load_tmp Signed-off-by: Disheng Su <edison@cloud.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-10-09trace: Trace bdrv_aio_{readv,writev}Stefan Hajnoczi
Observing block layer aio readv/writev operations is useful for debugging image formats or understanding guest disk I/O patterns. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-09-09trace: Trace virtio-blk, multiwrite, and paio_submitStefan Hajnoczi
This patch adds trace events that make it possible to observe virtio-blk. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2010-09-08Revert "Make default invocation of block drivers safer (v3)"Anthony Liguori
This reverts commit 79368c81bf8cf93864d7afc88b81b05d8f0a2c90. Conflicts: block.c I haven't been able to come up with a solution yet for the corruption caused by unaligned requests from the IDE disk so revert until a solution can be written. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-08-30block: Fix image re-open in bdrv_commitKevin Wolf
Arguably we should re-open the backing file with the backing file format and not with the format of the snapshot image. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-08-03block: Change bdrv_eject() not to drop the imageMarkus Armbruster
bdrv_eject() gets called when a device model opens or closes the tray. If the block driver implements method bdrv_eject(), that method gets called. Drivers host_cdrom implements it, and it opens and closes the physical tray, and nothing else. When a device model opens, then closes the tray, media changes only if the user actively changes the physical media while the tray is open. This is matches how physical hardware behaves. If the block driver doesn't implement method bdrv_eject(), we do something quite different: opening the tray severs the connection to the image by calling bdrv_close(), and closing the tray does nothing. When the device model opens, then closes the tray, media is gone, unless the user actively inserts another one while the tray is open, with a suitable change command in the monitor. This isn't how physical hardware behaves. Rather inconvenient when programs "helpfully" eject media to give you a chance to change it. The way bdrv_eject() behaves here turns that chance into a must, which is not what these programs or their users expect. Change the default action not to call bdrv_close(). Instead, note the tray status in new BlockDriverState member tray_open. Use it in bdrv_is_inserted(). Arguably, the device models should keep track of tray status themselves. But this is less invasive. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-08-03block: Fix bdrv_has_zero_initKevin Wolf
Assuming that any image on a block device is not properly zero-initialized is actually wrong: Only raw images have this problem. Any other image format shouldn't care about it, they initialize everything properly themselves. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-08-03block: Change bdrv_commit to handle multiple sectors at onceKevin Wolf
bdrv_commit copies the image to its backing file sector by sector, which is (surprise!) relatively slow. Let's take a larger buffer and handle more sectors at once if possible. With a 1G qcow2 file, this brought the time bdrv_commit takes down from 5:06 min to 1:14 min for me. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-07-26Fix -snapshot deleting images on disk changeBlue Swirl
Block device change command did not copy BDRV_O_SNAPSHOT flag. Thus the new image did not have this flag and the file got deleted during opening. Fix by copying BDRV_O_SNAPSHOT flag. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-07-26block: Use error codes from lower levels for error messageStefan Weil
"No such file or directory" is a misleading error message when a user tries to open a file with wrong permissions. Cc: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-07-15Make default invocation of block drivers safer (v3)Anthony Liguori
CVE-2008-2004 described a vulnerability in QEMU whereas a malicious user could trick the block probing code into accessing arbitrary files in a guest. To mitigate this, we added an explicit format parameter to -drive which disabling block probing. Fast forward to today, and the vast majority of users do not use this parameter. libvirt does not use this by default nor does virt-manager. Most users want block probing so we should try to make it safer. This patch adds some logic to the raw device which attempts to detect a write operation to the beginning of a raw device. If the first 4 bytes happen to match an image file that has a backing file that we support, it scrubs the signature to all zeros. If a user specifies an explicit format parameter, this behavior is disabled. I contend that while a legitimate guest could write such a signature to the header, we would behave incorrectly anyway upon the next invocation of QEMU. This simply changes the incorrect behavior to not involve a security vulnerability. I've tested this pretty extensively both in the positive and negative case. I'm not 100% confident in the block layer's ability to deal with zero sized writes particularly with respect to the aio functions so some additional eyes would be appreciated. Even in the case of a single sector write, we have to make sure to invoked the completion from a bottom half so just removing the zero sized write is not an option. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-06qcow2/vdi: Change check to distinguish error casesKevin Wolf
This distinguishes between harmless leaks and real corruption. Hopefully users better understand what qemu-img check wants to tell them. Signed-off-by: Kevin Wolf <kwolf@redhat.com>