1 /* 2 * QEMU System Emulator block driver 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "block/trace.h" 27 #include "block/block_int.h" 28 #include "block/blockjob.h" 29 #include "block/nbd.h" 30 #include "block/qdict.h" 31 #include "qemu/error-report.h" 32 #include "module_block.h" 33 #include "qemu/module.h" 34 #include "qapi/error.h" 35 #include "qapi/qmp/qdict.h" 36 #include "qapi/qmp/qjson.h" 37 #include "qapi/qmp/qnull.h" 38 #include "qapi/qmp/qstring.h" 39 #include "qapi/qobject-output-visitor.h" 40 #include "qapi/qapi-visit-block-core.h" 41 #include "sysemu/block-backend.h" 42 #include "sysemu/sysemu.h" 43 #include "qemu/notify.h" 44 #include "qemu/option.h" 45 #include "qemu/coroutine.h" 46 #include "block/qapi.h" 47 #include "qemu/timer.h" 48 #include "qemu/cutils.h" 49 #include "qemu/id.h" 50 51 #ifdef CONFIG_BSD 52 #include <sys/ioctl.h> 53 #include <sys/queue.h> 54 #ifndef __DragonFly__ 55 #include <sys/disk.h> 56 #endif 57 #endif 58 59 #ifdef _WIN32 60 #include <windows.h> 61 #endif 62 63 #define NOT_DONE 0x7fffffff /* used while emulated sync operation in progress */ 64 65 static QTAILQ_HEAD(, BlockDriverState) graph_bdrv_states = 66 QTAILQ_HEAD_INITIALIZER(graph_bdrv_states); 67 68 static QTAILQ_HEAD(, BlockDriverState) all_bdrv_states = 69 QTAILQ_HEAD_INITIALIZER(all_bdrv_states); 70 71 static QLIST_HEAD(, BlockDriver) bdrv_drivers = 72 QLIST_HEAD_INITIALIZER(bdrv_drivers); 73 74 static BlockDriverState *bdrv_open_inherit(const char *filename, 75 const char *reference, 76 QDict *options, int flags, 77 BlockDriverState *parent, 78 const BdrvChildRole *child_role, 79 Error **errp); 80 81 /* If non-zero, use only whitelisted block drivers */ 82 static int use_bdrv_whitelist; 83 84 #ifdef _WIN32 85 static int is_windows_drive_prefix(const char *filename) 86 { 87 return (((filename[0] >= 'a' && filename[0] <= 'z') || 88 (filename[0] >= 'A' && filename[0] <= 'Z')) && 89 filename[1] == ':'); 90 } 91 92 int is_windows_drive(const char *filename) 93 { 94 if (is_windows_drive_prefix(filename) && 95 filename[2] == '\0') 96 return 1; 97 if (strstart(filename, "\\\\.\\", NULL) || 98 strstart(filename, "//./", NULL)) 99 return 1; 100 return 0; 101 } 102 #endif 103 104 size_t bdrv_opt_mem_align(BlockDriverState *bs) 105 { 106 if (!bs || !bs->drv) { 107 /* page size or 4k (hdd sector size) should be on the safe side */ 108 return MAX(4096, getpagesize()); 109 } 110 111 return bs->bl.opt_mem_alignment; 112 } 113 114 size_t bdrv_min_mem_align(BlockDriverState *bs) 115 { 116 if (!bs || !bs->drv) { 117 /* page size or 4k (hdd sector size) should be on the safe side */ 118 return MAX(4096, getpagesize()); 119 } 120 121 return bs->bl.min_mem_alignment; 122 } 123 124 /* check if the path starts with "<protocol>:" */ 125 int path_has_protocol(const char *path) 126 { 127 const char *p; 128 129 #ifdef _WIN32 130 if (is_windows_drive(path) || 131 is_windows_drive_prefix(path)) { 132 return 0; 133 } 134 p = path + strcspn(path, ":/\\"); 135 #else 136 p = path + strcspn(path, ":/"); 137 #endif 138 139 return *p == ':'; 140 } 141 142 int path_is_absolute(const char *path) 143 { 144 #ifdef _WIN32 145 /* specific case for names like: "\\.\d:" */ 146 if (is_windows_drive(path) || is_windows_drive_prefix(path)) { 147 return 1; 148 } 149 return (*path == '/' || *path == '\\'); 150 #else 151 return (*path == '/'); 152 #endif 153 } 154 155 /* if filename is absolute, just return its duplicate. Otherwise, build a 156 path to it by considering it is relative to base_path. URL are 157 supported. */ 158 char *path_combine(const char *base_path, const char *filename) 159 { 160 const char *protocol_stripped = NULL; 161 const char *p, *p1; 162 char *result; 163 int len; 164 165 if (path_is_absolute(filename)) { 166 return g_strdup(filename); 167 } 168 169 if (path_has_protocol(base_path)) { 170 protocol_stripped = strchr(base_path, ':'); 171 if (protocol_stripped) { 172 protocol_stripped++; 173 } 174 } 175 p = protocol_stripped ?: base_path; 176 177 p1 = strrchr(base_path, '/'); 178 #ifdef _WIN32 179 { 180 const char *p2; 181 p2 = strrchr(base_path, '\\'); 182 if (!p1 || p2 > p1) { 183 p1 = p2; 184 } 185 } 186 #endif 187 if (p1) { 188 p1++; 189 } else { 190 p1 = base_path; 191 } 192 if (p1 > p) { 193 p = p1; 194 } 195 len = p - base_path; 196 197 result = g_malloc(len + strlen(filename) + 1); 198 memcpy(result, base_path, len); 199 strcpy(result + len, filename); 200 201 return result; 202 } 203 204 /* 205 * Helper function for bdrv_parse_filename() implementations to remove optional 206 * protocol prefixes (especially "file:") from a filename and for putting the 207 * stripped filename into the options QDict if there is such a prefix. 208 */ 209 void bdrv_parse_filename_strip_prefix(const char *filename, const char *prefix, 210 QDict *options) 211 { 212 if (strstart(filename, prefix, &filename)) { 213 /* Stripping the explicit protocol prefix may result in a protocol 214 * prefix being (wrongly) detected (if the filename contains a colon) */ 215 if (path_has_protocol(filename)) { 216 QString *fat_filename; 217 218 /* This means there is some colon before the first slash; therefore, 219 * this cannot be an absolute path */ 220 assert(!path_is_absolute(filename)); 221 222 /* And we can thus fix the protocol detection issue by prefixing it 223 * by "./" */ 224 fat_filename = qstring_from_str("./"); 225 qstring_append(fat_filename, filename); 226 227 assert(!path_has_protocol(qstring_get_str(fat_filename))); 228 229 qdict_put(options, "filename", fat_filename); 230 } else { 231 /* If no protocol prefix was detected, we can use the shortened 232 * filename as-is */ 233 qdict_put_str(options, "filename", filename); 234 } 235 } 236 } 237 238 239 /* Returns whether the image file is opened as read-only. Note that this can 240 * return false and writing to the image file is still not possible because the 241 * image is inactivated. */ 242 bool bdrv_is_read_only(BlockDriverState *bs) 243 { 244 return bs->read_only; 245 } 246 247 int bdrv_can_set_read_only(BlockDriverState *bs, bool read_only, 248 bool ignore_allow_rdw, Error **errp) 249 { 250 /* Do not set read_only if copy_on_read is enabled */ 251 if (bs->copy_on_read && read_only) { 252 error_setg(errp, "Can't set node '%s' to r/o with copy-on-read enabled", 253 bdrv_get_device_or_node_name(bs)); 254 return -EINVAL; 255 } 256 257 /* Do not clear read_only if it is prohibited */ 258 if (!read_only && !(bs->open_flags & BDRV_O_ALLOW_RDWR) && 259 !ignore_allow_rdw) 260 { 261 error_setg(errp, "Node '%s' is read only", 262 bdrv_get_device_or_node_name(bs)); 263 return -EPERM; 264 } 265 266 return 0; 267 } 268 269 /* 270 * Called by a driver that can only provide a read-only image. 271 * 272 * Returns 0 if the node is already read-only or it could switch the node to 273 * read-only because BDRV_O_AUTO_RDONLY is set. 274 * 275 * Returns -EACCES if the node is read-write and BDRV_O_AUTO_RDONLY is not set 276 * or bdrv_can_set_read_only() forbids making the node read-only. If @errmsg 277 * is not NULL, it is used as the error message for the Error object. 278 */ 279 int bdrv_apply_auto_read_only(BlockDriverState *bs, const char *errmsg, 280 Error **errp) 281 { 282 int ret = 0; 283 284 if (!(bs->open_flags & BDRV_O_RDWR)) { 285 return 0; 286 } 287 if (!(bs->open_flags & BDRV_O_AUTO_RDONLY)) { 288 goto fail; 289 } 290 291 ret = bdrv_can_set_read_only(bs, true, false, NULL); 292 if (ret < 0) { 293 goto fail; 294 } 295 296 bs->read_only = true; 297 bs->open_flags &= ~BDRV_O_RDWR; 298 299 return 0; 300 301 fail: 302 error_setg(errp, "%s", errmsg ?: "Image is read-only"); 303 return -EACCES; 304 } 305 306 /* 307 * If @backing is empty, this function returns NULL without setting 308 * @errp. In all other cases, NULL will only be returned with @errp 309 * set. 310 * 311 * Therefore, a return value of NULL without @errp set means that 312 * there is no backing file; if @errp is set, there is one but its 313 * absolute filename cannot be generated. 314 */ 315 char *bdrv_get_full_backing_filename_from_filename(const char *backed, 316 const char *backing, 317 Error **errp) 318 { 319 if (backing[0] == '\0') { 320 return NULL; 321 } else if (path_has_protocol(backing) || path_is_absolute(backing)) { 322 return g_strdup(backing); 323 } else if (backed[0] == '\0' || strstart(backed, "json:", NULL)) { 324 error_setg(errp, "Cannot use relative backing file names for '%s'", 325 backed); 326 return NULL; 327 } else { 328 return path_combine(backed, backing); 329 } 330 } 331 332 /* 333 * If @filename is empty or NULL, this function returns NULL without 334 * setting @errp. In all other cases, NULL will only be returned with 335 * @errp set. 336 */ 337 static char *bdrv_make_absolute_filename(BlockDriverState *relative_to, 338 const char *filename, Error **errp) 339 { 340 char *bs_filename; 341 342 bdrv_refresh_filename(relative_to); 343 344 bs_filename = relative_to->exact_filename[0] 345 ? relative_to->exact_filename 346 : relative_to->filename; 347 348 return bdrv_get_full_backing_filename_from_filename(bs_filename, 349 filename ?: "", errp); 350 } 351 352 char *bdrv_get_full_backing_filename(BlockDriverState *bs, Error **errp) 353 { 354 return bdrv_make_absolute_filename(bs, bs->backing_file, errp); 355 } 356 357 void bdrv_register(BlockDriver *bdrv) 358 { 359 QLIST_INSERT_HEAD(&bdrv_drivers, bdrv, list); 360 } 361 362 BlockDriverState *bdrv_new(void) 363 { 364 BlockDriverState *bs; 365 int i; 366 367 bs = g_new0(BlockDriverState, 1); 368 QLIST_INIT(&bs->dirty_bitmaps); 369 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 370 QLIST_INIT(&bs->op_blockers[i]); 371 } 372 notifier_with_return_list_init(&bs->before_write_notifiers); 373 qemu_co_mutex_init(&bs->reqs_lock); 374 qemu_mutex_init(&bs->dirty_bitmap_mutex); 375 bs->refcnt = 1; 376 bs->aio_context = qemu_get_aio_context(); 377 378 qemu_co_queue_init(&bs->flush_queue); 379 380 for (i = 0; i < bdrv_drain_all_count; i++) { 381 bdrv_drained_begin(bs); 382 } 383 384 QTAILQ_INSERT_TAIL(&all_bdrv_states, bs, bs_list); 385 386 return bs; 387 } 388 389 static BlockDriver *bdrv_do_find_format(const char *format_name) 390 { 391 BlockDriver *drv1; 392 393 QLIST_FOREACH(drv1, &bdrv_drivers, list) { 394 if (!strcmp(drv1->format_name, format_name)) { 395 return drv1; 396 } 397 } 398 399 return NULL; 400 } 401 402 BlockDriver *bdrv_find_format(const char *format_name) 403 { 404 BlockDriver *drv1; 405 int i; 406 407 drv1 = bdrv_do_find_format(format_name); 408 if (drv1) { 409 return drv1; 410 } 411 412 /* The driver isn't registered, maybe we need to load a module */ 413 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); ++i) { 414 if (!strcmp(block_driver_modules[i].format_name, format_name)) { 415 block_module_load_one(block_driver_modules[i].library_name); 416 break; 417 } 418 } 419 420 return bdrv_do_find_format(format_name); 421 } 422 423 int bdrv_is_whitelisted(BlockDriver *drv, bool read_only) 424 { 425 static const char *whitelist_rw[] = { 426 CONFIG_BDRV_RW_WHITELIST 427 }; 428 static const char *whitelist_ro[] = { 429 CONFIG_BDRV_RO_WHITELIST 430 }; 431 const char **p; 432 433 if (!whitelist_rw[0] && !whitelist_ro[0]) { 434 return 1; /* no whitelist, anything goes */ 435 } 436 437 for (p = whitelist_rw; *p; p++) { 438 if (!strcmp(drv->format_name, *p)) { 439 return 1; 440 } 441 } 442 if (read_only) { 443 for (p = whitelist_ro; *p; p++) { 444 if (!strcmp(drv->format_name, *p)) { 445 return 1; 446 } 447 } 448 } 449 return 0; 450 } 451 452 bool bdrv_uses_whitelist(void) 453 { 454 return use_bdrv_whitelist; 455 } 456 457 typedef struct CreateCo { 458 BlockDriver *drv; 459 char *filename; 460 QemuOpts *opts; 461 int ret; 462 Error *err; 463 } CreateCo; 464 465 static void coroutine_fn bdrv_create_co_entry(void *opaque) 466 { 467 Error *local_err = NULL; 468 int ret; 469 470 CreateCo *cco = opaque; 471 assert(cco->drv); 472 473 ret = cco->drv->bdrv_co_create_opts(cco->filename, cco->opts, &local_err); 474 error_propagate(&cco->err, local_err); 475 cco->ret = ret; 476 } 477 478 int bdrv_create(BlockDriver *drv, const char* filename, 479 QemuOpts *opts, Error **errp) 480 { 481 int ret; 482 483 Coroutine *co; 484 CreateCo cco = { 485 .drv = drv, 486 .filename = g_strdup(filename), 487 .opts = opts, 488 .ret = NOT_DONE, 489 .err = NULL, 490 }; 491 492 if (!drv->bdrv_co_create_opts) { 493 error_setg(errp, "Driver '%s' does not support image creation", drv->format_name); 494 ret = -ENOTSUP; 495 goto out; 496 } 497 498 if (qemu_in_coroutine()) { 499 /* Fast-path if already in coroutine context */ 500 bdrv_create_co_entry(&cco); 501 } else { 502 co = qemu_coroutine_create(bdrv_create_co_entry, &cco); 503 qemu_coroutine_enter(co); 504 while (cco.ret == NOT_DONE) { 505 aio_poll(qemu_get_aio_context(), true); 506 } 507 } 508 509 ret = cco.ret; 510 if (ret < 0) { 511 if (cco.err) { 512 error_propagate(errp, cco.err); 513 } else { 514 error_setg_errno(errp, -ret, "Could not create image"); 515 } 516 } 517 518 out: 519 g_free(cco.filename); 520 return ret; 521 } 522 523 int bdrv_create_file(const char *filename, QemuOpts *opts, Error **errp) 524 { 525 BlockDriver *drv; 526 Error *local_err = NULL; 527 int ret; 528 529 drv = bdrv_find_protocol(filename, true, errp); 530 if (drv == NULL) { 531 return -ENOENT; 532 } 533 534 ret = bdrv_create(drv, filename, opts, &local_err); 535 error_propagate(errp, local_err); 536 return ret; 537 } 538 539 /** 540 * Try to get @bs's logical and physical block size. 541 * On success, store them in @bsz struct and return 0. 542 * On failure return -errno. 543 * @bs must not be empty. 544 */ 545 int bdrv_probe_blocksizes(BlockDriverState *bs, BlockSizes *bsz) 546 { 547 BlockDriver *drv = bs->drv; 548 549 if (drv && drv->bdrv_probe_blocksizes) { 550 return drv->bdrv_probe_blocksizes(bs, bsz); 551 } else if (drv && drv->is_filter && bs->file) { 552 return bdrv_probe_blocksizes(bs->file->bs, bsz); 553 } 554 555 return -ENOTSUP; 556 } 557 558 /** 559 * Try to get @bs's geometry (cyls, heads, sectors). 560 * On success, store them in @geo struct and return 0. 561 * On failure return -errno. 562 * @bs must not be empty. 563 */ 564 int bdrv_probe_geometry(BlockDriverState *bs, HDGeometry *geo) 565 { 566 BlockDriver *drv = bs->drv; 567 568 if (drv && drv->bdrv_probe_geometry) { 569 return drv->bdrv_probe_geometry(bs, geo); 570 } else if (drv && drv->is_filter && bs->file) { 571 return bdrv_probe_geometry(bs->file->bs, geo); 572 } 573 574 return -ENOTSUP; 575 } 576 577 /* 578 * Create a uniquely-named empty temporary file. 579 * Return 0 upon success, otherwise a negative errno value. 580 */ 581 int get_tmp_filename(char *filename, int size) 582 { 583 #ifdef _WIN32 584 char temp_dir[MAX_PATH]; 585 /* GetTempFileName requires that its output buffer (4th param) 586 have length MAX_PATH or greater. */ 587 assert(size >= MAX_PATH); 588 return (GetTempPath(MAX_PATH, temp_dir) 589 && GetTempFileName(temp_dir, "qem", 0, filename) 590 ? 0 : -GetLastError()); 591 #else 592 int fd; 593 const char *tmpdir; 594 tmpdir = getenv("TMPDIR"); 595 if (!tmpdir) { 596 tmpdir = "/var/tmp"; 597 } 598 if (snprintf(filename, size, "%s/vl.XXXXXX", tmpdir) >= size) { 599 return -EOVERFLOW; 600 } 601 fd = mkstemp(filename); 602 if (fd < 0) { 603 return -errno; 604 } 605 if (close(fd) != 0) { 606 unlink(filename); 607 return -errno; 608 } 609 return 0; 610 #endif 611 } 612 613 /* 614 * Detect host devices. By convention, /dev/cdrom[N] is always 615 * recognized as a host CDROM. 616 */ 617 static BlockDriver *find_hdev_driver(const char *filename) 618 { 619 int score_max = 0, score; 620 BlockDriver *drv = NULL, *d; 621 622 QLIST_FOREACH(d, &bdrv_drivers, list) { 623 if (d->bdrv_probe_device) { 624 score = d->bdrv_probe_device(filename); 625 if (score > score_max) { 626 score_max = score; 627 drv = d; 628 } 629 } 630 } 631 632 return drv; 633 } 634 635 static BlockDriver *bdrv_do_find_protocol(const char *protocol) 636 { 637 BlockDriver *drv1; 638 639 QLIST_FOREACH(drv1, &bdrv_drivers, list) { 640 if (drv1->protocol_name && !strcmp(drv1->protocol_name, protocol)) { 641 return drv1; 642 } 643 } 644 645 return NULL; 646 } 647 648 BlockDriver *bdrv_find_protocol(const char *filename, 649 bool allow_protocol_prefix, 650 Error **errp) 651 { 652 BlockDriver *drv1; 653 char protocol[128]; 654 int len; 655 const char *p; 656 int i; 657 658 /* TODO Drivers without bdrv_file_open must be specified explicitly */ 659 660 /* 661 * XXX(hch): we really should not let host device detection 662 * override an explicit protocol specification, but moving this 663 * later breaks access to device names with colons in them. 664 * Thanks to the brain-dead persistent naming schemes on udev- 665 * based Linux systems those actually are quite common. 666 */ 667 drv1 = find_hdev_driver(filename); 668 if (drv1) { 669 return drv1; 670 } 671 672 if (!path_has_protocol(filename) || !allow_protocol_prefix) { 673 return &bdrv_file; 674 } 675 676 p = strchr(filename, ':'); 677 assert(p != NULL); 678 len = p - filename; 679 if (len > sizeof(protocol) - 1) 680 len = sizeof(protocol) - 1; 681 memcpy(protocol, filename, len); 682 protocol[len] = '\0'; 683 684 drv1 = bdrv_do_find_protocol(protocol); 685 if (drv1) { 686 return drv1; 687 } 688 689 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); ++i) { 690 if (block_driver_modules[i].protocol_name && 691 !strcmp(block_driver_modules[i].protocol_name, protocol)) { 692 block_module_load_one(block_driver_modules[i].library_name); 693 break; 694 } 695 } 696 697 drv1 = bdrv_do_find_protocol(protocol); 698 if (!drv1) { 699 error_setg(errp, "Unknown protocol '%s'", protocol); 700 } 701 return drv1; 702 } 703 704 /* 705 * Guess image format by probing its contents. 706 * This is not a good idea when your image is raw (CVE-2008-2004), but 707 * we do it anyway for backward compatibility. 708 * 709 * @buf contains the image's first @buf_size bytes. 710 * @buf_size is the buffer size in bytes (generally BLOCK_PROBE_BUF_SIZE, 711 * but can be smaller if the image file is smaller) 712 * @filename is its filename. 713 * 714 * For all block drivers, call the bdrv_probe() method to get its 715 * probing score. 716 * Return the first block driver with the highest probing score. 717 */ 718 BlockDriver *bdrv_probe_all(const uint8_t *buf, int buf_size, 719 const char *filename) 720 { 721 int score_max = 0, score; 722 BlockDriver *drv = NULL, *d; 723 724 QLIST_FOREACH(d, &bdrv_drivers, list) { 725 if (d->bdrv_probe) { 726 score = d->bdrv_probe(buf, buf_size, filename); 727 if (score > score_max) { 728 score_max = score; 729 drv = d; 730 } 731 } 732 } 733 734 return drv; 735 } 736 737 static int find_image_format(BlockBackend *file, const char *filename, 738 BlockDriver **pdrv, Error **errp) 739 { 740 BlockDriver *drv; 741 uint8_t buf[BLOCK_PROBE_BUF_SIZE]; 742 int ret = 0; 743 744 /* Return the raw BlockDriver * to scsi-generic devices or empty drives */ 745 if (blk_is_sg(file) || !blk_is_inserted(file) || blk_getlength(file) == 0) { 746 *pdrv = &bdrv_raw; 747 return ret; 748 } 749 750 ret = blk_pread(file, 0, buf, sizeof(buf)); 751 if (ret < 0) { 752 error_setg_errno(errp, -ret, "Could not read image for determining its " 753 "format"); 754 *pdrv = NULL; 755 return ret; 756 } 757 758 drv = bdrv_probe_all(buf, ret, filename); 759 if (!drv) { 760 error_setg(errp, "Could not determine image format: No compatible " 761 "driver found"); 762 ret = -ENOENT; 763 } 764 *pdrv = drv; 765 return ret; 766 } 767 768 /** 769 * Set the current 'total_sectors' value 770 * Return 0 on success, -errno on error. 771 */ 772 int refresh_total_sectors(BlockDriverState *bs, int64_t hint) 773 { 774 BlockDriver *drv = bs->drv; 775 776 if (!drv) { 777 return -ENOMEDIUM; 778 } 779 780 /* Do not attempt drv->bdrv_getlength() on scsi-generic devices */ 781 if (bdrv_is_sg(bs)) 782 return 0; 783 784 /* query actual device if possible, otherwise just trust the hint */ 785 if (drv->bdrv_getlength) { 786 int64_t length = drv->bdrv_getlength(bs); 787 if (length < 0) { 788 return length; 789 } 790 hint = DIV_ROUND_UP(length, BDRV_SECTOR_SIZE); 791 } 792 793 bs->total_sectors = hint; 794 return 0; 795 } 796 797 /** 798 * Combines a QDict of new block driver @options with any missing options taken 799 * from @old_options, so that leaving out an option defaults to its old value. 800 */ 801 static void bdrv_join_options(BlockDriverState *bs, QDict *options, 802 QDict *old_options) 803 { 804 if (bs->drv && bs->drv->bdrv_join_options) { 805 bs->drv->bdrv_join_options(options, old_options); 806 } else { 807 qdict_join(options, old_options, false); 808 } 809 } 810 811 static BlockdevDetectZeroesOptions bdrv_parse_detect_zeroes(QemuOpts *opts, 812 int open_flags, 813 Error **errp) 814 { 815 Error *local_err = NULL; 816 char *value = qemu_opt_get_del(opts, "detect-zeroes"); 817 BlockdevDetectZeroesOptions detect_zeroes = 818 qapi_enum_parse(&BlockdevDetectZeroesOptions_lookup, value, 819 BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF, &local_err); 820 g_free(value); 821 if (local_err) { 822 error_propagate(errp, local_err); 823 return detect_zeroes; 824 } 825 826 if (detect_zeroes == BLOCKDEV_DETECT_ZEROES_OPTIONS_UNMAP && 827 !(open_flags & BDRV_O_UNMAP)) 828 { 829 error_setg(errp, "setting detect-zeroes to unmap is not allowed " 830 "without setting discard operation to unmap"); 831 } 832 833 return detect_zeroes; 834 } 835 836 /** 837 * Set open flags for a given discard mode 838 * 839 * Return 0 on success, -1 if the discard mode was invalid. 840 */ 841 int bdrv_parse_discard_flags(const char *mode, int *flags) 842 { 843 *flags &= ~BDRV_O_UNMAP; 844 845 if (!strcmp(mode, "off") || !strcmp(mode, "ignore")) { 846 /* do nothing */ 847 } else if (!strcmp(mode, "on") || !strcmp(mode, "unmap")) { 848 *flags |= BDRV_O_UNMAP; 849 } else { 850 return -1; 851 } 852 853 return 0; 854 } 855 856 /** 857 * Set open flags for a given cache mode 858 * 859 * Return 0 on success, -1 if the cache mode was invalid. 860 */ 861 int bdrv_parse_cache_mode(const char *mode, int *flags, bool *writethrough) 862 { 863 *flags &= ~BDRV_O_CACHE_MASK; 864 865 if (!strcmp(mode, "off") || !strcmp(mode, "none")) { 866 *writethrough = false; 867 *flags |= BDRV_O_NOCACHE; 868 } else if (!strcmp(mode, "directsync")) { 869 *writethrough = true; 870 *flags |= BDRV_O_NOCACHE; 871 } else if (!strcmp(mode, "writeback")) { 872 *writethrough = false; 873 } else if (!strcmp(mode, "unsafe")) { 874 *writethrough = false; 875 *flags |= BDRV_O_NO_FLUSH; 876 } else if (!strcmp(mode, "writethrough")) { 877 *writethrough = true; 878 } else { 879 return -1; 880 } 881 882 return 0; 883 } 884 885 static char *bdrv_child_get_parent_desc(BdrvChild *c) 886 { 887 BlockDriverState *parent = c->opaque; 888 return g_strdup(bdrv_get_device_or_node_name(parent)); 889 } 890 891 static void bdrv_child_cb_drained_begin(BdrvChild *child) 892 { 893 BlockDriverState *bs = child->opaque; 894 bdrv_do_drained_begin_quiesce(bs, NULL, false); 895 } 896 897 static bool bdrv_child_cb_drained_poll(BdrvChild *child) 898 { 899 BlockDriverState *bs = child->opaque; 900 return bdrv_drain_poll(bs, false, NULL, false); 901 } 902 903 static void bdrv_child_cb_drained_end(BdrvChild *child) 904 { 905 BlockDriverState *bs = child->opaque; 906 bdrv_drained_end(bs); 907 } 908 909 static void bdrv_child_cb_attach(BdrvChild *child) 910 { 911 BlockDriverState *bs = child->opaque; 912 bdrv_apply_subtree_drain(child, bs); 913 } 914 915 static void bdrv_child_cb_detach(BdrvChild *child) 916 { 917 BlockDriverState *bs = child->opaque; 918 bdrv_unapply_subtree_drain(child, bs); 919 } 920 921 static int bdrv_child_cb_inactivate(BdrvChild *child) 922 { 923 BlockDriverState *bs = child->opaque; 924 assert(bs->open_flags & BDRV_O_INACTIVE); 925 return 0; 926 } 927 928 /* 929 * Returns the options and flags that a temporary snapshot should get, based on 930 * the originally requested flags (the originally requested image will have 931 * flags like a backing file) 932 */ 933 static void bdrv_temp_snapshot_options(int *child_flags, QDict *child_options, 934 int parent_flags, QDict *parent_options) 935 { 936 *child_flags = (parent_flags & ~BDRV_O_SNAPSHOT) | BDRV_O_TEMPORARY; 937 938 /* For temporary files, unconditional cache=unsafe is fine */ 939 qdict_set_default_str(child_options, BDRV_OPT_CACHE_DIRECT, "off"); 940 qdict_set_default_str(child_options, BDRV_OPT_CACHE_NO_FLUSH, "on"); 941 942 /* Copy the read-only option from the parent */ 943 qdict_copy_default(child_options, parent_options, BDRV_OPT_READ_ONLY); 944 945 /* aio=native doesn't work for cache.direct=off, so disable it for the 946 * temporary snapshot */ 947 *child_flags &= ~BDRV_O_NATIVE_AIO; 948 } 949 950 /* 951 * Returns the options and flags that bs->file should get if a protocol driver 952 * is expected, based on the given options and flags for the parent BDS 953 */ 954 static void bdrv_inherited_options(int *child_flags, QDict *child_options, 955 int parent_flags, QDict *parent_options) 956 { 957 int flags = parent_flags; 958 959 /* Enable protocol handling, disable format probing for bs->file */ 960 flags |= BDRV_O_PROTOCOL; 961 962 /* If the cache mode isn't explicitly set, inherit direct and no-flush from 963 * the parent. */ 964 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_DIRECT); 965 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_NO_FLUSH); 966 qdict_copy_default(child_options, parent_options, BDRV_OPT_FORCE_SHARE); 967 968 /* Inherit the read-only option from the parent if it's not set */ 969 qdict_copy_default(child_options, parent_options, BDRV_OPT_READ_ONLY); 970 qdict_copy_default(child_options, parent_options, BDRV_OPT_AUTO_READ_ONLY); 971 972 /* Our block drivers take care to send flushes and respect unmap policy, 973 * so we can default to enable both on lower layers regardless of the 974 * corresponding parent options. */ 975 qdict_set_default_str(child_options, BDRV_OPT_DISCARD, "unmap"); 976 977 /* Clear flags that only apply to the top layer */ 978 flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING | BDRV_O_COPY_ON_READ | 979 BDRV_O_NO_IO); 980 981 *child_flags = flags; 982 } 983 984 const BdrvChildRole child_file = { 985 .parent_is_bds = true, 986 .get_parent_desc = bdrv_child_get_parent_desc, 987 .inherit_options = bdrv_inherited_options, 988 .drained_begin = bdrv_child_cb_drained_begin, 989 .drained_poll = bdrv_child_cb_drained_poll, 990 .drained_end = bdrv_child_cb_drained_end, 991 .attach = bdrv_child_cb_attach, 992 .detach = bdrv_child_cb_detach, 993 .inactivate = bdrv_child_cb_inactivate, 994 }; 995 996 /* 997 * Returns the options and flags that bs->file should get if the use of formats 998 * (and not only protocols) is permitted for it, based on the given options and 999 * flags for the parent BDS 1000 */ 1001 static void bdrv_inherited_fmt_options(int *child_flags, QDict *child_options, 1002 int parent_flags, QDict *parent_options) 1003 { 1004 child_file.inherit_options(child_flags, child_options, 1005 parent_flags, parent_options); 1006 1007 *child_flags &= ~(BDRV_O_PROTOCOL | BDRV_O_NO_IO); 1008 } 1009 1010 const BdrvChildRole child_format = { 1011 .parent_is_bds = true, 1012 .get_parent_desc = bdrv_child_get_parent_desc, 1013 .inherit_options = bdrv_inherited_fmt_options, 1014 .drained_begin = bdrv_child_cb_drained_begin, 1015 .drained_poll = bdrv_child_cb_drained_poll, 1016 .drained_end = bdrv_child_cb_drained_end, 1017 .attach = bdrv_child_cb_attach, 1018 .detach = bdrv_child_cb_detach, 1019 .inactivate = bdrv_child_cb_inactivate, 1020 }; 1021 1022 static void bdrv_backing_attach(BdrvChild *c) 1023 { 1024 BlockDriverState *parent = c->opaque; 1025 BlockDriverState *backing_hd = c->bs; 1026 1027 assert(!parent->backing_blocker); 1028 error_setg(&parent->backing_blocker, 1029 "node is used as backing hd of '%s'", 1030 bdrv_get_device_or_node_name(parent)); 1031 1032 bdrv_refresh_filename(backing_hd); 1033 1034 parent->open_flags &= ~BDRV_O_NO_BACKING; 1035 pstrcpy(parent->backing_file, sizeof(parent->backing_file), 1036 backing_hd->filename); 1037 pstrcpy(parent->backing_format, sizeof(parent->backing_format), 1038 backing_hd->drv ? backing_hd->drv->format_name : ""); 1039 1040 bdrv_op_block_all(backing_hd, parent->backing_blocker); 1041 /* Otherwise we won't be able to commit or stream */ 1042 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_COMMIT_TARGET, 1043 parent->backing_blocker); 1044 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_STREAM, 1045 parent->backing_blocker); 1046 /* 1047 * We do backup in 3 ways: 1048 * 1. drive backup 1049 * The target bs is new opened, and the source is top BDS 1050 * 2. blockdev backup 1051 * Both the source and the target are top BDSes. 1052 * 3. internal backup(used for block replication) 1053 * Both the source and the target are backing file 1054 * 1055 * In case 1 and 2, neither the source nor the target is the backing file. 1056 * In case 3, we will block the top BDS, so there is only one block job 1057 * for the top BDS and its backing chain. 1058 */ 1059 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE, 1060 parent->backing_blocker); 1061 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_TARGET, 1062 parent->backing_blocker); 1063 1064 bdrv_child_cb_attach(c); 1065 } 1066 1067 static void bdrv_backing_detach(BdrvChild *c) 1068 { 1069 BlockDriverState *parent = c->opaque; 1070 1071 assert(parent->backing_blocker); 1072 bdrv_op_unblock_all(c->bs, parent->backing_blocker); 1073 error_free(parent->backing_blocker); 1074 parent->backing_blocker = NULL; 1075 1076 bdrv_child_cb_detach(c); 1077 } 1078 1079 /* 1080 * Returns the options and flags that bs->backing should get, based on the 1081 * given options and flags for the parent BDS 1082 */ 1083 static void bdrv_backing_options(int *child_flags, QDict *child_options, 1084 int parent_flags, QDict *parent_options) 1085 { 1086 int flags = parent_flags; 1087 1088 /* The cache mode is inherited unmodified for backing files; except WCE, 1089 * which is only applied on the top level (BlockBackend) */ 1090 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_DIRECT); 1091 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_NO_FLUSH); 1092 qdict_copy_default(child_options, parent_options, BDRV_OPT_FORCE_SHARE); 1093 1094 /* backing files always opened read-only */ 1095 qdict_set_default_str(child_options, BDRV_OPT_READ_ONLY, "on"); 1096 qdict_set_default_str(child_options, BDRV_OPT_AUTO_READ_ONLY, "off"); 1097 flags &= ~BDRV_O_COPY_ON_READ; 1098 1099 /* snapshot=on is handled on the top layer */ 1100 flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_TEMPORARY); 1101 1102 *child_flags = flags; 1103 } 1104 1105 static int bdrv_backing_update_filename(BdrvChild *c, BlockDriverState *base, 1106 const char *filename, Error **errp) 1107 { 1108 BlockDriverState *parent = c->opaque; 1109 bool read_only = bdrv_is_read_only(parent); 1110 int ret; 1111 1112 if (read_only) { 1113 ret = bdrv_reopen_set_read_only(parent, false, errp); 1114 if (ret < 0) { 1115 return ret; 1116 } 1117 } 1118 1119 ret = bdrv_change_backing_file(parent, filename, 1120 base->drv ? base->drv->format_name : ""); 1121 if (ret < 0) { 1122 error_setg_errno(errp, -ret, "Could not update backing file link"); 1123 } 1124 1125 if (read_only) { 1126 bdrv_reopen_set_read_only(parent, true, NULL); 1127 } 1128 1129 return ret; 1130 } 1131 1132 const BdrvChildRole child_backing = { 1133 .parent_is_bds = true, 1134 .get_parent_desc = bdrv_child_get_parent_desc, 1135 .attach = bdrv_backing_attach, 1136 .detach = bdrv_backing_detach, 1137 .inherit_options = bdrv_backing_options, 1138 .drained_begin = bdrv_child_cb_drained_begin, 1139 .drained_poll = bdrv_child_cb_drained_poll, 1140 .drained_end = bdrv_child_cb_drained_end, 1141 .inactivate = bdrv_child_cb_inactivate, 1142 .update_filename = bdrv_backing_update_filename, 1143 }; 1144 1145 static int bdrv_open_flags(BlockDriverState *bs, int flags) 1146 { 1147 int open_flags = flags; 1148 1149 /* 1150 * Clear flags that are internal to the block layer before opening the 1151 * image. 1152 */ 1153 open_flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING | BDRV_O_PROTOCOL); 1154 1155 /* 1156 * Snapshots should be writable. 1157 */ 1158 if (flags & BDRV_O_TEMPORARY) { 1159 open_flags |= BDRV_O_RDWR; 1160 } 1161 1162 return open_flags; 1163 } 1164 1165 static void update_flags_from_options(int *flags, QemuOpts *opts) 1166 { 1167 *flags &= ~(BDRV_O_CACHE_MASK | BDRV_O_RDWR | BDRV_O_AUTO_RDONLY); 1168 1169 if (qemu_opt_get_bool_del(opts, BDRV_OPT_CACHE_NO_FLUSH, false)) { 1170 *flags |= BDRV_O_NO_FLUSH; 1171 } 1172 1173 if (qemu_opt_get_bool_del(opts, BDRV_OPT_CACHE_DIRECT, false)) { 1174 *flags |= BDRV_O_NOCACHE; 1175 } 1176 1177 if (!qemu_opt_get_bool_del(opts, BDRV_OPT_READ_ONLY, false)) { 1178 *flags |= BDRV_O_RDWR; 1179 } 1180 1181 if (qemu_opt_get_bool_del(opts, BDRV_OPT_AUTO_READ_ONLY, false)) { 1182 *flags |= BDRV_O_AUTO_RDONLY; 1183 } 1184 } 1185 1186 static void update_options_from_flags(QDict *options, int flags) 1187 { 1188 if (!qdict_haskey(options, BDRV_OPT_CACHE_DIRECT)) { 1189 qdict_put_bool(options, BDRV_OPT_CACHE_DIRECT, flags & BDRV_O_NOCACHE); 1190 } 1191 if (!qdict_haskey(options, BDRV_OPT_CACHE_NO_FLUSH)) { 1192 qdict_put_bool(options, BDRV_OPT_CACHE_NO_FLUSH, 1193 flags & BDRV_O_NO_FLUSH); 1194 } 1195 if (!qdict_haskey(options, BDRV_OPT_READ_ONLY)) { 1196 qdict_put_bool(options, BDRV_OPT_READ_ONLY, !(flags & BDRV_O_RDWR)); 1197 } 1198 if (!qdict_haskey(options, BDRV_OPT_AUTO_READ_ONLY)) { 1199 qdict_put_bool(options, BDRV_OPT_AUTO_READ_ONLY, 1200 flags & BDRV_O_AUTO_RDONLY); 1201 } 1202 } 1203 1204 static void bdrv_assign_node_name(BlockDriverState *bs, 1205 const char *node_name, 1206 Error **errp) 1207 { 1208 char *gen_node_name = NULL; 1209 1210 if (!node_name) { 1211 node_name = gen_node_name = id_generate(ID_BLOCK); 1212 } else if (!id_wellformed(node_name)) { 1213 /* 1214 * Check for empty string or invalid characters, but not if it is 1215 * generated (generated names use characters not available to the user) 1216 */ 1217 error_setg(errp, "Invalid node name"); 1218 return; 1219 } 1220 1221 /* takes care of avoiding namespaces collisions */ 1222 if (blk_by_name(node_name)) { 1223 error_setg(errp, "node-name=%s is conflicting with a device id", 1224 node_name); 1225 goto out; 1226 } 1227 1228 /* takes care of avoiding duplicates node names */ 1229 if (bdrv_find_node(node_name)) { 1230 error_setg(errp, "Duplicate node name"); 1231 goto out; 1232 } 1233 1234 /* Make sure that the node name isn't truncated */ 1235 if (strlen(node_name) >= sizeof(bs->node_name)) { 1236 error_setg(errp, "Node name too long"); 1237 goto out; 1238 } 1239 1240 /* copy node name into the bs and insert it into the graph list */ 1241 pstrcpy(bs->node_name, sizeof(bs->node_name), node_name); 1242 QTAILQ_INSERT_TAIL(&graph_bdrv_states, bs, node_list); 1243 out: 1244 g_free(gen_node_name); 1245 } 1246 1247 static int bdrv_open_driver(BlockDriverState *bs, BlockDriver *drv, 1248 const char *node_name, QDict *options, 1249 int open_flags, Error **errp) 1250 { 1251 Error *local_err = NULL; 1252 int i, ret; 1253 1254 bdrv_assign_node_name(bs, node_name, &local_err); 1255 if (local_err) { 1256 error_propagate(errp, local_err); 1257 return -EINVAL; 1258 } 1259 1260 bs->drv = drv; 1261 bs->read_only = !(bs->open_flags & BDRV_O_RDWR); 1262 bs->opaque = g_malloc0(drv->instance_size); 1263 1264 if (drv->bdrv_file_open) { 1265 assert(!drv->bdrv_needs_filename || bs->filename[0]); 1266 ret = drv->bdrv_file_open(bs, options, open_flags, &local_err); 1267 } else if (drv->bdrv_open) { 1268 ret = drv->bdrv_open(bs, options, open_flags, &local_err); 1269 } else { 1270 ret = 0; 1271 } 1272 1273 if (ret < 0) { 1274 if (local_err) { 1275 error_propagate(errp, local_err); 1276 } else if (bs->filename[0]) { 1277 error_setg_errno(errp, -ret, "Could not open '%s'", bs->filename); 1278 } else { 1279 error_setg_errno(errp, -ret, "Could not open image"); 1280 } 1281 goto open_failed; 1282 } 1283 1284 ret = refresh_total_sectors(bs, bs->total_sectors); 1285 if (ret < 0) { 1286 error_setg_errno(errp, -ret, "Could not refresh total sector count"); 1287 return ret; 1288 } 1289 1290 bdrv_refresh_limits(bs, &local_err); 1291 if (local_err) { 1292 error_propagate(errp, local_err); 1293 return -EINVAL; 1294 } 1295 1296 assert(bdrv_opt_mem_align(bs) != 0); 1297 assert(bdrv_min_mem_align(bs) != 0); 1298 assert(is_power_of_2(bs->bl.request_alignment)); 1299 1300 for (i = 0; i < bs->quiesce_counter; i++) { 1301 if (drv->bdrv_co_drain_begin) { 1302 drv->bdrv_co_drain_begin(bs); 1303 } 1304 } 1305 1306 return 0; 1307 open_failed: 1308 bs->drv = NULL; 1309 if (bs->file != NULL) { 1310 bdrv_unref_child(bs, bs->file); 1311 bs->file = NULL; 1312 } 1313 g_free(bs->opaque); 1314 bs->opaque = NULL; 1315 return ret; 1316 } 1317 1318 BlockDriverState *bdrv_new_open_driver(BlockDriver *drv, const char *node_name, 1319 int flags, Error **errp) 1320 { 1321 BlockDriverState *bs; 1322 int ret; 1323 1324 bs = bdrv_new(); 1325 bs->open_flags = flags; 1326 bs->explicit_options = qdict_new(); 1327 bs->options = qdict_new(); 1328 bs->opaque = NULL; 1329 1330 update_options_from_flags(bs->options, flags); 1331 1332 ret = bdrv_open_driver(bs, drv, node_name, bs->options, flags, errp); 1333 if (ret < 0) { 1334 qobject_unref(bs->explicit_options); 1335 bs->explicit_options = NULL; 1336 qobject_unref(bs->options); 1337 bs->options = NULL; 1338 bdrv_unref(bs); 1339 return NULL; 1340 } 1341 1342 return bs; 1343 } 1344 1345 QemuOptsList bdrv_runtime_opts = { 1346 .name = "bdrv_common", 1347 .head = QTAILQ_HEAD_INITIALIZER(bdrv_runtime_opts.head), 1348 .desc = { 1349 { 1350 .name = "node-name", 1351 .type = QEMU_OPT_STRING, 1352 .help = "Node name of the block device node", 1353 }, 1354 { 1355 .name = "driver", 1356 .type = QEMU_OPT_STRING, 1357 .help = "Block driver to use for the node", 1358 }, 1359 { 1360 .name = BDRV_OPT_CACHE_DIRECT, 1361 .type = QEMU_OPT_BOOL, 1362 .help = "Bypass software writeback cache on the host", 1363 }, 1364 { 1365 .name = BDRV_OPT_CACHE_NO_FLUSH, 1366 .type = QEMU_OPT_BOOL, 1367 .help = "Ignore flush requests", 1368 }, 1369 { 1370 .name = BDRV_OPT_READ_ONLY, 1371 .type = QEMU_OPT_BOOL, 1372 .help = "Node is opened in read-only mode", 1373 }, 1374 { 1375 .name = BDRV_OPT_AUTO_READ_ONLY, 1376 .type = QEMU_OPT_BOOL, 1377 .help = "Node can become read-only if opening read-write fails", 1378 }, 1379 { 1380 .name = "detect-zeroes", 1381 .type = QEMU_OPT_STRING, 1382 .help = "try to optimize zero writes (off, on, unmap)", 1383 }, 1384 { 1385 .name = BDRV_OPT_DISCARD, 1386 .type = QEMU_OPT_STRING, 1387 .help = "discard operation (ignore/off, unmap/on)", 1388 }, 1389 { 1390 .name = BDRV_OPT_FORCE_SHARE, 1391 .type = QEMU_OPT_BOOL, 1392 .help = "always accept other writers (default: off)", 1393 }, 1394 { /* end of list */ } 1395 }, 1396 }; 1397 1398 /* 1399 * Common part for opening disk images and files 1400 * 1401 * Removes all processed options from *options. 1402 */ 1403 static int bdrv_open_common(BlockDriverState *bs, BlockBackend *file, 1404 QDict *options, Error **errp) 1405 { 1406 int ret, open_flags; 1407 const char *filename; 1408 const char *driver_name = NULL; 1409 const char *node_name = NULL; 1410 const char *discard; 1411 QemuOpts *opts; 1412 BlockDriver *drv; 1413 Error *local_err = NULL; 1414 1415 assert(bs->file == NULL); 1416 assert(options != NULL && bs->options != options); 1417 1418 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort); 1419 qemu_opts_absorb_qdict(opts, options, &local_err); 1420 if (local_err) { 1421 error_propagate(errp, local_err); 1422 ret = -EINVAL; 1423 goto fail_opts; 1424 } 1425 1426 update_flags_from_options(&bs->open_flags, opts); 1427 1428 driver_name = qemu_opt_get(opts, "driver"); 1429 drv = bdrv_find_format(driver_name); 1430 assert(drv != NULL); 1431 1432 bs->force_share = qemu_opt_get_bool(opts, BDRV_OPT_FORCE_SHARE, false); 1433 1434 if (bs->force_share && (bs->open_flags & BDRV_O_RDWR)) { 1435 error_setg(errp, 1436 BDRV_OPT_FORCE_SHARE 1437 "=on can only be used with read-only images"); 1438 ret = -EINVAL; 1439 goto fail_opts; 1440 } 1441 1442 if (file != NULL) { 1443 bdrv_refresh_filename(blk_bs(file)); 1444 filename = blk_bs(file)->filename; 1445 } else { 1446 /* 1447 * Caution: while qdict_get_try_str() is fine, getting 1448 * non-string types would require more care. When @options 1449 * come from -blockdev or blockdev_add, its members are typed 1450 * according to the QAPI schema, but when they come from 1451 * -drive, they're all QString. 1452 */ 1453 filename = qdict_get_try_str(options, "filename"); 1454 } 1455 1456 if (drv->bdrv_needs_filename && (!filename || !filename[0])) { 1457 error_setg(errp, "The '%s' block driver requires a file name", 1458 drv->format_name); 1459 ret = -EINVAL; 1460 goto fail_opts; 1461 } 1462 1463 trace_bdrv_open_common(bs, filename ?: "", bs->open_flags, 1464 drv->format_name); 1465 1466 bs->read_only = !(bs->open_flags & BDRV_O_RDWR); 1467 1468 if (use_bdrv_whitelist && !bdrv_is_whitelisted(drv, bs->read_only)) { 1469 if (!bs->read_only && bdrv_is_whitelisted(drv, true)) { 1470 ret = bdrv_apply_auto_read_only(bs, NULL, NULL); 1471 } else { 1472 ret = -ENOTSUP; 1473 } 1474 if (ret < 0) { 1475 error_setg(errp, 1476 !bs->read_only && bdrv_is_whitelisted(drv, true) 1477 ? "Driver '%s' can only be used for read-only devices" 1478 : "Driver '%s' is not whitelisted", 1479 drv->format_name); 1480 goto fail_opts; 1481 } 1482 } 1483 1484 /* bdrv_new() and bdrv_close() make it so */ 1485 assert(atomic_read(&bs->copy_on_read) == 0); 1486 1487 if (bs->open_flags & BDRV_O_COPY_ON_READ) { 1488 if (!bs->read_only) { 1489 bdrv_enable_copy_on_read(bs); 1490 } else { 1491 error_setg(errp, "Can't use copy-on-read on read-only device"); 1492 ret = -EINVAL; 1493 goto fail_opts; 1494 } 1495 } 1496 1497 discard = qemu_opt_get(opts, BDRV_OPT_DISCARD); 1498 if (discard != NULL) { 1499 if (bdrv_parse_discard_flags(discard, &bs->open_flags) != 0) { 1500 error_setg(errp, "Invalid discard option"); 1501 ret = -EINVAL; 1502 goto fail_opts; 1503 } 1504 } 1505 1506 bs->detect_zeroes = 1507 bdrv_parse_detect_zeroes(opts, bs->open_flags, &local_err); 1508 if (local_err) { 1509 error_propagate(errp, local_err); 1510 ret = -EINVAL; 1511 goto fail_opts; 1512 } 1513 1514 if (filename != NULL) { 1515 pstrcpy(bs->filename, sizeof(bs->filename), filename); 1516 } else { 1517 bs->filename[0] = '\0'; 1518 } 1519 pstrcpy(bs->exact_filename, sizeof(bs->exact_filename), bs->filename); 1520 1521 /* Open the image, either directly or using a protocol */ 1522 open_flags = bdrv_open_flags(bs, bs->open_flags); 1523 node_name = qemu_opt_get(opts, "node-name"); 1524 1525 assert(!drv->bdrv_file_open || file == NULL); 1526 ret = bdrv_open_driver(bs, drv, node_name, options, open_flags, errp); 1527 if (ret < 0) { 1528 goto fail_opts; 1529 } 1530 1531 qemu_opts_del(opts); 1532 return 0; 1533 1534 fail_opts: 1535 qemu_opts_del(opts); 1536 return ret; 1537 } 1538 1539 static QDict *parse_json_filename(const char *filename, Error **errp) 1540 { 1541 QObject *options_obj; 1542 QDict *options; 1543 int ret; 1544 1545 ret = strstart(filename, "json:", &filename); 1546 assert(ret); 1547 1548 options_obj = qobject_from_json(filename, errp); 1549 if (!options_obj) { 1550 error_prepend(errp, "Could not parse the JSON options: "); 1551 return NULL; 1552 } 1553 1554 options = qobject_to(QDict, options_obj); 1555 if (!options) { 1556 qobject_unref(options_obj); 1557 error_setg(errp, "Invalid JSON object given"); 1558 return NULL; 1559 } 1560 1561 qdict_flatten(options); 1562 1563 return options; 1564 } 1565 1566 static void parse_json_protocol(QDict *options, const char **pfilename, 1567 Error **errp) 1568 { 1569 QDict *json_options; 1570 Error *local_err = NULL; 1571 1572 /* Parse json: pseudo-protocol */ 1573 if (!*pfilename || !g_str_has_prefix(*pfilename, "json:")) { 1574 return; 1575 } 1576 1577 json_options = parse_json_filename(*pfilename, &local_err); 1578 if (local_err) { 1579 error_propagate(errp, local_err); 1580 return; 1581 } 1582 1583 /* Options given in the filename have lower priority than options 1584 * specified directly */ 1585 qdict_join(options, json_options, false); 1586 qobject_unref(json_options); 1587 *pfilename = NULL; 1588 } 1589 1590 /* 1591 * Fills in default options for opening images and converts the legacy 1592 * filename/flags pair to option QDict entries. 1593 * The BDRV_O_PROTOCOL flag in *flags will be set or cleared accordingly if a 1594 * block driver has been specified explicitly. 1595 */ 1596 static int bdrv_fill_options(QDict **options, const char *filename, 1597 int *flags, Error **errp) 1598 { 1599 const char *drvname; 1600 bool protocol = *flags & BDRV_O_PROTOCOL; 1601 bool parse_filename = false; 1602 BlockDriver *drv = NULL; 1603 Error *local_err = NULL; 1604 1605 /* 1606 * Caution: while qdict_get_try_str() is fine, getting non-string 1607 * types would require more care. When @options come from 1608 * -blockdev or blockdev_add, its members are typed according to 1609 * the QAPI schema, but when they come from -drive, they're all 1610 * QString. 1611 */ 1612 drvname = qdict_get_try_str(*options, "driver"); 1613 if (drvname) { 1614 drv = bdrv_find_format(drvname); 1615 if (!drv) { 1616 error_setg(errp, "Unknown driver '%s'", drvname); 1617 return -ENOENT; 1618 } 1619 /* If the user has explicitly specified the driver, this choice should 1620 * override the BDRV_O_PROTOCOL flag */ 1621 protocol = drv->bdrv_file_open; 1622 } 1623 1624 if (protocol) { 1625 *flags |= BDRV_O_PROTOCOL; 1626 } else { 1627 *flags &= ~BDRV_O_PROTOCOL; 1628 } 1629 1630 /* Translate cache options from flags into options */ 1631 update_options_from_flags(*options, *flags); 1632 1633 /* Fetch the file name from the options QDict if necessary */ 1634 if (protocol && filename) { 1635 if (!qdict_haskey(*options, "filename")) { 1636 qdict_put_str(*options, "filename", filename); 1637 parse_filename = true; 1638 } else { 1639 error_setg(errp, "Can't specify 'file' and 'filename' options at " 1640 "the same time"); 1641 return -EINVAL; 1642 } 1643 } 1644 1645 /* Find the right block driver */ 1646 /* See cautionary note on accessing @options above */ 1647 filename = qdict_get_try_str(*options, "filename"); 1648 1649 if (!drvname && protocol) { 1650 if (filename) { 1651 drv = bdrv_find_protocol(filename, parse_filename, errp); 1652 if (!drv) { 1653 return -EINVAL; 1654 } 1655 1656 drvname = drv->format_name; 1657 qdict_put_str(*options, "driver", drvname); 1658 } else { 1659 error_setg(errp, "Must specify either driver or file"); 1660 return -EINVAL; 1661 } 1662 } 1663 1664 assert(drv || !protocol); 1665 1666 /* Driver-specific filename parsing */ 1667 if (drv && drv->bdrv_parse_filename && parse_filename) { 1668 drv->bdrv_parse_filename(filename, *options, &local_err); 1669 if (local_err) { 1670 error_propagate(errp, local_err); 1671 return -EINVAL; 1672 } 1673 1674 if (!drv->bdrv_needs_filename) { 1675 qdict_del(*options, "filename"); 1676 } 1677 } 1678 1679 return 0; 1680 } 1681 1682 static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q, 1683 uint64_t perm, uint64_t shared, 1684 GSList *ignore_children, Error **errp); 1685 static void bdrv_child_abort_perm_update(BdrvChild *c); 1686 static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared); 1687 1688 typedef struct BlockReopenQueueEntry { 1689 bool prepared; 1690 BDRVReopenState state; 1691 QSIMPLEQ_ENTRY(BlockReopenQueueEntry) entry; 1692 } BlockReopenQueueEntry; 1693 1694 /* 1695 * Return the flags that @bs will have after the reopens in @q have 1696 * successfully completed. If @q is NULL (or @bs is not contained in @q), 1697 * return the current flags. 1698 */ 1699 static int bdrv_reopen_get_flags(BlockReopenQueue *q, BlockDriverState *bs) 1700 { 1701 BlockReopenQueueEntry *entry; 1702 1703 if (q != NULL) { 1704 QSIMPLEQ_FOREACH(entry, q, entry) { 1705 if (entry->state.bs == bs) { 1706 return entry->state.flags; 1707 } 1708 } 1709 } 1710 1711 return bs->open_flags; 1712 } 1713 1714 /* Returns whether the image file can be written to after the reopen queue @q 1715 * has been successfully applied, or right now if @q is NULL. */ 1716 static bool bdrv_is_writable_after_reopen(BlockDriverState *bs, 1717 BlockReopenQueue *q) 1718 { 1719 int flags = bdrv_reopen_get_flags(q, bs); 1720 1721 return (flags & (BDRV_O_RDWR | BDRV_O_INACTIVE)) == BDRV_O_RDWR; 1722 } 1723 1724 /* 1725 * Return whether the BDS can be written to. This is not necessarily 1726 * the same as !bdrv_is_read_only(bs), as inactivated images may not 1727 * be written to but do not count as read-only images. 1728 */ 1729 bool bdrv_is_writable(BlockDriverState *bs) 1730 { 1731 return bdrv_is_writable_after_reopen(bs, NULL); 1732 } 1733 1734 static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs, 1735 BdrvChild *c, const BdrvChildRole *role, 1736 BlockReopenQueue *reopen_queue, 1737 uint64_t parent_perm, uint64_t parent_shared, 1738 uint64_t *nperm, uint64_t *nshared) 1739 { 1740 if (bs->drv && bs->drv->bdrv_child_perm) { 1741 bs->drv->bdrv_child_perm(bs, c, role, reopen_queue, 1742 parent_perm, parent_shared, 1743 nperm, nshared); 1744 } 1745 /* TODO Take force_share from reopen_queue */ 1746 if (child_bs && child_bs->force_share) { 1747 *nshared = BLK_PERM_ALL; 1748 } 1749 } 1750 1751 /* 1752 * Check whether permissions on this node can be changed in a way that 1753 * @cumulative_perms and @cumulative_shared_perms are the new cumulative 1754 * permissions of all its parents. This involves checking whether all necessary 1755 * permission changes to child nodes can be performed. 1756 * 1757 * A call to this function must always be followed by a call to bdrv_set_perm() 1758 * or bdrv_abort_perm_update(). 1759 */ 1760 static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q, 1761 uint64_t cumulative_perms, 1762 uint64_t cumulative_shared_perms, 1763 GSList *ignore_children, Error **errp) 1764 { 1765 BlockDriver *drv = bs->drv; 1766 BdrvChild *c; 1767 int ret; 1768 1769 /* Write permissions never work with read-only images */ 1770 if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) && 1771 !bdrv_is_writable_after_reopen(bs, q)) 1772 { 1773 error_setg(errp, "Block node is read-only"); 1774 return -EPERM; 1775 } 1776 1777 /* Check this node */ 1778 if (!drv) { 1779 return 0; 1780 } 1781 1782 if (drv->bdrv_check_perm) { 1783 return drv->bdrv_check_perm(bs, cumulative_perms, 1784 cumulative_shared_perms, errp); 1785 } 1786 1787 /* Drivers that never have children can omit .bdrv_child_perm() */ 1788 if (!drv->bdrv_child_perm) { 1789 assert(QLIST_EMPTY(&bs->children)); 1790 return 0; 1791 } 1792 1793 /* Check all children */ 1794 QLIST_FOREACH(c, &bs->children, next) { 1795 uint64_t cur_perm, cur_shared; 1796 bdrv_child_perm(bs, c->bs, c, c->role, q, 1797 cumulative_perms, cumulative_shared_perms, 1798 &cur_perm, &cur_shared); 1799 ret = bdrv_child_check_perm(c, q, cur_perm, cur_shared, 1800 ignore_children, errp); 1801 if (ret < 0) { 1802 return ret; 1803 } 1804 } 1805 1806 return 0; 1807 } 1808 1809 /* 1810 * Notifies drivers that after a previous bdrv_check_perm() call, the 1811 * permission update is not performed and any preparations made for it (e.g. 1812 * taken file locks) need to be undone. 1813 * 1814 * This function recursively notifies all child nodes. 1815 */ 1816 static void bdrv_abort_perm_update(BlockDriverState *bs) 1817 { 1818 BlockDriver *drv = bs->drv; 1819 BdrvChild *c; 1820 1821 if (!drv) { 1822 return; 1823 } 1824 1825 if (drv->bdrv_abort_perm_update) { 1826 drv->bdrv_abort_perm_update(bs); 1827 } 1828 1829 QLIST_FOREACH(c, &bs->children, next) { 1830 bdrv_child_abort_perm_update(c); 1831 } 1832 } 1833 1834 static void bdrv_set_perm(BlockDriverState *bs, uint64_t cumulative_perms, 1835 uint64_t cumulative_shared_perms) 1836 { 1837 BlockDriver *drv = bs->drv; 1838 BdrvChild *c; 1839 1840 if (!drv) { 1841 return; 1842 } 1843 1844 /* Update this node */ 1845 if (drv->bdrv_set_perm) { 1846 drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms); 1847 } 1848 1849 /* Drivers that never have children can omit .bdrv_child_perm() */ 1850 if (!drv->bdrv_child_perm) { 1851 assert(QLIST_EMPTY(&bs->children)); 1852 return; 1853 } 1854 1855 /* Update all children */ 1856 QLIST_FOREACH(c, &bs->children, next) { 1857 uint64_t cur_perm, cur_shared; 1858 bdrv_child_perm(bs, c->bs, c, c->role, NULL, 1859 cumulative_perms, cumulative_shared_perms, 1860 &cur_perm, &cur_shared); 1861 bdrv_child_set_perm(c, cur_perm, cur_shared); 1862 } 1863 } 1864 1865 static void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm, 1866 uint64_t *shared_perm) 1867 { 1868 BdrvChild *c; 1869 uint64_t cumulative_perms = 0; 1870 uint64_t cumulative_shared_perms = BLK_PERM_ALL; 1871 1872 QLIST_FOREACH(c, &bs->parents, next_parent) { 1873 cumulative_perms |= c->perm; 1874 cumulative_shared_perms &= c->shared_perm; 1875 } 1876 1877 *perm = cumulative_perms; 1878 *shared_perm = cumulative_shared_perms; 1879 } 1880 1881 static char *bdrv_child_user_desc(BdrvChild *c) 1882 { 1883 if (c->role->get_parent_desc) { 1884 return c->role->get_parent_desc(c); 1885 } 1886 1887 return g_strdup("another user"); 1888 } 1889 1890 char *bdrv_perm_names(uint64_t perm) 1891 { 1892 struct perm_name { 1893 uint64_t perm; 1894 const char *name; 1895 } permissions[] = { 1896 { BLK_PERM_CONSISTENT_READ, "consistent read" }, 1897 { BLK_PERM_WRITE, "write" }, 1898 { BLK_PERM_WRITE_UNCHANGED, "write unchanged" }, 1899 { BLK_PERM_RESIZE, "resize" }, 1900 { BLK_PERM_GRAPH_MOD, "change children" }, 1901 { 0, NULL } 1902 }; 1903 1904 char *result = g_strdup(""); 1905 struct perm_name *p; 1906 1907 for (p = permissions; p->name; p++) { 1908 if (perm & p->perm) { 1909 char *old = result; 1910 result = g_strdup_printf("%s%s%s", old, *old ? ", " : "", p->name); 1911 g_free(old); 1912 } 1913 } 1914 1915 return result; 1916 } 1917 1918 /* 1919 * Checks whether a new reference to @bs can be added if the new user requires 1920 * @new_used_perm/@new_shared_perm as its permissions. If @ignore_children is 1921 * set, the BdrvChild objects in this list are ignored in the calculations; 1922 * this allows checking permission updates for an existing reference. 1923 * 1924 * Needs to be followed by a call to either bdrv_set_perm() or 1925 * bdrv_abort_perm_update(). */ 1926 static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q, 1927 uint64_t new_used_perm, 1928 uint64_t new_shared_perm, 1929 GSList *ignore_children, Error **errp) 1930 { 1931 BdrvChild *c; 1932 uint64_t cumulative_perms = new_used_perm; 1933 uint64_t cumulative_shared_perms = new_shared_perm; 1934 1935 /* There is no reason why anyone couldn't tolerate write_unchanged */ 1936 assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED); 1937 1938 QLIST_FOREACH(c, &bs->parents, next_parent) { 1939 if (g_slist_find(ignore_children, c)) { 1940 continue; 1941 } 1942 1943 if ((new_used_perm & c->shared_perm) != new_used_perm) { 1944 char *user = bdrv_child_user_desc(c); 1945 char *perm_names = bdrv_perm_names(new_used_perm & ~c->shared_perm); 1946 error_setg(errp, "Conflicts with use by %s as '%s', which does not " 1947 "allow '%s' on %s", 1948 user, c->name, perm_names, bdrv_get_node_name(c->bs)); 1949 g_free(user); 1950 g_free(perm_names); 1951 return -EPERM; 1952 } 1953 1954 if ((c->perm & new_shared_perm) != c->perm) { 1955 char *user = bdrv_child_user_desc(c); 1956 char *perm_names = bdrv_perm_names(c->perm & ~new_shared_perm); 1957 error_setg(errp, "Conflicts with use by %s as '%s', which uses " 1958 "'%s' on %s", 1959 user, c->name, perm_names, bdrv_get_node_name(c->bs)); 1960 g_free(user); 1961 g_free(perm_names); 1962 return -EPERM; 1963 } 1964 1965 cumulative_perms |= c->perm; 1966 cumulative_shared_perms &= c->shared_perm; 1967 } 1968 1969 return bdrv_check_perm(bs, q, cumulative_perms, cumulative_shared_perms, 1970 ignore_children, errp); 1971 } 1972 1973 /* Needs to be followed by a call to either bdrv_child_set_perm() or 1974 * bdrv_child_abort_perm_update(). */ 1975 static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q, 1976 uint64_t perm, uint64_t shared, 1977 GSList *ignore_children, Error **errp) 1978 { 1979 int ret; 1980 1981 ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c); 1982 ret = bdrv_check_update_perm(c->bs, q, perm, shared, ignore_children, errp); 1983 g_slist_free(ignore_children); 1984 1985 if (ret < 0) { 1986 return ret; 1987 } 1988 1989 if (!c->has_backup_perm) { 1990 c->has_backup_perm = true; 1991 c->backup_perm = c->perm; 1992 c->backup_shared_perm = c->shared_perm; 1993 } 1994 /* 1995 * Note: it's OK if c->has_backup_perm was already set, as we can find the 1996 * same child twice during check_perm procedure 1997 */ 1998 1999 c->perm = perm; 2000 c->shared_perm = shared; 2001 2002 return 0; 2003 } 2004 2005 static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared) 2006 { 2007 uint64_t cumulative_perms, cumulative_shared_perms; 2008 2009 c->has_backup_perm = false; 2010 2011 c->perm = perm; 2012 c->shared_perm = shared; 2013 2014 bdrv_get_cumulative_perm(c->bs, &cumulative_perms, 2015 &cumulative_shared_perms); 2016 bdrv_set_perm(c->bs, cumulative_perms, cumulative_shared_perms); 2017 } 2018 2019 static void bdrv_child_abort_perm_update(BdrvChild *c) 2020 { 2021 if (c->has_backup_perm) { 2022 c->perm = c->backup_perm; 2023 c->shared_perm = c->backup_shared_perm; 2024 c->has_backup_perm = false; 2025 } 2026 2027 bdrv_abort_perm_update(c->bs); 2028 } 2029 2030 int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared, 2031 Error **errp) 2032 { 2033 int ret; 2034 2035 ret = bdrv_child_check_perm(c, NULL, perm, shared, NULL, errp); 2036 if (ret < 0) { 2037 bdrv_child_abort_perm_update(c); 2038 return ret; 2039 } 2040 2041 bdrv_child_set_perm(c, perm, shared); 2042 2043 return 0; 2044 } 2045 2046 void bdrv_filter_default_perms(BlockDriverState *bs, BdrvChild *c, 2047 const BdrvChildRole *role, 2048 BlockReopenQueue *reopen_queue, 2049 uint64_t perm, uint64_t shared, 2050 uint64_t *nperm, uint64_t *nshared) 2051 { 2052 if (c == NULL) { 2053 *nperm = perm & DEFAULT_PERM_PASSTHROUGH; 2054 *nshared = (shared & DEFAULT_PERM_PASSTHROUGH) | DEFAULT_PERM_UNCHANGED; 2055 return; 2056 } 2057 2058 *nperm = (perm & DEFAULT_PERM_PASSTHROUGH) | 2059 (c->perm & DEFAULT_PERM_UNCHANGED); 2060 *nshared = (shared & DEFAULT_PERM_PASSTHROUGH) | 2061 (c->shared_perm & DEFAULT_PERM_UNCHANGED); 2062 } 2063 2064 void bdrv_format_default_perms(BlockDriverState *bs, BdrvChild *c, 2065 const BdrvChildRole *role, 2066 BlockReopenQueue *reopen_queue, 2067 uint64_t perm, uint64_t shared, 2068 uint64_t *nperm, uint64_t *nshared) 2069 { 2070 bool backing = (role == &child_backing); 2071 assert(role == &child_backing || role == &child_file); 2072 2073 if (!backing) { 2074 int flags = bdrv_reopen_get_flags(reopen_queue, bs); 2075 2076 /* Apart from the modifications below, the same permissions are 2077 * forwarded and left alone as for filters */ 2078 bdrv_filter_default_perms(bs, c, role, reopen_queue, perm, shared, 2079 &perm, &shared); 2080 2081 /* Format drivers may touch metadata even if the guest doesn't write */ 2082 if (bdrv_is_writable_after_reopen(bs, reopen_queue)) { 2083 perm |= BLK_PERM_WRITE | BLK_PERM_RESIZE; 2084 } 2085 2086 /* bs->file always needs to be consistent because of the metadata. We 2087 * can never allow other users to resize or write to it. */ 2088 if (!(flags & BDRV_O_NO_IO)) { 2089 perm |= BLK_PERM_CONSISTENT_READ; 2090 } 2091 shared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE); 2092 } else { 2093 /* We want consistent read from backing files if the parent needs it. 2094 * No other operations are performed on backing files. */ 2095 perm &= BLK_PERM_CONSISTENT_READ; 2096 2097 /* If the parent can deal with changing data, we're okay with a 2098 * writable and resizable backing file. */ 2099 /* TODO Require !(perm & BLK_PERM_CONSISTENT_READ), too? */ 2100 if (shared & BLK_PERM_WRITE) { 2101 shared = BLK_PERM_WRITE | BLK_PERM_RESIZE; 2102 } else { 2103 shared = 0; 2104 } 2105 2106 shared |= BLK_PERM_CONSISTENT_READ | BLK_PERM_GRAPH_MOD | 2107 BLK_PERM_WRITE_UNCHANGED; 2108 } 2109 2110 if (bs->open_flags & BDRV_O_INACTIVE) { 2111 shared |= BLK_PERM_WRITE | BLK_PERM_RESIZE; 2112 } 2113 2114 *nperm = perm; 2115 *nshared = shared; 2116 } 2117 2118 static void bdrv_replace_child_noperm(BdrvChild *child, 2119 BlockDriverState *new_bs) 2120 { 2121 BlockDriverState *old_bs = child->bs; 2122 int i; 2123 2124 if (old_bs && new_bs) { 2125 assert(bdrv_get_aio_context(old_bs) == bdrv_get_aio_context(new_bs)); 2126 } 2127 if (old_bs) { 2128 /* Detach first so that the recursive drain sections coming from @child 2129 * are already gone and we only end the drain sections that came from 2130 * elsewhere. */ 2131 if (child->role->detach) { 2132 child->role->detach(child); 2133 } 2134 if (old_bs->quiesce_counter && child->role->drained_end) { 2135 int num = old_bs->quiesce_counter; 2136 if (child->role->parent_is_bds) { 2137 num -= bdrv_drain_all_count; 2138 } 2139 assert(num >= 0); 2140 for (i = 0; i < num; i++) { 2141 child->role->drained_end(child); 2142 } 2143 } 2144 QLIST_REMOVE(child, next_parent); 2145 } 2146 2147 child->bs = new_bs; 2148 2149 if (new_bs) { 2150 QLIST_INSERT_HEAD(&new_bs->parents, child, next_parent); 2151 if (new_bs->quiesce_counter && child->role->drained_begin) { 2152 int num = new_bs->quiesce_counter; 2153 if (child->role->parent_is_bds) { 2154 num -= bdrv_drain_all_count; 2155 } 2156 assert(num >= 0); 2157 for (i = 0; i < num; i++) { 2158 bdrv_parent_drained_begin_single(child, true); 2159 } 2160 } 2161 2162 /* Attach only after starting new drained sections, so that recursive 2163 * drain sections coming from @child don't get an extra .drained_begin 2164 * callback. */ 2165 if (child->role->attach) { 2166 child->role->attach(child); 2167 } 2168 } 2169 } 2170 2171 /* 2172 * Updates @child to change its reference to point to @new_bs, including 2173 * checking and applying the necessary permisson updates both to the old node 2174 * and to @new_bs. 2175 * 2176 * NULL is passed as @new_bs for removing the reference before freeing @child. 2177 * 2178 * If @new_bs is not NULL, bdrv_check_perm() must be called beforehand, as this 2179 * function uses bdrv_set_perm() to update the permissions according to the new 2180 * reference that @new_bs gets. 2181 */ 2182 static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs) 2183 { 2184 BlockDriverState *old_bs = child->bs; 2185 uint64_t perm, shared_perm; 2186 2187 bdrv_replace_child_noperm(child, new_bs); 2188 2189 if (old_bs) { 2190 /* Update permissions for old node. This is guaranteed to succeed 2191 * because we're just taking a parent away, so we're loosening 2192 * restrictions. */ 2193 bdrv_get_cumulative_perm(old_bs, &perm, &shared_perm); 2194 bdrv_check_perm(old_bs, NULL, perm, shared_perm, NULL, &error_abort); 2195 bdrv_set_perm(old_bs, perm, shared_perm); 2196 } 2197 2198 if (new_bs) { 2199 bdrv_get_cumulative_perm(new_bs, &perm, &shared_perm); 2200 bdrv_set_perm(new_bs, perm, shared_perm); 2201 } 2202 } 2203 2204 BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs, 2205 const char *child_name, 2206 const BdrvChildRole *child_role, 2207 uint64_t perm, uint64_t shared_perm, 2208 void *opaque, Error **errp) 2209 { 2210 BdrvChild *child; 2211 int ret; 2212 2213 ret = bdrv_check_update_perm(child_bs, NULL, perm, shared_perm, NULL, errp); 2214 if (ret < 0) { 2215 bdrv_abort_perm_update(child_bs); 2216 return NULL; 2217 } 2218 2219 child = g_new(BdrvChild, 1); 2220 *child = (BdrvChild) { 2221 .bs = NULL, 2222 .name = g_strdup(child_name), 2223 .role = child_role, 2224 .perm = perm, 2225 .shared_perm = shared_perm, 2226 .opaque = opaque, 2227 }; 2228 2229 /* This performs the matching bdrv_set_perm() for the above check. */ 2230 bdrv_replace_child(child, child_bs); 2231 2232 return child; 2233 } 2234 2235 BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs, 2236 BlockDriverState *child_bs, 2237 const char *child_name, 2238 const BdrvChildRole *child_role, 2239 Error **errp) 2240 { 2241 BdrvChild *child; 2242 uint64_t perm, shared_perm; 2243 2244 bdrv_get_cumulative_perm(parent_bs, &perm, &shared_perm); 2245 2246 assert(parent_bs->drv); 2247 assert(bdrv_get_aio_context(parent_bs) == bdrv_get_aio_context(child_bs)); 2248 bdrv_child_perm(parent_bs, child_bs, NULL, child_role, NULL, 2249 perm, shared_perm, &perm, &shared_perm); 2250 2251 child = bdrv_root_attach_child(child_bs, child_name, child_role, 2252 perm, shared_perm, parent_bs, errp); 2253 if (child == NULL) { 2254 return NULL; 2255 } 2256 2257 QLIST_INSERT_HEAD(&parent_bs->children, child, next); 2258 return child; 2259 } 2260 2261 static void bdrv_detach_child(BdrvChild *child) 2262 { 2263 if (child->next.le_prev) { 2264 QLIST_REMOVE(child, next); 2265 child->next.le_prev = NULL; 2266 } 2267 2268 bdrv_replace_child(child, NULL); 2269 2270 g_free(child->name); 2271 g_free(child); 2272 } 2273 2274 void bdrv_root_unref_child(BdrvChild *child) 2275 { 2276 BlockDriverState *child_bs; 2277 2278 child_bs = child->bs; 2279 bdrv_detach_child(child); 2280 bdrv_unref(child_bs); 2281 } 2282 2283 void bdrv_unref_child(BlockDriverState *parent, BdrvChild *child) 2284 { 2285 if (child == NULL) { 2286 return; 2287 } 2288 2289 if (child->bs->inherits_from == parent) { 2290 BdrvChild *c; 2291 2292 /* Remove inherits_from only when the last reference between parent and 2293 * child->bs goes away. */ 2294 QLIST_FOREACH(c, &parent->children, next) { 2295 if (c != child && c->bs == child->bs) { 2296 break; 2297 } 2298 } 2299 if (c == NULL) { 2300 child->bs->inherits_from = NULL; 2301 } 2302 } 2303 2304 bdrv_root_unref_child(child); 2305 } 2306 2307 2308 static void bdrv_parent_cb_change_media(BlockDriverState *bs, bool load) 2309 { 2310 BdrvChild *c; 2311 QLIST_FOREACH(c, &bs->parents, next_parent) { 2312 if (c->role->change_media) { 2313 c->role->change_media(c, load); 2314 } 2315 } 2316 } 2317 2318 /* Return true if you can reach parent going through child->inherits_from 2319 * recursively. If parent or child are NULL, return false */ 2320 static bool bdrv_inherits_from_recursive(BlockDriverState *child, 2321 BlockDriverState *parent) 2322 { 2323 while (child && child != parent) { 2324 child = child->inherits_from; 2325 } 2326 2327 return child != NULL; 2328 } 2329 2330 /* 2331 * Sets the backing file link of a BDS. A new reference is created; callers 2332 * which don't need their own reference any more must call bdrv_unref(). 2333 */ 2334 void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd, 2335 Error **errp) 2336 { 2337 bool update_inherits_from = bdrv_chain_contains(bs, backing_hd) && 2338 bdrv_inherits_from_recursive(backing_hd, bs); 2339 2340 if (backing_hd) { 2341 bdrv_ref(backing_hd); 2342 } 2343 2344 if (bs->backing) { 2345 bdrv_unref_child(bs, bs->backing); 2346 } 2347 2348 if (!backing_hd) { 2349 bs->backing = NULL; 2350 goto out; 2351 } 2352 2353 bs->backing = bdrv_attach_child(bs, backing_hd, "backing", &child_backing, 2354 errp); 2355 /* If backing_hd was already part of bs's backing chain, and 2356 * inherits_from pointed recursively to bs then let's update it to 2357 * point directly to bs (else it will become NULL). */ 2358 if (update_inherits_from) { 2359 backing_hd->inherits_from = bs; 2360 } 2361 if (!bs->backing) { 2362 bdrv_unref(backing_hd); 2363 } 2364 2365 out: 2366 bdrv_refresh_limits(bs, NULL); 2367 } 2368 2369 /* 2370 * Opens the backing file for a BlockDriverState if not yet open 2371 * 2372 * bdref_key specifies the key for the image's BlockdevRef in the options QDict. 2373 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict 2374 * itself, all options starting with "${bdref_key}." are considered part of the 2375 * BlockdevRef. 2376 * 2377 * TODO Can this be unified with bdrv_open_image()? 2378 */ 2379 int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options, 2380 const char *bdref_key, Error **errp) 2381 { 2382 char *backing_filename = NULL; 2383 char *bdref_key_dot; 2384 const char *reference = NULL; 2385 int ret = 0; 2386 bool implicit_backing = false; 2387 BlockDriverState *backing_hd; 2388 QDict *options; 2389 QDict *tmp_parent_options = NULL; 2390 Error *local_err = NULL; 2391 2392 if (bs->backing != NULL) { 2393 goto free_exit; 2394 } 2395 2396 /* NULL means an empty set of options */ 2397 if (parent_options == NULL) { 2398 tmp_parent_options = qdict_new(); 2399 parent_options = tmp_parent_options; 2400 } 2401 2402 bs->open_flags &= ~BDRV_O_NO_BACKING; 2403 2404 bdref_key_dot = g_strdup_printf("%s.", bdref_key); 2405 qdict_extract_subqdict(parent_options, &options, bdref_key_dot); 2406 g_free(bdref_key_dot); 2407 2408 /* 2409 * Caution: while qdict_get_try_str() is fine, getting non-string 2410 * types would require more care. When @parent_options come from 2411 * -blockdev or blockdev_add, its members are typed according to 2412 * the QAPI schema, but when they come from -drive, they're all 2413 * QString. 2414 */ 2415 reference = qdict_get_try_str(parent_options, bdref_key); 2416 if (reference || qdict_haskey(options, "file.filename")) { 2417 /* keep backing_filename NULL */ 2418 } else if (bs->backing_file[0] == '\0' && qdict_size(options) == 0) { 2419 qobject_unref(options); 2420 goto free_exit; 2421 } else { 2422 if (qdict_size(options) == 0) { 2423 /* If the user specifies options that do not modify the 2424 * backing file's behavior, we might still consider it the 2425 * implicit backing file. But it's easier this way, and 2426 * just specifying some of the backing BDS's options is 2427 * only possible with -drive anyway (otherwise the QAPI 2428 * schema forces the user to specify everything). */ 2429 implicit_backing = !strcmp(bs->auto_backing_file, bs->backing_file); 2430 } 2431 2432 backing_filename = bdrv_get_full_backing_filename(bs, &local_err); 2433 if (local_err) { 2434 ret = -EINVAL; 2435 error_propagate(errp, local_err); 2436 qobject_unref(options); 2437 goto free_exit; 2438 } 2439 } 2440 2441 if (!bs->drv || !bs->drv->supports_backing) { 2442 ret = -EINVAL; 2443 error_setg(errp, "Driver doesn't support backing files"); 2444 qobject_unref(options); 2445 goto free_exit; 2446 } 2447 2448 if (!reference && 2449 bs->backing_format[0] != '\0' && !qdict_haskey(options, "driver")) { 2450 qdict_put_str(options, "driver", bs->backing_format); 2451 } 2452 2453 backing_hd = bdrv_open_inherit(backing_filename, reference, options, 0, bs, 2454 &child_backing, errp); 2455 if (!backing_hd) { 2456 bs->open_flags |= BDRV_O_NO_BACKING; 2457 error_prepend(errp, "Could not open backing file: "); 2458 ret = -EINVAL; 2459 goto free_exit; 2460 } 2461 bdrv_set_aio_context(backing_hd, bdrv_get_aio_context(bs)); 2462 2463 if (implicit_backing) { 2464 bdrv_refresh_filename(backing_hd); 2465 pstrcpy(bs->auto_backing_file, sizeof(bs->auto_backing_file), 2466 backing_hd->filename); 2467 } 2468 2469 /* Hook up the backing file link; drop our reference, bs owns the 2470 * backing_hd reference now */ 2471 bdrv_set_backing_hd(bs, backing_hd, &local_err); 2472 bdrv_unref(backing_hd); 2473 if (local_err) { 2474 error_propagate(errp, local_err); 2475 ret = -EINVAL; 2476 goto free_exit; 2477 } 2478 2479 qdict_del(parent_options, bdref_key); 2480 2481 free_exit: 2482 g_free(backing_filename); 2483 qobject_unref(tmp_parent_options); 2484 return ret; 2485 } 2486 2487 static BlockDriverState * 2488 bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, 2489 BlockDriverState *parent, const BdrvChildRole *child_role, 2490 bool allow_none, Error **errp) 2491 { 2492 BlockDriverState *bs = NULL; 2493 QDict *image_options; 2494 char *bdref_key_dot; 2495 const char *reference; 2496 2497 assert(child_role != NULL); 2498 2499 bdref_key_dot = g_strdup_printf("%s.", bdref_key); 2500 qdict_extract_subqdict(options, &image_options, bdref_key_dot); 2501 g_free(bdref_key_dot); 2502 2503 /* 2504 * Caution: while qdict_get_try_str() is fine, getting non-string 2505 * types would require more care. When @options come from 2506 * -blockdev or blockdev_add, its members are typed according to 2507 * the QAPI schema, but when they come from -drive, they're all 2508 * QString. 2509 */ 2510 reference = qdict_get_try_str(options, bdref_key); 2511 if (!filename && !reference && !qdict_size(image_options)) { 2512 if (!allow_none) { 2513 error_setg(errp, "A block device must be specified for \"%s\"", 2514 bdref_key); 2515 } 2516 qobject_unref(image_options); 2517 goto done; 2518 } 2519 2520 bs = bdrv_open_inherit(filename, reference, image_options, 0, 2521 parent, child_role, errp); 2522 if (!bs) { 2523 goto done; 2524 } 2525 2526 done: 2527 qdict_del(options, bdref_key); 2528 return bs; 2529 } 2530 2531 /* 2532 * Opens a disk image whose options are given as BlockdevRef in another block 2533 * device's options. 2534 * 2535 * If allow_none is true, no image will be opened if filename is false and no 2536 * BlockdevRef is given. NULL will be returned, but errp remains unset. 2537 * 2538 * bdrev_key specifies the key for the image's BlockdevRef in the options QDict. 2539 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict 2540 * itself, all options starting with "${bdref_key}." are considered part of the 2541 * BlockdevRef. 2542 * 2543 * The BlockdevRef will be removed from the options QDict. 2544 */ 2545 BdrvChild *bdrv_open_child(const char *filename, 2546 QDict *options, const char *bdref_key, 2547 BlockDriverState *parent, 2548 const BdrvChildRole *child_role, 2549 bool allow_none, Error **errp) 2550 { 2551 BdrvChild *c; 2552 BlockDriverState *bs; 2553 2554 bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_role, 2555 allow_none, errp); 2556 if (bs == NULL) { 2557 return NULL; 2558 } 2559 2560 c = bdrv_attach_child(parent, bs, bdref_key, child_role, errp); 2561 if (!c) { 2562 bdrv_unref(bs); 2563 return NULL; 2564 } 2565 2566 return c; 2567 } 2568 2569 /* TODO Future callers may need to specify parent/child_role in order for 2570 * option inheritance to work. Existing callers use it for the root node. */ 2571 BlockDriverState *bdrv_open_blockdev_ref(BlockdevRef *ref, Error **errp) 2572 { 2573 BlockDriverState *bs = NULL; 2574 Error *local_err = NULL; 2575 QObject *obj = NULL; 2576 QDict *qdict = NULL; 2577 const char *reference = NULL; 2578 Visitor *v = NULL; 2579 2580 if (ref->type == QTYPE_QSTRING) { 2581 reference = ref->u.reference; 2582 } else { 2583 BlockdevOptions *options = &ref->u.definition; 2584 assert(ref->type == QTYPE_QDICT); 2585 2586 v = qobject_output_visitor_new(&obj); 2587 visit_type_BlockdevOptions(v, NULL, &options, &local_err); 2588 if (local_err) { 2589 error_propagate(errp, local_err); 2590 goto fail; 2591 } 2592 visit_complete(v, &obj); 2593 2594 qdict = qobject_to(QDict, obj); 2595 qdict_flatten(qdict); 2596 2597 /* bdrv_open_inherit() defaults to the values in bdrv_flags (for 2598 * compatibility with other callers) rather than what we want as the 2599 * real defaults. Apply the defaults here instead. */ 2600 qdict_set_default_str(qdict, BDRV_OPT_CACHE_DIRECT, "off"); 2601 qdict_set_default_str(qdict, BDRV_OPT_CACHE_NO_FLUSH, "off"); 2602 qdict_set_default_str(qdict, BDRV_OPT_READ_ONLY, "off"); 2603 qdict_set_default_str(qdict, BDRV_OPT_AUTO_READ_ONLY, "off"); 2604 2605 } 2606 2607 bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, errp); 2608 obj = NULL; 2609 2610 fail: 2611 qobject_unref(obj); 2612 visit_free(v); 2613 return bs; 2614 } 2615 2616 static BlockDriverState *bdrv_append_temp_snapshot(BlockDriverState *bs, 2617 int flags, 2618 QDict *snapshot_options, 2619 Error **errp) 2620 { 2621 /* TODO: extra byte is a hack to ensure MAX_PATH space on Windows. */ 2622 char *tmp_filename = g_malloc0(PATH_MAX + 1); 2623 int64_t total_size; 2624 QemuOpts *opts = NULL; 2625 BlockDriverState *bs_snapshot = NULL; 2626 Error *local_err = NULL; 2627 int ret; 2628 2629 /* if snapshot, we create a temporary backing file and open it 2630 instead of opening 'filename' directly */ 2631 2632 /* Get the required size from the image */ 2633 total_size = bdrv_getlength(bs); 2634 if (total_size < 0) { 2635 error_setg_errno(errp, -total_size, "Could not get image size"); 2636 goto out; 2637 } 2638 2639 /* Create the temporary image */ 2640 ret = get_tmp_filename(tmp_filename, PATH_MAX + 1); 2641 if (ret < 0) { 2642 error_setg_errno(errp, -ret, "Could not get temporary filename"); 2643 goto out; 2644 } 2645 2646 opts = qemu_opts_create(bdrv_qcow2.create_opts, NULL, 0, 2647 &error_abort); 2648 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size, &error_abort); 2649 ret = bdrv_create(&bdrv_qcow2, tmp_filename, opts, errp); 2650 qemu_opts_del(opts); 2651 if (ret < 0) { 2652 error_prepend(errp, "Could not create temporary overlay '%s': ", 2653 tmp_filename); 2654 goto out; 2655 } 2656 2657 /* Prepare options QDict for the temporary file */ 2658 qdict_put_str(snapshot_options, "file.driver", "file"); 2659 qdict_put_str(snapshot_options, "file.filename", tmp_filename); 2660 qdict_put_str(snapshot_options, "driver", "qcow2"); 2661 2662 bs_snapshot = bdrv_open(NULL, NULL, snapshot_options, flags, errp); 2663 snapshot_options = NULL; 2664 if (!bs_snapshot) { 2665 goto out; 2666 } 2667 2668 /* bdrv_append() consumes a strong reference to bs_snapshot 2669 * (i.e. it will call bdrv_unref() on it) even on error, so in 2670 * order to be able to return one, we have to increase 2671 * bs_snapshot's refcount here */ 2672 bdrv_ref(bs_snapshot); 2673 bdrv_append(bs_snapshot, bs, &local_err); 2674 if (local_err) { 2675 error_propagate(errp, local_err); 2676 bs_snapshot = NULL; 2677 goto out; 2678 } 2679 2680 out: 2681 qobject_unref(snapshot_options); 2682 g_free(tmp_filename); 2683 return bs_snapshot; 2684 } 2685 2686 /* 2687 * Opens a disk image (raw, qcow2, vmdk, ...) 2688 * 2689 * options is a QDict of options to pass to the block drivers, or NULL for an 2690 * empty set of options. The reference to the QDict belongs to the block layer 2691 * after the call (even on failure), so if the caller intends to reuse the 2692 * dictionary, it needs to use qobject_ref() before calling bdrv_open. 2693 * 2694 * If *pbs is NULL, a new BDS will be created with a pointer to it stored there. 2695 * If it is not NULL, the referenced BDS will be reused. 2696 * 2697 * The reference parameter may be used to specify an existing block device which 2698 * should be opened. If specified, neither options nor a filename may be given, 2699 * nor can an existing BDS be reused (that is, *pbs has to be NULL). 2700 */ 2701 static BlockDriverState *bdrv_open_inherit(const char *filename, 2702 const char *reference, 2703 QDict *options, int flags, 2704 BlockDriverState *parent, 2705 const BdrvChildRole *child_role, 2706 Error **errp) 2707 { 2708 int ret; 2709 BlockBackend *file = NULL; 2710 BlockDriverState *bs; 2711 BlockDriver *drv = NULL; 2712 BdrvChild *child; 2713 const char *drvname; 2714 const char *backing; 2715 Error *local_err = NULL; 2716 QDict *snapshot_options = NULL; 2717 int snapshot_flags = 0; 2718 2719 assert(!child_role || !flags); 2720 assert(!child_role == !parent); 2721 2722 if (reference) { 2723 bool options_non_empty = options ? qdict_size(options) : false; 2724 qobject_unref(options); 2725 2726 if (filename || options_non_empty) { 2727 error_setg(errp, "Cannot reference an existing block device with " 2728 "additional options or a new filename"); 2729 return NULL; 2730 } 2731 2732 bs = bdrv_lookup_bs(reference, reference, errp); 2733 if (!bs) { 2734 return NULL; 2735 } 2736 2737 bdrv_ref(bs); 2738 return bs; 2739 } 2740 2741 bs = bdrv_new(); 2742 2743 /* NULL means an empty set of options */ 2744 if (options == NULL) { 2745 options = qdict_new(); 2746 } 2747 2748 /* json: syntax counts as explicit options, as if in the QDict */ 2749 parse_json_protocol(options, &filename, &local_err); 2750 if (local_err) { 2751 goto fail; 2752 } 2753 2754 bs->explicit_options = qdict_clone_shallow(options); 2755 2756 if (child_role) { 2757 bs->inherits_from = parent; 2758 child_role->inherit_options(&flags, options, 2759 parent->open_flags, parent->options); 2760 } 2761 2762 ret = bdrv_fill_options(&options, filename, &flags, &local_err); 2763 if (local_err) { 2764 goto fail; 2765 } 2766 2767 /* 2768 * Set the BDRV_O_RDWR and BDRV_O_ALLOW_RDWR flags. 2769 * Caution: getting a boolean member of @options requires care. 2770 * When @options come from -blockdev or blockdev_add, members are 2771 * typed according to the QAPI schema, but when they come from 2772 * -drive, they're all QString. 2773 */ 2774 if (g_strcmp0(qdict_get_try_str(options, BDRV_OPT_READ_ONLY), "on") && 2775 !qdict_get_try_bool(options, BDRV_OPT_READ_ONLY, false)) { 2776 flags |= (BDRV_O_RDWR | BDRV_O_ALLOW_RDWR); 2777 } else { 2778 flags &= ~BDRV_O_RDWR; 2779 } 2780 2781 if (flags & BDRV_O_SNAPSHOT) { 2782 snapshot_options = qdict_new(); 2783 bdrv_temp_snapshot_options(&snapshot_flags, snapshot_options, 2784 flags, options); 2785 /* Let bdrv_backing_options() override "read-only" */ 2786 qdict_del(options, BDRV_OPT_READ_ONLY); 2787 bdrv_backing_options(&flags, options, flags, options); 2788 } 2789 2790 bs->open_flags = flags; 2791 bs->options = options; 2792 options = qdict_clone_shallow(options); 2793 2794 /* Find the right image format driver */ 2795 /* See cautionary note on accessing @options above */ 2796 drvname = qdict_get_try_str(options, "driver"); 2797 if (drvname) { 2798 drv = bdrv_find_format(drvname); 2799 if (!drv) { 2800 error_setg(errp, "Unknown driver: '%s'", drvname); 2801 goto fail; 2802 } 2803 } 2804 2805 assert(drvname || !(flags & BDRV_O_PROTOCOL)); 2806 2807 /* See cautionary note on accessing @options above */ 2808 backing = qdict_get_try_str(options, "backing"); 2809 if (qobject_to(QNull, qdict_get(options, "backing")) != NULL || 2810 (backing && *backing == '\0')) 2811 { 2812 if (backing) { 2813 warn_report("Use of \"backing\": \"\" is deprecated; " 2814 "use \"backing\": null instead"); 2815 } 2816 flags |= BDRV_O_NO_BACKING; 2817 qdict_del(options, "backing"); 2818 } 2819 2820 /* Open image file without format layer. This BlockBackend is only used for 2821 * probing, the block drivers will do their own bdrv_open_child() for the 2822 * same BDS, which is why we put the node name back into options. */ 2823 if ((flags & BDRV_O_PROTOCOL) == 0) { 2824 BlockDriverState *file_bs; 2825 2826 file_bs = bdrv_open_child_bs(filename, options, "file", bs, 2827 &child_file, true, &local_err); 2828 if (local_err) { 2829 goto fail; 2830 } 2831 if (file_bs != NULL) { 2832 /* Not requesting BLK_PERM_CONSISTENT_READ because we're only 2833 * looking at the header to guess the image format. This works even 2834 * in cases where a guest would not see a consistent state. */ 2835 file = blk_new(0, BLK_PERM_ALL); 2836 blk_insert_bs(file, file_bs, &local_err); 2837 bdrv_unref(file_bs); 2838 if (local_err) { 2839 goto fail; 2840 } 2841 2842 qdict_put_str(options, "file", bdrv_get_node_name(file_bs)); 2843 } 2844 } 2845 2846 /* Image format probing */ 2847 bs->probed = !drv; 2848 if (!drv && file) { 2849 ret = find_image_format(file, filename, &drv, &local_err); 2850 if (ret < 0) { 2851 goto fail; 2852 } 2853 /* 2854 * This option update would logically belong in bdrv_fill_options(), 2855 * but we first need to open bs->file for the probing to work, while 2856 * opening bs->file already requires the (mostly) final set of options 2857 * so that cache mode etc. can be inherited. 2858 * 2859 * Adding the driver later is somewhat ugly, but it's not an option 2860 * that would ever be inherited, so it's correct. We just need to make 2861 * sure to update both bs->options (which has the full effective 2862 * options for bs) and options (which has file.* already removed). 2863 */ 2864 qdict_put_str(bs->options, "driver", drv->format_name); 2865 qdict_put_str(options, "driver", drv->format_name); 2866 } else if (!drv) { 2867 error_setg(errp, "Must specify either driver or file"); 2868 goto fail; 2869 } 2870 2871 /* BDRV_O_PROTOCOL must be set iff a protocol BDS is about to be created */ 2872 assert(!!(flags & BDRV_O_PROTOCOL) == !!drv->bdrv_file_open); 2873 /* file must be NULL if a protocol BDS is about to be created 2874 * (the inverse results in an error message from bdrv_open_common()) */ 2875 assert(!(flags & BDRV_O_PROTOCOL) || !file); 2876 2877 /* Open the image */ 2878 ret = bdrv_open_common(bs, file, options, &local_err); 2879 if (ret < 0) { 2880 goto fail; 2881 } 2882 2883 if (file) { 2884 blk_unref(file); 2885 file = NULL; 2886 } 2887 2888 /* If there is a backing file, use it */ 2889 if ((flags & BDRV_O_NO_BACKING) == 0) { 2890 ret = bdrv_open_backing_file(bs, options, "backing", &local_err); 2891 if (ret < 0) { 2892 goto close_and_fail; 2893 } 2894 } 2895 2896 /* Remove all children options and references 2897 * from bs->options and bs->explicit_options */ 2898 QLIST_FOREACH(child, &bs->children, next) { 2899 char *child_key_dot; 2900 child_key_dot = g_strdup_printf("%s.", child->name); 2901 qdict_extract_subqdict(bs->explicit_options, NULL, child_key_dot); 2902 qdict_extract_subqdict(bs->options, NULL, child_key_dot); 2903 qdict_del(bs->explicit_options, child->name); 2904 qdict_del(bs->options, child->name); 2905 g_free(child_key_dot); 2906 } 2907 2908 /* Check if any unknown options were used */ 2909 if (qdict_size(options) != 0) { 2910 const QDictEntry *entry = qdict_first(options); 2911 if (flags & BDRV_O_PROTOCOL) { 2912 error_setg(errp, "Block protocol '%s' doesn't support the option " 2913 "'%s'", drv->format_name, entry->key); 2914 } else { 2915 error_setg(errp, 2916 "Block format '%s' does not support the option '%s'", 2917 drv->format_name, entry->key); 2918 } 2919 2920 goto close_and_fail; 2921 } 2922 2923 bdrv_parent_cb_change_media(bs, true); 2924 2925 qobject_unref(options); 2926 options = NULL; 2927 2928 /* For snapshot=on, create a temporary qcow2 overlay. bs points to the 2929 * temporary snapshot afterwards. */ 2930 if (snapshot_flags) { 2931 BlockDriverState *snapshot_bs; 2932 snapshot_bs = bdrv_append_temp_snapshot(bs, snapshot_flags, 2933 snapshot_options, &local_err); 2934 snapshot_options = NULL; 2935 if (local_err) { 2936 goto close_and_fail; 2937 } 2938 /* We are not going to return bs but the overlay on top of it 2939 * (snapshot_bs); thus, we have to drop the strong reference to bs 2940 * (which we obtained by calling bdrv_new()). bs will not be deleted, 2941 * though, because the overlay still has a reference to it. */ 2942 bdrv_unref(bs); 2943 bs = snapshot_bs; 2944 } 2945 2946 return bs; 2947 2948 fail: 2949 blk_unref(file); 2950 qobject_unref(snapshot_options); 2951 qobject_unref(bs->explicit_options); 2952 qobject_unref(bs->options); 2953 qobject_unref(options); 2954 bs->options = NULL; 2955 bs->explicit_options = NULL; 2956 bdrv_unref(bs); 2957 error_propagate(errp, local_err); 2958 return NULL; 2959 2960 close_and_fail: 2961 bdrv_unref(bs); 2962 qobject_unref(snapshot_options); 2963 qobject_unref(options); 2964 error_propagate(errp, local_err); 2965 return NULL; 2966 } 2967 2968 BlockDriverState *bdrv_open(const char *filename, const char *reference, 2969 QDict *options, int flags, Error **errp) 2970 { 2971 return bdrv_open_inherit(filename, reference, options, flags, NULL, 2972 NULL, errp); 2973 } 2974 2975 /* 2976 * Adds a BlockDriverState to a simple queue for an atomic, transactional 2977 * reopen of multiple devices. 2978 * 2979 * bs_queue can either be an existing BlockReopenQueue that has had QSIMPLE_INIT 2980 * already performed, or alternatively may be NULL a new BlockReopenQueue will 2981 * be created and initialized. This newly created BlockReopenQueue should be 2982 * passed back in for subsequent calls that are intended to be of the same 2983 * atomic 'set'. 2984 * 2985 * bs is the BlockDriverState to add to the reopen queue. 2986 * 2987 * options contains the changed options for the associated bs 2988 * (the BlockReopenQueue takes ownership) 2989 * 2990 * flags contains the open flags for the associated bs 2991 * 2992 * returns a pointer to bs_queue, which is either the newly allocated 2993 * bs_queue, or the existing bs_queue being used. 2994 * 2995 * bs must be drained between bdrv_reopen_queue() and bdrv_reopen_multiple(). 2996 */ 2997 static BlockReopenQueue *bdrv_reopen_queue_child(BlockReopenQueue *bs_queue, 2998 BlockDriverState *bs, 2999 QDict *options, 3000 const BdrvChildRole *role, 3001 QDict *parent_options, 3002 int parent_flags) 3003 { 3004 assert(bs != NULL); 3005 3006 BlockReopenQueueEntry *bs_entry; 3007 BdrvChild *child; 3008 QDict *old_options, *explicit_options, *options_copy; 3009 int flags; 3010 QemuOpts *opts; 3011 3012 /* Make sure that the caller remembered to use a drained section. This is 3013 * important to avoid graph changes between the recursive queuing here and 3014 * bdrv_reopen_multiple(). */ 3015 assert(bs->quiesce_counter > 0); 3016 3017 if (bs_queue == NULL) { 3018 bs_queue = g_new0(BlockReopenQueue, 1); 3019 QSIMPLEQ_INIT(bs_queue); 3020 } 3021 3022 if (!options) { 3023 options = qdict_new(); 3024 } 3025 3026 /* Check if this BlockDriverState is already in the queue */ 3027 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) { 3028 if (bs == bs_entry->state.bs) { 3029 break; 3030 } 3031 } 3032 3033 /* 3034 * Precedence of options: 3035 * 1. Explicitly passed in options (highest) 3036 * 2. Retained from explicitly set options of bs 3037 * 3. Inherited from parent node 3038 * 4. Retained from effective options of bs 3039 */ 3040 3041 /* Old explicitly set values (don't overwrite by inherited value) */ 3042 if (bs_entry) { 3043 old_options = qdict_clone_shallow(bs_entry->state.explicit_options); 3044 } else { 3045 old_options = qdict_clone_shallow(bs->explicit_options); 3046 } 3047 bdrv_join_options(bs, options, old_options); 3048 qobject_unref(old_options); 3049 3050 explicit_options = qdict_clone_shallow(options); 3051 3052 /* Inherit from parent node */ 3053 if (parent_options) { 3054 flags = 0; 3055 role->inherit_options(&flags, options, parent_flags, parent_options); 3056 } else { 3057 flags = bdrv_get_flags(bs); 3058 } 3059 3060 /* Old values are used for options that aren't set yet */ 3061 old_options = qdict_clone_shallow(bs->options); 3062 bdrv_join_options(bs, options, old_options); 3063 qobject_unref(old_options); 3064 3065 /* We have the final set of options so let's update the flags */ 3066 options_copy = qdict_clone_shallow(options); 3067 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort); 3068 qemu_opts_absorb_qdict(opts, options_copy, NULL); 3069 update_flags_from_options(&flags, opts); 3070 qemu_opts_del(opts); 3071 qobject_unref(options_copy); 3072 3073 /* bdrv_open_inherit() sets and clears some additional flags internally */ 3074 flags &= ~BDRV_O_PROTOCOL; 3075 if (flags & BDRV_O_RDWR) { 3076 flags |= BDRV_O_ALLOW_RDWR; 3077 } 3078 3079 if (!bs_entry) { 3080 bs_entry = g_new0(BlockReopenQueueEntry, 1); 3081 QSIMPLEQ_INSERT_TAIL(bs_queue, bs_entry, entry); 3082 } else { 3083 qobject_unref(bs_entry->state.options); 3084 qobject_unref(bs_entry->state.explicit_options); 3085 } 3086 3087 bs_entry->state.bs = bs; 3088 bs_entry->state.options = options; 3089 bs_entry->state.explicit_options = explicit_options; 3090 bs_entry->state.flags = flags; 3091 3092 /* This needs to be overwritten in bdrv_reopen_prepare() */ 3093 bs_entry->state.perm = UINT64_MAX; 3094 bs_entry->state.shared_perm = 0; 3095 3096 QLIST_FOREACH(child, &bs->children, next) { 3097 QDict *new_child_options; 3098 char *child_key_dot; 3099 3100 /* reopen can only change the options of block devices that were 3101 * implicitly created and inherited options. For other (referenced) 3102 * block devices, a syntax like "backing.foo" results in an error. */ 3103 if (child->bs->inherits_from != bs) { 3104 continue; 3105 } 3106 3107 child_key_dot = g_strdup_printf("%s.", child->name); 3108 qdict_extract_subqdict(explicit_options, NULL, child_key_dot); 3109 qdict_extract_subqdict(options, &new_child_options, child_key_dot); 3110 g_free(child_key_dot); 3111 3112 bdrv_reopen_queue_child(bs_queue, child->bs, new_child_options, 3113 child->role, options, flags); 3114 } 3115 3116 return bs_queue; 3117 } 3118 3119 BlockReopenQueue *bdrv_reopen_queue(BlockReopenQueue *bs_queue, 3120 BlockDriverState *bs, 3121 QDict *options) 3122 { 3123 return bdrv_reopen_queue_child(bs_queue, bs, options, NULL, NULL, 0); 3124 } 3125 3126 /* 3127 * Reopen multiple BlockDriverStates atomically & transactionally. 3128 * 3129 * The queue passed in (bs_queue) must have been built up previous 3130 * via bdrv_reopen_queue(). 3131 * 3132 * Reopens all BDS specified in the queue, with the appropriate 3133 * flags. All devices are prepared for reopen, and failure of any 3134 * device will cause all device changes to be abandoned, and intermediate 3135 * data cleaned up. 3136 * 3137 * If all devices prepare successfully, then the changes are committed 3138 * to all devices. 3139 * 3140 * All affected nodes must be drained between bdrv_reopen_queue() and 3141 * bdrv_reopen_multiple(). 3142 */ 3143 int bdrv_reopen_multiple(AioContext *ctx, BlockReopenQueue *bs_queue, Error **errp) 3144 { 3145 int ret = -1; 3146 BlockReopenQueueEntry *bs_entry, *next; 3147 Error *local_err = NULL; 3148 3149 assert(bs_queue != NULL); 3150 3151 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) { 3152 assert(bs_entry->state.bs->quiesce_counter > 0); 3153 if (bdrv_reopen_prepare(&bs_entry->state, bs_queue, &local_err)) { 3154 error_propagate(errp, local_err); 3155 goto cleanup; 3156 } 3157 bs_entry->prepared = true; 3158 } 3159 3160 /* If we reach this point, we have success and just need to apply the 3161 * changes 3162 */ 3163 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) { 3164 bdrv_reopen_commit(&bs_entry->state); 3165 } 3166 3167 ret = 0; 3168 3169 cleanup: 3170 QSIMPLEQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) { 3171 if (ret) { 3172 if (bs_entry->prepared) { 3173 bdrv_reopen_abort(&bs_entry->state); 3174 } 3175 qobject_unref(bs_entry->state.explicit_options); 3176 qobject_unref(bs_entry->state.options); 3177 } 3178 g_free(bs_entry); 3179 } 3180 g_free(bs_queue); 3181 3182 return ret; 3183 } 3184 3185 int bdrv_reopen_set_read_only(BlockDriverState *bs, bool read_only, 3186 Error **errp) 3187 { 3188 int ret; 3189 BlockReopenQueue *queue; 3190 QDict *opts = qdict_new(); 3191 3192 qdict_put_bool(opts, BDRV_OPT_READ_ONLY, read_only); 3193 3194 bdrv_subtree_drained_begin(bs); 3195 queue = bdrv_reopen_queue(NULL, bs, opts); 3196 ret = bdrv_reopen_multiple(bdrv_get_aio_context(bs), queue, errp); 3197 bdrv_subtree_drained_end(bs); 3198 3199 return ret; 3200 } 3201 3202 static BlockReopenQueueEntry *find_parent_in_reopen_queue(BlockReopenQueue *q, 3203 BdrvChild *c) 3204 { 3205 BlockReopenQueueEntry *entry; 3206 3207 QSIMPLEQ_FOREACH(entry, q, entry) { 3208 BlockDriverState *bs = entry->state.bs; 3209 BdrvChild *child; 3210 3211 QLIST_FOREACH(child, &bs->children, next) { 3212 if (child == c) { 3213 return entry; 3214 } 3215 } 3216 } 3217 3218 return NULL; 3219 } 3220 3221 static void bdrv_reopen_perm(BlockReopenQueue *q, BlockDriverState *bs, 3222 uint64_t *perm, uint64_t *shared) 3223 { 3224 BdrvChild *c; 3225 BlockReopenQueueEntry *parent; 3226 uint64_t cumulative_perms = 0; 3227 uint64_t cumulative_shared_perms = BLK_PERM_ALL; 3228 3229 QLIST_FOREACH(c, &bs->parents, next_parent) { 3230 parent = find_parent_in_reopen_queue(q, c); 3231 if (!parent) { 3232 cumulative_perms |= c->perm; 3233 cumulative_shared_perms &= c->shared_perm; 3234 } else { 3235 uint64_t nperm, nshared; 3236 3237 bdrv_child_perm(parent->state.bs, bs, c, c->role, q, 3238 parent->state.perm, parent->state.shared_perm, 3239 &nperm, &nshared); 3240 3241 cumulative_perms |= nperm; 3242 cumulative_shared_perms &= nshared; 3243 } 3244 } 3245 *perm = cumulative_perms; 3246 *shared = cumulative_shared_perms; 3247 } 3248 3249 /* 3250 * Prepares a BlockDriverState for reopen. All changes are staged in the 3251 * 'opaque' field of the BDRVReopenState, which is used and allocated by 3252 * the block driver layer .bdrv_reopen_prepare() 3253 * 3254 * bs is the BlockDriverState to reopen 3255 * flags are the new open flags 3256 * queue is the reopen queue 3257 * 3258 * Returns 0 on success, non-zero on error. On error errp will be set 3259 * as well. 3260 * 3261 * On failure, bdrv_reopen_abort() will be called to clean up any data. 3262 * It is the responsibility of the caller to then call the abort() or 3263 * commit() for any other BDS that have been left in a prepare() state 3264 * 3265 */ 3266 int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue, 3267 Error **errp) 3268 { 3269 int ret = -1; 3270 int old_flags; 3271 Error *local_err = NULL; 3272 BlockDriver *drv; 3273 QemuOpts *opts; 3274 QDict *orig_reopen_opts; 3275 char *discard = NULL; 3276 bool read_only; 3277 bool drv_prepared = false; 3278 3279 assert(reopen_state != NULL); 3280 assert(reopen_state->bs->drv != NULL); 3281 drv = reopen_state->bs->drv; 3282 3283 /* This function and each driver's bdrv_reopen_prepare() remove 3284 * entries from reopen_state->options as they are processed, so 3285 * we need to make a copy of the original QDict. */ 3286 orig_reopen_opts = qdict_clone_shallow(reopen_state->options); 3287 3288 /* Process generic block layer options */ 3289 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort); 3290 qemu_opts_absorb_qdict(opts, reopen_state->options, &local_err); 3291 if (local_err) { 3292 error_propagate(errp, local_err); 3293 ret = -EINVAL; 3294 goto error; 3295 } 3296 3297 /* This was already called in bdrv_reopen_queue_child() so the flags 3298 * are up-to-date. This time we simply want to remove the options from 3299 * QemuOpts in order to indicate that they have been processed. */ 3300 old_flags = reopen_state->flags; 3301 update_flags_from_options(&reopen_state->flags, opts); 3302 assert(old_flags == reopen_state->flags); 3303 3304 discard = qemu_opt_get_del(opts, BDRV_OPT_DISCARD); 3305 if (discard != NULL) { 3306 if (bdrv_parse_discard_flags(discard, &reopen_state->flags) != 0) { 3307 error_setg(errp, "Invalid discard option"); 3308 ret = -EINVAL; 3309 goto error; 3310 } 3311 } 3312 3313 reopen_state->detect_zeroes = 3314 bdrv_parse_detect_zeroes(opts, reopen_state->flags, &local_err); 3315 if (local_err) { 3316 error_propagate(errp, local_err); 3317 ret = -EINVAL; 3318 goto error; 3319 } 3320 3321 /* All other options (including node-name and driver) must be unchanged. 3322 * Put them back into the QDict, so that they are checked at the end 3323 * of this function. */ 3324 qemu_opts_to_qdict(opts, reopen_state->options); 3325 3326 /* If we are to stay read-only, do not allow permission change 3327 * to r/w. Attempting to set to r/w may fail if either BDRV_O_ALLOW_RDWR is 3328 * not set, or if the BDS still has copy_on_read enabled */ 3329 read_only = !(reopen_state->flags & BDRV_O_RDWR); 3330 ret = bdrv_can_set_read_only(reopen_state->bs, read_only, true, &local_err); 3331 if (local_err) { 3332 error_propagate(errp, local_err); 3333 goto error; 3334 } 3335 3336 /* Calculate required permissions after reopening */ 3337 bdrv_reopen_perm(queue, reopen_state->bs, 3338 &reopen_state->perm, &reopen_state->shared_perm); 3339 3340 ret = bdrv_flush(reopen_state->bs); 3341 if (ret) { 3342 error_setg_errno(errp, -ret, "Error flushing drive"); 3343 goto error; 3344 } 3345 3346 if (drv->bdrv_reopen_prepare) { 3347 ret = drv->bdrv_reopen_prepare(reopen_state, queue, &local_err); 3348 if (ret) { 3349 if (local_err != NULL) { 3350 error_propagate(errp, local_err); 3351 } else { 3352 bdrv_refresh_filename(reopen_state->bs); 3353 error_setg(errp, "failed while preparing to reopen image '%s'", 3354 reopen_state->bs->filename); 3355 } 3356 goto error; 3357 } 3358 } else { 3359 /* It is currently mandatory to have a bdrv_reopen_prepare() 3360 * handler for each supported drv. */ 3361 error_setg(errp, "Block format '%s' used by node '%s' " 3362 "does not support reopening files", drv->format_name, 3363 bdrv_get_device_or_node_name(reopen_state->bs)); 3364 ret = -1; 3365 goto error; 3366 } 3367 3368 drv_prepared = true; 3369 3370 /* Options that are not handled are only okay if they are unchanged 3371 * compared to the old state. It is expected that some options are only 3372 * used for the initial open, but not reopen (e.g. filename) */ 3373 if (qdict_size(reopen_state->options)) { 3374 const QDictEntry *entry = qdict_first(reopen_state->options); 3375 3376 do { 3377 QObject *new = entry->value; 3378 QObject *old = qdict_get(reopen_state->bs->options, entry->key); 3379 3380 /* Allow child references (child_name=node_name) as long as they 3381 * point to the current child (i.e. everything stays the same). */ 3382 if (qobject_type(new) == QTYPE_QSTRING) { 3383 BdrvChild *child; 3384 QLIST_FOREACH(child, &reopen_state->bs->children, next) { 3385 if (!strcmp(child->name, entry->key)) { 3386 break; 3387 } 3388 } 3389 3390 if (child) { 3391 const char *str = qobject_get_try_str(new); 3392 if (!strcmp(child->bs->node_name, str)) { 3393 continue; /* Found child with this name, skip option */ 3394 } 3395 } 3396 } 3397 3398 /* 3399 * TODO: When using -drive to specify blockdev options, all values 3400 * will be strings; however, when using -blockdev, blockdev-add or 3401 * filenames using the json:{} pseudo-protocol, they will be 3402 * correctly typed. 3403 * In contrast, reopening options are (currently) always strings 3404 * (because you can only specify them through qemu-io; all other 3405 * callers do not specify any options). 3406 * Therefore, when using anything other than -drive to create a BDS, 3407 * this cannot detect non-string options as unchanged, because 3408 * qobject_is_equal() always returns false for objects of different 3409 * type. In the future, this should be remedied by correctly typing 3410 * all options. For now, this is not too big of an issue because 3411 * the user can simply omit options which cannot be changed anyway, 3412 * so they will stay unchanged. 3413 */ 3414 if (!qobject_is_equal(new, old)) { 3415 error_setg(errp, "Cannot change the option '%s'", entry->key); 3416 ret = -EINVAL; 3417 goto error; 3418 } 3419 } while ((entry = qdict_next(reopen_state->options, entry))); 3420 } 3421 3422 ret = bdrv_check_perm(reopen_state->bs, queue, reopen_state->perm, 3423 reopen_state->shared_perm, NULL, errp); 3424 if (ret < 0) { 3425 goto error; 3426 } 3427 3428 ret = 0; 3429 3430 /* Restore the original reopen_state->options QDict */ 3431 qobject_unref(reopen_state->options); 3432 reopen_state->options = qobject_ref(orig_reopen_opts); 3433 3434 error: 3435 if (ret < 0 && drv_prepared) { 3436 /* drv->bdrv_reopen_prepare() has succeeded, so we need to 3437 * call drv->bdrv_reopen_abort() before signaling an error 3438 * (bdrv_reopen_multiple() will not call bdrv_reopen_abort() 3439 * when the respective bdrv_reopen_prepare() has failed) */ 3440 if (drv->bdrv_reopen_abort) { 3441 drv->bdrv_reopen_abort(reopen_state); 3442 } 3443 } 3444 qemu_opts_del(opts); 3445 qobject_unref(orig_reopen_opts); 3446 g_free(discard); 3447 return ret; 3448 } 3449 3450 /* 3451 * Takes the staged changes for the reopen from bdrv_reopen_prepare(), and 3452 * makes them final by swapping the staging BlockDriverState contents into 3453 * the active BlockDriverState contents. 3454 */ 3455 void bdrv_reopen_commit(BDRVReopenState *reopen_state) 3456 { 3457 BlockDriver *drv; 3458 BlockDriverState *bs; 3459 BdrvChild *child; 3460 bool old_can_write, new_can_write; 3461 3462 assert(reopen_state != NULL); 3463 bs = reopen_state->bs; 3464 drv = bs->drv; 3465 assert(drv != NULL); 3466 3467 old_can_write = 3468 !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 3469 3470 /* If there are any driver level actions to take */ 3471 if (drv->bdrv_reopen_commit) { 3472 drv->bdrv_reopen_commit(reopen_state); 3473 } 3474 3475 /* set BDS specific flags now */ 3476 qobject_unref(bs->explicit_options); 3477 qobject_unref(bs->options); 3478 3479 bs->explicit_options = reopen_state->explicit_options; 3480 bs->options = reopen_state->options; 3481 bs->open_flags = reopen_state->flags; 3482 bs->read_only = !(reopen_state->flags & BDRV_O_RDWR); 3483 bs->detect_zeroes = reopen_state->detect_zeroes; 3484 3485 /* Remove child references from bs->options and bs->explicit_options. 3486 * Child options were already removed in bdrv_reopen_queue_child() */ 3487 QLIST_FOREACH(child, &bs->children, next) { 3488 qdict_del(bs->explicit_options, child->name); 3489 qdict_del(bs->options, child->name); 3490 } 3491 3492 bdrv_refresh_limits(bs, NULL); 3493 3494 bdrv_set_perm(reopen_state->bs, reopen_state->perm, 3495 reopen_state->shared_perm); 3496 3497 new_can_write = 3498 !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 3499 if (!old_can_write && new_can_write && drv->bdrv_reopen_bitmaps_rw) { 3500 Error *local_err = NULL; 3501 if (drv->bdrv_reopen_bitmaps_rw(bs, &local_err) < 0) { 3502 /* This is not fatal, bitmaps just left read-only, so all following 3503 * writes will fail. User can remove read-only bitmaps to unblock 3504 * writes. 3505 */ 3506 error_reportf_err(local_err, 3507 "%s: Failed to make dirty bitmaps writable: ", 3508 bdrv_get_node_name(bs)); 3509 } 3510 } 3511 } 3512 3513 /* 3514 * Abort the reopen, and delete and free the staged changes in 3515 * reopen_state 3516 */ 3517 void bdrv_reopen_abort(BDRVReopenState *reopen_state) 3518 { 3519 BlockDriver *drv; 3520 3521 assert(reopen_state != NULL); 3522 drv = reopen_state->bs->drv; 3523 assert(drv != NULL); 3524 3525 if (drv->bdrv_reopen_abort) { 3526 drv->bdrv_reopen_abort(reopen_state); 3527 } 3528 3529 bdrv_abort_perm_update(reopen_state->bs); 3530 } 3531 3532 3533 static void bdrv_close(BlockDriverState *bs) 3534 { 3535 BdrvAioNotifier *ban, *ban_next; 3536 BdrvChild *child, *next; 3537 3538 assert(!bs->job); 3539 assert(!bs->refcnt); 3540 3541 bdrv_drained_begin(bs); /* complete I/O */ 3542 bdrv_flush(bs); 3543 bdrv_drain(bs); /* in case flush left pending I/O */ 3544 3545 if (bs->drv) { 3546 if (bs->drv->bdrv_close) { 3547 bs->drv->bdrv_close(bs); 3548 } 3549 bs->drv = NULL; 3550 } 3551 3552 bdrv_set_backing_hd(bs, NULL, &error_abort); 3553 3554 if (bs->file != NULL) { 3555 bdrv_unref_child(bs, bs->file); 3556 bs->file = NULL; 3557 } 3558 3559 QLIST_FOREACH_SAFE(child, &bs->children, next, next) { 3560 /* TODO Remove bdrv_unref() from drivers' close function and use 3561 * bdrv_unref_child() here */ 3562 if (child->bs->inherits_from == bs) { 3563 child->bs->inherits_from = NULL; 3564 } 3565 bdrv_detach_child(child); 3566 } 3567 3568 g_free(bs->opaque); 3569 bs->opaque = NULL; 3570 atomic_set(&bs->copy_on_read, 0); 3571 bs->backing_file[0] = '\0'; 3572 bs->backing_format[0] = '\0'; 3573 bs->total_sectors = 0; 3574 bs->encrypted = false; 3575 bs->sg = false; 3576 qobject_unref(bs->options); 3577 qobject_unref(bs->explicit_options); 3578 bs->options = NULL; 3579 bs->explicit_options = NULL; 3580 qobject_unref(bs->full_open_options); 3581 bs->full_open_options = NULL; 3582 3583 bdrv_release_named_dirty_bitmaps(bs); 3584 assert(QLIST_EMPTY(&bs->dirty_bitmaps)); 3585 3586 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_next) { 3587 g_free(ban); 3588 } 3589 QLIST_INIT(&bs->aio_notifiers); 3590 bdrv_drained_end(bs); 3591 } 3592 3593 void bdrv_close_all(void) 3594 { 3595 assert(job_next(NULL) == NULL); 3596 nbd_export_close_all(); 3597 3598 /* Drop references from requests still in flight, such as canceled block 3599 * jobs whose AIO context has not been polled yet */ 3600 bdrv_drain_all(); 3601 3602 blk_remove_all_bs(); 3603 blockdev_close_all_bdrv_states(); 3604 3605 assert(QTAILQ_EMPTY(&all_bdrv_states)); 3606 } 3607 3608 static bool should_update_child(BdrvChild *c, BlockDriverState *to) 3609 { 3610 GQueue *queue; 3611 GHashTable *found; 3612 bool ret; 3613 3614 if (c->role->stay_at_node) { 3615 return false; 3616 } 3617 3618 /* If the child @c belongs to the BDS @to, replacing the current 3619 * c->bs by @to would mean to create a loop. 3620 * 3621 * Such a case occurs when appending a BDS to a backing chain. 3622 * For instance, imagine the following chain: 3623 * 3624 * guest device -> node A -> further backing chain... 3625 * 3626 * Now we create a new BDS B which we want to put on top of this 3627 * chain, so we first attach A as its backing node: 3628 * 3629 * node B 3630 * | 3631 * v 3632 * guest device -> node A -> further backing chain... 3633 * 3634 * Finally we want to replace A by B. When doing that, we want to 3635 * replace all pointers to A by pointers to B -- except for the 3636 * pointer from B because (1) that would create a loop, and (2) 3637 * that pointer should simply stay intact: 3638 * 3639 * guest device -> node B 3640 * | 3641 * v 3642 * node A -> further backing chain... 3643 * 3644 * In general, when replacing a node A (c->bs) by a node B (@to), 3645 * if A is a child of B, that means we cannot replace A by B there 3646 * because that would create a loop. Silently detaching A from B 3647 * is also not really an option. So overall just leaving A in 3648 * place there is the most sensible choice. 3649 * 3650 * We would also create a loop in any cases where @c is only 3651 * indirectly referenced by @to. Prevent this by returning false 3652 * if @c is found (by breadth-first search) anywhere in the whole 3653 * subtree of @to. 3654 */ 3655 3656 ret = true; 3657 found = g_hash_table_new(NULL, NULL); 3658 g_hash_table_add(found, to); 3659 queue = g_queue_new(); 3660 g_queue_push_tail(queue, to); 3661 3662 while (!g_queue_is_empty(queue)) { 3663 BlockDriverState *v = g_queue_pop_head(queue); 3664 BdrvChild *c2; 3665 3666 QLIST_FOREACH(c2, &v->children, next) { 3667 if (c2 == c) { 3668 ret = false; 3669 break; 3670 } 3671 3672 if (g_hash_table_contains(found, c2->bs)) { 3673 continue; 3674 } 3675 3676 g_queue_push_tail(queue, c2->bs); 3677 g_hash_table_add(found, c2->bs); 3678 } 3679 } 3680 3681 g_queue_free(queue); 3682 g_hash_table_destroy(found); 3683 3684 return ret; 3685 } 3686 3687 void bdrv_replace_node(BlockDriverState *from, BlockDriverState *to, 3688 Error **errp) 3689 { 3690 BdrvChild *c, *next; 3691 GSList *list = NULL, *p; 3692 uint64_t old_perm, old_shared; 3693 uint64_t perm = 0, shared = BLK_PERM_ALL; 3694 int ret; 3695 3696 assert(!atomic_read(&from->in_flight)); 3697 assert(!atomic_read(&to->in_flight)); 3698 3699 /* Make sure that @from doesn't go away until we have successfully attached 3700 * all of its parents to @to. */ 3701 bdrv_ref(from); 3702 3703 /* Put all parents into @list and calculate their cumulative permissions */ 3704 QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) { 3705 assert(c->bs == from); 3706 if (!should_update_child(c, to)) { 3707 continue; 3708 } 3709 list = g_slist_prepend(list, c); 3710 perm |= c->perm; 3711 shared &= c->shared_perm; 3712 } 3713 3714 /* Check whether the required permissions can be granted on @to, ignoring 3715 * all BdrvChild in @list so that they can't block themselves. */ 3716 ret = bdrv_check_update_perm(to, NULL, perm, shared, list, errp); 3717 if (ret < 0) { 3718 bdrv_abort_perm_update(to); 3719 goto out; 3720 } 3721 3722 /* Now actually perform the change. We performed the permission check for 3723 * all elements of @list at once, so set the permissions all at once at the 3724 * very end. */ 3725 for (p = list; p != NULL; p = p->next) { 3726 c = p->data; 3727 3728 bdrv_ref(to); 3729 bdrv_replace_child_noperm(c, to); 3730 bdrv_unref(from); 3731 } 3732 3733 bdrv_get_cumulative_perm(to, &old_perm, &old_shared); 3734 bdrv_set_perm(to, old_perm | perm, old_shared | shared); 3735 3736 out: 3737 g_slist_free(list); 3738 bdrv_unref(from); 3739 } 3740 3741 /* 3742 * Add new bs contents at the top of an image chain while the chain is 3743 * live, while keeping required fields on the top layer. 3744 * 3745 * This will modify the BlockDriverState fields, and swap contents 3746 * between bs_new and bs_top. Both bs_new and bs_top are modified. 3747 * 3748 * bs_new must not be attached to a BlockBackend. 3749 * 3750 * This function does not create any image files. 3751 * 3752 * bdrv_append() takes ownership of a bs_new reference and unrefs it because 3753 * that's what the callers commonly need. bs_new will be referenced by the old 3754 * parents of bs_top after bdrv_append() returns. If the caller needs to keep a 3755 * reference of its own, it must call bdrv_ref(). 3756 */ 3757 void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top, 3758 Error **errp) 3759 { 3760 Error *local_err = NULL; 3761 3762 bdrv_set_backing_hd(bs_new, bs_top, &local_err); 3763 if (local_err) { 3764 error_propagate(errp, local_err); 3765 goto out; 3766 } 3767 3768 bdrv_replace_node(bs_top, bs_new, &local_err); 3769 if (local_err) { 3770 error_propagate(errp, local_err); 3771 bdrv_set_backing_hd(bs_new, NULL, &error_abort); 3772 goto out; 3773 } 3774 3775 /* bs_new is now referenced by its new parents, we don't need the 3776 * additional reference any more. */ 3777 out: 3778 bdrv_unref(bs_new); 3779 } 3780 3781 static void bdrv_delete(BlockDriverState *bs) 3782 { 3783 assert(!bs->job); 3784 assert(bdrv_op_blocker_is_empty(bs)); 3785 assert(!bs->refcnt); 3786 3787 bdrv_close(bs); 3788 3789 /* remove from list, if necessary */ 3790 if (bs->node_name[0] != '\0') { 3791 QTAILQ_REMOVE(&graph_bdrv_states, bs, node_list); 3792 } 3793 QTAILQ_REMOVE(&all_bdrv_states, bs, bs_list); 3794 3795 g_free(bs); 3796 } 3797 3798 /* 3799 * Run consistency checks on an image 3800 * 3801 * Returns 0 if the check could be completed (it doesn't mean that the image is 3802 * free of errors) or -errno when an internal error occurred. The results of the 3803 * check are stored in res. 3804 */ 3805 static int coroutine_fn bdrv_co_check(BlockDriverState *bs, 3806 BdrvCheckResult *res, BdrvCheckMode fix) 3807 { 3808 if (bs->drv == NULL) { 3809 return -ENOMEDIUM; 3810 } 3811 if (bs->drv->bdrv_co_check == NULL) { 3812 return -ENOTSUP; 3813 } 3814 3815 memset(res, 0, sizeof(*res)); 3816 return bs->drv->bdrv_co_check(bs, res, fix); 3817 } 3818 3819 typedef struct CheckCo { 3820 BlockDriverState *bs; 3821 BdrvCheckResult *res; 3822 BdrvCheckMode fix; 3823 int ret; 3824 } CheckCo; 3825 3826 static void bdrv_check_co_entry(void *opaque) 3827 { 3828 CheckCo *cco = opaque; 3829 cco->ret = bdrv_co_check(cco->bs, cco->res, cco->fix); 3830 aio_wait_kick(); 3831 } 3832 3833 int bdrv_check(BlockDriverState *bs, 3834 BdrvCheckResult *res, BdrvCheckMode fix) 3835 { 3836 Coroutine *co; 3837 CheckCo cco = { 3838 .bs = bs, 3839 .res = res, 3840 .ret = -EINPROGRESS, 3841 .fix = fix, 3842 }; 3843 3844 if (qemu_in_coroutine()) { 3845 /* Fast-path if already in coroutine context */ 3846 bdrv_check_co_entry(&cco); 3847 } else { 3848 co = qemu_coroutine_create(bdrv_check_co_entry, &cco); 3849 bdrv_coroutine_enter(bs, co); 3850 BDRV_POLL_WHILE(bs, cco.ret == -EINPROGRESS); 3851 } 3852 3853 return cco.ret; 3854 } 3855 3856 /* 3857 * Return values: 3858 * 0 - success 3859 * -EINVAL - backing format specified, but no file 3860 * -ENOSPC - can't update the backing file because no space is left in the 3861 * image file header 3862 * -ENOTSUP - format driver doesn't support changing the backing file 3863 */ 3864 int bdrv_change_backing_file(BlockDriverState *bs, 3865 const char *backing_file, const char *backing_fmt) 3866 { 3867 BlockDriver *drv = bs->drv; 3868 int ret; 3869 3870 if (!drv) { 3871 return -ENOMEDIUM; 3872 } 3873 3874 /* Backing file format doesn't make sense without a backing file */ 3875 if (backing_fmt && !backing_file) { 3876 return -EINVAL; 3877 } 3878 3879 if (drv->bdrv_change_backing_file != NULL) { 3880 ret = drv->bdrv_change_backing_file(bs, backing_file, backing_fmt); 3881 } else { 3882 ret = -ENOTSUP; 3883 } 3884 3885 if (ret == 0) { 3886 pstrcpy(bs->backing_file, sizeof(bs->backing_file), backing_file ?: ""); 3887 pstrcpy(bs->backing_format, sizeof(bs->backing_format), backing_fmt ?: ""); 3888 pstrcpy(bs->auto_backing_file, sizeof(bs->auto_backing_file), 3889 backing_file ?: ""); 3890 } 3891 return ret; 3892 } 3893 3894 /* 3895 * Finds the image layer in the chain that has 'bs' as its backing file. 3896 * 3897 * active is the current topmost image. 3898 * 3899 * Returns NULL if bs is not found in active's image chain, 3900 * or if active == bs. 3901 * 3902 * Returns the bottommost base image if bs == NULL. 3903 */ 3904 BlockDriverState *bdrv_find_overlay(BlockDriverState *active, 3905 BlockDriverState *bs) 3906 { 3907 while (active && bs != backing_bs(active)) { 3908 active = backing_bs(active); 3909 } 3910 3911 return active; 3912 } 3913 3914 /* Given a BDS, searches for the base layer. */ 3915 BlockDriverState *bdrv_find_base(BlockDriverState *bs) 3916 { 3917 return bdrv_find_overlay(bs, NULL); 3918 } 3919 3920 /* 3921 * Drops images above 'base' up to and including 'top', and sets the image 3922 * above 'top' to have base as its backing file. 3923 * 3924 * Requires that the overlay to 'top' is opened r/w, so that the backing file 3925 * information in 'bs' can be properly updated. 3926 * 3927 * E.g., this will convert the following chain: 3928 * bottom <- base <- intermediate <- top <- active 3929 * 3930 * to 3931 * 3932 * bottom <- base <- active 3933 * 3934 * It is allowed for bottom==base, in which case it converts: 3935 * 3936 * base <- intermediate <- top <- active 3937 * 3938 * to 3939 * 3940 * base <- active 3941 * 3942 * If backing_file_str is non-NULL, it will be used when modifying top's 3943 * overlay image metadata. 3944 * 3945 * Error conditions: 3946 * if active == top, that is considered an error 3947 * 3948 */ 3949 int bdrv_drop_intermediate(BlockDriverState *top, BlockDriverState *base, 3950 const char *backing_file_str) 3951 { 3952 BlockDriverState *explicit_top = top; 3953 bool update_inherits_from; 3954 BdrvChild *c, *next; 3955 Error *local_err = NULL; 3956 int ret = -EIO; 3957 3958 bdrv_ref(top); 3959 3960 if (!top->drv || !base->drv) { 3961 goto exit; 3962 } 3963 3964 /* Make sure that base is in the backing chain of top */ 3965 if (!bdrv_chain_contains(top, base)) { 3966 goto exit; 3967 } 3968 3969 /* If 'base' recursively inherits from 'top' then we should set 3970 * base->inherits_from to top->inherits_from after 'top' and all 3971 * other intermediate nodes have been dropped. 3972 * If 'top' is an implicit node (e.g. "commit_top") we should skip 3973 * it because no one inherits from it. We use explicit_top for that. */ 3974 while (explicit_top && explicit_top->implicit) { 3975 explicit_top = backing_bs(explicit_top); 3976 } 3977 update_inherits_from = bdrv_inherits_from_recursive(base, explicit_top); 3978 3979 /* success - we can delete the intermediate states, and link top->base */ 3980 /* TODO Check graph modification op blockers (BLK_PERM_GRAPH_MOD) once 3981 * we've figured out how they should work. */ 3982 if (!backing_file_str) { 3983 bdrv_refresh_filename(base); 3984 backing_file_str = base->filename; 3985 } 3986 3987 QLIST_FOREACH_SAFE(c, &top->parents, next_parent, next) { 3988 /* Check whether we are allowed to switch c from top to base */ 3989 GSList *ignore_children = g_slist_prepend(NULL, c); 3990 bdrv_check_update_perm(base, NULL, c->perm, c->shared_perm, 3991 ignore_children, &local_err); 3992 g_slist_free(ignore_children); 3993 if (local_err) { 3994 ret = -EPERM; 3995 error_report_err(local_err); 3996 goto exit; 3997 } 3998 3999 /* If so, update the backing file path in the image file */ 4000 if (c->role->update_filename) { 4001 ret = c->role->update_filename(c, base, backing_file_str, 4002 &local_err); 4003 if (ret < 0) { 4004 bdrv_abort_perm_update(base); 4005 error_report_err(local_err); 4006 goto exit; 4007 } 4008 } 4009 4010 /* Do the actual switch in the in-memory graph. 4011 * Completes bdrv_check_update_perm() transaction internally. */ 4012 bdrv_ref(base); 4013 bdrv_replace_child(c, base); 4014 bdrv_unref(top); 4015 } 4016 4017 if (update_inherits_from) { 4018 base->inherits_from = explicit_top->inherits_from; 4019 } 4020 4021 ret = 0; 4022 exit: 4023 bdrv_unref(top); 4024 return ret; 4025 } 4026 4027 /** 4028 * Length of a allocated file in bytes. Sparse files are counted by actual 4029 * allocated space. Return < 0 if error or unknown. 4030 */ 4031 int64_t bdrv_get_allocated_file_size(BlockDriverState *bs) 4032 { 4033 BlockDriver *drv = bs->drv; 4034 if (!drv) { 4035 return -ENOMEDIUM; 4036 } 4037 if (drv->bdrv_get_allocated_file_size) { 4038 return drv->bdrv_get_allocated_file_size(bs); 4039 } 4040 if (bs->file) { 4041 return bdrv_get_allocated_file_size(bs->file->bs); 4042 } 4043 return -ENOTSUP; 4044 } 4045 4046 /* 4047 * bdrv_measure: 4048 * @drv: Format driver 4049 * @opts: Creation options for new image 4050 * @in_bs: Existing image containing data for new image (may be NULL) 4051 * @errp: Error object 4052 * Returns: A #BlockMeasureInfo (free using qapi_free_BlockMeasureInfo()) 4053 * or NULL on error 4054 * 4055 * Calculate file size required to create a new image. 4056 * 4057 * If @in_bs is given then space for allocated clusters and zero clusters 4058 * from that image are included in the calculation. If @opts contains a 4059 * backing file that is shared by @in_bs then backing clusters may be omitted 4060 * from the calculation. 4061 * 4062 * If @in_bs is NULL then the calculation includes no allocated clusters 4063 * unless a preallocation option is given in @opts. 4064 * 4065 * Note that @in_bs may use a different BlockDriver from @drv. 4066 * 4067 * If an error occurs the @errp pointer is set. 4068 */ 4069 BlockMeasureInfo *bdrv_measure(BlockDriver *drv, QemuOpts *opts, 4070 BlockDriverState *in_bs, Error **errp) 4071 { 4072 if (!drv->bdrv_measure) { 4073 error_setg(errp, "Block driver '%s' does not support size measurement", 4074 drv->format_name); 4075 return NULL; 4076 } 4077 4078 return drv->bdrv_measure(opts, in_bs, errp); 4079 } 4080 4081 /** 4082 * Return number of sectors on success, -errno on error. 4083 */ 4084 int64_t bdrv_nb_sectors(BlockDriverState *bs) 4085 { 4086 BlockDriver *drv = bs->drv; 4087 4088 if (!drv) 4089 return -ENOMEDIUM; 4090 4091 if (drv->has_variable_length) { 4092 int ret = refresh_total_sectors(bs, bs->total_sectors); 4093 if (ret < 0) { 4094 return ret; 4095 } 4096 } 4097 return bs->total_sectors; 4098 } 4099 4100 /** 4101 * Return length in bytes on success, -errno on error. 4102 * The length is always a multiple of BDRV_SECTOR_SIZE. 4103 */ 4104 int64_t bdrv_getlength(BlockDriverState *bs) 4105 { 4106 int64_t ret = bdrv_nb_sectors(bs); 4107 4108 ret = ret > INT64_MAX / BDRV_SECTOR_SIZE ? -EFBIG : ret; 4109 return ret < 0 ? ret : ret * BDRV_SECTOR_SIZE; 4110 } 4111 4112 /* return 0 as number of sectors if no device present or error */ 4113 void bdrv_get_geometry(BlockDriverState *bs, uint64_t *nb_sectors_ptr) 4114 { 4115 int64_t nb_sectors = bdrv_nb_sectors(bs); 4116 4117 *nb_sectors_ptr = nb_sectors < 0 ? 0 : nb_sectors; 4118 } 4119 4120 bool bdrv_is_sg(BlockDriverState *bs) 4121 { 4122 return bs->sg; 4123 } 4124 4125 bool bdrv_is_encrypted(BlockDriverState *bs) 4126 { 4127 if (bs->backing && bs->backing->bs->encrypted) { 4128 return true; 4129 } 4130 return bs->encrypted; 4131 } 4132 4133 const char *bdrv_get_format_name(BlockDriverState *bs) 4134 { 4135 return bs->drv ? bs->drv->format_name : NULL; 4136 } 4137 4138 static int qsort_strcmp(const void *a, const void *b) 4139 { 4140 return strcmp(*(char *const *)a, *(char *const *)b); 4141 } 4142 4143 void bdrv_iterate_format(void (*it)(void *opaque, const char *name), 4144 void *opaque) 4145 { 4146 BlockDriver *drv; 4147 int count = 0; 4148 int i; 4149 const char **formats = NULL; 4150 4151 QLIST_FOREACH(drv, &bdrv_drivers, list) { 4152 if (drv->format_name) { 4153 bool found = false; 4154 int i = count; 4155 while (formats && i && !found) { 4156 found = !strcmp(formats[--i], drv->format_name); 4157 } 4158 4159 if (!found) { 4160 formats = g_renew(const char *, formats, count + 1); 4161 formats[count++] = drv->format_name; 4162 } 4163 } 4164 } 4165 4166 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); i++) { 4167 const char *format_name = block_driver_modules[i].format_name; 4168 4169 if (format_name) { 4170 bool found = false; 4171 int j = count; 4172 4173 while (formats && j && !found) { 4174 found = !strcmp(formats[--j], format_name); 4175 } 4176 4177 if (!found) { 4178 formats = g_renew(const char *, formats, count + 1); 4179 formats[count++] = format_name; 4180 } 4181 } 4182 } 4183 4184 qsort(formats, count, sizeof(formats[0]), qsort_strcmp); 4185 4186 for (i = 0; i < count; i++) { 4187 it(opaque, formats[i]); 4188 } 4189 4190 g_free(formats); 4191 } 4192 4193 /* This function is to find a node in the bs graph */ 4194 BlockDriverState *bdrv_find_node(const char *node_name) 4195 { 4196 BlockDriverState *bs; 4197 4198 assert(node_name); 4199 4200 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) { 4201 if (!strcmp(node_name, bs->node_name)) { 4202 return bs; 4203 } 4204 } 4205 return NULL; 4206 } 4207 4208 /* Put this QMP function here so it can access the static graph_bdrv_states. */ 4209 BlockDeviceInfoList *bdrv_named_nodes_list(Error **errp) 4210 { 4211 BlockDeviceInfoList *list, *entry; 4212 BlockDriverState *bs; 4213 4214 list = NULL; 4215 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) { 4216 BlockDeviceInfo *info = bdrv_block_device_info(NULL, bs, errp); 4217 if (!info) { 4218 qapi_free_BlockDeviceInfoList(list); 4219 return NULL; 4220 } 4221 entry = g_malloc0(sizeof(*entry)); 4222 entry->value = info; 4223 entry->next = list; 4224 list = entry; 4225 } 4226 4227 return list; 4228 } 4229 4230 #define QAPI_LIST_ADD(list, element) do { \ 4231 typeof(list) _tmp = g_new(typeof(*(list)), 1); \ 4232 _tmp->value = (element); \ 4233 _tmp->next = (list); \ 4234 (list) = _tmp; \ 4235 } while (0) 4236 4237 typedef struct XDbgBlockGraphConstructor { 4238 XDbgBlockGraph *graph; 4239 GHashTable *graph_nodes; 4240 } XDbgBlockGraphConstructor; 4241 4242 static XDbgBlockGraphConstructor *xdbg_graph_new(void) 4243 { 4244 XDbgBlockGraphConstructor *gr = g_new(XDbgBlockGraphConstructor, 1); 4245 4246 gr->graph = g_new0(XDbgBlockGraph, 1); 4247 gr->graph_nodes = g_hash_table_new(NULL, NULL); 4248 4249 return gr; 4250 } 4251 4252 static XDbgBlockGraph *xdbg_graph_finalize(XDbgBlockGraphConstructor *gr) 4253 { 4254 XDbgBlockGraph *graph = gr->graph; 4255 4256 g_hash_table_destroy(gr->graph_nodes); 4257 g_free(gr); 4258 4259 return graph; 4260 } 4261 4262 static uintptr_t xdbg_graph_node_num(XDbgBlockGraphConstructor *gr, void *node) 4263 { 4264 uintptr_t ret = (uintptr_t)g_hash_table_lookup(gr->graph_nodes, node); 4265 4266 if (ret != 0) { 4267 return ret; 4268 } 4269 4270 /* 4271 * Start counting from 1, not 0, because 0 interferes with not-found (NULL) 4272 * answer of g_hash_table_lookup. 4273 */ 4274 ret = g_hash_table_size(gr->graph_nodes) + 1; 4275 g_hash_table_insert(gr->graph_nodes, node, (void *)ret); 4276 4277 return ret; 4278 } 4279 4280 static void xdbg_graph_add_node(XDbgBlockGraphConstructor *gr, void *node, 4281 XDbgBlockGraphNodeType type, const char *name) 4282 { 4283 XDbgBlockGraphNode *n; 4284 4285 n = g_new0(XDbgBlockGraphNode, 1); 4286 4287 n->id = xdbg_graph_node_num(gr, node); 4288 n->type = type; 4289 n->name = g_strdup(name); 4290 4291 QAPI_LIST_ADD(gr->graph->nodes, n); 4292 } 4293 4294 static void xdbg_graph_add_edge(XDbgBlockGraphConstructor *gr, void *parent, 4295 const BdrvChild *child) 4296 { 4297 typedef struct { 4298 unsigned int flag; 4299 BlockPermission num; 4300 } PermissionMap; 4301 4302 static const PermissionMap permissions[] = { 4303 { BLK_PERM_CONSISTENT_READ, BLOCK_PERMISSION_CONSISTENT_READ }, 4304 { BLK_PERM_WRITE, BLOCK_PERMISSION_WRITE }, 4305 { BLK_PERM_WRITE_UNCHANGED, BLOCK_PERMISSION_WRITE_UNCHANGED }, 4306 { BLK_PERM_RESIZE, BLOCK_PERMISSION_RESIZE }, 4307 { BLK_PERM_GRAPH_MOD, BLOCK_PERMISSION_GRAPH_MOD }, 4308 { 0, 0 } 4309 }; 4310 const PermissionMap *p; 4311 XDbgBlockGraphEdge *edge; 4312 4313 QEMU_BUILD_BUG_ON(1UL << (ARRAY_SIZE(permissions) - 1) != BLK_PERM_ALL + 1); 4314 4315 edge = g_new0(XDbgBlockGraphEdge, 1); 4316 4317 edge->parent = xdbg_graph_node_num(gr, parent); 4318 edge->child = xdbg_graph_node_num(gr, child->bs); 4319 edge->name = g_strdup(child->name); 4320 4321 for (p = permissions; p->flag; p++) { 4322 if (p->flag & child->perm) { 4323 QAPI_LIST_ADD(edge->perm, p->num); 4324 } 4325 if (p->flag & child->shared_perm) { 4326 QAPI_LIST_ADD(edge->shared_perm, p->num); 4327 } 4328 } 4329 4330 QAPI_LIST_ADD(gr->graph->edges, edge); 4331 } 4332 4333 4334 XDbgBlockGraph *bdrv_get_xdbg_block_graph(Error **errp) 4335 { 4336 BlockBackend *blk; 4337 BlockJob *job; 4338 BlockDriverState *bs; 4339 BdrvChild *child; 4340 XDbgBlockGraphConstructor *gr = xdbg_graph_new(); 4341 4342 for (blk = blk_all_next(NULL); blk; blk = blk_all_next(blk)) { 4343 char *allocated_name = NULL; 4344 const char *name = blk_name(blk); 4345 4346 if (!*name) { 4347 name = allocated_name = blk_get_attached_dev_id(blk); 4348 } 4349 xdbg_graph_add_node(gr, blk, X_DBG_BLOCK_GRAPH_NODE_TYPE_BLOCK_BACKEND, 4350 name); 4351 g_free(allocated_name); 4352 if (blk_root(blk)) { 4353 xdbg_graph_add_edge(gr, blk, blk_root(blk)); 4354 } 4355 } 4356 4357 for (job = block_job_next(NULL); job; job = block_job_next(job)) { 4358 GSList *el; 4359 4360 xdbg_graph_add_node(gr, job, X_DBG_BLOCK_GRAPH_NODE_TYPE_BLOCK_JOB, 4361 job->job.id); 4362 for (el = job->nodes; el; el = el->next) { 4363 xdbg_graph_add_edge(gr, job, (BdrvChild *)el->data); 4364 } 4365 } 4366 4367 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) { 4368 xdbg_graph_add_node(gr, bs, X_DBG_BLOCK_GRAPH_NODE_TYPE_BLOCK_DRIVER, 4369 bs->node_name); 4370 QLIST_FOREACH(child, &bs->children, next) { 4371 xdbg_graph_add_edge(gr, bs, child); 4372 } 4373 } 4374 4375 return xdbg_graph_finalize(gr); 4376 } 4377 4378 BlockDriverState *bdrv_lookup_bs(const char *device, 4379 const char *node_name, 4380 Error **errp) 4381 { 4382 BlockBackend *blk; 4383 BlockDriverState *bs; 4384 4385 if (device) { 4386 blk = blk_by_name(device); 4387 4388 if (blk) { 4389 bs = blk_bs(blk); 4390 if (!bs) { 4391 error_setg(errp, "Device '%s' has no medium", device); 4392 } 4393 4394 return bs; 4395 } 4396 } 4397 4398 if (node_name) { 4399 bs = bdrv_find_node(node_name); 4400 4401 if (bs) { 4402 return bs; 4403 } 4404 } 4405 4406 error_setg(errp, "Cannot find device=%s nor node_name=%s", 4407 device ? device : "", 4408 node_name ? node_name : ""); 4409 return NULL; 4410 } 4411 4412 /* If 'base' is in the same chain as 'top', return true. Otherwise, 4413 * return false. If either argument is NULL, return false. */ 4414 bool bdrv_chain_contains(BlockDriverState *top, BlockDriverState *base) 4415 { 4416 while (top && top != base) { 4417 top = backing_bs(top); 4418 } 4419 4420 return top != NULL; 4421 } 4422 4423 BlockDriverState *bdrv_next_node(BlockDriverState *bs) 4424 { 4425 if (!bs) { 4426 return QTAILQ_FIRST(&graph_bdrv_states); 4427 } 4428 return QTAILQ_NEXT(bs, node_list); 4429 } 4430 4431 BlockDriverState *bdrv_next_all_states(BlockDriverState *bs) 4432 { 4433 if (!bs) { 4434 return QTAILQ_FIRST(&all_bdrv_states); 4435 } 4436 return QTAILQ_NEXT(bs, bs_list); 4437 } 4438 4439 const char *bdrv_get_node_name(const BlockDriverState *bs) 4440 { 4441 return bs->node_name; 4442 } 4443 4444 const char *bdrv_get_parent_name(const BlockDriverState *bs) 4445 { 4446 BdrvChild *c; 4447 const char *name; 4448 4449 /* If multiple parents have a name, just pick the first one. */ 4450 QLIST_FOREACH(c, &bs->parents, next_parent) { 4451 if (c->role->get_name) { 4452 name = c->role->get_name(c); 4453 if (name && *name) { 4454 return name; 4455 } 4456 } 4457 } 4458 4459 return NULL; 4460 } 4461 4462 /* TODO check what callers really want: bs->node_name or blk_name() */ 4463 const char *bdrv_get_device_name(const BlockDriverState *bs) 4464 { 4465 return bdrv_get_parent_name(bs) ?: ""; 4466 } 4467 4468 /* This can be used to identify nodes that might not have a device 4469 * name associated. Since node and device names live in the same 4470 * namespace, the result is unambiguous. The exception is if both are 4471 * absent, then this returns an empty (non-null) string. */ 4472 const char *bdrv_get_device_or_node_name(const BlockDriverState *bs) 4473 { 4474 return bdrv_get_parent_name(bs) ?: bs->node_name; 4475 } 4476 4477 int bdrv_get_flags(BlockDriverState *bs) 4478 { 4479 return bs->open_flags; 4480 } 4481 4482 int bdrv_has_zero_init_1(BlockDriverState *bs) 4483 { 4484 return 1; 4485 } 4486 4487 int bdrv_has_zero_init(BlockDriverState *bs) 4488 { 4489 if (!bs->drv) { 4490 return 0; 4491 } 4492 4493 /* If BS is a copy on write image, it is initialized to 4494 the contents of the base image, which may not be zeroes. */ 4495 if (bs->backing) { 4496 return 0; 4497 } 4498 if (bs->drv->bdrv_has_zero_init) { 4499 return bs->drv->bdrv_has_zero_init(bs); 4500 } 4501 if (bs->file && bs->drv->is_filter) { 4502 return bdrv_has_zero_init(bs->file->bs); 4503 } 4504 4505 /* safe default */ 4506 return 0; 4507 } 4508 4509 bool bdrv_unallocated_blocks_are_zero(BlockDriverState *bs) 4510 { 4511 BlockDriverInfo bdi; 4512 4513 if (bs->backing) { 4514 return false; 4515 } 4516 4517 if (bdrv_get_info(bs, &bdi) == 0) { 4518 return bdi.unallocated_blocks_are_zero; 4519 } 4520 4521 return false; 4522 } 4523 4524 bool bdrv_can_write_zeroes_with_unmap(BlockDriverState *bs) 4525 { 4526 if (!(bs->open_flags & BDRV_O_UNMAP)) { 4527 return false; 4528 } 4529 4530 return bs->supported_zero_flags & BDRV_REQ_MAY_UNMAP; 4531 } 4532 4533 void bdrv_get_backing_filename(BlockDriverState *bs, 4534 char *filename, int filename_size) 4535 { 4536 pstrcpy(filename, filename_size, bs->backing_file); 4537 } 4538 4539 int bdrv_get_info(BlockDriverState *bs, BlockDriverInfo *bdi) 4540 { 4541 BlockDriver *drv = bs->drv; 4542 /* if bs->drv == NULL, bs is closed, so there's nothing to do here */ 4543 if (!drv) { 4544 return -ENOMEDIUM; 4545 } 4546 if (!drv->bdrv_get_info) { 4547 if (bs->file && drv->is_filter) { 4548 return bdrv_get_info(bs->file->bs, bdi); 4549 } 4550 return -ENOTSUP; 4551 } 4552 memset(bdi, 0, sizeof(*bdi)); 4553 return drv->bdrv_get_info(bs, bdi); 4554 } 4555 4556 ImageInfoSpecific *bdrv_get_specific_info(BlockDriverState *bs, 4557 Error **errp) 4558 { 4559 BlockDriver *drv = bs->drv; 4560 if (drv && drv->bdrv_get_specific_info) { 4561 return drv->bdrv_get_specific_info(bs, errp); 4562 } 4563 return NULL; 4564 } 4565 4566 void bdrv_debug_event(BlockDriverState *bs, BlkdebugEvent event) 4567 { 4568 if (!bs || !bs->drv || !bs->drv->bdrv_debug_event) { 4569 return; 4570 } 4571 4572 bs->drv->bdrv_debug_event(bs, event); 4573 } 4574 4575 int bdrv_debug_breakpoint(BlockDriverState *bs, const char *event, 4576 const char *tag) 4577 { 4578 while (bs && bs->drv && !bs->drv->bdrv_debug_breakpoint) { 4579 bs = bs->file ? bs->file->bs : NULL; 4580 } 4581 4582 if (bs && bs->drv && bs->drv->bdrv_debug_breakpoint) { 4583 return bs->drv->bdrv_debug_breakpoint(bs, event, tag); 4584 } 4585 4586 return -ENOTSUP; 4587 } 4588 4589 int bdrv_debug_remove_breakpoint(BlockDriverState *bs, const char *tag) 4590 { 4591 while (bs && bs->drv && !bs->drv->bdrv_debug_remove_breakpoint) { 4592 bs = bs->file ? bs->file->bs : NULL; 4593 } 4594 4595 if (bs && bs->drv && bs->drv->bdrv_debug_remove_breakpoint) { 4596 return bs->drv->bdrv_debug_remove_breakpoint(bs, tag); 4597 } 4598 4599 return -ENOTSUP; 4600 } 4601 4602 int bdrv_debug_resume(BlockDriverState *bs, const char *tag) 4603 { 4604 while (bs && (!bs->drv || !bs->drv->bdrv_debug_resume)) { 4605 bs = bs->file ? bs->file->bs : NULL; 4606 } 4607 4608 if (bs && bs->drv && bs->drv->bdrv_debug_resume) { 4609 return bs->drv->bdrv_debug_resume(bs, tag); 4610 } 4611 4612 return -ENOTSUP; 4613 } 4614 4615 bool bdrv_debug_is_suspended(BlockDriverState *bs, const char *tag) 4616 { 4617 while (bs && bs->drv && !bs->drv->bdrv_debug_is_suspended) { 4618 bs = bs->file ? bs->file->bs : NULL; 4619 } 4620 4621 if (bs && bs->drv && bs->drv->bdrv_debug_is_suspended) { 4622 return bs->drv->bdrv_debug_is_suspended(bs, tag); 4623 } 4624 4625 return false; 4626 } 4627 4628 /* backing_file can either be relative, or absolute, or a protocol. If it is 4629 * relative, it must be relative to the chain. So, passing in bs->filename 4630 * from a BDS as backing_file should not be done, as that may be relative to 4631 * the CWD rather than the chain. */ 4632 BlockDriverState *bdrv_find_backing_image(BlockDriverState *bs, 4633 const char *backing_file) 4634 { 4635 char *filename_full = NULL; 4636 char *backing_file_full = NULL; 4637 char *filename_tmp = NULL; 4638 int is_protocol = 0; 4639 BlockDriverState *curr_bs = NULL; 4640 BlockDriverState *retval = NULL; 4641 4642 if (!bs || !bs->drv || !backing_file) { 4643 return NULL; 4644 } 4645 4646 filename_full = g_malloc(PATH_MAX); 4647 backing_file_full = g_malloc(PATH_MAX); 4648 4649 is_protocol = path_has_protocol(backing_file); 4650 4651 for (curr_bs = bs; curr_bs->backing; curr_bs = curr_bs->backing->bs) { 4652 4653 /* If either of the filename paths is actually a protocol, then 4654 * compare unmodified paths; otherwise make paths relative */ 4655 if (is_protocol || path_has_protocol(curr_bs->backing_file)) { 4656 char *backing_file_full_ret; 4657 4658 if (strcmp(backing_file, curr_bs->backing_file) == 0) { 4659 retval = curr_bs->backing->bs; 4660 break; 4661 } 4662 /* Also check against the full backing filename for the image */ 4663 backing_file_full_ret = bdrv_get_full_backing_filename(curr_bs, 4664 NULL); 4665 if (backing_file_full_ret) { 4666 bool equal = strcmp(backing_file, backing_file_full_ret) == 0; 4667 g_free(backing_file_full_ret); 4668 if (equal) { 4669 retval = curr_bs->backing->bs; 4670 break; 4671 } 4672 } 4673 } else { 4674 /* If not an absolute filename path, make it relative to the current 4675 * image's filename path */ 4676 filename_tmp = bdrv_make_absolute_filename(curr_bs, backing_file, 4677 NULL); 4678 /* We are going to compare canonicalized absolute pathnames */ 4679 if (!filename_tmp || !realpath(filename_tmp, filename_full)) { 4680 g_free(filename_tmp); 4681 continue; 4682 } 4683 g_free(filename_tmp); 4684 4685 /* We need to make sure the backing filename we are comparing against 4686 * is relative to the current image filename (or absolute) */ 4687 filename_tmp = bdrv_get_full_backing_filename(curr_bs, NULL); 4688 if (!filename_tmp || !realpath(filename_tmp, backing_file_full)) { 4689 g_free(filename_tmp); 4690 continue; 4691 } 4692 g_free(filename_tmp); 4693 4694 if (strcmp(backing_file_full, filename_full) == 0) { 4695 retval = curr_bs->backing->bs; 4696 break; 4697 } 4698 } 4699 } 4700 4701 g_free(filename_full); 4702 g_free(backing_file_full); 4703 return retval; 4704 } 4705 4706 void bdrv_init(void) 4707 { 4708 module_call_init(MODULE_INIT_BLOCK); 4709 } 4710 4711 void bdrv_init_with_whitelist(void) 4712 { 4713 use_bdrv_whitelist = 1; 4714 bdrv_init(); 4715 } 4716 4717 static void coroutine_fn bdrv_co_invalidate_cache(BlockDriverState *bs, 4718 Error **errp) 4719 { 4720 BdrvChild *child, *parent; 4721 uint64_t perm, shared_perm; 4722 Error *local_err = NULL; 4723 int ret; 4724 BdrvDirtyBitmap *bm; 4725 4726 if (!bs->drv) { 4727 return; 4728 } 4729 4730 if (!(bs->open_flags & BDRV_O_INACTIVE)) { 4731 return; 4732 } 4733 4734 QLIST_FOREACH(child, &bs->children, next) { 4735 bdrv_co_invalidate_cache(child->bs, &local_err); 4736 if (local_err) { 4737 error_propagate(errp, local_err); 4738 return; 4739 } 4740 } 4741 4742 /* 4743 * Update permissions, they may differ for inactive nodes. 4744 * 4745 * Note that the required permissions of inactive images are always a 4746 * subset of the permissions required after activating the image. This 4747 * allows us to just get the permissions upfront without restricting 4748 * drv->bdrv_invalidate_cache(). 4749 * 4750 * It also means that in error cases, we don't have to try and revert to 4751 * the old permissions (which is an operation that could fail, too). We can 4752 * just keep the extended permissions for the next time that an activation 4753 * of the image is tried. 4754 */ 4755 bs->open_flags &= ~BDRV_O_INACTIVE; 4756 bdrv_get_cumulative_perm(bs, &perm, &shared_perm); 4757 ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &local_err); 4758 if (ret < 0) { 4759 bs->open_flags |= BDRV_O_INACTIVE; 4760 error_propagate(errp, local_err); 4761 return; 4762 } 4763 bdrv_set_perm(bs, perm, shared_perm); 4764 4765 if (bs->drv->bdrv_co_invalidate_cache) { 4766 bs->drv->bdrv_co_invalidate_cache(bs, &local_err); 4767 if (local_err) { 4768 bs->open_flags |= BDRV_O_INACTIVE; 4769 error_propagate(errp, local_err); 4770 return; 4771 } 4772 } 4773 4774 for (bm = bdrv_dirty_bitmap_next(bs, NULL); bm; 4775 bm = bdrv_dirty_bitmap_next(bs, bm)) 4776 { 4777 bdrv_dirty_bitmap_set_migration(bm, false); 4778 } 4779 4780 ret = refresh_total_sectors(bs, bs->total_sectors); 4781 if (ret < 0) { 4782 bs->open_flags |= BDRV_O_INACTIVE; 4783 error_setg_errno(errp, -ret, "Could not refresh total sector count"); 4784 return; 4785 } 4786 4787 QLIST_FOREACH(parent, &bs->parents, next_parent) { 4788 if (parent->role->activate) { 4789 parent->role->activate(parent, &local_err); 4790 if (local_err) { 4791 bs->open_flags |= BDRV_O_INACTIVE; 4792 error_propagate(errp, local_err); 4793 return; 4794 } 4795 } 4796 } 4797 } 4798 4799 typedef struct InvalidateCacheCo { 4800 BlockDriverState *bs; 4801 Error **errp; 4802 bool done; 4803 } InvalidateCacheCo; 4804 4805 static void coroutine_fn bdrv_invalidate_cache_co_entry(void *opaque) 4806 { 4807 InvalidateCacheCo *ico = opaque; 4808 bdrv_co_invalidate_cache(ico->bs, ico->errp); 4809 ico->done = true; 4810 aio_wait_kick(); 4811 } 4812 4813 void bdrv_invalidate_cache(BlockDriverState *bs, Error **errp) 4814 { 4815 Coroutine *co; 4816 InvalidateCacheCo ico = { 4817 .bs = bs, 4818 .done = false, 4819 .errp = errp 4820 }; 4821 4822 if (qemu_in_coroutine()) { 4823 /* Fast-path if already in coroutine context */ 4824 bdrv_invalidate_cache_co_entry(&ico); 4825 } else { 4826 co = qemu_coroutine_create(bdrv_invalidate_cache_co_entry, &ico); 4827 bdrv_coroutine_enter(bs, co); 4828 BDRV_POLL_WHILE(bs, !ico.done); 4829 } 4830 } 4831 4832 void bdrv_invalidate_cache_all(Error **errp) 4833 { 4834 BlockDriverState *bs; 4835 Error *local_err = NULL; 4836 BdrvNextIterator it; 4837 4838 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 4839 AioContext *aio_context = bdrv_get_aio_context(bs); 4840 4841 aio_context_acquire(aio_context); 4842 bdrv_invalidate_cache(bs, &local_err); 4843 aio_context_release(aio_context); 4844 if (local_err) { 4845 error_propagate(errp, local_err); 4846 bdrv_next_cleanup(&it); 4847 return; 4848 } 4849 } 4850 } 4851 4852 static bool bdrv_has_bds_parent(BlockDriverState *bs, bool only_active) 4853 { 4854 BdrvChild *parent; 4855 4856 QLIST_FOREACH(parent, &bs->parents, next_parent) { 4857 if (parent->role->parent_is_bds) { 4858 BlockDriverState *parent_bs = parent->opaque; 4859 if (!only_active || !(parent_bs->open_flags & BDRV_O_INACTIVE)) { 4860 return true; 4861 } 4862 } 4863 } 4864 4865 return false; 4866 } 4867 4868 static int bdrv_inactivate_recurse(BlockDriverState *bs) 4869 { 4870 BdrvChild *child, *parent; 4871 uint64_t perm, shared_perm; 4872 int ret; 4873 4874 if (!bs->drv) { 4875 return -ENOMEDIUM; 4876 } 4877 4878 /* Make sure that we don't inactivate a child before its parent. 4879 * It will be covered by recursion from the yet active parent. */ 4880 if (bdrv_has_bds_parent(bs, true)) { 4881 return 0; 4882 } 4883 4884 assert(!(bs->open_flags & BDRV_O_INACTIVE)); 4885 4886 /* Inactivate this node */ 4887 if (bs->drv->bdrv_inactivate) { 4888 ret = bs->drv->bdrv_inactivate(bs); 4889 if (ret < 0) { 4890 return ret; 4891 } 4892 } 4893 4894 QLIST_FOREACH(parent, &bs->parents, next_parent) { 4895 if (parent->role->inactivate) { 4896 ret = parent->role->inactivate(parent); 4897 if (ret < 0) { 4898 return ret; 4899 } 4900 } 4901 } 4902 4903 bs->open_flags |= BDRV_O_INACTIVE; 4904 4905 /* Update permissions, they may differ for inactive nodes */ 4906 bdrv_get_cumulative_perm(bs, &perm, &shared_perm); 4907 bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &error_abort); 4908 bdrv_set_perm(bs, perm, shared_perm); 4909 4910 4911 /* Recursively inactivate children */ 4912 QLIST_FOREACH(child, &bs->children, next) { 4913 ret = bdrv_inactivate_recurse(child->bs); 4914 if (ret < 0) { 4915 return ret; 4916 } 4917 } 4918 4919 return 0; 4920 } 4921 4922 int bdrv_inactivate_all(void) 4923 { 4924 BlockDriverState *bs = NULL; 4925 BdrvNextIterator it; 4926 int ret = 0; 4927 GSList *aio_ctxs = NULL, *ctx; 4928 4929 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 4930 AioContext *aio_context = bdrv_get_aio_context(bs); 4931 4932 if (!g_slist_find(aio_ctxs, aio_context)) { 4933 aio_ctxs = g_slist_prepend(aio_ctxs, aio_context); 4934 aio_context_acquire(aio_context); 4935 } 4936 } 4937 4938 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 4939 /* Nodes with BDS parents are covered by recursion from the last 4940 * parent that gets inactivated. Don't inactivate them a second 4941 * time if that has already happened. */ 4942 if (bdrv_has_bds_parent(bs, false)) { 4943 continue; 4944 } 4945 ret = bdrv_inactivate_recurse(bs); 4946 if (ret < 0) { 4947 bdrv_next_cleanup(&it); 4948 goto out; 4949 } 4950 } 4951 4952 out: 4953 for (ctx = aio_ctxs; ctx != NULL; ctx = ctx->next) { 4954 AioContext *aio_context = ctx->data; 4955 aio_context_release(aio_context); 4956 } 4957 g_slist_free(aio_ctxs); 4958 4959 return ret; 4960 } 4961 4962 /**************************************************************/ 4963 /* removable device support */ 4964 4965 /** 4966 * Return TRUE if the media is present 4967 */ 4968 bool bdrv_is_inserted(BlockDriverState *bs) 4969 { 4970 BlockDriver *drv = bs->drv; 4971 BdrvChild *child; 4972 4973 if (!drv) { 4974 return false; 4975 } 4976 if (drv->bdrv_is_inserted) { 4977 return drv->bdrv_is_inserted(bs); 4978 } 4979 QLIST_FOREACH(child, &bs->children, next) { 4980 if (!bdrv_is_inserted(child->bs)) { 4981 return false; 4982 } 4983 } 4984 return true; 4985 } 4986 4987 /** 4988 * If eject_flag is TRUE, eject the media. Otherwise, close the tray 4989 */ 4990 void bdrv_eject(BlockDriverState *bs, bool eject_flag) 4991 { 4992 BlockDriver *drv = bs->drv; 4993 4994 if (drv && drv->bdrv_eject) { 4995 drv->bdrv_eject(bs, eject_flag); 4996 } 4997 } 4998 4999 /** 5000 * Lock or unlock the media (if it is locked, the user won't be able 5001 * to eject it manually). 5002 */ 5003 void bdrv_lock_medium(BlockDriverState *bs, bool locked) 5004 { 5005 BlockDriver *drv = bs->drv; 5006 5007 trace_bdrv_lock_medium(bs, locked); 5008 5009 if (drv && drv->bdrv_lock_medium) { 5010 drv->bdrv_lock_medium(bs, locked); 5011 } 5012 } 5013 5014 /* Get a reference to bs */ 5015 void bdrv_ref(BlockDriverState *bs) 5016 { 5017 bs->refcnt++; 5018 } 5019 5020 /* Release a previously grabbed reference to bs. 5021 * If after releasing, reference count is zero, the BlockDriverState is 5022 * deleted. */ 5023 void bdrv_unref(BlockDriverState *bs) 5024 { 5025 if (!bs) { 5026 return; 5027 } 5028 assert(bs->refcnt > 0); 5029 if (--bs->refcnt == 0) { 5030 bdrv_delete(bs); 5031 } 5032 } 5033 5034 struct BdrvOpBlocker { 5035 Error *reason; 5036 QLIST_ENTRY(BdrvOpBlocker) list; 5037 }; 5038 5039 bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType op, Error **errp) 5040 { 5041 BdrvOpBlocker *blocker; 5042 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX); 5043 if (!QLIST_EMPTY(&bs->op_blockers[op])) { 5044 blocker = QLIST_FIRST(&bs->op_blockers[op]); 5045 error_propagate_prepend(errp, error_copy(blocker->reason), 5046 "Node '%s' is busy: ", 5047 bdrv_get_device_or_node_name(bs)); 5048 return true; 5049 } 5050 return false; 5051 } 5052 5053 void bdrv_op_block(BlockDriverState *bs, BlockOpType op, Error *reason) 5054 { 5055 BdrvOpBlocker *blocker; 5056 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX); 5057 5058 blocker = g_new0(BdrvOpBlocker, 1); 5059 blocker->reason = reason; 5060 QLIST_INSERT_HEAD(&bs->op_blockers[op], blocker, list); 5061 } 5062 5063 void bdrv_op_unblock(BlockDriverState *bs, BlockOpType op, Error *reason) 5064 { 5065 BdrvOpBlocker *blocker, *next; 5066 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX); 5067 QLIST_FOREACH_SAFE(blocker, &bs->op_blockers[op], list, next) { 5068 if (blocker->reason == reason) { 5069 QLIST_REMOVE(blocker, list); 5070 g_free(blocker); 5071 } 5072 } 5073 } 5074 5075 void bdrv_op_block_all(BlockDriverState *bs, Error *reason) 5076 { 5077 int i; 5078 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 5079 bdrv_op_block(bs, i, reason); 5080 } 5081 } 5082 5083 void bdrv_op_unblock_all(BlockDriverState *bs, Error *reason) 5084 { 5085 int i; 5086 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 5087 bdrv_op_unblock(bs, i, reason); 5088 } 5089 } 5090 5091 bool bdrv_op_blocker_is_empty(BlockDriverState *bs) 5092 { 5093 int i; 5094 5095 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 5096 if (!QLIST_EMPTY(&bs->op_blockers[i])) { 5097 return false; 5098 } 5099 } 5100 return true; 5101 } 5102 5103 void bdrv_img_create(const char *filename, const char *fmt, 5104 const char *base_filename, const char *base_fmt, 5105 char *options, uint64_t img_size, int flags, bool quiet, 5106 Error **errp) 5107 { 5108 QemuOptsList *create_opts = NULL; 5109 QemuOpts *opts = NULL; 5110 const char *backing_fmt, *backing_file; 5111 int64_t size; 5112 BlockDriver *drv, *proto_drv; 5113 Error *local_err = NULL; 5114 int ret = 0; 5115 5116 /* Find driver and parse its options */ 5117 drv = bdrv_find_format(fmt); 5118 if (!drv) { 5119 error_setg(errp, "Unknown file format '%s'", fmt); 5120 return; 5121 } 5122 5123 proto_drv = bdrv_find_protocol(filename, true, errp); 5124 if (!proto_drv) { 5125 return; 5126 } 5127 5128 if (!drv->create_opts) { 5129 error_setg(errp, "Format driver '%s' does not support image creation", 5130 drv->format_name); 5131 return; 5132 } 5133 5134 if (!proto_drv->create_opts) { 5135 error_setg(errp, "Protocol driver '%s' does not support image creation", 5136 proto_drv->format_name); 5137 return; 5138 } 5139 5140 create_opts = qemu_opts_append(create_opts, drv->create_opts); 5141 create_opts = qemu_opts_append(create_opts, proto_drv->create_opts); 5142 5143 /* Create parameter list with default values */ 5144 opts = qemu_opts_create(create_opts, NULL, 0, &error_abort); 5145 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, img_size, &error_abort); 5146 5147 /* Parse -o options */ 5148 if (options) { 5149 qemu_opts_do_parse(opts, options, NULL, &local_err); 5150 if (local_err) { 5151 goto out; 5152 } 5153 } 5154 5155 if (base_filename) { 5156 qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, base_filename, &local_err); 5157 if (local_err) { 5158 error_setg(errp, "Backing file not supported for file format '%s'", 5159 fmt); 5160 goto out; 5161 } 5162 } 5163 5164 if (base_fmt) { 5165 qemu_opt_set(opts, BLOCK_OPT_BACKING_FMT, base_fmt, &local_err); 5166 if (local_err) { 5167 error_setg(errp, "Backing file format not supported for file " 5168 "format '%s'", fmt); 5169 goto out; 5170 } 5171 } 5172 5173 backing_file = qemu_opt_get(opts, BLOCK_OPT_BACKING_FILE); 5174 if (backing_file) { 5175 if (!strcmp(filename, backing_file)) { 5176 error_setg(errp, "Error: Trying to create an image with the " 5177 "same filename as the backing file"); 5178 goto out; 5179 } 5180 } 5181 5182 backing_fmt = qemu_opt_get(opts, BLOCK_OPT_BACKING_FMT); 5183 5184 /* The size for the image must always be specified, unless we have a backing 5185 * file and we have not been forbidden from opening it. */ 5186 size = qemu_opt_get_size(opts, BLOCK_OPT_SIZE, img_size); 5187 if (backing_file && !(flags & BDRV_O_NO_BACKING)) { 5188 BlockDriverState *bs; 5189 char *full_backing; 5190 int back_flags; 5191 QDict *backing_options = NULL; 5192 5193 full_backing = 5194 bdrv_get_full_backing_filename_from_filename(filename, backing_file, 5195 &local_err); 5196 if (local_err) { 5197 goto out; 5198 } 5199 assert(full_backing); 5200 5201 /* backing files always opened read-only */ 5202 back_flags = flags; 5203 back_flags &= ~(BDRV_O_RDWR | BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING); 5204 5205 backing_options = qdict_new(); 5206 if (backing_fmt) { 5207 qdict_put_str(backing_options, "driver", backing_fmt); 5208 } 5209 qdict_put_bool(backing_options, BDRV_OPT_FORCE_SHARE, true); 5210 5211 bs = bdrv_open(full_backing, NULL, backing_options, back_flags, 5212 &local_err); 5213 g_free(full_backing); 5214 if (!bs && size != -1) { 5215 /* Couldn't open BS, but we have a size, so it's nonfatal */ 5216 warn_reportf_err(local_err, 5217 "Could not verify backing image. " 5218 "This may become an error in future versions.\n"); 5219 local_err = NULL; 5220 } else if (!bs) { 5221 /* Couldn't open bs, do not have size */ 5222 error_append_hint(&local_err, 5223 "Could not open backing image to determine size.\n"); 5224 goto out; 5225 } else { 5226 if (size == -1) { 5227 /* Opened BS, have no size */ 5228 size = bdrv_getlength(bs); 5229 if (size < 0) { 5230 error_setg_errno(errp, -size, "Could not get size of '%s'", 5231 backing_file); 5232 bdrv_unref(bs); 5233 goto out; 5234 } 5235 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, &error_abort); 5236 } 5237 bdrv_unref(bs); 5238 } 5239 } /* (backing_file && !(flags & BDRV_O_NO_BACKING)) */ 5240 5241 if (size == -1) { 5242 error_setg(errp, "Image creation needs a size parameter"); 5243 goto out; 5244 } 5245 5246 if (!quiet) { 5247 printf("Formatting '%s', fmt=%s ", filename, fmt); 5248 qemu_opts_print(opts, " "); 5249 puts(""); 5250 } 5251 5252 ret = bdrv_create(drv, filename, opts, &local_err); 5253 5254 if (ret == -EFBIG) { 5255 /* This is generally a better message than whatever the driver would 5256 * deliver (especially because of the cluster_size_hint), since that 5257 * is most probably not much different from "image too large". */ 5258 const char *cluster_size_hint = ""; 5259 if (qemu_opt_get_size(opts, BLOCK_OPT_CLUSTER_SIZE, 0)) { 5260 cluster_size_hint = " (try using a larger cluster size)"; 5261 } 5262 error_setg(errp, "The image size is too large for file format '%s'" 5263 "%s", fmt, cluster_size_hint); 5264 error_free(local_err); 5265 local_err = NULL; 5266 } 5267 5268 out: 5269 qemu_opts_del(opts); 5270 qemu_opts_free(create_opts); 5271 error_propagate(errp, local_err); 5272 } 5273 5274 AioContext *bdrv_get_aio_context(BlockDriverState *bs) 5275 { 5276 return bs ? bs->aio_context : qemu_get_aio_context(); 5277 } 5278 5279 void bdrv_coroutine_enter(BlockDriverState *bs, Coroutine *co) 5280 { 5281 aio_co_enter(bdrv_get_aio_context(bs), co); 5282 } 5283 5284 static void bdrv_do_remove_aio_context_notifier(BdrvAioNotifier *ban) 5285 { 5286 QLIST_REMOVE(ban, list); 5287 g_free(ban); 5288 } 5289 5290 void bdrv_detach_aio_context(BlockDriverState *bs) 5291 { 5292 BdrvAioNotifier *baf, *baf_tmp; 5293 BdrvChild *child; 5294 5295 if (!bs->drv) { 5296 return; 5297 } 5298 5299 assert(!bs->walking_aio_notifiers); 5300 bs->walking_aio_notifiers = true; 5301 QLIST_FOREACH_SAFE(baf, &bs->aio_notifiers, list, baf_tmp) { 5302 if (baf->deleted) { 5303 bdrv_do_remove_aio_context_notifier(baf); 5304 } else { 5305 baf->detach_aio_context(baf->opaque); 5306 } 5307 } 5308 /* Never mind iterating again to check for ->deleted. bdrv_close() will 5309 * remove remaining aio notifiers if we aren't called again. 5310 */ 5311 bs->walking_aio_notifiers = false; 5312 5313 if (bs->drv->bdrv_detach_aio_context) { 5314 bs->drv->bdrv_detach_aio_context(bs); 5315 } 5316 QLIST_FOREACH(child, &bs->children, next) { 5317 bdrv_detach_aio_context(child->bs); 5318 } 5319 5320 if (bs->quiesce_counter) { 5321 aio_enable_external(bs->aio_context); 5322 } 5323 bs->aio_context = NULL; 5324 } 5325 5326 void bdrv_attach_aio_context(BlockDriverState *bs, 5327 AioContext *new_context) 5328 { 5329 BdrvAioNotifier *ban, *ban_tmp; 5330 BdrvChild *child; 5331 5332 if (!bs->drv) { 5333 return; 5334 } 5335 5336 if (bs->quiesce_counter) { 5337 aio_disable_external(new_context); 5338 } 5339 5340 bs->aio_context = new_context; 5341 5342 QLIST_FOREACH(child, &bs->children, next) { 5343 bdrv_attach_aio_context(child->bs, new_context); 5344 } 5345 if (bs->drv->bdrv_attach_aio_context) { 5346 bs->drv->bdrv_attach_aio_context(bs, new_context); 5347 } 5348 5349 assert(!bs->walking_aio_notifiers); 5350 bs->walking_aio_notifiers = true; 5351 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_tmp) { 5352 if (ban->deleted) { 5353 bdrv_do_remove_aio_context_notifier(ban); 5354 } else { 5355 ban->attached_aio_context(new_context, ban->opaque); 5356 } 5357 } 5358 bs->walking_aio_notifiers = false; 5359 } 5360 5361 /* The caller must own the AioContext lock for the old AioContext of bs, but it 5362 * must not own the AioContext lock for new_context (unless new_context is 5363 * the same as the current context of bs). */ 5364 void bdrv_set_aio_context(BlockDriverState *bs, AioContext *new_context) 5365 { 5366 if (bdrv_get_aio_context(bs) == new_context) { 5367 return; 5368 } 5369 5370 bdrv_drained_begin(bs); 5371 bdrv_detach_aio_context(bs); 5372 5373 /* This function executes in the old AioContext so acquire the new one in 5374 * case it runs in a different thread. 5375 */ 5376 aio_context_acquire(new_context); 5377 bdrv_attach_aio_context(bs, new_context); 5378 bdrv_drained_end(bs); 5379 aio_context_release(new_context); 5380 } 5381 5382 void bdrv_add_aio_context_notifier(BlockDriverState *bs, 5383 void (*attached_aio_context)(AioContext *new_context, void *opaque), 5384 void (*detach_aio_context)(void *opaque), void *opaque) 5385 { 5386 BdrvAioNotifier *ban = g_new(BdrvAioNotifier, 1); 5387 *ban = (BdrvAioNotifier){ 5388 .attached_aio_context = attached_aio_context, 5389 .detach_aio_context = detach_aio_context, 5390 .opaque = opaque 5391 }; 5392 5393 QLIST_INSERT_HEAD(&bs->aio_notifiers, ban, list); 5394 } 5395 5396 void bdrv_remove_aio_context_notifier(BlockDriverState *bs, 5397 void (*attached_aio_context)(AioContext *, 5398 void *), 5399 void (*detach_aio_context)(void *), 5400 void *opaque) 5401 { 5402 BdrvAioNotifier *ban, *ban_next; 5403 5404 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_next) { 5405 if (ban->attached_aio_context == attached_aio_context && 5406 ban->detach_aio_context == detach_aio_context && 5407 ban->opaque == opaque && 5408 ban->deleted == false) 5409 { 5410 if (bs->walking_aio_notifiers) { 5411 ban->deleted = true; 5412 } else { 5413 bdrv_do_remove_aio_context_notifier(ban); 5414 } 5415 return; 5416 } 5417 } 5418 5419 abort(); 5420 } 5421 5422 int bdrv_amend_options(BlockDriverState *bs, QemuOpts *opts, 5423 BlockDriverAmendStatusCB *status_cb, void *cb_opaque, 5424 Error **errp) 5425 { 5426 if (!bs->drv) { 5427 error_setg(errp, "Node is ejected"); 5428 return -ENOMEDIUM; 5429 } 5430 if (!bs->drv->bdrv_amend_options) { 5431 error_setg(errp, "Block driver '%s' does not support option amendment", 5432 bs->drv->format_name); 5433 return -ENOTSUP; 5434 } 5435 return bs->drv->bdrv_amend_options(bs, opts, status_cb, cb_opaque, errp); 5436 } 5437 5438 /* This function will be called by the bdrv_recurse_is_first_non_filter method 5439 * of block filter and by bdrv_is_first_non_filter. 5440 * It is used to test if the given bs is the candidate or recurse more in the 5441 * node graph. 5442 */ 5443 bool bdrv_recurse_is_first_non_filter(BlockDriverState *bs, 5444 BlockDriverState *candidate) 5445 { 5446 /* return false if basic checks fails */ 5447 if (!bs || !bs->drv) { 5448 return false; 5449 } 5450 5451 /* the code reached a non block filter driver -> check if the bs is 5452 * the same as the candidate. It's the recursion termination condition. 5453 */ 5454 if (!bs->drv->is_filter) { 5455 return bs == candidate; 5456 } 5457 /* Down this path the driver is a block filter driver */ 5458 5459 /* If the block filter recursion method is defined use it to recurse down 5460 * the node graph. 5461 */ 5462 if (bs->drv->bdrv_recurse_is_first_non_filter) { 5463 return bs->drv->bdrv_recurse_is_first_non_filter(bs, candidate); 5464 } 5465 5466 /* the driver is a block filter but don't allow to recurse -> return false 5467 */ 5468 return false; 5469 } 5470 5471 /* This function checks if the candidate is the first non filter bs down it's 5472 * bs chain. Since we don't have pointers to parents it explore all bs chains 5473 * from the top. Some filters can choose not to pass down the recursion. 5474 */ 5475 bool bdrv_is_first_non_filter(BlockDriverState *candidate) 5476 { 5477 BlockDriverState *bs; 5478 BdrvNextIterator it; 5479 5480 /* walk down the bs forest recursively */ 5481 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 5482 bool perm; 5483 5484 /* try to recurse in this top level bs */ 5485 perm = bdrv_recurse_is_first_non_filter(bs, candidate); 5486 5487 /* candidate is the first non filter */ 5488 if (perm) { 5489 bdrv_next_cleanup(&it); 5490 return true; 5491 } 5492 } 5493 5494 return false; 5495 } 5496 5497 BlockDriverState *check_to_replace_node(BlockDriverState *parent_bs, 5498 const char *node_name, Error **errp) 5499 { 5500 BlockDriverState *to_replace_bs = bdrv_find_node(node_name); 5501 AioContext *aio_context; 5502 5503 if (!to_replace_bs) { 5504 error_setg(errp, "Node name '%s' not found", node_name); 5505 return NULL; 5506 } 5507 5508 aio_context = bdrv_get_aio_context(to_replace_bs); 5509 aio_context_acquire(aio_context); 5510 5511 if (bdrv_op_is_blocked(to_replace_bs, BLOCK_OP_TYPE_REPLACE, errp)) { 5512 to_replace_bs = NULL; 5513 goto out; 5514 } 5515 5516 /* We don't want arbitrary node of the BDS chain to be replaced only the top 5517 * most non filter in order to prevent data corruption. 5518 * Another benefit is that this tests exclude backing files which are 5519 * blocked by the backing blockers. 5520 */ 5521 if (!bdrv_recurse_is_first_non_filter(parent_bs, to_replace_bs)) { 5522 error_setg(errp, "Only top most non filter can be replaced"); 5523 to_replace_bs = NULL; 5524 goto out; 5525 } 5526 5527 out: 5528 aio_context_release(aio_context); 5529 return to_replace_bs; 5530 } 5531 5532 static bool append_open_options(QDict *d, BlockDriverState *bs) 5533 { 5534 const QDictEntry *entry; 5535 QemuOptDesc *desc; 5536 bool found_any = false; 5537 5538 for (entry = qdict_first(bs->options); entry; 5539 entry = qdict_next(bs->options, entry)) 5540 { 5541 /* Exclude all non-driver-specific options */ 5542 for (desc = bdrv_runtime_opts.desc; desc->name; desc++) { 5543 if (!strcmp(qdict_entry_key(entry), desc->name)) { 5544 break; 5545 } 5546 } 5547 if (desc->name) { 5548 continue; 5549 } 5550 5551 qdict_put_obj(d, qdict_entry_key(entry), 5552 qobject_ref(qdict_entry_value(entry))); 5553 found_any = true; 5554 } 5555 5556 return found_any; 5557 } 5558 5559 /* Note: This function may return false positives; it may return true 5560 * even if opening the backing file specified by bs's image header 5561 * would result in exactly bs->backing. */ 5562 static bool bdrv_backing_overridden(BlockDriverState *bs) 5563 { 5564 if (bs->backing) { 5565 return strcmp(bs->auto_backing_file, 5566 bs->backing->bs->filename); 5567 } else { 5568 /* No backing BDS, so if the image header reports any backing 5569 * file, it must have been suppressed */ 5570 return bs->auto_backing_file[0] != '\0'; 5571 } 5572 } 5573 5574 /* Updates the following BDS fields: 5575 * - exact_filename: A filename which may be used for opening a block device 5576 * which (mostly) equals the given BDS (even without any 5577 * other options; so reading and writing must return the same 5578 * results, but caching etc. may be different) 5579 * - full_open_options: Options which, when given when opening a block device 5580 * (without a filename), result in a BDS (mostly) 5581 * equalling the given one 5582 * - filename: If exact_filename is set, it is copied here. Otherwise, 5583 * full_open_options is converted to a JSON object, prefixed with 5584 * "json:" (for use through the JSON pseudo protocol) and put here. 5585 */ 5586 void bdrv_refresh_filename(BlockDriverState *bs) 5587 { 5588 BlockDriver *drv = bs->drv; 5589 BdrvChild *child; 5590 QDict *opts; 5591 bool backing_overridden; 5592 5593 if (!drv) { 5594 return; 5595 } 5596 5597 /* This BDS's file name may depend on any of its children's file names, so 5598 * refresh those first */ 5599 QLIST_FOREACH(child, &bs->children, next) { 5600 bdrv_refresh_filename(child->bs); 5601 } 5602 5603 if (bs->implicit) { 5604 /* For implicit nodes, just copy everything from the single child */ 5605 child = QLIST_FIRST(&bs->children); 5606 assert(QLIST_NEXT(child, next) == NULL); 5607 5608 pstrcpy(bs->exact_filename, sizeof(bs->exact_filename), 5609 child->bs->exact_filename); 5610 pstrcpy(bs->filename, sizeof(bs->filename), child->bs->filename); 5611 5612 bs->full_open_options = qobject_ref(child->bs->full_open_options); 5613 5614 return; 5615 } 5616 5617 backing_overridden = bdrv_backing_overridden(bs); 5618 5619 if (bs->open_flags & BDRV_O_NO_IO) { 5620 /* Without I/O, the backing file does not change anything. 5621 * Therefore, in such a case (primarily qemu-img), we can 5622 * pretend the backing file has not been overridden even if 5623 * it technically has been. */ 5624 backing_overridden = false; 5625 } 5626 5627 if (drv->bdrv_refresh_filename) { 5628 /* Obsolete information is of no use here, so drop the old file name 5629 * information before refreshing it */ 5630 bs->exact_filename[0] = '\0'; 5631 if (bs->full_open_options) { 5632 qobject_unref(bs->full_open_options); 5633 bs->full_open_options = NULL; 5634 } 5635 5636 opts = qdict_new(); 5637 append_open_options(opts, bs); 5638 drv->bdrv_refresh_filename(bs, opts); 5639 qobject_unref(opts); 5640 } else if (bs->file) { 5641 /* Try to reconstruct valid information from the underlying file */ 5642 bool has_open_options; 5643 5644 bs->exact_filename[0] = '\0'; 5645 if (bs->full_open_options) { 5646 qobject_unref(bs->full_open_options); 5647 bs->full_open_options = NULL; 5648 } 5649 5650 opts = qdict_new(); 5651 has_open_options = append_open_options(opts, bs); 5652 has_open_options |= backing_overridden; 5653 5654 /* If no specific options have been given for this BDS, the filename of 5655 * the underlying file should suffice for this one as well */ 5656 if (bs->file->bs->exact_filename[0] && !has_open_options) { 5657 strcpy(bs->exact_filename, bs->file->bs->exact_filename); 5658 } 5659 /* Reconstructing the full options QDict is simple for most format block 5660 * drivers, as long as the full options are known for the underlying 5661 * file BDS. The full options QDict of that file BDS should somehow 5662 * contain a representation of the filename, therefore the following 5663 * suffices without querying the (exact_)filename of this BDS. */ 5664 if (bs->file->bs->full_open_options && 5665 (!bs->backing || bs->backing->bs->full_open_options)) 5666 { 5667 qdict_put_str(opts, "driver", drv->format_name); 5668 qdict_put(opts, "file", 5669 qobject_ref(bs->file->bs->full_open_options)); 5670 5671 if (bs->backing) { 5672 qdict_put(opts, "backing", 5673 qobject_ref(bs->backing->bs->full_open_options)); 5674 } else if (backing_overridden) { 5675 qdict_put_null(opts, "backing"); 5676 } 5677 5678 bs->full_open_options = opts; 5679 } else { 5680 qobject_unref(opts); 5681 } 5682 } else if (!bs->full_open_options && qdict_size(bs->options)) { 5683 /* There is no underlying file BDS (at least referenced by BDS.file), 5684 * so the full options QDict should be equal to the options given 5685 * specifically for this block device when it was opened (plus the 5686 * driver specification). 5687 * Because those options don't change, there is no need to update 5688 * full_open_options when it's already set. */ 5689 5690 opts = qdict_new(); 5691 append_open_options(opts, bs); 5692 qdict_put_str(opts, "driver", drv->format_name); 5693 5694 if (bs->exact_filename[0]) { 5695 /* This may not work for all block protocol drivers (some may 5696 * require this filename to be parsed), but we have to find some 5697 * default solution here, so just include it. If some block driver 5698 * does not support pure options without any filename at all or 5699 * needs some special format of the options QDict, it needs to 5700 * implement the driver-specific bdrv_refresh_filename() function. 5701 */ 5702 qdict_put_str(opts, "filename", bs->exact_filename); 5703 } 5704 5705 bs->full_open_options = opts; 5706 } 5707 5708 if (bs->exact_filename[0]) { 5709 pstrcpy(bs->filename, sizeof(bs->filename), bs->exact_filename); 5710 } else if (bs->full_open_options) { 5711 QString *json = qobject_to_json(QOBJECT(bs->full_open_options)); 5712 snprintf(bs->filename, sizeof(bs->filename), "json:%s", 5713 qstring_get_str(json)); 5714 qobject_unref(json); 5715 } 5716 } 5717 5718 /* 5719 * Hot add/remove a BDS's child. So the user can take a child offline when 5720 * it is broken and take a new child online 5721 */ 5722 void bdrv_add_child(BlockDriverState *parent_bs, BlockDriverState *child_bs, 5723 Error **errp) 5724 { 5725 5726 if (!parent_bs->drv || !parent_bs->drv->bdrv_add_child) { 5727 error_setg(errp, "The node %s does not support adding a child", 5728 bdrv_get_device_or_node_name(parent_bs)); 5729 return; 5730 } 5731 5732 if (!QLIST_EMPTY(&child_bs->parents)) { 5733 error_setg(errp, "The node %s already has a parent", 5734 child_bs->node_name); 5735 return; 5736 } 5737 5738 parent_bs->drv->bdrv_add_child(parent_bs, child_bs, errp); 5739 } 5740 5741 void bdrv_del_child(BlockDriverState *parent_bs, BdrvChild *child, Error **errp) 5742 { 5743 BdrvChild *tmp; 5744 5745 if (!parent_bs->drv || !parent_bs->drv->bdrv_del_child) { 5746 error_setg(errp, "The node %s does not support removing a child", 5747 bdrv_get_device_or_node_name(parent_bs)); 5748 return; 5749 } 5750 5751 QLIST_FOREACH(tmp, &parent_bs->children, next) { 5752 if (tmp == child) { 5753 break; 5754 } 5755 } 5756 5757 if (!tmp) { 5758 error_setg(errp, "The node %s does not have a child named %s", 5759 bdrv_get_device_or_node_name(parent_bs), 5760 bdrv_get_device_or_node_name(child->bs)); 5761 return; 5762 } 5763 5764 parent_bs->drv->bdrv_del_child(parent_bs, child, errp); 5765 } 5766 5767 bool bdrv_can_store_new_dirty_bitmap(BlockDriverState *bs, const char *name, 5768 uint32_t granularity, Error **errp) 5769 { 5770 BlockDriver *drv = bs->drv; 5771 5772 if (!drv) { 5773 error_setg_errno(errp, ENOMEDIUM, 5774 "Can't store persistent bitmaps to %s", 5775 bdrv_get_device_or_node_name(bs)); 5776 return false; 5777 } 5778 5779 if (!drv->bdrv_can_store_new_dirty_bitmap) { 5780 error_setg_errno(errp, ENOTSUP, 5781 "Can't store persistent bitmaps to %s", 5782 bdrv_get_device_or_node_name(bs)); 5783 return false; 5784 } 5785 5786 return drv->bdrv_can_store_new_dirty_bitmap(bs, name, granularity, errp); 5787 } 5788